SgtSQL

System behavior seems normal. I concur with your opinion of files in the Symantec quarantine. Due to the attack vectors that are present due to my development software (open ports), do you have any scans or recommended firewall software m(currently using Win XP firewall) that would be good for detecting abnormal port activity? I've heard Comodo is good, but also a nuisance. If no, I ready to call it good. I really appreciate your help and offer my expertise if you have any Oracle 9i database, Sharepoint 2007, ASP.NET, or Access 2007 questions down the road. Email me Delete the "p" from comp for email to work.

12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9db7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9db6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9db5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9db4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9db3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9db2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9db1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9db0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9daf.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dae.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dad.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dac.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dab.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9daa.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9da9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9da8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9da7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9da6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9da5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9da4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9da3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9da2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9da1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9da0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Quarantined APQ35A.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d9f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d9e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d9d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d9c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d9b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d9a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d99.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d98.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d97.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d96.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d95.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d94.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d93.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d92.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d91.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d90.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d8f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d8e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d8d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d8c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d8b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d8a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d89.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d88.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d87.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d86.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d85.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d84.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d83.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d82.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d81.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d80.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d7f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9d7e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d7d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d7c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d7b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d7a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d79.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d78.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d77.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d76.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d75.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d74.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d73.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d72.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d71.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d70.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d6f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d6e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d6d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d6c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d6b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d6a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d69.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d68.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d67.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d66.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d65.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d64.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d63.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d62.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d61.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d60.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d5f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d5e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d5d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d5c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d5b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d5a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d59.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d58.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d57.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d56.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Quarantined APQ359.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d55.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d54.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d53.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d52.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d51.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d50.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d4f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d4e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d4d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d4c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d4b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d4a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d49.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d48.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d47.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d46.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d45.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d44.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d43.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d42.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d41.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d40.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:57 Bloodhound.MalPE Pending Analysis 4ede9d3f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d3e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d3d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d3c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d3b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d3a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d39.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d38.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d37.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d35.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d34.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d33.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Quarantined APQ358.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d32.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d31.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d30.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d2f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d2e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d2d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d2b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d2a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d29.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d28.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d27.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d26.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d25.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:56 Bloodhound.MalPE Pending Analysis 4ede9d24.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d23.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d21.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Quarantined APQ357.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d20.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d1f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d1e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d1d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d1c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d1b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d1a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d19.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d16.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d15.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d14.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d13.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d12.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d11.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d10.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d0f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d0c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d0b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d0a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d09.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d08.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d07.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d06.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d05.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d02.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d01.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9d00.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:55 Bloodhound.MalPE Pending Analysis 4ede9cff.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Quarantined APQ356.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cfe.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cfd.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cfc.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cfb.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cf7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cf6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cf5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cf4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cf3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cf2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9ced.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cec.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9ceb.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cea.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9ce9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9ce8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9ce3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9ce1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9ce0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cdf.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cde.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cd9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cd7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cd6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cd5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cd4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9ccf.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Quarantined APQ354.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9ccd.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9ccc.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9ccb.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:54 Bloodhound.MalPE Pending Analysis 4ede9cca.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Pending Analysis 4ede9cc5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Pending Analysis 4ede9cc3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Pending Analysis 4ede9cc1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Pending Analysis 4ede9cb9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Pending Analysis 4ede9cb7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Pending Analysis 4eddd875.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Pending Analysis 4eddd874.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Pending Analysis 4eddd873.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Pending Analysis 4eddd872.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Pending Analysis 4eddd871.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Pending Analysis 4eddd870.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Pending Analysis 4eddd86f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Pending Analysis 4eddd86e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Pending Analysis 4eddd86d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Pending Analysis 4eddd86c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Pending Analysis 4eddd86b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Pending Analysis 4eddd86a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:53 Bloodhound.MalPE Quarantined APQ353.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:52 Bloodhound.MalPE Quarantined APQ355.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:51 Bloodhound.MalPE Quarantined APQ352.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:50 Bloodhound.MalPE Quarantined APQ351.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:49 Bloodhound.MalPE Quarantined APQ350.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:48 Bloodhound.MalPE Quarantined APQ34F.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:47 Bloodhound.MalPE Quarantined APQ34E.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:46 Bloodhound.MalPE Quarantined APQ34D.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:45 Bloodhound.MalPE Quarantined APQ34C.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:44 Bloodhound.MalPE Quarantined APQ34B.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:43 Bloodhound.MalPE Quarantined APQ217.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:40 Bloodhound.MalPE Quarantined APQ34A.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:38 Bloodhound.MalPE Quarantined APQ349.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine

12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee13e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee13d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee13c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee13b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee13a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee139.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee138.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee137.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee136.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee135.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee134.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee133.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee132.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee131.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee130.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee12f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee12e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee12d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee12c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee12b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee12a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee129.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee128.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee127.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee126.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Quarantined APQ35D.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee125.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee124.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee123.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee122.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee121.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee120.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee11f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee11e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee11d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee11c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee11b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee11a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee119.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee118.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee117.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee116.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee115.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee114.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee113.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee112.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee111.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee110.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee10f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee10e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee10d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee10c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee10b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee10a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee109.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee108.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee107.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee106.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee105.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee104.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee103.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee102.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee101.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee100.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0ff.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0fe.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0fd.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0fc.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0fb.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0fa.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0f9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0f8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0f7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0f6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0f5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0f4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0f3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0f0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0ef.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0ee.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0ed.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0ec.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0eb.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0ea.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0e9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0e6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0e5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0e4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0e3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0e2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0e1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0e0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0df.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0dc.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0db.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0da.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0d9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Quarantined APQ35C.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0d8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0d7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0d6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0d5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0d2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0d1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0d0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0cf.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0ce.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0cd.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0cc.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0cb.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0c8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0c6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0c5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0c4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0c3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0c2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0c1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0be.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0bc.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0bb.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0ba.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0b9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0b8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0b7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0b2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:00 Bloodhound.MalPE Pending Analysis 4edee0b1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee0b0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee0af.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee0ae.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee0ad.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee0a8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee0a7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee0a6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee0a5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee0a4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee0a3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee09e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee09d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee09c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee09b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee099.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee093.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee092.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee091.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee089.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee088.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee087.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee07f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee07e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee07d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee075.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee074.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee073.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee06b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee06a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee069.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee05f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee055.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee04b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4edee041.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9de5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9de4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9de3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9de2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9de1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Quarantined APQ35B.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9de0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9ddf.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9dde.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9ddd.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9ddc.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9ddb.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9dda.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9dd9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9dd8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9dd7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9dd6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9dd5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9dd4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9dd3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9dd2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9dd1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9dd0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9dcf.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9dce.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9dcd.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9dcc.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:59 Bloodhound.MalPE Pending Analysis 4ede9dcb.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dca.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dc9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dc8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dc7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dc6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dc5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dc4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dc3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dc2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dc1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dc0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dbf.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dbe.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dbd.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dbc.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dbb.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9dba.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9db9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 21:58 Bloodhound.MalPE Pending Analysis 4ede9db8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\

12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee5fe.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee5fd.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee5fc.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Quarantined APQ362.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee5fb.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5fa.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5f9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5f8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5f7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5f6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5f5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5f4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5f3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5f2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5f1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5f0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Quarantined APQ361.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5ef.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5ee.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5ed.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5ec.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5eb.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5ea.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:05 Bloodhound.MalPE Pending Analysis 4edee5e9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5e8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5e7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5e6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5e5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5e4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5e3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5e2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5e1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5e0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5df.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5de.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5dd.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5dc.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5db.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5da.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5d9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5d8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5d7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5d6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5d5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Quarantined APQ360.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5d4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5d3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5d2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5d1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5d0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5cf.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5ce.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5cd.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5cc.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5cb.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5ca.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5c9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5c8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5c7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5c6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5c5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5c4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5c3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5c2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5c1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5c0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5bf.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5be.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5bd.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5bc.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5bb.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5ba.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5b9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5b8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5b7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5b6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:04 Bloodhound.MalPE Pending Analysis 4edee5b5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5b4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5b2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5b1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5b0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5af.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5ae.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5ad.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5ac.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5ab.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5aa.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5a8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5a7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5a6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5a5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5a4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5a3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5a2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5a1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee5a0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee59c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee59b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee59a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee599.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee597.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee596.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee592.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee591.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee590.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Quarantined APQ35F.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee58d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee588.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee587.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee586.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee583.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee57e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee57d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee57c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee574.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee573.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee56a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee569.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee560.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee55f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee556.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee555.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee54c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee54b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee541.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee537.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee52d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee523.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee519.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee50f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee1a2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee1a1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee1a0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee19f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee19e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:03 Bloodhound.MalPE Pending Analysis 4edee19d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee19c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee19b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee19a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee199.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee198.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee197.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee196.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee195.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee194.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee193.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee192.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee191.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee190.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee18f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee18e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee18d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee18c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee18b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee18a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee189.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee188.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee187.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee186.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee185.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee184.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee183.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee182.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee181.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee180.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee17f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee17e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee17d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee17c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee17b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee17a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee179.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee178.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee177.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee176.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee175.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee174.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Quarantined APQ35E.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee173.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee172.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee171.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee170.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee16f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee16e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee16d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee16c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee16b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee16a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee169.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee168.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee167.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee166.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee165.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee164.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee163.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee162.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee161.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee160.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee15f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee15e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee15d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee15c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee15b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee15a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee159.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee158.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:02 Bloodhound.MalPE Pending Analysis 4edee157.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee156.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee155.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee154.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee153.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee152.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee151.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee150.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee14f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee14e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee14d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee14c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee14b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee14a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee149.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee148.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee147.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee146.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee145.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee144.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee143.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee142.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee141.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee140.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:01 Bloodhound.MalPE Pending Analysis 4edee13f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\

12/7/2011 23:59 Bloodhound.MalPE Quarantined 4eddd82b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:58 Bloodhound.MalPE Quarantined 4eddd82a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:57 Bloodhound.MalPE Quarantined 4eddd829.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:57 Bloodhound.MalPE Quarantined 4eddd828.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:56 Bloodhound.MalPE Quarantined 4eddd827.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:55 Bloodhound.MalPE Quarantined 4eddd826.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:54 Bloodhound.MalPE Quarantined 4eddd825.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:53 Bloodhound.MalPE Quarantined 4eddd824.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:53 Bloodhound.MalPE Quarantined 4eddd823.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:51 Bloodhound.MalPE Quarantined 4eddd822.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:50 Bloodhound.MalPE Quarantined 4eddd821.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:50 Bloodhound.MalPE Quarantined 4eddd820.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:49 Bloodhound.MalPE Quarantined 4eddd81f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:49 Bloodhound.MalPE Quarantined 4eddd81e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:48 Bloodhound.MalPE Quarantined 4eddd81d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:47 Bloodhound.MalPE Quarantined 4eddd81c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:46 Bloodhound.MalPE Quarantined 4eddd81b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:46 Bloodhound.MalPE Quarantined 4eddd81a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:45 Bloodhound.MalPE Quarantined 4eddd819.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:44 Bloodhound.MalPE Quarantined 4eddd818.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:43 Bloodhound.MalPE Quarantined 4eddd817.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:43 Bloodhound.MalPE Quarantined 4eddd816.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:42 Bloodhound.MalPE Quarantined 4eddd815.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:41 Bloodhound.MalPE Quarantined 4eddd814.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:40 Bloodhound.MalPE Quarantined 4eddd813.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:39 Bloodhound.MalPE Quarantined 4eddd812.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:37 Bloodhound.MalPE Quarantined 4eddd811.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:36 Bloodhound.MalPE Quarantined 4eddd810.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:35 Bloodhound.MalPE Quarantined 4eddd80f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:34 Bloodhound.MalPE Quarantined 4eddd80e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:33 Bloodhound.MalPE Quarantined 4eddd80d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:32 Bloodhound.MalPE Quarantined 4eddd80c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:31 Bloodhound.MalPE Quarantined 4eddd80b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:30 Bloodhound.MalPE Quarantined 4eddd80a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/7/2011 23:29 Bloodhound.MalPE Quarantined APQFD.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:28 Bloodhound.MalPE Quarantined APQC5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:27 Bloodhound.MalPE Quarantined APQC4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:27 Bloodhound.MalPE Quarantined APQC3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:26 Bloodhound.MalPE Quarantined APQC2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:25 Bloodhound.MalPE Quarantined APQC1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:25 Bloodhound.MalPE Quarantined APQC0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:24 Bloodhound.MalPE Quarantined APQBF.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:23 Bloodhound.MalPE Quarantined APQBE.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:22 Bloodhound.MalPE Quarantined APQBD.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:18 Bloodhound.MalPE Quarantined APQBC.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:17 Bloodhound.MalPE Quarantined APQBB.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:16 Bloodhound.MalPE Quarantined APQBA.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:15 Bloodhound.MalPE Quarantined APQB9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:14 Bloodhound.MalPE Quarantined APQB8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:14 Bloodhound.MalPE Quarantined APQB7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:13 Bloodhound.MalPE Pending Analysis VBR3C60.tmp Heuristics C:\Documents and Settings\DTR\Local Settings\temp\ TROY DTR Infected C:\Documents and Settings\DTR\Local Settings\temp\ 12/7/2011 23:13 Bloodhound.MalPE Quarantined APQB6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:11 Bloodhound.MalPE Quarantined APQB5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:10 Bloodhound.MalPE Quarantined APQB4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:09 Bloodhound.MalPE Quarantined APQB3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:08 Bloodhound.MalPE Quarantined APQB2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:08 Bloodhound.MalPE Quarantined APQB1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:07 Bloodhound.MalPE Quarantined APQB0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:06 Bloodhound.MalPE Quarantined APQAF.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:05 Bloodhound.MalPE Quarantined APQAE.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:05 Bloodhound.MalPE Quarantined APQAD.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:03 Bloodhound.MalPE Quarantined APQAC.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:02 Bloodhound.MalPE Quarantined APQAB.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:02 Bloodhound.MalPE Quarantined APQA9.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 23:00 Bloodhound.MalPE Quarantined APQAA.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:59 Bloodhound.MalPE Quarantined APQA8.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:59 Bloodhound.MalPE Quarantined APQA7.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:58 Bloodhound.MalPE Quarantined APQA6.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:57 Bloodhound.MalPE Quarantined APQA5.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:57 Bloodhound.MalPE Quarantined APQA4.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:56 Bloodhound.MalPE Quarantined APQA3.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:56 Bloodhound.MalPE Quarantined APQA2.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:56 Bloodhound.MalPE Quarantined APQA1.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:53 Bloodhound.MalPE Quarantined APQA0.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:51 Bloodhound.MalPE Quarantined APQ9F.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:50 Bloodhound.MalPE Quarantined APQ9E.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:50 Bloodhound.MalPE Quarantined APQ9D.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:49 Bloodhound.MalPE Quarantined APQ9C.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:49 Bloodhound.MalPE Quarantined APQ9B.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:48 Bloodhound.MalPE Quarantined APQ9A.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:47 Bloodhound.MalPE Quarantined APQ99.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:46 Bloodhound.MalPE Quarantined APQ98.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:45 Bloodhound.MalPE Quarantined APQ97.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:44 Bloodhound.MalPE Quarantined APQ96.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:43 Bloodhound.MalPE Quarantined APQ95.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:42 Bloodhound.MalPE Quarantined APQ94.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:41 Bloodhound.MalPE Quarantined APQ93.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:41 Bloodhound.MalPE Quarantined APQ92.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:40 Bloodhound.MalPE Quarantined APQ91.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:37 Bloodhound.MalPE Quarantined APQ90.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:35 Bloodhound.MalPE Quarantined APQ8F.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:33 Bloodhound.MalPE Quarantined APQ8E.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:32 Bloodhound.MalPE Quarantined APQ8D.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:32 Bloodhound.MalPE Quarantined APQ8C.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:31 Bloodhound.MalPE Quarantined APQ8B.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:31 Bloodhound.MalPE Quarantined APQ8A.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:30 Bloodhound.MalPE Quarantined APQ89.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:29 Bloodhound.MalPE Quarantined APQ88.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:29 Bloodhound.MalPE Quarantined APQ87.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:28 Bloodhound.MalPE Quarantined APQ86.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:28 Bloodhound.MalPE Quarantined APQ85.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:28 Bloodhound.MalPE Quarantined APQ84.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:27 Bloodhound.MalPE Quarantined APQ83.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:27 Bloodhound.MalPE Quarantined APQ82.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:26 Bloodhound.MalPE Quarantined APQ81.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:26 Bloodhound.MalPE Quarantined APQ80.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:25 Bloodhound.MalPE Quarantined APQ71A.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:25 Bloodhound.MalPE Quarantined APQ719.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:25 Bloodhound.MalPE Quarantined APQ718.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:24 Bloodhound.MalPE Quarantined APQ717.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:24 Bloodhound.MalPE Quarantined APQ38D.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:23 Bloodhound.MalPE Quarantined APQ38C.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:22 Bloodhound.MalPE Quarantined APQ38B.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:22 Bloodhound.MalPE Quarantined APQ38A.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:21 Bloodhound.MalPE Quarantined APQ389.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:21 Bloodhound.MalPE Quarantined APQ388.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:20 Bloodhound.MalPE Quarantined APQ387.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:20 Bloodhound.MalPE Quarantined APQ386.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:19 Bloodhound.MalPE Quarantined APQ385.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:19 Bloodhound.MalPE Quarantined APQ384.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:18 Bloodhound.MalPE Quarantined APQ383.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:18 Bloodhound.MalPE Quarantined APQ382.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:18 Bloodhound.MalPE Quarantined APQ381.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:17 Bloodhound.MalPE Quarantined APQ37B.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:17 Bloodhound.MalPE Quarantined APQ371.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:16 Bloodhound.MalPE Quarantined APQ36F.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:16 Bloodhound.MalPE Quarantined APQ36E.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:15 Bloodhound.MalPE Quarantined APQ36D.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:15 Bloodhound.MalPE Quarantined APQ36C.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:14 Bloodhound.MalPE Quarantined APQ36B.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:14 Bloodhound.MalPE Quarantined APQ36A.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:13 Bloodhound.MalPE Quarantined APQ369.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:13 Bloodhound.MalPE Quarantined APQ368.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:12 Bloodhound.MalPE Quarantined APQ367.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:11 Bloodhound.MalPE Quarantined APQ366.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:09 Bloodhound.MalPE Quarantined APQ365.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:08 Bloodhound.MalPE Quarantined APQ364.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:08 Bloodhound.MalPE Pending Analysis 4edee682.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:08 Bloodhound.MalPE Pending Analysis 4edee681.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:08 Bloodhound.MalPE Pending Analysis 4edee680.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:08 Bloodhound.MalPE Pending Analysis 4edee67f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:08 Bloodhound.MalPE Pending Analysis 4edee67e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:08 Bloodhound.MalPE Pending Analysis 4edee67d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:08 Bloodhound.MalPE Pending Analysis 4edee67c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:08 Bloodhound.MalPE Pending Analysis 4edee67b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:08 Bloodhound.MalPE Pending Analysis 4edee67a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:08 Bloodhound.MalPE Pending Analysis 4edee679.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:08 Bloodhound.MalPE Pending Analysis 4edee678.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:08 Bloodhound.MalPE Pending Analysis 4edee677.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:08 Bloodhound.MalPE Pending Analysis 4edee676.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:08 Bloodhound.MalPE Pending Analysis 4edee675.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee674.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee673.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee672.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee671.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee670.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee66f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee66e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee66d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee66c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee66b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee66a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee669.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee668.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee667.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee666.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee665.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee664.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee663.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee662.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee661.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee660.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee65f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee65e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee65d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee65c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee65b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee65a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee659.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee658.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee657.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee656.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee655.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee654.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee653.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee652.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee651.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee650.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee64f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee64e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee64d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee64c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee64b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee64a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee649.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee648.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee647.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee646.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee645.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee644.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee643.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee642.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee641.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee640.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee63f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee63e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee63d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee63c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee63b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee63a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee639.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee638.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee637.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee636.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee635.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee634.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee633.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee632.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Pending Analysis 4edee631.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:07 Bloodhound.MalPE Quarantined APQ363.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine\ TROY DTR Infected Quarantine 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee630.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee62f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee62e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee62d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee62c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee62b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee62a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee629.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee628.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee627.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee626.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee625.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee624.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee623.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee622.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee621.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee620.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee61f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee61e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee61d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee61c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee61b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee61a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee619.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee618.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee617.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee616.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee615.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee614.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee613.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee612.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee611.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee610.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee60f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee60e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee60d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee60c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee60b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee60a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee609.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee608.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee607.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee606.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee605.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee604.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee603.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee602.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee601.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee600.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ 12/7/2011 22:06 Bloodhound.MalPE Pending Analysis 4edee5ff.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\

Scan Logs (Since Symantec went crazy during Kaspersky scan on 12/5/2011) Started On Completed Computer Status Total Files Infected Logged By 12/9/2011 17:25 12/9/2011 18:54 TROY Clean 277315 0 Manual scan 12/9/2011 3:00 12/9/2011 3:01 TROY Clean 798 0 Scheduled scan 12/9/2011 2:15 12/9/2011 2:17 TROY Clean 788 0 Scheduled scan 12/8/2011 7:46 12/8/2011 7:52 TROY Clean 846 0 Startup 12/7/2011 13:15 12/7/2011 14:35 TROY Clean 276029 0 Scheduled scan 12/7/2011 3:01 12/7/2011 3:02 TROY Clean 778 0 Scheduled scan 12/7/2011 2:16 12/7/2011 2:18 TROY Clean 778 0 Scheduled scan 12/6/2011 22:29 12/6/2011 22:46 TROY Clean 849 0 Startup 12/6/2011 17:44 12/6/2011 17:59 TROY Clean 875 0 Startup 12/6/2011 3:00 12/6/2011 3:02 TROY Clean 815 0 Scheduled scan 12/6/2011 2:16 12/6/2011 2:19 TROY Clean 809 0 Scheduled scan 12/5/2011 3:30 12/5/2011 5:24 TROY Clean 286425 252 Scheduled scan Threat Log Date and Time Risk Action Filename Risk Type Original Location Computer User Status Current Location 12/8/2011 0:46 Bloodhound.MalPE Quarantined 4eddd869.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:45 Bloodhound.MalPE Quarantined 4eddd868.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:44 Bloodhound.MalPE Quarantined 4eddd867.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:43 Bloodhound.MalPE Quarantined 4eddd866.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:43 Bloodhound.MalPE Quarantined 4eddd865.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:42 Bloodhound.MalPE Quarantined 4eddd864.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:41 Bloodhound.MalPE Quarantined 4eddd863.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:41 Bloodhound.MalPE Quarantined 4eddd862.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:40 Bloodhound.MalPE Quarantined 4eddd861.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:39 Bloodhound.MalPE Quarantined 4eddd860.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:38 Bloodhound.MalPE Quarantined 4eddd85f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:38 Bloodhound.MalPE Quarantined 4eddd85e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:37 Bloodhound.MalPE Quarantined 4eddd85d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:36 Bloodhound.MalPE Quarantined 4eddd85c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:36 Bloodhound.MalPE Quarantined 4eddd85b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:35 Bloodhound.MalPE Quarantined 4eddd85a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:34 Bloodhound.MalPE Quarantined 4eddd859.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:34 Bloodhound.MalPE Quarantined 4eddd858.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:33 Bloodhound.MalPE Quarantined 4eddd857.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:32 Bloodhound.MalPE Quarantined 4eddd856.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:32 Bloodhound.MalPE Quarantined 4eddd855.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:31 Bloodhound.MalPE Quarantined 4eddd854.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:30 Bloodhound.MalPE Quarantined 4eddd853.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:30 Bloodhound.MalPE Quarantined 4eddd852.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:29 Bloodhound.MalPE Quarantined 4eddd851.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:28 Bloodhound.MalPE Quarantined 4eddd850.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:28 Bloodhound.MalPE Quarantined 4eddd84f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:27 Bloodhound.MalPE Quarantined 4eddd84e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:26 Bloodhound.MalPE Quarantined 4eddd84d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:26 Bloodhound.MalPE Quarantined 4eddd84c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:25 Bloodhound.MalPE Quarantined 4eddd84b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:24 Bloodhound.MalPE Quarantined 4eddd84a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:24 Bloodhound.MalPE Quarantined 4eddd849.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:23 Bloodhound.MalPE Quarantined 4eddd848.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:22 Bloodhound.MalPE Quarantined 4eddd847.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:22 Bloodhound.MalPE Quarantined 4eddd846.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:21 Bloodhound.MalPE Quarantined 4eddd845.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:20 Bloodhound.MalPE Quarantined 4eddd844.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:19 Bloodhound.MalPE Quarantined 4eddd843.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:19 Bloodhound.MalPE Quarantined 4eddd842.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:18 Bloodhound.MalPE Quarantined 4eddd841.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:17 Bloodhound.MalPE Quarantined 4eddd840.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:16 Bloodhound.MalPE Quarantined 4eddd83f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:16 Bloodhound.MalPE Quarantined 4eddd83e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:15 Bloodhound.MalPE Quarantined 4eddd83d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:14 Bloodhound.MalPE Quarantined 4eddd83c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:13 Bloodhound.MalPE Quarantined 4eddd83b.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:12 Bloodhound.MalPE Quarantined 4eddd83a.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:12 Bloodhound.MalPE Quarantined 4eddd839.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:11 Bloodhound.MalPE Quarantined 4eddd838.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:10 Bloodhound.MalPE Quarantined 4eddd837.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:09 Bloodhound.MalPE Quarantined 4eddd836.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:09 Bloodhound.MalPE Quarantined 4eddd835.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:08 Bloodhound.MalPE Quarantined 4eddd834.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:06 Bloodhound.MalPE Quarantined 4eddd833.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:05 Bloodhound.MalPE Quarantined 4eddd832.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:04 Bloodhound.MalPE Quarantined 4eddd831.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:03 Bloodhound.MalPE Quarantined 4eddd830.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:02 Bloodhound.MalPE Quarantined 4eddd82f.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:01 Bloodhound.MalPE Quarantined 4eddd82e.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:01 Bloodhound.MalPE Quarantined 4eddd82d.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine 12/8/2011 0:00 Bloodhound.MalPE Quarantined 4eddd82c.tmp Heuristics C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ TROY DTR Infected Quarantine

System Log Date and Time Event Computer User Logged By Description 12/9/2011 18:53 Scan Omission TROY Bassmaster Manual scan Could not scan 20 files inside c:\WINDOWS\pchealth\helpctr\binaries\pchdt_p3.cab due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:53 Scan Omission TROY Bassmaster Manual scan Could not scan 9 files inside c:\WINDOWS\pchealth\helpctr\binaries\hscsp_p3.cab due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:50 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\chrome\chrome.jar due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:50 Scan Omission TROY Bassmaster Manual scan Could not scan 4 files inside c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\MicrosoftDotNetFrameworkAssistant.xpi due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:50 Scan Omission TROY Bassmaster Manual scan Could not scan 3 files inside c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.cab due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:47 Scan Omission TROY Bassmaster Manual scan Could not scan 3 files inside c:\WINDOWS\Driver Cache\i386\driver.cab due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:43 Scan Omission TROY Bassmaster Manual scan Could not scan 9 files inside c:\WINDOWS\ServicePackFiles\i386\hscsp_p3.cab due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:40 Scan Omission TROY Bassmaster Manual scan Could not scan 3 files inside c:\WINDOWS\Installer\$PatchCache$\Managed\26DDC2EC4210AC63483DF9D4FCC5B59D\3.5.30729\Chrome_jar.3643236F_FC70_11D3_A536_0090278A1BB8 due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:35 Scan Omission TROY Bassmaster Manual scan Could not scan 2 files inside c:\Program Files\Windows Media Player\Skins\compact.wmz due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:35 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Windows Media Player\Skins\QuickSilver.wmz due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:35 Scan Omission TROY Bassmaster Manual scan Could not scan 3 files inside c:\Program Files\Windows Media Player\Skins\9SeriesDefault.wmz due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:35 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Windows Media Player\Skins\Revert.wmz due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:34 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Web Designer Tools\Office12\1033\EADocumentApproval_Review.xsn due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:34 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Web Designer Tools\Office12\1033\EADocumentApproval_Init.xsn due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:34 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Web Designer Tools\Office12\1033\CollectSignatures_Init.xsn due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:34 Scan Omission TROY Bassmaster Manual scan Could not scan 23 files inside c:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU\vs_setup.cab due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ProjectTemplates\VisualBasic\Web\1033\AjaxServerControl.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ProjectTemplates\VisualBasic\Web\1033\AjaxControlExtender.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ProjectTemplates\CSharp\Web\1033\AjaxServerControl.Zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ProjectTemplates\CSharp\Web\1033\AjaxControlExtender.Zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\Web\VisualBasic\1033\jscript.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\Web\VisualBasic\1033\AjaxClientLibrary.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\Web\VisualBasic\1033\AjaxClientControl.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\Web\VisualBasic\1033\AjaxClientBehavior.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\Web\CSharp\1033\jscript.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\Web\CSharp\1033\AjaxClientLibrary.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\Web\CSharp\1033\AjaxClientControl.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\Web\CSharp\1033\AjaxClientBehavior.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\VisualBasic\Web\1033\JScript.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\VisualBasic\Web\1033\AjaxClientLibrary.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\VisualBasic\Web\1033\AjaxClientControl.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\VisualBasic\Web\1033\AjaxClientBehavior.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\CSharp\Web\1033\JScript.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\CSharp\Web\1033\AjaxClientLibrary.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\CSharp\Web\1033\AjaxClientControl.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:30 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\CSharp\Web\1033\AjaxClientBehavior.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:29 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\ItemTemplates\CSharp\Web\1033\JScript.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:29 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\ItemTemplates\CSharp\General\1033\WinScript.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:25 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_REVIEW.XSN due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:25 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_INIT.XSN due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:25 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Microsoft Office\Office14\1033\CollectSignatures_Init.xsn due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:20 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Java\jre6\lib\deploy\ffjcext.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:13 Scan Omission TROY Bassmaster Manual scan Could not scan 6 files inside c:\Program Files\NetBeans 6.9.1\php\modules\org-netbeans-modules-php-samples.jar due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:12 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\NetBeans 6.9.1\ide\modules\org-netbeans-modules-javascript-editing.jar due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:09 Scan Omission TROY Bassmaster Manual scan Could not scan 188 files inside c:\Program Files\NetBeans 6.9.1\ide\jsstubs\allstubs.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:03 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Program Files\Coby\Coby Media Manager\jre\lib\deploy\ffjcext.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:02 Scan Omission TROY Bassmaster Manual scan Could not scan 7 files inside c:\MSOCache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\ProPrWW2.cab due to extraction errors encountered by the Decomposer Engines. 12/9/2011 18:00 Scan Omission TROY Bassmaster Manual scan Could not scan 4 files inside c:\MSOCache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\ProPrWW.cab due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:59 Scan Omission TROY Bassmaster Manual scan Could not scan 4 files inside c:\MSOCache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\OfficeLR.cab due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:58 Scan Omission TROY Bassmaster Manual scan Could not scan 17 files inside c:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\OfficeLR.cab due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:56 Scan Omission TROY Bassmaster Manual scan Could not scan 2 files inside c:\Documents and Settings\Bassmaster\My Documents\Downloads\setup_11.0.0.1245.x01_2011_12_07_02_20.exe due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:55 Scan Omission TROY Bassmaster Manual scan Could not scan 13 files inside c:\Documents and Settings\Bassmaster\Local Settings\temp\tmp-t9e.xpi due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:55 Scan Omission TROY Bassmaster Manual scan Could not scan 14 files inside c:\Documents and Settings\Bassmaster\Local Settings\Application Data\vshare.tv_Bar\tmpDialogs.cab due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:55 Scan Omission TROY Bassmaster Manual scan Could not scan 14 files inside c:\Documents and Settings\Bassmaster\Local Settings\Application Data\vshare.tv_Bar\Repository\conduit_CT2818425_CT2818425\DynamicDialogs\data.txt due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:55 Scan Omission TROY Bassmaster Manual scan Could not scan 14 files inside c:\Documents and Settings\Bassmaster\Local Settings\Application Data\vshare.tv_Bar\Repository\conduit_CT2818425_CT2818425\DynamicDialogs\data.bck.txt due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:55 Scan Omission TROY Bassmaster Manual scan Could not scan 30 files inside c:\Documents and Settings\Bassmaster\Local Settings\Application Data\Mozilla\Firefox\Profiles\tpgnc5zh.default\startupCache\startupCache.4.little due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:55 Scan Omission TROY Bassmaster Manual scan Could not scan 40 files inside c:\Documents and Settings\Bassmaster\Local Settings\Application Data\Mozilla\Firefox\Profiles\89j7ohku.default\startupCache\startupCache.4.little due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:55 Scan Omission TROY Bassmaster Manual scan Could not scan 13 files inside c:\Documents and Settings\Bassmaster\Local Settings\Application Data\Microsoft\Web Platform Installer\installers\StarterSite\EC1944A5EC345B5E258AAB56271EC4378B1B7B94\StarterSite.zip due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:53 Scan Omission TROY Bassmaster Manual scan Could not scan 14 files inside c:\Documents and Settings\Bassmaster\Local Settings\Application Data\conduitEngine\tmpDialogs.cab due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:53 Scan Omission TROY Bassmaster Manual scan Could not scan 14 files inside c:\Documents and Settings\Bassmaster\Local Settings\Application Data\conduitEngine\Repository\conduit_ConduitEngine\dynamicDialogs\data.txt due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:53 Scan Omission TROY Bassmaster Manual scan Could not scan 2 files inside c:\Documents and Settings\Bassmaster\Desktop\setup_11.0.0.1245.x01_2011_12_07_02_20.exe due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:53 Scan Omission TROY Bassmaster Manual scan Could not scan 2 files inside c:\Documents and Settings\Bassmaster\Desktop\setup_11.0.0.1245.x01_2011_11_19_19_59.exe due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:53 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Documents and Settings\Bassmaster\Desktop\ResetTeaTimer.exe due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:52 Scan Omission TROY Bassmaster Manual scan Could not scan 13 files inside c:\Documents and Settings\Bassmaster\Application Data\Mozilla\Firefox\Profiles\89j7ohku.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:52 Scan Omission TROY Bassmaster Manual scan Could not scan 20 files inside c:\Documents and Settings\Bassmaster\Application Data\Mozilla\Firefox\Profiles\89j7ohku.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:51 Scan Omission TROY Bassmaster Manual scan Could not scan 2 files inside c:\Documents and Settings\All Users\Documents\setup_11.0.0.1245.x01_2011_12_07_02_20.exe due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:46 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Documents and Settings\All Users\Documents\Downloads\ResetTeaTimer.exe due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:45 Scan Omission TROY Bassmaster Manual scan Could not scan 1 files inside c:\Documents and Settings\All Users\Documents\Downloads\Notepad ++\unicode\localization\swedish.xml due to extraction errors encountered by the Decomposer Engines. 12/9/2011 17:45 Scan Omission TROY Bassmaster Manual scan Could not scan 214 files inside c:\Documents and Settings\All Users\Documents\Downloads\Guitar Pro v6.0.7+Soundbanks+Keygen(Registered) [ kk ]\Guitar Pro v6.0.7+Soundbanks+Keygen(Registered) [ kk ].rar due to extraction errors encountered by the Decomposer Engines. 12/9/2011 8:00 Definition File Loaded TROY Bassmaster System New virus definition file loaded. Version: 131208ai. 12/8/2011 18:29 Definition File Loaded TROY DTR System New virus definition file loaded. Version: 131208a. 12/8/2011 18:22 Configuration Changed TROY DTR System Symantec Endpoint Protection Internet E-mail Auto-Protect Enabled 12/8/2011 18:22 Configuration Changed TROY DTR System Changed value 'HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\InternetMail\RealTimeScan\OnOff' from '0' to '1' 12/8/2011 8:03 Definition File Loaded TROY Bassmaster System New virus definition file loaded. Version: 131207aj. 12/8/2011 7:46 Symantec Endpoint Protection Startup TROY Bassmaster System Symantec Endpoint Protection services startup was successful. 12/8/2011 0:46 Symantec Endpoint Protection Shutdown TROY ?????? System Symantec Endpoint Protection services shutdown was successful. 12/7/2011 20:47 Symantec Endpoint Protection Auto-Protect Enabled TROY Bassmaster System Symantec Endpoint Protection Auto-Protect Enabled. 12/7/2011 20:47 Configuration Changed TROY Bassmaster System Changed value 'HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\Filesystem\RealTimeScan\APEOff' from '1323307056' to '0' 12/7/2011 20:47 Configuration Changed TROY Bassmaster System Changed value 'HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\Filesystem\RealTimeScan\OnOff' from '0' to '1' 12/7/2011 20:17 Configuration Changed TROY DTR System Symantec Endpoint Protection Internet E-mail Auto-Protect Disabled 12/7/2011 20:17 Configuration Changed TROY DTR System Changed value 'HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\InternetMail\RealTimeScan\OnOff' from '1' to '0' 12/7/2011 20:17 Symantec Endpoint Protection Auto-Protect Disabled TROY DTR System Symantec Endpoint Protection Auto-Protect Disabled. 12/7/2011 20:17 Configuration Changed TROY DTR System Changed value 'HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\Filesystem\RealTimeScan\APEOff' from '0' to '1323307056' 12/7/2011 20:17 Configuration Changed TROY DTR System Changed value 'HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\Filesystem\RealTimeScan\OnOff' from '1' to '0' 12/7/2011 14:33 Scan Omission TROY Bassmaster Scheduled scan Could not scan 20 files inside c:\WINDOWS\pchealth\helpctr\binaries\pchdt_p3.cab due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:33 Scan Omission TROY Bassmaster Scheduled scan Could not scan 9 files inside c:\WINDOWS\pchealth\helpctr\binaries\hscsp_p3.cab due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:31 Scan Omission TROY Bassmaster Scheduled scan Could not scan 4 files inside c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\MicrosoftDotNetFrameworkAssistant.xpi due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:31 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\chrome\chrome.jar due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:31 Scan Omission TROY Bassmaster Scheduled scan Could not scan 3 files inside c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.cab due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:27 Scan Omission TROY Bassmaster Scheduled scan Could not scan 3 files inside c:\WINDOWS\Driver Cache\i386\driver.cab due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:23 Scan Omission TROY Bassmaster Scheduled scan Could not scan 9 files inside c:\WINDOWS\ServicePackFiles\i386\hscsp_p3.cab due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:21 Scan Omission TROY Bassmaster Scheduled scan Could not scan 3 files inside c:\WINDOWS\Installer\$PatchCache$\Managed\26DDC2EC4210AC63483DF9D4FCC5B59D\3.5.30729\Chrome_jar.3643236F_FC70_11D3_A536_0090278A1BB8 due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:15 Scan Omission TROY Bassmaster Scheduled scan Could not scan 3 files inside c:\Program Files\Windows Media Player\Skins\9SeriesDefault.wmz due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:15 Scan Omission TROY Bassmaster Scheduled scan Could not scan 2 files inside c:\Program Files\Windows Media Player\Skins\compact.wmz due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:15 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Windows Media Player\Skins\QuickSilver.wmz due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:15 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Windows Media Player\Skins\Revert.wmz due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:14 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Web Designer Tools\Office12\1033\EADocumentApproval_Review.xsn due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:14 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Web Designer Tools\Office12\1033\EADocumentApproval_Init.xsn due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:14 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Web Designer Tools\Office12\1033\CollectSignatures_Init.xsn due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:14 Scan Omission TROY Bassmaster Scheduled scan Could not scan 23 files inside c:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU\vs_setup.cab due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ProjectTemplates\VisualBasic\Web\1033\AjaxServerControl.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ProjectTemplates\VisualBasic\Web\1033\AjaxControlExtender.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ProjectTemplates\CSharp\Web\1033\AjaxServerControl.Zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ProjectTemplates\CSharp\Web\1033\AjaxControlExtender.Zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\Web\VisualBasic\1033\jscript.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\Web\VisualBasic\1033\AjaxClientLibrary.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\Web\VisualBasic\1033\AjaxClientControl.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\Web\VisualBasic\1033\AjaxClientBehavior.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\Web\CSharp\1033\jscript.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\Web\CSharp\1033\AjaxClientLibrary.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\Web\CSharp\1033\AjaxClientControl.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\Web\CSharp\1033\AjaxClientBehavior.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\VisualBasic\Web\1033\JScript.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\VisualBasic\Web\1033\AjaxClientLibrary.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\VisualBasic\Web\1033\AjaxClientControl.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\VisualBasic\Web\1033\AjaxClientBehavior.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\CSharp\Web\1033\JScript.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\CSharp\Web\1033\AjaxClientControl.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\CSharp\Web\1033\AjaxClientLibrary.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:10 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress\ItemTemplates\CSharp\Web\1033\AjaxClientBehavior.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:09 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\ItemTemplates\CSharp\Web\1033\JScript.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:09 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\ItemTemplates\CSharp\General\1033\WinScript.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:05 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_REVIEW.XSN due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:05 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Office\Office14\1033\EADOCUMENTAPPROVAL_INIT.XSN due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:05 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Microsoft Office\Office14\1033\CollectSignatures_Init.xsn due to extraction errors encountered by the Decomposer Engines. 12/7/2011 14:02 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Java\jre6\lib\deploy\ffjcext.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:56 Scan Omission TROY Bassmaster Scheduled scan Could not scan 6 files inside c:\Program Files\NetBeans 6.9.1\php\modules\org-netbeans-modules-php-samples.jar due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:55 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\NetBeans 6.9.1\ide\modules\org-netbeans-modules-javascript-editing.jar due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:52 Scan Omission TROY Bassmaster Scheduled scan Could not scan 188 files inside c:\Program Files\NetBeans 6.9.1\ide\jsstubs\allstubs.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:45 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Program Files\Coby\Coby Media Manager\jre\lib\deploy\ffjcext.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:44 Scan Omission TROY Bassmaster Scheduled scan Could not scan 7 files inside c:\MSOCache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\ProPrWW2.cab due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:43 Scan Omission TROY Bassmaster Scheduled scan Could not scan 4 files inside c:\MSOCache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\ProPrWW.cab due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:41 Scan Omission TROY Bassmaster Scheduled scan Could not scan 4 files inside c:\MSOCache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\OfficeLR.cab due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:40 Scan Omission TROY Bassmaster Scheduled scan Could not scan 17 files inside c:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\OfficeLR.cab due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:39 Scan Omission TROY Bassmaster Scheduled scan Could not scan 2 files inside c:\Documents and Settings\Bassmaster\My Documents\Downloads\setup_11.0.0.1245.x01_2011_12_07_02_20.exe due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:38 Scan Omission TROY Bassmaster Scheduled scan Could not scan 13 files inside c:\Documents and Settings\Bassmaster\Local Settings\temp\tmp-t9e.xpi due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:38 Scan Omission TROY Bassmaster Scheduled scan Could not scan 14 files inside c:\Documents and Settings\Bassmaster\Local Settings\Application Data\vshare.tv_Bar\tmpDialogs.cab due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:38 Scan Omission TROY Bassmaster Scheduled scan Could not scan 14 files inside c:\Documents and Settings\Bassmaster\Local Settings\Application Data\vshare.tv_Bar\Repository\conduit_CT2818425_CT2818425\DynamicDialogs\data.txt due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:38 Scan Omission TROY Bassmaster Scheduled scan Could not scan 14 files inside c:\Documents and Settings\Bassmaster\Local Settings\Application Data\vshare.tv_Bar\Repository\conduit_CT2818425_CT2818425\DynamicDialogs\data.bck.txt due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:38 Scan Omission TROY Bassmaster Scheduled scan Could not scan 30 files inside c:\Documents and Settings\Bassmaster\Local Settings\Application Data\Mozilla\Firefox\Profiles\tpgnc5zh.default\startupCache\startupCache.4.little due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:38 Scan Omission TROY Bassmaster Scheduled scan Could not scan 40 files inside c:\Documents and Settings\Bassmaster\Local Settings\Application Data\Mozilla\Firefox\Profiles\89j7ohku.default\startupCache\startupCache.4.little due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:38 Scan Omission TROY Bassmaster Scheduled scan Could not scan 13 files inside c:\Documents and Settings\Bassmaster\Local Settings\Application Data\Microsoft\Web Platform Installer\installers\StarterSite\EC1944A5EC345B5E258AAB56271EC4378B1B7B94\StarterSite.zip due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:36 Scan Omission TROY Bassmaster Scheduled scan Could not scan 14 files inside c:\Documents and Settings\Bassmaster\Local Settings\Application Data\conduitEngine\tmpDialogs.cab due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:36 Scan Omission TROY Bassmaster Scheduled scan Could not scan 14 files inside c:\Documents and Settings\Bassmaster\Local Settings\Application Data\conduitEngine\Repository\conduit_ConduitEngine\dynamicDialogs\data.txt due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:36 Scan Omission TROY Bassmaster Scheduled scan Could not scan 2 files inside c:\Documents and Settings\Bassmaster\Desktop\setup_11.0.0.1245.x01_2011_12_07_02_20.exe due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:36 Scan Omission TROY Bassmaster Scheduled scan Could not scan 2 files inside c:\Documents and Settings\Bassmaster\Desktop\setup_11.0.0.1245.x01_2011_11_19_19_59.exe due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:36 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Documents and Settings\Bassmaster\Desktop\ResetTeaTimer.exe due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:35 Scan Omission TROY Bassmaster Scheduled scan Could not scan 13 files inside c:\Documents and Settings\Bassmaster\Application Data\Mozilla\Firefox\Profiles\89j7ohku.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:35 Scan Omission TROY Bassmaster Scheduled scan Could not scan 20 files inside c:\Documents and Settings\Bassmaster\Application Data\Mozilla\Firefox\Profiles\89j7ohku.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:34 Scan Omission TROY Bassmaster Scheduled scan Could not scan 2 files inside c:\Documents and Settings\All Users\Documents\setup_11.0.0.1245.x01_2011_12_07_02_20.exe due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:32 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Documents and Settings\All Users\Documents\Downloads\ResetTeaTimer.exe due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:32 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Documents and Settings\All Users\Documents\Downloads\Notepad ++\unicode\localization\swedish.xml due to extraction errors encountered by the Decomposer Engines. 12/7/2011 13:31 Scan Omission TROY Bassmaster Scheduled scan Could not scan 214 files inside c:\Documents and Settings\All Users\Documents\Downloads\Guitar Pro v6.0.7+Soundbanks+Keygen(Registered) [ kk ]\Guitar Pro v6.0.7+Soundbanks+Keygen(Registered) [ kk ].rar due to extraction errors encountered by the Decomposer Engines. 12/6/2011 22:47 Definition File Loaded TROY Bassmaster System New virus definition file loaded. Version: 131206r. 12/6/2011 22:26 Symantec Endpoint Protection Startup TROY SYSTEM System Symantec Endpoint Protection services startup was successful. 12/6/2011 22:22 Symantec Endpoint Protection Shutdown ?????? ?????? System Symantec Endpoint Protection services shutdown was successful. 12/6/2011 22:13 Configuration Changed TROY DTR System Symantec Endpoint Protection Internet E-mail Auto-Protect Enabled 12/6/2011 22:13 Configuration Changed TROY DTR System Changed value 'HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\InternetMail\RealTimeScan\OnOff' from '0' to '1' 12/6/2011 22:13 Symantec Endpoint Protection Auto-Protect Enabled TROY DTR System Symantec Endpoint Protection Auto-Protect Enabled. 12/6/2011 22:13 Configuration Changed TROY DTR System Changed value 'HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\Filesystem\RealTimeScan\APEOff' from '1323227481' to '0' 12/6/2011 22:13 Configuration Changed TROY DTR System Changed value 'HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\Filesystem\RealTimeScan\OnOff' from '0' to '1' 12/6/2011 22:11 Configuration Changed TROY DTR System Symantec Endpoint Protection Internet E-mail Auto-Protect Disabled 12/6/2011 22:11 Symantec Endpoint Protection Auto-Protect Disabled TROY DTR System Symantec Endpoint Protection Auto-Protect Disabled. 12/6/2011 22:11 Configuration Changed TROY DTR System Changed value 'HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\InternetMail\RealTimeScan\OnOff' from '1' to '0' 12/6/2011 22:11 Configuration Changed TROY DTR System Changed value 'HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\Filesystem\RealTimeScan\APEOff' from '0' to '1323227481' 12/6/2011 22:11 Configuration Changed TROY DTR System Changed value 'HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\Storages\Filesystem\RealTimeScan\OnOff' from '1' to '0' 12/6/2011 17:59 Definition File Loaded TROY Bassmaster System New virus definition file loaded. Version: 131206b. 12/6/2011 7:41 Symantec Endpoint Protection Startup TROY SYSTEM System Symantec Endpoint Protection services startup was successful. 12/6/2011 7:36 Symantec Endpoint Protection Shutdown TROY SYSTEM System Symantec Endpoint Protection services shutdown was successful. 12/6/2011 3:53 Definition File Loaded TROY Bassmaster System New virus definition file loaded. Version: 131205af. 12/5/2011 4:54 Scan Omission TROY Bassmaster Scheduled scan Could not scan 3 files inside c:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU\vs_setup.cab due to extraction errors encountered by the Decomposer Engines. 12/5/2011 4:26 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\MSOCache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\ProPrWW2.cab due to extraction errors encountered by the Decomposer Engines. 12/5/2011 4:24 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\MSOCache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\OfficeLR.cab due to extraction errors encountered by the Decomposer Engines. 12/5/2011 4:23 Scan Omission TROY Bassmaster Scheduled scan Could not scan 14 files inside c:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\OfficeLR.cab due to extraction errors encountered by the Decomposer Engines. 12/5/2011 4:22 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Documents and Settings\DTR\My Documents\Network Monitor 3\Captures\practice.cap due to extraction errors encountered by the Decomposer Engines. 12/5/2011 4:22 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Documents and Settings\DTR\Local Settings\Temporary Internet Files\Content.IE5\QXN90VX6\nss[1].cab due to extraction errors encountered by the Decomposer Engines. 12/5/2011 4:22 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Documents and Settings\DTR\Local Settings\Temporary Internet Files\Content.IE5\CUCWW2LE\chrome[1].cab due to extraction errors encountered by the Decomposer Engines. 12/5/2011 4:21 Scan Omission TROY Bassmaster Scheduled scan Could not scan 5 files inside c:\Documents and Settings\DTR\Local Settings\Temporary Internet Files\Content.IE5\17ADSVEA\stubinst_pkg_en-us[1].cab due to extraction errors encountered by the Decomposer Engines. 12/5/2011 4:21 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Documents and Settings\DTR\Local Settings\Temporary Internet Files\Content.IE5\0BLRK88Z\gtb[1].cab due to extraction errors encountered by the Decomposer Engines. 12/5/2011 4:21 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Documents and Settings\DTR\Application Data\Real\Update\UpgradeHelper\RealPlayer\9.01\stub_data\chrome.cab due to extraction errors encountered by the Decomposer Engines. 12/5/2011 4:21 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Documents and Settings\DTR\Application Data\Real\Update\UpgradeHelper\RealPlayer\9.01\stub_data\nss.cab due to extraction errors encountered by the Decomposer Engines. 12/5/2011 4:21 Scan Omission TROY Bassmaster Scheduled scan Could not scan 5 files inside c:\Documents and Settings\DTR\Application Data\Real\Update\UpgradeHelper\RealPlayer\9.01\stub_data\stubinst_pkg_en-us.cab due to extraction errors encountered by the Decomposer Engines. 12/5/2011 4:20 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Documents and Settings\DTR\Application Data\Real\Update\UpgradeHelper\RealPlayer\9.01\stub_data\gtb.cab due to extraction errors encountered by the Decomposer Engines. 12/5/2011 4:16 Scan Omission TROY Bassmaster Scheduled scan Could not scan 2 files inside c:\Documents and Settings\Bassmaster\Desktop\setup_11.0.0.1245.x01_2011_11_19_19_59.exe due to extraction errors encountered by the Decomposer Engines. 12/5/2011 4:11 Scan Omission TROY Bassmaster Scheduled scan Could not scan 1 files inside c:\Documents and Settings\All Users\Documents\Downloads\Notepad ++\unicode\localization\swedish.xml due to extraction errors encountered by the Decomposer Engines. 12/5/2011 4:11 Scan Omission TROY Bassmaster Scheduled scan Could not scan 184 files inside c:\Documents and Settings\All Users\Documents\Downloads\Guitar Pro v6.0.7+Soundbanks+Keygen(Registered) [ kk ]\Guitar Pro v6.0.7+Soundbanks+Keygen(Registered) [ kk ].rar due to extraction errors encountered by the Decomposer Engines. 12/5/2011 3:57 Definition File Loaded TROY Bassmaster System New virus definition file loaded. Version: 131204g.

I am trying to run the scan. I first installed to an XP non-admin account using run as but Symatec interfered and I aborted the scan. I then tried to install to the admin account, but it failed (I think because it was already installed). I then disabled Symantec and switched user back to the non admin account. I relaunched the scan, and even though Symantec was disabled under the admin account, auto-protect still began detecting threats. After a few hours, kapersky scan progress says 2% / finish in 2 days. Kapersky has detected several packed.krap32 infections and Symantec has classified them as Bloodhound.MalPE. These items are all in the Symantec quarantine directory. I believe this is Symantec conflicting with Kapersky, but I'm not sure. Should I let this scan complete or is the possible interference going to negate the value of the scan?

I think my computer is clean now, but my Gmail account was hacked a week ago from the Netherlands, the same locale the malware came from. I believe there was a keylogger included in the malware that snagged my passwords. I've changed my passwords that are sensitive, but are you fairly certain that any possible rootkits are gone? I'm not familiar with the tools you used, and it seemed like my malware was a new variant. I just worry that it wouldn't have been detected my scan utilities yet.

I uninstalled FireFox, and then deleted the program files directory, and then the AppData directory for Mozilla from each user account. FireFox search is now working normally following two reboots.

OTL logfile created on: 11/30/2011 10:11:00 PM - Run 3 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Bassmaster\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 894.48 Mb Total Physical Memory | 289.34 Mb Available Physical Memory | 32.35% Memory free 1.44 Gb Paging File | 0.72 Gb Available in Paging File | 50.22% Paging File free Paging file location(s): C:\pagefile.sys 576 1152 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 55.88 Gb Total Space | 23.37 Gb Free Space | 41.81% Space Free | Partition Type: NTFS Computer Name: TROY | User Name: DTR | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Bassmaster\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation) PRC - C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe (Microsoft Corporation) PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation) PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe (Symantec Corporation) PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe (Hewlett-Packard ) PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV - (AppMgmt) -- File not found SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (MsDepSvc) -- C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe (Microsoft Corporation) SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation) SRV - (SmcService) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation) SRV - (SNAC) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE (Symantec Corporation) SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation) ========== Driver Services (SafeList) ========== DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (NAVEX15) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20111130.002\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20111130.002\NAVENG.SYS (Symantec Corporation) DRV - (WpsHelper) -- C:\WINDOWS\system32\drivers\WpsHelper.sys (Symantec Corporation) DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (SysPlant) -- C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys (Symantec Corporation) DRV - (WPS) -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys (Symantec Corporation) DRV - (COH_Mon) -- C:\WINDOWS\system32\drivers\COH_Mon.sys (Symantec Corporation) DRV - (Teefer2) -- C:\WINDOWS\system32\drivers\Teefer2.sys (Symantec Corporation) DRV - (SRTSPL) -- C:\WINDOWS\system32\drivers\srtspl.sys (Symantec Corporation) DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\srtsp.sys (Symantec Corporation) DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\srtspx.sys (Symantec Corporation) DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation) DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation) DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation) DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation) DRV - (HPKBCCID) -- C:\WINDOWS\system32\drivers\HPKBCCID.sys (Hewlett-Packard Company) DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (eabfiltr) -- C:\WINDOWS\system32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.) DRV - (eabusb) -- C:\WINDOWS\system32\drivers\EabUsb.sys (Hewlett-Packard Development Company, L.P.) DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices) DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation ) DRV - (CAMCHALA) -- C:\WINDOWS\system32\drivers\camc6hal.sys (Conexant Systems Inc.) DRV - (CAMCAUD) -- C:\WINDOWS\system32\drivers\camc6aud.sys (Conexant Systems Inc.) DRV - (HSFHWATI) -- C:\WINDOWS\system32\drivers\HSFHWATI.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.) DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.google.com/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9 FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.49 FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:0.0.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.4: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll () FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011/01/08 22:37:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010/11/30 23:08:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/13 15:55:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/13 14:06:57 | 000,000,000 | ---D | M] [2010/12/03 16:02:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DTR\Application Data\Mozilla\Extensions [2010/12/03 16:02:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DTR\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2011/11/17 22:23:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DTR\Application Data\Mozilla\Firefox\Profiles\qn8vxhtz.default\extensions [2011/11/13 15:57:26 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\DTR\Application Data\Mozilla\Firefox\Profiles\qn8vxhtz.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011/09/03 14:30:22 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\DTR\Application Data\Mozilla\Firefox\Profiles\qn8vxhtz.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011/01/09 13:13:14 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\DTR\Application Data\Mozilla\Firefox\Profiles\qn8vxhtz.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2011/11/13 15:55:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/11/13 15:55:56 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2011/10/26 15:59:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} () (No name found) -- C:\DOCUMENTS AND SETTINGS\DTR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\QN8VXHTZ.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\DTR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\QN8VXHTZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\DTR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\QN8VXHTZ.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI [2011/11/05 01:53:18 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011/01/17 15:09:35 | 000,151,776 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2011/03/15 21:09:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2011/03/15 21:09:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2011/03/15 21:09:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2011/03/15 21:09:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2011/03/15 21:09:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2011/03/15 21:09:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2011/03/15 21:09:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2011/01/17 15:10:37 | 000,011,776 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2011/01/17 15:09:27 | 000,100,352 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2011/11/04 22:21:03 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml [2011/11/04 22:21:03 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/11/04 22:21:03 | 000,001,131 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml [2011/11/04 22:21:03 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2011/11/04 22:21:03 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml [2011/11/04 22:21:03 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml [2011/11/04 22:21:03 | 000,001,096 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: WPI Detector 1.4 (Enabled) = C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2011/11/24 21:18:09 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe () O4 - HKLM..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe (Hewlett-Packard ) O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKLM..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab (Creative Software AutoUpdate) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1291245385062 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{411FA71B-72DD-4CBE-BA86-9931113073D5}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (logonui.exe) -C:\WINDOWS\System32\logonui.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation) O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation) O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation) O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 (My Current Home Page) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\DTR\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\DTR\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O29 - HKLM SecurityProviders - (msapsspc.dll) -C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (schannel.dll) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (digest.dll) -C:\WINDOWS\System32\digest.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msnsspc.dll) -C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) -C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) -C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/11/30 22:05:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/11/26 20:54:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2011/11/26 20:53:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP [2011/11/26 20:51:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DTR\Local Settings\Application Data\HP [2011/11/25 18:56:22 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2011/11/24 21:08:53 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011/11/24 21:06:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2011/11/24 21:06:03 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2011/11/24 21:06:03 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2011/11/24 21:06:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2011/11/24 20:52:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2011/11/24 20:41:58 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/11/17 22:23:03 | 000,000,000 | ---D | C] -- C:\_OTL [2011/11/13 18:19:43 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\All Users\Documents\dds.scr [2011/11/13 18:00:09 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\DTR\Desktop\dds.scr [2011/11/13 16:09:48 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2011/11/13 16:03:36 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2011/11/13 15:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft [2011/11/13 12:28:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy [2011/11/13 12:28:33 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2011/11/13 12:28:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy [2011/11/13 03:24:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth [2011/11/11 17:36:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DTR\Application Data\InfraRecorder [2011/11/11 17:34:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\InfraRecorder [2011/11/11 17:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\InfraRecorder [2011/11/11 17:14:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DTR\Application Data\vlc [2011/11/11 17:12:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN [2011/11/11 17:11:39 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN ========== Files - Modified Within 30 Days ========== [2011/11/30 21:22:03 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/11/29 23:22:02 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/11/26 20:54:59 | 000,001,981 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Deskjet 1050 J410 series.lnk [2011/11/26 20:54:59 | 000,000,939 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Shop for Supplies - HP Deskjet 1050 J410 series.lnk [2011/11/26 20:54:58 | 000,000,934 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Deskjet 1050 J410 series Scan.lnk [2011/11/26 16:38:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/11/26 16:38:07 | 938,004,480 | -HS- | M] () -- C:\hiberfil.sys [2011/11/24 21:18:09 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011/11/24 21:09:08 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2011/11/24 20:01:11 | 000,000,000 | ---- | M] () -- C:\t1lc.1 [2011/11/24 20:00:57 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/11/19 12:32:12 | 000,009,504 | -HS- | M] () -- C:\WINDOWS\6777473drv.spi [2011/11/17 09:25:53 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk [2011/11/16 16:09:54 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat [2011/11/16 16:09:54 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat [2011/11/13 17:46:49 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\DTR\Desktop\dds.scr [2011/11/13 17:46:49 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\All Users\Documents\dds.scr [2011/11/13 16:09:47 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2011/11/13 15:56:00 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\DTR\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/11/13 15:56:00 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2011/11/13 13:56:08 | 000,503,360 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/11/13 13:56:08 | 000,088,718 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/11/13 13:26:43 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011/11/13 12:28:41 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\DTR\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011/11/13 12:28:41 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\DTR\Desktop\Spybot - Search & Destroy.lnk [2011/11/13 03:24:48 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk [2011/11/11 17:34:18 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\InfraRecorder.lnk [2011/11/11 17:12:55 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk [2011/11/10 03:20:56 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK ========== Files Created - No Company Name ========== [2011/11/26 20:54:59 | 000,001,981 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Deskjet 1050 J410 series.lnk [2011/11/26 20:54:59 | 000,000,939 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Shop for Supplies - HP Deskjet 1050 J410 series.lnk [2011/11/26 20:54:58 | 000,000,934 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Deskjet 1050 J410 series Scan.lnk [2011/11/24 21:09:07 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2011/11/24 21:09:00 | 000,260,272 | RHS- | C] () -- C:\cmldr [2011/11/24 21:06:03 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2011/11/24 21:06:03 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2011/11/24 21:06:03 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2011/11/24 21:06:03 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2011/11/24 21:06:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011/11/24 20:01:11 | 000,000,000 | ---- | C] () -- C:\t1lc.1 [2011/11/19 12:25:42 | 000,009,504 | -HS- | C] () -- C:\WINDOWS\6777473drv.spi [2011/11/16 16:09:54 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat [2011/11/16 16:09:54 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat [2011/11/13 12:28:41 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\DTR\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011/11/13 12:28:41 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\DTR\Desktop\Spybot - Search & Destroy.lnk [2011/11/13 03:24:48 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk [2011/11/11 17:34:18 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\InfraRecorder.lnk [2011/11/11 17:12:55 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk [2011/07/02 08:30:14 | 000,334,838 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1085031214-688789844-839522115-1006-0.dat [2011/07/02 08:30:09 | 000,334,838 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1085031214-688789844-839522115-1004-0.dat [2011/07/02 08:29:39 | 000,334,838 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat [2011/02/03 21:25:17 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2011/01/16 15:12:57 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011/01/16 15:12:53 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010/12/03 16:01:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010/11/30 22:22:04 | 000,095,617 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2010/11/30 22:08:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010/11/30 22:02:22 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/11/30 16:52:08 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010/11/30 16:48:20 | 000,334,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2005/03/21 11:41:32 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2005/03/21 11:41:31 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2004/08/04 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004/08/04 15:00:00 | 000,503,360 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2004/08/04 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004/08/04 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2004/08/04 15:00:00 | 000,088,718 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2004/08/04 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004/08/04 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004/08/04 15:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004/08/04 15:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2004/08/04 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat ========== LOP Check ========== [2010/12/18 14:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions [2011/08/20 11:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DTR\Application Data\Coby Media Manager [2011/01/28 18:46:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DTR\Application Data\Foxit Software [2011/11/11 17:36:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DTR\Application Data\InfraRecorder ========== Purity Check ========== < End of report >

Symantec's scan shows clean but I realized the browser redirect is still there in FireFox. It doesn't happen when I type in the Awesome Bar and then select a suggestion from my bookmarks but it does redirect when I just type a term to search by...I'm pretty sure there was something modified in the Javascript code in prefs.js and/or user.js inside of FireFox's AppData directory. keyword.url is the property that is getting manipulated. Unless you say otherwise, I will try uninstalling FireFox and make sure to delete any leftovers in the file system (e.g. program files), and then try re-installing. Started On Completed Computer Status Total Files Infected Logged By 11/27/2011 10:54 11/27/2011 12:11 TROY Clean 272623 0 Manual scan 11/27/2011 10:45 11/27/2011 10:48 TROY Clean 421 0 Manual scan 11/27/2011 3:01 11/27/2011 3:03 TROY Clean 802 0 Scheduled scan 11/26/2011 16:49 11/26/2011 17:12 TROY Clean 904 0 Startup 11/25/2011 14:00 11/25/2011 14:08 TROY Clean 865 0 Startup 11/24/2011 22:00 11/24/2011 22:07 TROY Clean 858 0 Startup 11/24/2011 20:03 11/24/2011 20:31 TROY Clean 853 0 Startup 11/23/2011 13:15 11/23/2011 14:27 TROY Clean 269118 0 Scheduled scan 11/23/2011 3:00 11/23/2011 3:02 TROY Clean 835 0 Scheduled scan 11/22/2011 3:01 11/22/2011 3:02 TROY Clean 811 0 Scheduled scan 11/21/2011 7:01 11/21/2011 7:10 TROY Clean 908 1 Startup 11/21/2011 3:01 11/21/2011 3:01 TROY Clean 717 0 Scheduled scan 11/20/2011 14:27 11/20/2011 14:32 TROY Clean 880 0 Startup 11/20/2011 12:50 11/20/2011 12:55 TROY Clean 874 0 Startup 11/20/2011 11:05 11/20/2011 11:12 TROY Clean 794 1 Startup 11/20/2011 3:01 11/20/2011 3:02 TROY Clean 791 0 Scheduled scan 11/19/2011 3:00 11/19/2011 3:01 TROY Clean 783 0 Scheduled scan 11/18/2011 3:01 11/18/2011 3:02 TROY Clean 779 0 Scheduled scan 11/17/2011 22:35 11/17/2011 22:43 TROY Clean 847 0 Startup 11/17/2011 22:23 11/17/2011 22:31 TROY Clean 864 0 Startup 11/17/2011 21:59 11/17/2011 22:06 TROY Clean 863 0 Startup 11/17/2011 21:04 11/17/2011 21:18 TROY Clean 847 0 Startup 11/17/2011 3:00 11/17/2011 3:02 TROY Clean 826 0 Scheduled scan 11/16/2011 13:15 11/16/2011 14:33 TROY Clean 292061 1 Scheduled scan 11/16/2011 3:01 11/16/2011 3:02 TROY Clean 811 0 Scheduled scan 11/15/2011 3:01 11/15/2011 3:02 TROY Clean 816 0 Scheduled scan 11/14/2011 3:00 11/14/2011 3:01 TROY Clean 797 0 Scheduled scan 11/13/2011 18:27 11/13/2011 18:38 TROY Clean 883 0 Startup 11/13/2011 17:05 11/13/2011 17:11 TROY Clean 845 0 Startup 11/13/2011 15:16 11/13/2011 15:26 TROY Clean 858 0 Startup 11/13/2011 13:19 11/13/2011 13:20 TROY Clean 13 0 Manual scan 11/13/2011 10:15 11/13/2011 10:15 TROY Clean 1 0 Manual scan 11/13/2011 10:14 11/13/2011 10:14 TROY Clean 3 0 Manual scan 11/13/2011 10:14 11/13/2011 10:14 TROY Clean 10 0 Manual scan 11/13/2011 10:09 11/13/2011 10:09 TROY Clean 1 0 Manual scan 11/13/2011 10:09 11/13/2011 10:09 TROY Clean 10 0 Manual scan 11/13/2011 9:53 11/13/2011 10:09 TROY Clean 872 0 Startup 11/13/2011 3:00 11/13/2011 3:03 TROY Clean 878 0 Scheduled scan 11/12/2011 20:48 11/12/2011 21:08 TROY Clean 905 0 Startup 11/12/2011 16:30 11/12/2011 16:53 TROY Clean 964 0 Startup 11/12/2011 3:01 11/12/2011 3:02 TROY Clean 802 0 Scheduled scan 11/11/2011 20:53 11/11/2011 21:05 TROY Clean 969 0 Startup 11/11/2011 17:08 11/11/2011 17:09 TROY Clean 1 0 Manual scan 11/11/2011 9:46 11/11/2011 10:15 TROY Clean 859 0 Startup 11/11/2011 3:01 11/11/2011 3:04 TROY Clean 789 0 Scheduled scan 11/10/2011 3:00 11/10/2011 3:08 TROY Clean 810 0 Scheduled scan 11/9/2011 13:15 11/9/2011 14:35 TROY Clean 287106 0 Scheduled scan 11/9/2011 3:00 11/9/2011 3:03 TROY Clean 808 0 Scheduled scan 11/8/2011 3:00 11/8/2011 3:02 TROY Clean 781 0 Scheduled scan 11/7/2011 21:17 11/7/2011 21:40 TROY Clean 862 0 Startup 11/7/2011 4:06 11/7/2011 4:08 TROY Clean 771 0 Scheduled scan 11/6/2011 2:01 11/6/2011 2:02 TROY Clean 747 0 Scheduled scan 11/5/2011 19:31 11/5/2011 20:31 TROY Clean 854 0 Startup 11/5/2011 19:10 11/5/2011 19:16 TROY Clean 833 0 Startup 11/5/2011 17:39 11/5/2011 17:52 TROY Clean 865 0 Startup 11/5/2011 17:11 TROY Clean 0 0 Startup 11/5/2011 3:00 11/5/2011 3:04 TROY Clean 832 0 Scheduled scan 11/4/2011 3:01 11/4/2011 3:11 TROY Clean 842 0 Scheduled scan 11/3/2011 3:00 11/3/2011 3:03 TROY Clean 845 0 Scheduled scan 11/2/2011 13:16 11/2/2011 14:44 TROY Clean 287363 0 Scheduled scan 11/2/2011 3:00 11/2/2011 3:05 TROY Clean 891 0 Scheduled scan 11/1/2011 3:00 11/1/2011 3:01 TROY Clean 790 0 Scheduled scan 10/31/2011 3:01 10/31/2011 3:04 TROY Clean 822 0 Scheduled scan 10/30/2011 3:01 10/30/2011 3:04 TROY Clean 820 0 Scheduled scan 10/29/2011 3:00 10/29/2011 3:02 TROY Clean 865 0 Scheduled scan 10/28/2011 3:01 10/28/2011 3:02 TROY Clean 787 0 Scheduled scan 10/27/2011 3:01 10/27/2011 3:04 TROY Clean 815 0 Scheduled scan 10/26/2011 17:06 10/26/2011 17:18 TROY Clean 946 0 Startup 10/26/2011 13:16 10/26/2011 14:37 TROY Clean 286515 0 Scheduled scan 10/26/2011 3:00 10/26/2011 3:01 TROY Clean 805 0 Scheduled scan 10/25/2011 3:01 10/25/2011 3:02 TROY Clean 803 0 Scheduled scan 10/24/2011 3:01 10/24/2011 3:02 TROY Clean 858 0 Scheduled scan 10/23/2011 3:00 10/23/2011 3:02 TROY Clean 768 0 Scheduled scan 10/22/2011 18:00 10/22/2011 18:15 TROY Clean 866 0 Startup 10/22/2011 16:37 10/22/2011 16:44 TROY Clean 858 0 Startup 10/22/2011 3:01 10/22/2011 3:04 TROY Clean 812 0 Scheduled scan 10/21/2011 3:00 10/21/2011 3:03 TROY Clean 802 0 Scheduled scan 10/20/2011 3:00 10/20/2011 3:02 TROY Clean 803 0 Scheduled scan 10/19/2011 18:05 10/19/2011 18:11 TROY Clean 872 0 Startup 10/19/2011 13:15 10/19/2011 14:34 TROY Clean 286528 0 Scheduled scan 10/19/2011 3:00 10/19/2011 3:02 TROY Clean 748 0 Scheduled scan 10/18/2011 23:57 10/19/2011 0:02 TROY Clean 857 0 Startup 10/18/2011 3:01 10/18/2011 3:02 TROY Clean 794 0 Scheduled scan 10/16/2011 3:01 10/16/2011 3:02 TROY Clean 788 0 Scheduled scan 10/15/2011 3:00 10/15/2011 3:03 TROY Clean 807 0 Scheduled scan 10/14/2011 3:00 10/14/2011 3:03 TROY Clean 797 0 Scheduled scan 10/13/2011 16:33 10/13/2011 16:44 TROY Clean 953 0 Startup 10/13/2011 3:01 10/13/2011 3:06 TROY Clean 810 0 Scheduled scan 10/12/2011 13:15 10/12/2011 14:43 TROY Clean 284220 1 Scheduled scan 10/12/2011 3:00 10/12/2011 3:01 TROY Clean 787 0 Scheduled scan 10/11/2011 3:01 10/11/2011 3:03 TROY Clean 789 0 Scheduled scan 10/10/2011 8:37 10/10/2011 8:42 TROY Clean 859 0 Startup 10/10/2011 3:00 10/10/2011 3:04 TROY Clean 871 0 Scheduled scan 10/9/2011 13:02 10/9/2011 13:12 TROY Clean 861 0 Startup 10/9/2011 3:01 10/9/2011 3:01 TROY Clean 786 0 Scheduled scan 10/8/2011 3:00 10/8/2011 3:02 TROY Clean 787 0 Scheduled scan 10/7/2011 3:00 10/7/2011 3:00 TROY Clean 786 0 Scheduled scan 10/6/2011 3:01 10/6/2011 3:02 TROY Clean 789 0 Scheduled scan 10/5/2011 20:00 10/5/2011 20:10 TROY Clean 892 0 Startup 10/5/2011 17:13 10/5/2011 20:00 TROY Clean 318980 0 Scheduled scan 10/4/2011 3:01 10/4/2011 3:12 TROY Clean 892 0 Scheduled scan 10/3/2011 3:00 10/3/2011 3:05 TROY Clean 794 0 Scheduled scan 10/2/2011 3:01 10/2/2011 3:03 TROY Clean 817 0 Scheduled scan 10/1/2011 3:01 10/1/2011 3:02 TROY Clean 838 0 Scheduled scan 9/30/2011 3:00 9/30/2011 3:01 TROY Clean 803 0 Scheduled scan 9/29/2011 7:25 9/29/2011 7:31 TROY Clean 868 0 Startup 9/28/2011 13:16 9/28/2011 14:40 TROY Clean 282096 0 Scheduled scan 9/28/2011 3:00 9/28/2011 3:02 TROY Clean 877 0 Scheduled scan 9/27/2011 3:00 9/27/2011 3:02 TROY Clean 913 0 Scheduled scan 9/26/2011 3:00 9/26/2011 3:02 TROY Clean 880 0 Scheduled scan 9/25/2011 3:01 9/25/2011 3:03 TROY Clean 811 0 Scheduled scan 9/24/2011 20:30 9/24/2011 20:35 TROY Clean 857 0 Startup 9/24/2011 3:01 9/24/2011 3:03 TROY Clean 867 0 Scheduled scan 9/23/2011 21:51 9/23/2011 21:58 TROY Clean 861 0 Startup 9/23/2011 17:28 9/23/2011 17:33 TROY Clean 858 1 Startup 9/23/2011 3:00 9/23/2011 3:02 TROY Clean 800 0 Scheduled scan 9/22/2011 3:00 9/22/2011 3:02 TROY Clean 842 0 Scheduled scan 9/21/2011 13:15 9/21/2011 14:33 TROY Clean 281000 0 Scheduled scan 9/21/2011 3:00 9/21/2011 3:01 TROY Clean 817 0 Scheduled scan 9/20/2011 17:49 9/20/2011 17:55 TROY Clean 838 1 Startup 9/20/2011 17:16 9/20/2011 17:18 TROY Clean 1 0 Manual scan 9/20/2011 3:00 9/20/2011 3:02 TROY Clean 838 0 Scheduled scan 9/19/2011 3:01 9/19/2011 3:02 TROY Clean 870 0 Scheduled scan 9/18/2011 13:03 9/18/2011 13:06 TROY Clean 1 0 Manual scan 9/18/2011 3:00 9/18/2011 3:02 TROY Clean 860 0 Scheduled scan 9/17/2011 3:01 9/17/2011 3:03 TROY Clean 795 0 Scheduled scan 9/16/2011 17:12 9/16/2011 17:22 TROY Clean 952 0 Startup 9/16/2011 3:00 9/16/2011 3:14 TROY Clean 880 0 Scheduled scan 9/15/2011 3:01 9/15/2011 3:02 TROY Clean 787 0 Scheduled scan 9/14/2011 13:15 9/14/2011 14:40 TROY Clean 280913 0 Scheduled scan 9/14/2011 3:00 9/14/2011 3:02 TROY Clean 823 0 Scheduled scan 9/13/2011 3:00 9/13/2011 3:01 TROY Clean 797 0 Scheduled scan 9/12/2011 3:01 9/12/2011 3:02 TROY Clean 824 0 Scheduled scan 9/11/2011 3:01 9/11/2011 3:03 TROY Clean 753 0 Scheduled scan 9/10/2011 22:43 9/10/2011 22:51 TROY Clean 848 0 Startup 9/10/2011 3:01 9/10/2011 3:03 TROY Clean 810 0 Scheduled scan 9/9/2011 3:00 9/9/2011 3:01 TROY Clean 850 0 Scheduled scan 9/8/2011 3:00 9/8/2011 3:02 TROY Clean 791 0 Scheduled scan 9/7/2011 16:45 9/7/2011 17:04 TROY Clean 944 0 Startup 9/7/2011 13:16 9/7/2011 14:48 TROY Clean 304943 0 Scheduled scan 9/7/2011 3:01 9/7/2011 3:06 TROY Clean 817 0 Scheduled scan 9/6/2011 16:37 9/6/2011 16:44 TROY Clean 949 0 Startup 9/6/2011 3:01 9/6/2011 3:03 TROY Clean 817 0 Scheduled scan 9/5/2011 3:00 9/5/2011 3:02 TROY Clean 839 0 Scheduled scan 9/4/2011 3:00 9/4/2011 3:02 TROY Clean 827 0 Scheduled scan 9/3/2011 3:01 9/3/2011 3:02 TROY Clean 866 0 Scheduled scan 9/2/2011 3:00 9/2/2011 3:02 TROY Clean 811 0 Scheduled scan 9/1/2011 17:24 9/1/2011 17:25 TROY Clean 3 0 Manual scan 9/1/2011 3:01 9/1/2011 3:02 TROY Clean 819 0 Scheduled scan 8/31/2011 13:15 8/31/2011 14:35 TROY Clean 271728 0 Scheduled scan 8/31/2011 3:01 8/31/2011 3:02 TROY Clean 803 0 Scheduled scan 8/30/2011 3:00 8/30/2011 3:01 TROY Clean 800 0 Scheduled scan 8/29/2011 8:05 8/29/2011 8:17 TROY Clean 863 0 Startup 8/29/2011 3:01 8/29/2011 3:02 TROY Clean 676 0 Scheduled scan 8/28/2011 3:00 8/28/2011 3:01 TROY Clean 840 0 Scheduled scan 8/27/2011 3:01 8/27/2011 3:03 TROY Clean 798 0 Scheduled scan 8/27/2011 0:35 8/27/2011 1:08 TROY Clean 943 1 Startup 8/26/2011 3:01 8/26/2011 3:02 TROY Clean 815 0 Scheduled scan 8/25/2011 8:31 8/25/2011 8:36 TROY Clean 852 0 Startup 8/25/2011 3:00 8/25/2011 3:06 TROY Clean 860 0 Scheduled scan 8/24/2011 13:15 8/24/2011 14:39 TROY Clean 250322 1 Scheduled scan 8/24/2011 3:00 8/24/2011 3:02 TROY Clean 825 0 Scheduled scan 8/23/2011 3:01 8/23/2011 3:02 TROY Clean 811 0 Scheduled scan 8/22/2011 3:00 8/22/2011 3:01 TROY Clean 789 0 Scheduled scan 8/21/2011 3:01 8/21/2011 3:02 TROY Clean 787 0 Scheduled scan 8/20/2011 3:00 8/20/2011 3:03 TROY Clean 870 0 Scheduled scan 8/19/2011 3:01 8/19/2011 3:05 TROY Clean 871 0 Scheduled scan 8/18/2011 3:00 8/18/2011 3:01 TROY Clean 796 0 Scheduled scan 8/17/2011 13:15 8/17/2011 14:24 TROY Clean 243807 0 Scheduled scan 8/17/2011 3:01 8/17/2011 3:02 TROY Clean 781 0 Scheduled scan 8/16/2011 3:01 8/16/2011 3:04 TROY Clean 864 0 Scheduled scan 8/15/2011 16:43 8/15/2011 16:49 TROY Clean 849 1 Startup 8/14/2011 3:01 8/14/2011 3:04 TROY Clean 883 0 Scheduled scan 8/13/2011 3:00 8/13/2011 3:02 TROY Clean 775 0 Scheduled scan 8/12/2011 3:01 8/12/2011 3:03 TROY Clean 831 0 Scheduled scan 8/11/2011 18:22 8/11/2011 18:33 TROY Clean 931 0 Startup 8/11/2011 8:53 8/11/2011 8:54 TROY Clean 10 0 Scheduled scan 8/10/2011 13:15 8/10/2011 14:26 TROY Clean 245490 1 Scheduled scan 8/10/2011 3:00 8/10/2011 3:02 TROY Clean 771 0 Scheduled scan 8/9/2011 3:01 8/9/2011 3:03 TROY Clean 856 0 Scheduled scan 8/8/2011 3:00 8/8/2011 3:02 TROY Clean 850 0 Scheduled scan 8/7/2011 3:01 8/7/2011 3:04 TROY Clean 873 0 Scheduled scan 8/6/2011 3:00 8/6/2011 3:03 TROY Clean 873 0 Scheduled scan 8/5/2011 3:00 8/5/2011 3:02 TROY Clean 839 0 Scheduled scan 8/4/2011 3:01 8/4/2011 3:03 TROY Clean 819 0 Scheduled scan 8/3/2011 13:16 8/3/2011 14:33 TROY Clean 244725 1 Scheduled scan 8/3/2011 3:00 8/3/2011 3:02 TROY Clean 823 0 Scheduled scan 8/2/2011 3:01 8/2/2011 3:03 TROY Clean 850 0 Scheduled scan 8/1/2011 7:15 8/1/2011 7:25 TROY Clean 932 1 Startup 7/31/2011 8:36 7/31/2011 8:43 TROY Clean 911 0 Startup 7/30/2011 12:20 7/30/2011 12:27 TROY Clean 921 1 Startup 7/30/2011 3:00 7/30/2011 3:02 TROY Clean 838 0 Scheduled scan 7/29/2011 3:00 7/29/2011 3:01 TROY Clean 813 0 Scheduled scan 7/28/2011 3:00 7/28/2011 3:03 TROY Clean 838 0 Scheduled scan 7/27/2011 13:15 7/27/2011 14:25 TROY Clean 243227 1 Scheduled scan 7/27/2011 3:01 7/27/2011 3:02 TROY Clean 743 0 Scheduled scan 7/26/2011 3:00 7/26/2011 3:02 TROY Clean 792 0 Scheduled scan 7/25/2011 3:01 7/25/2011 3:02 TROY Clean 729 0 Scheduled scan 7/24/2011 7:15 7/24/2011 7:20 TROY Clean 808 1 Startup 7/23/2011 3:00 7/23/2011 3:02 TROY Clean 823 0 Scheduled scan 7/22/2011 3:01 7/22/2011 3:02 TROY Clean 815 0 Scheduled scan 7/21/2011 3:01 7/21/2011 3:03 TROY Clean 867 0 Scheduled scan 7/20/2011 13:15 7/20/2011 14:28 TROY Clean 243645 0 Scheduled scan 7/20/2011 3:01 7/20/2011 3:03 TROY Clean 832 0 Scheduled scan 7/19/2011 18:07 7/19/2011 18:08 TROY Clean 1 0 Manual scan 7/19/2011 3:01 7/19/2011 3:02 TROY Clean 741 0 Scheduled scan 7/18/2011 7:06 7/18/2011 7:13 TROY Clean 843 0 Startup 7/17/2011 3:00 7/17/2011 3:01 TROY Clean 772 0 Scheduled scan 7/16/2011 3:00 7/16/2011 3:02 TROY Clean 851 0 Scheduled scan 7/15/2011 3:01 7/15/2011 3:03 TROY Clean 823 0 Scheduled scan 7/14/2011 7:16 7/14/2011 7:25 TROY Clean 818 0 Startup 7/14/2011 3:00 7/14/2011 3:05 TROY Clean 774 0 Scheduled scan 7/13/2011 18:24 7/13/2011 19:47 TROY Clean 246001 0 Scheduled scan 7/13/2011 18:15 7/13/2011 18:24 TROY Clean 850 0 Startup 7/13/2011 13:16 7/13/2011 14:36 TROY Clean 274571 0 Scheduled scan 7/13/2011 3:01 7/13/2011 3:04 TROY Clean 759 0 Scheduled scan 7/12/2011 3:00 7/12/2011 3:01 TROY Clean 758 0 Scheduled scan 7/11/2011 3:00 7/11/2011 3:01 TROY Clean 755 0 Scheduled scan 7/10/2011 3:00 7/10/2011 3:02 TROY Clean 770 0 Scheduled scan 7/9/2011 3:01 7/9/2011 3:02 TROY Clean 760 0 Scheduled scan 7/8/2011 3:00 7/8/2011 3:01 TROY Clean 752 0 Scheduled scan 7/7/2011 3:00 7/7/2011 3:01 TROY Clean 753 0 Scheduled scan 7/6/2011 13:15 7/6/2011 14:26 TROY Clean 242697 0 Scheduled scan 7/6/2011 3:01 7/6/2011 3:02 TROY Clean 753 0 Scheduled scan 7/5/2011 3:00 7/5/2011 3:03 TROY Clean 830 0 Scheduled scan 7/4/2011 3:00 7/4/2011 3:02 TROY Clean 750 0 Scheduled scan 7/4/2011 0:57 7/4/2011 1:02 TROY Clean 819 0 Startup 7/3/2011 7:21 7/3/2011 7:25 TROY Clean 849 0 Startup 7/3/2011 3:00 7/3/2011 3:03 TROY Clean 759 0 Scheduled scan 7/2/2011 10:49 7/2/2011 10:55 TROY Clean 819 0 Startup 7/2/2011 3:00 7/2/2011 3:06 TROY Clean 886 0 Scheduled scan 7/1/2011 11:05 7/1/2011 11:06 TROY Clean 10 0 Manual scan 7/1/2011 11:04 7/1/2011 11:04 TROY Clean 0 0 Manual scan 7/1/2011 10:53 7/1/2011 10:58 TROY Clean 72 0 Manual scan 7/1/2011 10:30 7/1/2011 10:31 TROY Clean 1 0 Manual scan 7/1/2011 3:00 7/1/2011 3:01 TROY Clean 773 0 Scheduled scan 6/30/2011 8:14 6/30/2011 8:21 TROY Clean 827 0 Startup 6/29/2011 13:15 6/29/2011 14:29 TROY Clean 232510 0 Scheduled scan 6/29/2011 7:58 6/29/2011 8:04 TROY Clean 800 0 Startup 6/29/2011 3:00 6/29/2011 3:04 TROY Clean 827 0 Scheduled scan 6/28/2011 3:00 6/28/2011 3:01 TROY Clean 733 0 Scheduled scan 6/27/2011 9:40 6/27/2011 9:45 TROY Clean 805 0 Startup 6/26/2011 8:04 6/26/2011 8:31 TROY Clean 835 0 Startup 6/25/2011 3:01 6/25/2011 3:02 TROY Clean 736 0 Scheduled scan 6/24/2011 21:52 6/24/2011 21:57 TROY Clean 911 0 Startup 6/24/2011 3:00 6/24/2011 3:01 TROY Clean 812 0 Scheduled scan 6/23/2011 3:01 6/23/2011 3:03 TROY Clean 860 0 Scheduled scan 6/22/2011 13:16 6/22/2011 14:23 TROY Clean 225821 0 Scheduled scan 6/22/2011 3:01 6/22/2011 3:02 TROY Clean 812 0 Scheduled scan 6/21/2011 3:00 6/21/2011 3:01 TROY Clean 811 0 Scheduled scan 6/20/2011 3:01 6/20/2011 3:02 TROY Clean 831 0 Scheduled scan 6/19/2011 3:01 6/19/2011 3:02 TROY Clean 814 0 Scheduled scan 6/18/2011 9:24 6/18/2011 9:26 TROY Clean 844 0 Scheduled scan 6/17/2011 7:07 6/17/2011 7:15 TROY Clean 901 0 Startup 6/16/2011 7:04 6/16/2011 7:16 TROY Clean 795 0 Startup 6/16/2011 3:00 6/16/2011 3:01 TROY Clean 740 0 Scheduled scan 6/15/2011 13:16 6/15/2011 14:22 TROY Clean 223483 0 Scheduled scan 6/15/2011 3:00 6/15/2011 3:01 TROY Clean 740 0 Scheduled scan 6/14/2011 20:52 6/14/2011 20:57 TROY Clean 801 0 Startup 6/14/2011 3:01 6/14/2011 3:02 TROY Clean 778 0 Scheduled scan 6/13/2011 3:01 6/13/2011 3:02 TROY Clean 758 0 Scheduled scan 6/12/2011 11:59 6/12/2011 11:59 TROY Clean 1 0 Manual scan 6/12/2011 3:01 6/12/2011 3:02 TROY Clean 731 0 Scheduled scan 6/11/2011 10:41 6/11/2011 10:53 TROY Clean 900 0 Startup 6/11/2011 3:01 6/11/2011 3:04 TROY Clean 871 0 Scheduled scan 6/10/2011 3:00 6/10/2011 3:02 TROY Clean 840 0 Scheduled scan 6/9/2011 3:00 6/9/2011 3:05 TROY Clean 889 0 Scheduled scan 6/8/2011 13:15 6/8/2011 14:16 TROY Clean 221213 0 Scheduled scan 6/8/2011 3:00 6/8/2011 3:01 TROY Clean 809 0 Scheduled scan 6/7/2011 3:01 6/7/2011 3:02 TROY Clean 806 0 Scheduled scan 6/6/2011 14:55 6/6/2011 15:00 TROY Clean 789 0 Startup 6/6/2011 14:18 6/6/2011 14:23 TROY Clean 745 0 Startup 6/6/2011 12:35 6/6/2011 12:39 TROY Clean 799 1 Startup 6/5/2011 3:00 6/5/2011 3:01 TROY Clean 754 0 Scheduled scan 6/4/2011 3:01 6/4/2011 3:01 TROY Clean 731 0 Scheduled scan 6/3/2011 3:00 6/3/2011 3:00 TROY Clean 731 0 Scheduled scan 6/2/2011 3:01 6/2/2011 3:01 TROY Clean 731 0 Scheduled scan 6/1/2011 13:15 6/1/2011 14:14 TROY Clean 220056 0 Scheduled scan 6/1/2011 3:01 6/1/2011 3:02 TROY Clean 754 0 Scheduled scan 5/31/2011 3:00 5/31/2011 3:01 TROY Clean 728 0 Scheduled scan 5/31/2011 1:49 5/31/2011 1:52 TROY Clean 822 0 Startup 5/29/2011 12:37 5/29/2011 12:57 TROY Clean 898 0 Startup 5/29/2011 12:03 5/29/2011 12:08 TROY Clean 790 0 Startup 5/27/2011 22:26 5/27/2011 22:31 TROY Clean 899 0 Startup 5/27/2011 3:01 5/27/2011 3:02 TROY Clean 737 0 Scheduled scan 5/26/2011 3:00 5/26/2011 3:01 TROY Clean 761 0 Scheduled scan 5/25/2011 13:16 5/25/2011 14:20 TROY Clean 221491 0 Scheduled scan 5/25/2011 3:01 5/25/2011 3:03 TROY Clean 757 0 Scheduled scan 5/24/2011 3:00 5/24/2011 3:01 TROY Clean 732 0 Scheduled scan 5/23/2011 18:02 5/23/2011 18:19 TROY Clean 888 0 Startup 5/23/2011 3:01 5/23/2011 3:02 TROY Clean 734 0 Scheduled scan 5/22/2011 3:00 5/22/2011 3:02 TROY Clean 757 0 Scheduled scan 5/21/2011 3:01 5/21/2011 3:03 TROY Clean 815 0 Scheduled scan 5/20/2011 3:01 5/20/2011 3:02 TROY Clean 756 0 Scheduled scan 5/19/2011 3:00 5/19/2011 3:00 TROY Clean 728 0 Scheduled scan 5/18/2011 13:15 5/18/2011 14:10 TROY Clean 219078 0 Scheduled scan 5/18/2011 3:01 5/18/2011 3:02 TROY Clean 751 0 Scheduled scan 5/17/2011 3:01 5/17/2011 3:02 TROY Clean 715 0 Scheduled scan 5/16/2011 23:00 5/16/2011 23:05 TROY Clean 807 0 Startup 5/16/2011 21:57 5/16/2011 21:59 TROY Clean 710 0 Manual scan 5/16/2011 21:41 5/16/2011 21:46 TROY Clean 790 0 Startup 5/16/2011 3:01 5/16/2011 3:03 TROY Clean 872 0 Scheduled scan 5/15/2011 3:00 5/15/2011 3:01 TROY Clean 835 0 Scheduled scan 5/14/2011 3:01 5/14/2011 3:02 TROY Clean 838 0 Scheduled scan 5/13/2011 3:00 5/13/2011 3:01 TROY Clean 765 0 Scheduled scan 5/12/2011 22:38 5/12/2011 22:38 TROY Clean 1 0 Manual scan 5/12/2011 3:00 5/12/2011 3:04 TROY Clean 832 0 Scheduled scan 5/11/2011 13:16 5/11/2011 14:09 TROY Clean 218959 0 Scheduled scan 5/11/2011 3:00 5/11/2011 3:00 TROY Clean 737 0 Scheduled scan 5/10/2011 3:00 5/10/2011 3:00 TROY Clean 732 0 Scheduled scan 5/9/2011 3:00 5/9/2011 3:02 TROY Clean 760 0 Scheduled scan 5/8/2011 3:01 5/8/2011 3:02 TROY Clean 762 0 Scheduled scan 5/7/2011 3:00 5/7/2011 3:02 TROY Clean 827 0 Scheduled scan 5/6/2011 3:01 5/6/2011 3:02 TROY Clean 764 0 Scheduled scan 5/5/2011 3:01 5/5/2011 3:03 TROY Clean 753 0 Scheduled scan 5/4/2011 21:49 5/4/2011 21:53 TROY Clean 840 0 Startup 5/4/2011 20:19 5/4/2011 21:49 TROY Clean 229815 0 Scheduled scan 5/3/2011 3:01 5/3/2011 3:02 TROY Clean 758 0 Scheduled scan 5/2/2011 3:00 5/2/2011 3:01 TROY Clean 759 0 Scheduled scan 5/1/2011 3:00 5/1/2011 3:01 TROY Clean 761 0 Scheduled scan 4/30/2011 3:00 4/30/2011 3:00 TROY Clean 727 0 Scheduled scan 4/29/2011 17:18 4/29/2011 17:33 TROY Clean 893 0 Startup 4/29/2011 7:45 4/29/2011 7:49 TROY Clean 808 0 Startup 4/29/2011 3:01 4/29/2011 3:02 TROY Clean 664 0 Scheduled scan 4/28/2011 16:51 4/28/2011 17:09 TROY Clean 889 0 Startup 4/27/2011 17:26 4/27/2011 17:31 TROY Clean 811 0 Startup 4/27/2011 13:15 4/27/2011 14:54 TROY Clean 229321 0 Scheduled scan 4/27/2011 7:02 4/27/2011 7:08 TROY Clean 821 0 Startup 4/27/2011 3:01 4/27/2011 3:02 TROY Clean 658 0 Scheduled scan 4/26/2011 17:26 4/26/2011 17:38 TROY Clean 804 0 Startup 4/25/2011 20:09 4/25/2011 20:44 TROY Clean 879 0 Startup 4/25/2011 3:00 4/25/2011 3:01 TROY Clean 771 0 Scheduled scan 4/24/2011 3:01 4/24/2011 3:03 TROY Clean 756 0 Scheduled scan 4/23/2011 9:17 4/23/2011 9:22 TROY Clean 795 0 Startup 4/22/2011 3:00 4/22/2011 3:01 TROY Clean 731 0 Scheduled scan 4/21/2011 3:00 4/21/2011 3:06 TROY Clean 774 0 Scheduled scan 4/20/2011 13:16 4/20/2011 14:10 TROY Clean 218493 0 Scheduled scan 4/20/2011 3:00 4/20/2011 3:02 TROY Clean 762 0 Scheduled scan 4/19/2011 3:01 4/19/2011 3:02 TROY Clean 754 0 Scheduled scan 4/18/2011 3:01 4/18/2011 3:01 TROY Clean 730 0 Scheduled scan 4/17/2011 3:00 4/17/2011 3:01 TROY Clean 728 0 Scheduled scan 4/16/2011 3:00 4/16/2011 3:02 TROY Clean 800 0 Scheduled scan 4/15/2011 7:13 4/15/2011 7:21 TROY Clean 785 0 Startup 4/15/2011 3:00 4/15/2011 3:05 TROY Clean 756 0 Scheduled scan 4/14/2011 3:01 4/14/2011 3:02 TROY Clean 747 0 Scheduled scan 4/13/2011 13:16 4/13/2011 14:08 TROY Clean 216862 0 Scheduled scan 4/13/2011 3:01 4/13/2011 3:01 TROY Clean 725 0 Scheduled scan 4/12/2011 3:00 4/12/2011 3:01 TROY Clean 724 0 Scheduled scan 4/11/2011 17:03 4/11/2011 17:17 TROY Clean 807 0 Startup 4/11/2011 3:01 4/11/2011 3:02 TROY Clean 655 0 Scheduled scan 4/10/2011 22:04 4/10/2011 22:09 TROY Clean 812 0 Startup 4/10/2011 3:00 4/10/2011 3:03 TROY Clean 838 0 Scheduled scan 4/9/2011 3:01 4/9/2011 3:01 TROY Clean 731 0 Scheduled scan 4/8/2011 3:01 4/8/2011 3:02 TROY Clean 756 0 Scheduled scan 4/7/2011 3:00 4/7/2011 3:02 TROY Clean 756 0 Scheduled scan 4/6/2011 13:16 4/6/2011 14:08 TROY Clean 216037 0 Scheduled scan 4/6/2011 3:00 4/6/2011 3:01 TROY Clean 753 0 Scheduled scan 4/5/2011 17:11 4/5/2011 17:22 TROY Clean 800 0 Startup 4/4/2011 3:01 4/4/2011 3:02 TROY Clean 733 0 Scheduled scan 4/3/2011 3:00 4/3/2011 3:01 TROY Clean 760 0 Scheduled scan 4/2/2011 3:00 4/2/2011 3:01 TROY Clean 730 0 Scheduled scan 4/1/2011 21:41 4/1/2011 21:46 TROY Clean 790 0 Startup 4/1/2011 3:00 4/1/2011 3:01 TROY Clean 723 0 Scheduled scan 3/31/2011 20:08 3/31/2011 20:14 TROY Clean 834 1 Startup 3/31/2011 3:00 3/31/2011 3:01 TROY Clean 770 0 Scheduled scan 3/30/2011 13:15 3/30/2011 14:09 TROY Clean 216756 0 Scheduled scan 3/30/2011 3:00 3/30/2011 3:01 TROY Clean 801 0 Scheduled scan 3/29/2011 3:01 3/29/2011 3:02 TROY Clean 815 0 Scheduled scan 3/28/2011 3:00 3/28/2011 3:00 TROY Clean 825 0 Scheduled scan 3/27/2011 3:00 3/27/2011 3:00 TROY Clean 726 0 Scheduled scan 3/26/2011 20:40 3/26/2011 20:45 TROY Clean 812 0 Startup 3/26/2011 19:19 3/26/2011 19:25 TROY Clean 775 0 Startup 3/26/2011 19:01 TROY Clean 0 0 Startup 3/26/2011 18:44 TROY Clean 0 0 Startup 3/26/2011 3:00 3/26/2011 3:04 TROY Clean 846 0 Scheduled scan 3/25/2011 23:20 3/25/2011 23:21 TROY Clean 10 0 Manual scan 3/25/2011 16:57 3/25/2011 17:04 TROY Clean 886 0 Startup 3/25/2011 3:00 3/25/2011 3:03 TROY Clean 858 0 Scheduled scan 3/24/2011 3:01 3/24/2011 3:08 TROY Clean 880 0 Scheduled scan 3/23/2011 16:42 3/23/2011 16:59 TROY Clean 913 1 Startup 3/23/2011 13:16 3/23/2011 14:25 TROY Clean 224385 0 Scheduled scan 3/23/2011 3:01 3/23/2011 3:03 TROY Clean 770 0 Scheduled scan 3/22/2011 3:01 3/22/2011 3:04 TROY Clean 805 0 Scheduled scan 3/21/2011 3:01 3/21/2011 3:05 TROY Clean 825 0 Scheduled scan 3/20/2011 22:06 3/20/2011 22:18 TROY Clean 859 1 Startup 3/20/2011 3:01 3/20/2011 3:04 TROY Clean 764 0 Scheduled scan 3/19/2011 10:52 3/19/2011 11:00 TROY Clean 834 0 Startup 3/19/2011 3:01 3/19/2011 3:04 TROY Clean 856 0 Scheduled scan 3/18/2011 3:01 3/18/2011 3:08 TROY Clean 846 0 Scheduled scan 3/17/2011 17:19 3/17/2011 17:39 TROY Clean 910 0 Startup 3/17/2011 3:00 3/17/2011 3:07 TROY Clean 861 0 Scheduled scan 3/16/2011 13:16 3/16/2011 14:14 TROY Clean 212034 0 Scheduled scan 3/16/2011 3:01 3/16/2011 3:03 TROY Clean 769 0 Scheduled scan 3/15/2011 21:52 3/15/2011 22:04 TROY Clean 822 0 Startup 3/15/2011 21:02 3/15/2011 21:14 TROY Clean 807 0 Startup 3/15/2011 20:20 3/15/2011 20:36 TROY Clean 908 0 Startup 3/15/2011 19:50 3/15/2011 20:20 TROY Clean 922 1 Startup 3/15/2011 3:01 3/15/2011 3:04 TROY Clean 743 0 Scheduled scan 3/14/2011 3:00 3/14/2011 3:03 TROY Clean 720 0 Scheduled scan 3/13/2011 20:53 3/13/2011 21:08 TROY Clean 911 0 Startup 3/13/2011 4:00 3/13/2011 4:04 TROY Clean 845 0 Scheduled scan 3/12/2011 10:54 3/12/2011 10:55 TROY Clean 1 0 Manual scan 3/12/2011 8:51 3/12/2011 9:01 TROY Clean 41 0 Manual scan 3/12/2011 3:00 3/12/2011 3:04 TROY Clean 917 0 Scheduled scan 3/11/2011 20:06 3/11/2011 20:07 TROY Clean 5 0 Manual scan 3/11/2011 3:01 3/11/2011 3:04 TROY Clean 762 0 Scheduled scan 3/10/2011 22:43 3/10/2011 22:45 TROY Clean 1 0 Manual scan 3/10/2011 22:32 3/10/2011 22:33 TROY Clean 4 0 Manual scan 3/10/2011 22:05 3/10/2011 22:09 TROY Clean 1 0 Manual scan 3/10/2011 3:00 3/10/2011 3:03 TROY Clean 745 0 Scheduled scan 3/9/2011 22:52 3/9/2011 23:01 TROY Clean 809 0 Startup 3/9/2011 13:15 3/9/2011 14:14 TROY Clean 213046 1 Scheduled scan 3/9/2011 3:01 3/9/2011 3:11 TROY Clean 818 0 Scheduled scan 3/8/2011 3:00 3/8/2011 3:04 TROY Clean 841 0 Scheduled scan 3/7/2011 3:01 3/7/2011 3:04 TROY Clean 812 0 Scheduled scan 3/6/2011 18:36 3/6/2011 18:44 TROY Clean 808 1 Startup 3/6/2011 3:00 3/6/2011 3:07 TROY Clean 856 0 Scheduled scan 3/5/2011 3:01 3/5/2011 3:04 TROY Clean 853 0 Scheduled scan 3/4/2011 3:00 3/4/2011 3:03 TROY Clean 885 0 Scheduled scan 3/3/2011 3:00 3/3/2011 3:04 TROY Clean 884 0 Scheduled scan 3/2/2011 13:16 3/2/2011 14:13 TROY Clean 212066 0 Scheduled scan 3/2/2011 3:01 3/2/2011 3:05 TROY Clean 874 0 Scheduled scan 3/1/2011 3:00 3/1/2011 3:03 TROY Clean 760 0 Scheduled scan 2/28/2011 17:15 2/28/2011 17:31 TROY Clean 891 0 Startup 2/28/2011 3:01 2/28/2011 3:04 TROY Clean 759 0 Scheduled scan 2/27/2011 12:27 2/27/2011 12:37 TROY Clean 818 0 Startup 2/27/2011 3:00 2/27/2011 3:03 TROY Clean 781 0 Scheduled scan 2/26/2011 3:00 2/26/2011 3:03 TROY Clean 779 0 Scheduled scan 2/25/2011 3:01 2/25/2011 3:04 TROY Clean 778 0 Scheduled scan 2/24/2011 3:00 2/24/2011 3:04 TROY Clean 778 0 Scheduled scan 2/23/2011 13:15 2/23/2011 14:11 TROY Clean 212961 1 Scheduled scan 2/23/2011 3:00 2/23/2011 3:03 TROY Clean 741 0 Scheduled scan 2/22/2011 3:01 2/22/2011 3:04 TROY Clean 769 0 Scheduled scan 2/21/2011 3:01 2/21/2011 3:05 TROY Clean 744 0 Scheduled scan 2/20/2011 22:26 2/20/2011 22:33 TROY Clean 807 1 Startup 2/20/2011 3:00 2/20/2011 3:03 TROY Clean 823 0 Scheduled scan 2/19/2011 3:01 2/19/2011 3:04 TROY Clean 900 0 Scheduled scan 2/18/2011 3:00 2/18/2011 3:03 TROY Clean 744 0 Scheduled scan 2/17/2011 3:01 2/17/2011 3:05 TROY Clean 764 0 Scheduled scan 2/16/2011 13:16 2/16/2011 14:12 TROY Clean 209083 1 Scheduled scan 2/16/2011 3:01 2/16/2011 3:03 TROY Clean 741 0 Scheduled scan 2/15/2011 3:01 2/15/2011 3:04 TROY Clean 799 0 Scheduled scan 2/14/2011 17:33 2/14/2011 17:47 TROY Clean 909 1 Startup 2/14/2011 3:00 2/14/2011 3:03 TROY Clean 766 0 Scheduled scan 2/13/2011 3:00 2/13/2011 3:03 TROY Clean 742 0 Scheduled scan 2/12/2011 3:00 2/12/2011 3:04 TROY Clean 822 0 Scheduled scan 2/11/2011 3:01 2/11/2011 3:04 TROY Clean 759 0 Scheduled scan 2/10/2011 6:58 2/10/2011 7:09 TROY Clean 806 0 Startup 2/10/2011 3:01 2/10/2011 3:10 TROY Clean 746 0 Scheduled scan 2/9/2011 13:15 2/9/2011 14:17 TROY Clean 213593 0 Scheduled scan 2/9/2011 3:00 2/9/2011 3:04 TROY Clean 778 0 Scheduled scan 2/8/2011 12:01 2/8/2011 12:10 TROY Clean 801 0 Startup 2/8/2011 3:01 2/8/2011 3:03 TROY Clean 631 0 Scheduled scan 2/7/2011 3:01 2/7/2011 3:04 TROY Clean 732 0 Scheduled scan 2/6/2011 3:00 2/6/2011 3:03 TROY Clean 763 0 Scheduled scan 2/5/2011 3:01 2/5/2011 3:03 TROY Clean 734 0 Scheduled scan 2/4/2011 3:00 2/4/2011 3:03 TROY Clean 753 0 Scheduled scan 2/3/2011 20:50 2/3/2011 20:53 TROY Clean 1291 0 Manual scan 2/3/2011 3:00 2/3/2011 3:03 TROY Clean 770 0 Scheduled scan 2/2/2011 13:15 2/2/2011 14:11 TROY Clean 207117 1 Scheduled scan 2/2/2011 3:00 2/2/2011 3:03 TROY Clean 771 0 Scheduled scan 2/1/2011 3:01 2/1/2011 3:06 TROY Clean 800 0 Scheduled scan 1/31/2011 3:00 1/31/2011 3:03 TROY Clean 783 0 Scheduled scan 1/30/2011 17:36 1/30/2011 18:34 TROY Clean 206768 1 Manual scan 1/30/2011 3:00 1/30/2011 3:03 TROY Clean 761 0 Scheduled scan 1/29/2011 3:00 1/29/2011 3:02 TROY Clean 757 0 Scheduled scan 1/28/2011 3:01 1/28/2011 3:06 TROY Clean 742 0 Scheduled scan 1/27/2011 16:00 1/27/2011 16:09 TROY Clean 804 1 Startup 1/26/2011 13:16 1/26/2011 13:45 TROY Clean 101899 0 Scheduled scan 1/26/2011 12:46 1/26/2011 12:53 TROY Clean 748 0 Scheduled scan 1/25/2011 3:01 1/25/2011 3:07 TROY Clean 742 0 Scheduled scan 1/24/2011 3:01 1/24/2011 3:06 TROY Clean 743 0 Scheduled scan 1/23/2011 3:00 1/23/2011 3:03 TROY Clean 739 0 Scheduled scan 1/22/2011 17:43 1/22/2011 17:52 TROY Clean 822 1 Startup 1/21/2011 3:01 1/21/2011 3:05 TROY Clean 843 0 Scheduled scan 1/20/2011 3:01 1/20/2011 3:04 TROY Clean 816 0 Scheduled scan 1/19/2011 13:15 1/19/2011 14:06 TROY Clean 207801 1 Scheduled scan 1/19/2011 3:00 1/19/2011 3:03 TROY Clean 816 0 Scheduled scan 1/18/2011 3:01 1/18/2011 3:05 TROY Clean 817 0 Scheduled scan 1/17/2011 15:14 1/17/2011 15:38 TROY Clean 914 0 Startup 1/17/2011 14:46 1/17/2011 14:47 TROY Clean 1 0 Manual scan 1/17/2011 10:19 1/17/2011 10:34 TROY Clean 798 0 Startup 1/16/2011 16:59 1/16/2011 17:00 TROY Clean 8 0 Manual scan 1/16/2011 15:10 1/16/2011 15:11 TROY Clean 1 0 Manual scan 1/16/2011 13:59 1/16/2011 14:05 TROY Clean 819 1 Startup 1/16/2011 3:00 1/16/2011 3:03 TROY Clean 767 0 Scheduled scan 1/15/2011 3:00 1/15/2011 3:03 TROY Clean 815 0 Scheduled scan 1/14/2011 3:00 1/14/2011 3:02 TROY Clean 746 0 Scheduled scan 1/13/2011 23:24 1/13/2011 23:33 TROY Clean 839 1 Startup 1/13/2011 23:06 1/13/2011 23:15 TROY Clean 497 0 Startup 1/13/2011 21:06 1/13/2011 21:08 TROY Clean 108 0 Manual scan 1/13/2011 3:01 1/13/2011 3:04 TROY Clean 796 0 Scheduled scan 1/12/2011 13:16 1/12/2011 14:08 TROY Clean 205546 1 Scheduled scan 1/12/2011 6:54 1/12/2011 6:54 TROY Clean 1 0 Manual scan 1/12/2011 6:44 1/12/2011 6:54 TROY Clean 827 1 Startup 1/12/2011 3:01 1/12/2011 3:14 TROY Clean 954 0 Scheduled scan 1/11/2011 3:00 1/11/2011 3:03 TROY Clean 772 0 Scheduled scan 1/10/2011 3:00 1/10/2011 3:04 TROY Clean 785 0 Scheduled scan 1/9/2011 22:55 1/9/2011 23:03 TROY Clean 866 1 Startup 1/9/2011 10:11 1/9/2011 10:22 TROY Clean 836 0 Startup 1/9/2011 3:01 1/9/2011 3:04 TROY Clean 703 0 Scheduled scan 1/8/2011 7:23 1/8/2011 7:36 TROY Clean 819 1 Startup 1/8/2011 3:00 1/8/2011 3:08 TROY Clean 793 0 Scheduled scan 1/7/2011 3:01 1/7/2011 3:03 TROY Clean 787 0 Scheduled scan 1/6/2011 23:00 1/6/2011 23:01 TROY Clean 93 0 Manual scan 1/6/2011 22:12 1/6/2011 22:13 TROY Clean 1 0 Manual scan 1/6/2011 21:41 1/6/2011 21:44 TROY Clean 1 0 Manual scan 1/6/2011 3:01 1/6/2011 3:06 TROY Clean 756 0 Scheduled scan 1/5/2011 13:15 1/5/2011 14:00 TROY Clean 185908 1 Scheduled scan 1/5/2011 3:00 1/5/2011 3:02 TROY Clean 802 0 Scheduled scan 1/4/2011 3:00 1/4/2011 3:03 TROY Clean 793 0 Scheduled scan 1/3/2011 16:53 1/3/2011 17:17 TROY Clean 858 1 Startup 1/3/2011 3:01 1/3/2011 3:03 TROY Clean 620 0 Scheduled scan 1/2/2011 3:01 1/2/2011 3:04 TROY Clean 738 0 Scheduled scan 1/1/2011 22:08 1/1/2011 22:09 TROY Clean 1 0 Manual scan 1/1/2011 22:00 1/1/2011 22:01 TROY Clean 48 0 Manual scan 1/1/2011 16:58 1/1/2011 17:05 TROY Clean 804 0 Startup 1/1/2011 13:51 1/1/2011 13:59 TROY Clean 789 1 Startup 1/1/2011 13:02 1/1/2011 13:03 TROY Clean 1 0 Manual scan 1/1/2011 11:28 1/1/2011 11:31 TROY Clean 749 0 Scheduled scan 12/31/2010 14:11 12/31/2010 14:45 TROY Clean 815 0 Startup 12/31/2010 9:09 12/31/2010 9:11 TROY Clean 8 0 Scheduled scan 12/30/2010 11:02 12/30/2010 11:07 TROY Clean 757 0 Scheduled scan 12/29/2010 15:36 12/29/2010 15:42 TROY Clean 785 1 Startup 12/29/2010 14:57 12/29/2010 14:58 TROY Clean 266 0 Manual scan 12/29/2010 14:49 12/29/2010 14:57 TROY Clean 831 0 Startup 12/29/2010 14:44 12/29/2010 14:44 TROY Clean 412 0 Scheduled scan 12/29/2010 14:42 12/29/2010 14:44 TROY Clean 592 0 Scheduled scan 12/28/2010 14:32 12/28/2010 14:35 TROY Clean 812 0 Scheduled scan 12/27/2010 5:36 12/27/2010 5:37 TROY Clean 783 0 Scheduled scan 12/26/2010 19:54 12/26/2010 20:03 TROY Clean 786 0 Startup 12/26/2010 3:01 12/26/2010 3:05 TROY Clean 769 0 Scheduled scan 12/25/2010 11:18 12/25/2010 11:23 TROY Clean 749 0 Scheduled scan 12/24/2010 3:01 12/24/2010 3:04 TROY Clean 814 0 Scheduled scan 12/23/2010 3:01 12/23/2010 3:04 TROY Clean 821 0 Scheduled scan 12/22/2010 16:09 12/22/2010 16:47 TROY Clean 127415 0 Scheduled scan 12/22/2010 16:07 12/22/2010 16:09 TROY Clean 816 0 Scheduled scan 12/21/2010 10:16 12/21/2010 10:17 TROY Clean 448 0 Scheduled scan 12/20/2010 7:32 12/20/2010 7:41 TROY Clean 775 0 Startup 12/19/2010 11:58 12/19/2010 12:10 TROY Clean 807 0 Startup 12/18/2010 16:18 12/18/2010 16:27 TROY Clean 819 1 Startup 12/18/2010 13:59 12/18/2010 14:00 TROY Clean 1 0 Manual scan 12/18/2010 9:58 12/18/2010 10:08 TROY Clean 796 0 Startup 12/17/2010 15:13 12/17/2010 15:15 TROY Clean 1 0 Manual scan 12/17/2010 9:52 12/17/2010 10:00 TROY Clean 753 0 Scheduled scan 12/16/2010 17:27 12/16/2010 17:33 TROY Clean 795 0 Startup 12/16/2010 8:58 12/16/2010 9:15 TROY Clean 781 1 Startup 12/16/2010 7:55 12/16/2010 8:02 TROY Clean 746 0 Scheduled scan 12/15/2010 16:01 12/15/2010 16:58 TROY Clean 122861 0 Scheduled scan 12/15/2010 6:55 12/15/2010 7:03 TROY Clean 809 0 Startup 12/15/2010 6:50 12/15/2010 6:55 TROY Clean 661 0 Scheduled scan 12/14/2010 16:00 12/14/2010 16:11 TROY Clean 882 0 Scheduled scan 12/12/2010 19:57 12/12/2010 21:02 TROY Clean 121575 0 Manual scan 12/12/2010 19:21 12/12/2010 19:57 TROY Clean 794 0 Startup 12/10/2010 21:53 12/10/2010 22:39 TROY Clean 127454 1 Manual scan 12/9/2010 20:21 12/9/2010 20:22 TROY Clean 1 0 Manual scan 12/5/2010 20:44 12/5/2010 20:50 TROY Clean 792 0 Manual scan 12/3/2010 17:40 12/3/2010 17:41 TROY Clean 260 0 Manual scan 12/3/2010 15:55 12/3/2010 15:57 TROY Clean 1 0 Manual scan 12/2/2010 22:12 12/2/2010 22:12 TROY Clean 1 0 Manual scan 12/2/2010 20:55 12/2/2010 20:57 TROY Clean 1 0 Manual scan 12/2/2010 18:31 12/2/2010 19:07 TROY Clean 90817 1 Manual scan

Addendum... 1)After rebooting, Symantec appears to be running normally. 2)FireFox is no longer redirecting when typing in the "Awesome Bar" We're looking good!

Maniac, Many of the instructions throughout this process have required being logged in under the admin account on XP. Several situations have occurred where I was not able to use "Run As" in order to elevate privileges, such as disabling antivirus protection. Also, after running Combo Fix, not all features of Symantec Endpoint Protection seem to be available any more. I have not re-enabled AV until hearing back. Here is my log: ComboFix 11-11-24.01 - DTR 11/24/2011 21:10:49.1.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.894.384 [GMT -5:00] Running from: c:\documents and settings\Bassmaster\Desktop\ComboFix.exe AV: Symantec Endpoint Protection *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C} FW: Symantec Endpoint Protection *Disabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\_000007_.tmp.dll . . ((((((((((((((((((((((((( Files Created from 2011-10-25 to 2011-11-25 ))))))))))))))))))))))))))))))) . . 2011-11-20 20:48 . 2011-11-20 20:50 -------- d-----w- c:\documents and settings\Bassmaster\Application Data\vlc 2011-11-18 03:23 . 2011-11-18 03:23 -------- d-----w- C:\_OTL 2011-11-13 21:09 . 2011-11-13 21:09 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2011-11-13 21:03 . 2011-11-13 21:03 -------- d-----w- c:\program files\Lavasoft 2011-11-13 20:50 . 2011-11-13 21:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2011-11-13 17:28 . 2011-11-13 18:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2011-11-13 17:28 . 2011-11-13 17:31 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-11-11 22:36 . 2011-11-11 22:36 -------- d-----w- c:\documents and settings\DTR\Application Data\InfraRecorder 2011-11-11 22:35 . 2011-11-11 22:35 -------- d-----w- c:\documents and settings\Bassmaster\Application Data\InfraRecorder 2011-11-11 22:34 . 2011-11-11 22:34 -------- d-----w- c:\program files\InfraRecorder 2011-11-11 22:14 . 2011-11-11 22:18 -------- d-----w- c:\documents and settings\DTR\Application Data\vlc 2011-11-11 22:11 . 2011-11-11 22:11 -------- d-----w- c:\program files\VideoLAN . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-13 18:26 . 2011-09-03 18:51 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-10 14:22 . 2010-12-01 03:02 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-10-03 09:06 . 2010-12-01 04:09 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-10-03 06:37 . 2010-12-01 04:09 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-09-28 07:06 . 2004-08-04 20:00 599040 ----a-w- c:\windows\system32\crypt32.dll 2011-09-26 15:41 . 2008-07-30 00:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 15:41 . 2004-08-04 20:00 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-26 15:41 . 2004-08-04 20:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-06 13:20 . 2004-08-04 20:00 1858944 ----a-w- c:\windows\system32\win32k.sys 2011-08-31 21:00 . 2011-01-12 11:55 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-05 06:53 . 2011-03-27 01:06 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-07-14 344064] "SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 102492] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 692316] "eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2005-12-07 409600] "Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2005-02-17 233534] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-08-14 115560] "TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-01-17 274608] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Symantec\\Symantec Endpoint Protection\\Smc.exe"= "c:\\Program Files\\Symantec\\Symantec Endpoint Protection\\SNAC.EXE"= "c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"= "c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= . R2 MsDepSvc;Web Deployment Agent Service;c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe [4/1/2011 7:17 PM 67400] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [11/10/2011 10:10 PM 106104] R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [11/30/2010 10:23 PM 200192] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 9:37 PM 4640000] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6/12/2011 11:00 AM 136176] S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [11/18/2008 6:17 PM 23888] S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [6/12/2011 11:00 AM 136176] S3 HPKBCCID;HP Keyboard Smart Card Driver;c:\windows\system32\drivers\HPKBCCID.sys [11/7/2006 3:32 AM 46976] S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [6/12/2011 10:15 AM 31125880] S3 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [4/3/2010 10:56 AM 44896] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504] . Contents of the 'Scheduled Tasks' folder . 2011-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-12 16:00] . 2011-11-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-12 16:00] . 2011-03-23 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1085031214-688789844-839522115-1004.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 16:33] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=laptop uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 FF - ProfilePath - c:\documents and settings\DTR\Application Data\Mozilla\Firefox\Profiles\qn8vxhtz.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ . - - - - ORPHANS REMOVED - - - - . SafeBoot-Symantec Antvirus . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-11-24 21:18 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????8?9?8?4??????? ???B?????????????hLC? ?????? . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MsDepSvc] "ImagePath"="\"c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe\" -runService:MsDepSvc" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(1152) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'winlogon.exe'(3124) c:\windows\system32\Ati2evxx.dll . Completion time: 2011-11-24 21:21:52 ComboFix-quarantined-files.txt 2011-11-25 02:21 . Pre-Run: 25,983,877,120 bytes free Post-Run: 25,950,437,376 bytes free . WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect . - - End Of File - - 0CE97587039F5BBB9C72DA5BFDBA839E

14:42:07.0937 4068 TDSS rootkit removing tool 2.6.20.0 Nov 22 2011 12:05:55 14:42:08.0484 4068 ============================================================ 14:42:08.0484 4068 Current date / time: 2011/11/23 14:42:08.0484 14:42:08.0484 4068 SystemInfo: 14:42:08.0484 4068 14:42:08.0484 4068 OS Version: 5.1.2600 ServicePack: 3.0 14:42:08.0484 4068 Product type: Workstation 14:42:08.0484 4068 ComputerName: TROY 14:42:08.0484 4068 UserName: DTR 14:42:08.0484 4068 Windows directory: C:\WINDOWS 14:42:08.0484 4068 System windows directory: C:\WINDOWS 14:42:08.0484 4068 Processor architecture: Intel x86 14:42:08.0484 4068 Number of processors: 1 14:42:08.0484 4068 Page size: 0x1000 14:42:08.0484 4068 Boot type: Normal boot 14:42:08.0484 4068 ============================================================ 14:42:18.0937 4068 Initialize success 14:44:28.0406 2568 ============================================================ 14:44:28.0406 2568 Scan started 14:44:28.0406 2568 Mode: Manual; SigCheck; TDLFS; 14:44:28.0406 2568 ============================================================ 14:44:38.0046 2568 Abiosdsk - ok 14:44:38.0968 2568 abp480n5 - ok 14:44:39.0859 2568 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 14:44:57.0468 2568 ACPI - ok 14:44:57.0937 2568 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 14:44:58.0687 2568 ACPIEC - ok 14:44:58.0953 2568 adpu160m - ok 14:44:59.0218 2568 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 14:44:59.0671 2568 aec - ok 14:44:59.0921 2568 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 14:45:00.0218 2568 AFD - ok 14:45:00.0515 2568 Aha154x - ok 14:45:00.0718 2568 aic78u2 - ok 14:45:01.0453 2568 aic78xx - ok 14:45:02.0093 2568 AliIde - ok 14:45:02.0718 2568 AmdK8 (59301936898ae62245a6f09c0aba9475) C:\WINDOWS\system32\DRIVERS\AmdK8.sys 14:45:03.0406 2568 AmdK8 - ok 14:45:03.0890 2568 amsint - ok 14:45:04.0265 2568 asc - ok 14:45:05.0421 2568 asc3350p - ok 14:45:05.0890 2568 asc3550 - ok 14:45:06.0640 2568 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 14:45:07.0171 2568 AsyncMac - ok 14:45:08.0312 2568 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 14:45:11.0656 2568 atapi - ok 14:45:12.0218 2568 Atdisk - ok 14:45:13.0093 2568 ati2mtag (8ad140c5258afa3e07b8e2ff1a660d6b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 14:45:14.0734 2568 ati2mtag - ok 14:45:15.0578 2568 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 14:45:16.0656 2568 Atmarpc - ok 14:45:17.0109 2568 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 14:45:17.0734 2568 audstub - ok 14:45:18.0156 2568 BCM43XX (30d20fc98bcfd52e1da778cf19b223d4) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys 14:45:19.0125 2568 BCM43XX - ok 14:45:19.0609 2568 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 14:45:20.0281 2568 Beep - ok 14:45:21.0109 2568 CAMCAUD (4ebc37b6677a6768b307ae40839d788f) C:\WINDOWS\system32\drivers\camc6aud.sys 14:45:21.0640 2568 CAMCAUD - ok 14:45:22.0140 2568 CAMCHALA (9a38fc432ad8b3400cefb70a7236979e) C:\WINDOWS\system32\drivers\camc6hal.sys 14:45:23.0062 2568 CAMCHALA - ok 14:45:23.0578 2568 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 14:45:24.0078 2568 cbidf2k - ok 14:45:24.0843 2568 cd20xrnt - ok 14:45:25.0156 2568 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 14:45:27.0125 2568 Cdaudio - ok 14:45:28.0078 2568 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 14:45:28.0828 2568 Cdfs - ok 14:45:29.0468 2568 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 14:45:31.0671 2568 Cdrom - ok 14:45:32.0031 2568 Changer - ok 14:45:32.0656 2568 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 14:45:32.0984 2568 CmBatt - ok 14:45:33.0421 2568 CmdIde - ok 14:45:33.0640 2568 COH_Mon (86a22dff16e8ca67601044efe6825537) C:\WINDOWS\system32\Drivers\COH_Mon.sys 14:45:34.0156 2568 COH_Mon - ok 14:45:34.0578 2568 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 14:45:35.0000 2568 Compbatt - ok 14:45:35.0578 2568 Cpqarray - ok 14:45:35.0718 2568 dac2w2k - ok 14:45:35.0828 2568 dac960nt - ok 14:45:36.0093 2568 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 14:45:36.0578 2568 Disk - ok 14:45:36.0906 2568 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 14:45:37.0937 2568 dmboot - ok 14:45:38.0718 2568 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 14:45:39.0437 2568 dmio - ok 14:45:40.0000 2568 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 14:45:40.0687 2568 dmload - ok 14:45:40.0875 2568 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 14:45:41.0250 2568 DMusic - ok 14:45:41.0703 2568 dpti2o - ok 14:45:41.0796 2568 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 14:45:42.0546 2568 drmkaud - ok 14:45:42.0734 2568 eabfiltr (c6aca0190ee7b614673ee0c91863b1eb) C:\WINDOWS\system32\drivers\EABFiltr.sys 14:45:43.0359 2568 eabfiltr - ok 14:45:44.0031 2568 eabusb (da1011db09ad641de40cd5cca70c0c43) C:\WINDOWS\system32\drivers\eabusb.sys 14:45:44.0515 2568 eabusb - ok 14:45:45.0015 2568 eeCtrl (75e8b69f28c813675b16db357f20720f) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 14:45:46.0890 2568 eeCtrl - ok 14:45:47.0234 2568 EraserUtilRebootDrv (720b18d76de9e603b626dfcd6f1fca7c) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 14:45:48.0093 2568 EraserUtilRebootDrv - ok 14:45:48.0921 2568 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 14:45:50.0625 2568 Fastfat - ok 14:45:51.0140 2568 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 14:45:51.0750 2568 Fdc - ok 14:45:52.0250 2568 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 14:45:52.0968 2568 Fips - ok 14:45:53.0234 2568 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 14:45:53.0875 2568 Flpydisk - ok 14:45:54.0328 2568 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 14:45:55.0421 2568 FltMgr - ok 14:45:56.0109 2568 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 14:45:56.0750 2568 Fs_Rec - ok 14:45:57.0484 2568 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 14:45:57.0984 2568 Ftdisk - ok 14:45:58.0296 2568 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 14:45:59.0328 2568 GEARAspiWDM - ok 14:45:59.0953 2568 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 14:46:00.0531 2568 Gpc - ok 14:46:00.0812 2568 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 14:46:01.0359 2568 HidUsb - ok 14:46:01.0859 2568 HPKBCCID (1ffda46b645473d56c72aae6e1002825) C:\WINDOWS\system32\DRIVERS\HPKBCCID.sys 14:46:02.0140 2568 HPKBCCID - ok 14:46:02.0375 2568 hpn - ok 14:46:02.0578 2568 HSFHWATI (13d4b70bf2f9bc550e9079da864d3ec1) C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys 14:46:05.0218 2568 HSFHWATI - ok 14:46:06.0125 2568 HSF_DP (dfa8f86c0dbca7db948043aa3be6793b) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys 14:46:08.0156 2568 HSF_DP - ok 14:46:08.0859 2568 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 14:46:09.0625 2568 HTTP - ok 14:46:09.0687 2568 i2omgmt - ok 14:46:09.0781 2568 i2omp - ok 14:46:09.0984 2568 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 14:46:10.0546 2568 i8042prt - ok 14:46:11.0031 2568 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 14:46:11.0984 2568 Imapi - ok 14:46:12.0078 2568 ini910u - ok 14:46:12.0093 2568 IntelIde - ok 14:46:12.0234 2568 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 14:46:12.0953 2568 Ip6Fw - ok 14:46:13.0703 2568 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 14:46:14.0218 2568 IpFilterDriver - ok 14:46:14.0671 2568 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 14:46:15.0312 2568 IpInIp - ok 14:46:15.0890 2568 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 14:46:17.0109 2568 IpNat - ok 14:46:17.0625 2568 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 14:46:18.0781 2568 IPSec - ok 14:46:19.0640 2568 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 14:46:20.0718 2568 IRENUM - ok 14:46:21.0140 2568 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 14:46:23.0453 2568 isapnp - ok 14:46:24.0015 2568 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 14:46:24.0921 2568 Kbdclass - ok 14:46:25.0750 2568 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 14:46:26.0625 2568 kbdhid - ok 14:46:27.0515 2568 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 14:46:28.0734 2568 kmixer - ok 14:46:29.0718 2568 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 14:46:30.0953 2568 KSecDD - ok 14:46:31.0421 2568 Lavasoft Kernexplorer - ok 14:46:32.0828 2568 lbrtfdc - ok 14:46:33.0531 2568 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 14:46:36.0484 2568 mdmxsdk - ok 14:46:36.0937 2568 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 14:46:37.0390 2568 mnmdd - ok 14:46:37.0875 2568 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 14:46:38.0484 2568 Modem - ok 14:46:38.0687 2568 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 14:46:39.0031 2568 Mouclass - ok 14:46:39.0453 2568 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 14:46:39.0890 2568 MountMgr - ok 14:46:40.0046 2568 mraid35x - ok 14:46:40.0156 2568 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 14:46:40.0796 2568 MRxDAV - ok 14:46:41.0250 2568 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 14:46:41.0953 2568 MRxSmb - ok 14:46:42.0515 2568 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 14:46:42.0953 2568 Msfs - ok 14:46:43.0453 2568 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 14:46:43.0953 2568 MSKSSRV - ok 14:46:44.0000 2568 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 14:46:44.0343 2568 MSPCLOCK - ok 14:46:44.0468 2568 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 14:46:44.0921 2568 MSPQM - ok 14:46:45.0250 2568 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 14:46:45.0671 2568 mssmbios - ok 14:46:45.0890 2568 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 14:46:46.0250 2568 Mup - ok 14:46:46.0656 2568 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20111122.003\NAVENG.SYS 14:46:47.0187 2568 NAVENG - ok 14:46:47.0687 2568 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20111122.003\NAVEX15.SYS 14:46:50.0109 2568 NAVEX15 - ok 14:46:50.0718 2568 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 14:46:52.0296 2568 NDIS - ok 14:46:52.0703 2568 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 14:46:53.0234 2568 NdisTapi - ok 14:46:53.0656 2568 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 14:46:54.0125 2568 Ndisuio - ok 14:46:54.0203 2568 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 14:46:54.0750 2568 NdisWan - ok 14:46:55.0109 2568 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 14:46:55.0343 2568 NDProxy - ok 14:46:55.0531 2568 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 14:46:56.0093 2568 NetBIOS - ok 14:46:56.0171 2568 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 14:46:56.0656 2568 NetBT - ok 14:46:57.0062 2568 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys 14:46:57.0296 2568 nm - ok 14:46:57.0625 2568 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 14:46:57.0875 2568 Npfs - ok 14:46:57.0968 2568 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 14:46:58.0609 2568 Ntfs - ok 14:46:58.0953 2568 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 14:46:59.0390 2568 Null - ok 14:46:59.0546 2568 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 14:46:59.0859 2568 NwlnkFlt - ok 14:47:00.0078 2568 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 14:47:00.0453 2568 NwlnkFwd - ok 14:47:00.0562 2568 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys 14:47:00.0812 2568 Parport - ok 14:47:00.0921 2568 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 14:47:01.0421 2568 PartMgr - ok 14:47:01.0984 2568 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 14:47:02.0468 2568 ParVdm - ok 14:47:02.0703 2568 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 14:47:03.0171 2568 PCI - ok 14:47:03.0453 2568 PCIDump - ok 14:47:03.0500 2568 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 14:47:03.0828 2568 PCIIde - ok 14:47:04.0109 2568 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 14:47:04.0468 2568 Pcmcia - ok 14:47:04.0500 2568 PDCOMP - ok 14:47:04.0640 2568 PDFRAME - ok 14:47:04.0765 2568 PDRELI - ok 14:47:04.0812 2568 PDRFRAME - ok 14:47:04.0953 2568 perc2 - ok 14:47:04.0984 2568 perc2hib - ok 14:47:05.0515 2568 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 14:47:05.0921 2568 PptpMiniport - ok 14:47:06.0500 2568 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys 14:47:06.0921 2568 Processor - ok 14:47:07.0046 2568 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 14:47:07.0515 2568 PSched - ok 14:47:07.0609 2568 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 14:47:08.0203 2568 Ptilink - ok 14:47:08.0437 2568 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys 14:47:08.0921 2568 PxHelp20 - ok 14:47:09.0484 2568 ql1080 - ok 14:47:09.0578 2568 Ql10wnt - ok 14:47:09.0625 2568 ql12160 - ok 14:47:09.0796 2568 ql1240 - ok 14:47:09.0828 2568 ql1280 - ok 14:47:09.0906 2568 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 14:47:10.0359 2568 RasAcd - ok 14:47:10.0843 2568 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 14:47:11.0156 2568 Rasl2tp - ok 14:47:11.0453 2568 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 14:47:12.0421 2568 RasPppoe - ok 14:47:12.0625 2568 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 14:47:13.0000 2568 Raspti - ok 14:47:13.0062 2568 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 14:47:13.0328 2568 Rdbss - ok 14:47:13.0718 2568 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 14:47:14.0093 2568 RDPCDD - ok 14:47:14.0187 2568 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 14:47:14.0843 2568 RDPWD - ok 14:47:15.0328 2568 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 14:47:16.0609 2568 redbook - ok 14:47:16.0921 2568 RTL8023xp (7f0413bdd7d53eb4c7a371e7f6f84df1) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys 14:47:17.0218 2568 RTL8023xp - ok 14:47:17.0640 2568 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 14:47:17.0937 2568 rtl8139 - ok 14:47:18.0625 2568 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 14:47:19.0328 2568 Secdrv - ok 14:47:19.0796 2568 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys 14:47:20.0093 2568 Serial - ok 14:47:20.0562 2568 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 14:47:20.0796 2568 Sfloppy - ok 14:47:20.0843 2568 Simbad - ok 14:47:21.0109 2568 Sparrow - ok 14:47:21.0781 2568 SPBBCDrv (77780509a16a1df7f2d8531d21ddb9b9) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys 14:47:23.0437 2568 SPBBCDrv - ok 14:47:24.0578 2568 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 14:47:25.0078 2568 splitter - ok 14:47:25.0578 2568 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 14:47:26.0140 2568 sr - ok 14:47:26.0609 2568 SRTSP (e217480cc878061d7603a8cdca06c188) C:\WINDOWS\system32\Drivers\SRTSP.SYS 14:47:27.0406 2568 SRTSP - ok 14:47:28.0078 2568 SRTSPL (cae71704badde6b0d5818acce20673ca) C:\WINDOWS\system32\Drivers\SRTSPL.SYS 14:47:28.0765 2568 SRTSPL - ok 14:47:29.0062 2568 SRTSPX (be6f1ddde2ddab75225d83e6b03a2348) C:\WINDOWS\system32\Drivers\SRTSPX.SYS 14:47:30.0140 2568 SRTSPX - ok 14:47:30.0812 2568 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 14:47:31.0312 2568 Srv - ok 14:47:31.0640 2568 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 14:47:32.0031 2568 swenum - ok 14:47:32.0484 2568 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 14:47:33.0593 2568 swmidi - ok 14:47:34.0000 2568 symc810 - ok 14:47:34.0093 2568 symc8xx - ok 14:47:34.0203 2568 SymEvent (e03ee3ef1037099554d17bed99545a5e) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 14:47:34.0968 2568 SymEvent - ok 14:47:35.0468 2568 SYMREDRV (be3c117150c055e50a4caf23e548c856) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS 14:47:35.0890 2568 SYMREDRV - ok 14:47:36.0468 2568 SYMTDI (7b0af4e22b32f8c5bfba5a5d53522160) C:\WINDOWS\System32\Drivers\SYMTDI.SYS 14:47:37.0156 2568 SYMTDI - ok 14:47:37.0875 2568 sym_hi - ok 14:47:37.0953 2568 sym_u3 - ok 14:47:38.0250 2568 SynTP (1dbc86da355b5db35174f862c110fd09) C:\WINDOWS\system32\DRIVERS\SynTP.sys 14:47:39.0406 2568 SynTP - ok 14:47:39.0859 2568 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 14:47:42.0750 2568 sysaudio - ok 14:47:42.0828 2568 SysPlant (835ac2478eda93c43a3066a246251eda) C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys 14:47:43.0578 2568 SysPlant - ok 14:47:44.0296 2568 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 14:47:44.0984 2568 Tcpip - ok 14:47:45.0796 2568 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 14:47:46.0765 2568 TDPIPE - ok 14:47:47.0156 2568 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 14:47:47.0765 2568 TDTCP - ok 14:47:48.0312 2568 Teefer2 (0dc098cc18a974e7c1e96e6846bd06e4) C:\WINDOWS\system32\DRIVERS\teefer2.sys 14:47:48.0640 2568 Teefer2 - ok 14:47:48.0968 2568 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 14:47:49.0812 2568 TermDD - ok 14:47:50.0109 2568 TosIde - ok 14:47:50.0218 2568 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 14:47:51.0078 2568 Udfs - ok 14:47:51.0140 2568 ultra - ok 14:47:51.0546 2568 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 14:47:52.0187 2568 Update - ok 14:47:52.0625 2568 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 14:47:52.0968 2568 usbccgp - ok 14:47:53.0500 2568 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 14:47:53.0984 2568 usbehci - ok 14:47:54.0125 2568 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 14:47:54.0953 2568 usbhub - ok 14:47:55.0406 2568 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 14:47:55.0812 2568 usbohci - ok 14:47:55.0890 2568 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 14:47:56.0093 2568 usbprint - ok 14:47:56.0484 2568 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 14:47:56.0734 2568 USBSTOR - ok 14:47:56.0968 2568 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 14:47:57.0390 2568 VgaSave - ok 14:47:57.0828 2568 ViaIde - ok 14:47:58.0171 2568 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 14:47:58.0531 2568 VolSnap - ok 14:47:58.0812 2568 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 14:47:59.0093 2568 Wanarp - ok 14:47:59.0109 2568 WDICA - ok 14:47:59.0171 2568 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 14:47:59.0500 2568 wdmaud - ok 14:47:59.0828 2568 winachsf (473ee64c368ce2eed110376c11960259) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 14:48:00.0093 2568 winachsf - ok 14:48:00.0218 2568 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 14:48:00.0515 2568 WmiAcpi - ok 14:48:00.0609 2568 WPS (4017e55ea0c71aff4f0f90fa97eb199f) C:\WINDOWS\system32\drivers\wpsdrvnt.sys 14:48:00.0859 2568 WPS - ok 14:48:01.0171 2568 WpsHelper (ff983a25ae6f7d3f87f26bf51f02a201) C:\WINDOWS\system32\drivers\WpsHelper.sys 14:48:02.0218 2568 WpsHelper - ok 14:48:02.0625 2568 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 14:48:02.0875 2568 WudfPf - ok 14:48:02.0921 2568 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 14:48:03.0062 2568 WudfRd - ok 14:48:03.0187 2568 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 14:48:05.0156 2568 \Device\Harddisk0\DR0 - ok 14:48:05.0156 2568 Boot (0x1200) (2c1276e732016e86ab22744b09592c13) \Device\Harddisk0\DR0\Partition0 14:48:05.0156 2568 \Device\Harddisk0\DR0\Partition0 - ok 14:48:05.0171 2568 ============================================================ 14:48:05.0171 2568 Scan finished 14:48:05.0171 2568 ============================================================ 14:48:05.0312 1816 Detected object count: 0 14:48:05.0312 1816 Actual detected object count: 0

I apologize if this is a duplicate, I posted earlier and don't see my entry when I refresh the page. Thanks for your help Maniac! aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software Run date: 2011-11-22 20:39:54 ----------------------------- 20:39:54.328 OS Version: Windows 5.1.2600 Service Pack 3 20:39:54.328 Number of processors: 1 586 0x2C02 20:39:54.328 ComputerName: TROY UserName: DTR 20:39:55.484 Initialize success 20:40:34.718 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 20:40:34.718 Disk 0 Vendor: FUJITSU_MHV2060AT_PL 008300A1 Size: 57231MB BusType: 3 20:40:36.765 Disk 0 MBR read successfully 20:40:36.765 Disk 0 MBR scan 20:40:36.765 Disk 0 Windows XP default MBR code 20:40:36.765 Disk 0 scanning sectors +117194175 20:40:36.843 Disk 0 scanning C:\WINDOWS\system32\drivers 20:40:50.843 Service scanning 20:40:52.859 Service SysPlant C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys **LOCKED** 32 20:40:52.859 Service Teefer2 C:\WINDOWS\system32\DRIVERS\teefer2.sys **LOCKED** 32 20:40:52.890 Service WPS C:\WINDOWS\system32\drivers\wpsdrvnt.sys **LOCKED** 32 20:40:52.890 Service WpsHelper C:\WINDOWS\system32\drivers\WpsHelper.sys **LOCKED** 32 20:40:53.406 Modules scanning 20:41:06.171 Disk 0 trace - called modules: 20:41:06.531 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 20:41:06.546 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84b65ab8] 20:41:06.546 3 CLASSPNP.SYS[f7510fd7] -> nt!IofCallDriver -> \Device\0000007f[0x84b6f9e8] 20:41:06.546 5 ACPI.sys[f73a7620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x84b94940] 20:41:06.562 Scan finished successfully 20:41:28.609 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Bassmaster\Desktop\MBR.dat" 20:41:28.937 The log file has been saved successfully to "C:\Documents and Settings\Bassmaster\Desktop\aswMBR.txt"

I did a C:\ search for zinkwink and found two JavaScript files that contain the text zinkwink. They are located in FireFox's Application Data directory. I think the Malware edited these two otherwise legitimate files for storing user preferences. I didn't do anything with the files yet, but I'm good enough with JavaScript that I think I can reference Mozilla's support documentation and change whatever needs to be changed. Here is my new OTL Log: OTL logfile created on: 11/21/2011 6:33:37 PM - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Bassmaster\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 894.48 Mb Total Physical Memory | 222.74 Mb Available Physical Memory | 24.90% Memory free 1.41 Gb Paging File | 0.75 Gb Available in Paging File | 53.37% Paging File free Paging file location(s): C:\pagefile.sys 576 1152 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 55.88 Gb Total Space | 24.66 Gb Free Space | 44.12% Space Free | Partition Type: NTFS Computer Name: TROY | User Name: DTR | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Bassmaster\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation) PRC - C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe (Microsoft Corporation) PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation) PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe (Symantec Corporation) PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe (Hewlett-Packard ) PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV - (AppMgmt) -- File not found SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (MsDepSvc) -- C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe (Microsoft Corporation) SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation) SRV - (SmcService) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation) SRV - (SNAC) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE (Symantec Corporation) SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation) ========== Driver Services (SafeList) ========== DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (NAVEX15) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20111117.018\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20111117.018\NAVENG.SYS (Symantec Corporation) DRV - (WpsHelper) -- C:\WINDOWS\system32\drivers\WpsHelper.sys (Symantec Corporation) DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (SysPlant) -- C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys (Symantec Corporation) DRV - (WPS) -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys (Symantec Corporation) DRV - (COH_Mon) -- C:\WINDOWS\system32\drivers\COH_Mon.sys (Symantec Corporation) DRV - (Teefer2) -- C:\WINDOWS\system32\drivers\Teefer2.sys (Symantec Corporation) DRV - (SRTSPL) -- C:\WINDOWS\system32\drivers\srtspl.sys (Symantec Corporation) DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\srtsp.sys (Symantec Corporation) DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\srtspx.sys (Symantec Corporation) DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation) DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation) DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation) DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation) DRV - (HPKBCCID) -- C:\WINDOWS\system32\drivers\HPKBCCID.sys (Hewlett-Packard Company) DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (eabfiltr) -- C:\WINDOWS\system32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.) DRV - (eabusb) -- C:\WINDOWS\system32\drivers\EabUsb.sys (Hewlett-Packard Development Company, L.P.) DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices) DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation ) DRV - (CAMCHALA) -- C:\WINDOWS\system32\drivers\camc6hal.sys (Conexant Systems Inc.) DRV - (CAMCAUD) -- C:\WINDOWS\system32\drivers\camc6aud.sys (Conexant Systems Inc.) DRV - (HSFHWATI) -- C:\WINDOWS\system32\drivers\HSFHWATI.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.) DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=laptop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.google.com/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9 FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.49 FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:0.0.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.4: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll () FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011/01/08 22:37:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010/11/30 23:08:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/13 15:55:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/13 14:06:57 | 000,000,000 | ---D | M] [2010/12/03 16:02:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DTR\Application Data\Mozilla\Extensions [2010/12/03 16:02:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DTR\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2011/11/17 22:23:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\DTR\Application Data\Mozilla\Firefox\Profiles\qn8vxhtz.default\extensions [2011/11/13 15:57:26 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\DTR\Application Data\Mozilla\Firefox\Profiles\qn8vxhtz.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011/09/03 14:30:22 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\DTR\Application Data\Mozilla\Firefox\Profiles\qn8vxhtz.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011/01/09 13:13:14 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\DTR\Application Data\Mozilla\Firefox\Profiles\qn8vxhtz.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2011/11/13 15:55:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/11/13 15:55:56 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2011/10/26 15:59:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} () (No name found) -- C:\DOCUMENTS AND SETTINGS\DTR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\QN8VXHTZ.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\DTR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\QN8VXHTZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\DOCUMENTS AND SETTINGS\DTR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\QN8VXHTZ.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI [2011/11/05 01:53:18 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011/01/17 15:09:35 | 000,151,776 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2011/03/15 21:09:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2011/03/15 21:09:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2011/03/15 21:09:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2011/03/15 21:09:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2011/03/15 21:09:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2011/03/15 21:09:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2011/03/15 21:09:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2011/01/17 15:10:37 | 000,011,776 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2011/01/17 15:09:27 | 000,100,352 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2011/11/04 22:21:03 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml [2011/11/04 22:21:03 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/11/04 22:21:03 | 000,001,131 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml [2011/11/04 22:21:03 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2011/11/04 22:21:03 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml [2011/11/04 22:21:03 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml [2011/11/04 22:21:03 | 000,001,096 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: WPI Detector 1.4 (Enabled) = C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2004/08/04 15:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.) O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe () O4 - HKLM..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe (Hewlett-Packard ) O4 - HKLM..\Run: [iMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.) O4 - HKLM..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab (Creative Software AutoUpdate) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1291245385062 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{411FA71B-72DD-4CBE-BA86-9931113073D5}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (logonui.exe) -C:\WINDOWS\System32\logonui.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation) O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation) O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation) O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 (My Current Home Page) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\DTR\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\DTR\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O29 - HKLM SecurityProviders - (msapsspc.dll) -C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (schannel.dll) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (digest.dll) -C:\WINDOWS\System32\digest.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msnsspc.dll) -C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) -C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) -C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/11/30 22:05:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{be5b204a-0ada-11e0-8664-0016367992e1}\Shell - "" = AutoRun O33 - MountPoints2\{be5b204a-0ada-11e0-8664-0016367992e1}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{be5b204a-0ada-11e0-8664-0016367992e1}\Shell\AutoRun\command - "" = E:\ImationPivotPlus.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/11/17 22:23:03 | 000,000,000 | ---D | C] -- C:\_OTL [2011/11/17 21:48:45 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011/11/13 18:19:43 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\All Users\Documents\dds.scr [2011/11/13 18:00:09 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\DTR\Desktop\dds.scr [2011/11/13 16:09:48 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2011/11/13 16:03:36 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2011/11/13 15:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft [2011/11/13 12:28:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy [2011/11/13 12:28:33 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2011/11/13 12:28:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy [2011/11/13 03:24:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth [2011/11/11 17:36:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DTR\Application Data\InfraRecorder [2011/11/11 17:34:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\InfraRecorder [2011/11/11 17:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\InfraRecorder [2011/11/11 17:14:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DTR\Application Data\vlc [2011/11/11 17:12:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN [2011/11/11 17:11:39 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2011/10/26 15:59:25 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2011/10/26 15:59:25 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2011/10/26 15:59:25 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe ========== Files - Modified Within 30 Days ========== [2011/11/21 18:22:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/11/21 07:00:04 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/11/20 16:05:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011/11/19 18:13:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/11/19 18:12:35 | 938,004,480 | -HS- | M] () -- C:\hiberfil.sys [2011/11/19 12:32:12 | 000,009,504 | -HS- | M] () -- C:\WINDOWS\6777473drv.spi [2011/11/17 09:25:53 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk [2011/11/16 16:09:54 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat [2011/11/16 16:09:54 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat [2011/11/13 17:46:49 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\DTR\Desktop\dds.scr [2011/11/13 17:46:49 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\All Users\Documents\dds.scr [2011/11/13 16:09:47 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2011/11/13 15:56:00 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\DTR\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2011/11/13 15:56:00 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2011/11/13 13:56:08 | 000,503,360 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/11/13 13:56:08 | 000,088,718 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/11/13 13:26:43 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2011/11/13 12:28:41 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\DTR\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011/11/13 12:28:41 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\DTR\Desktop\Spybot - Search & Destroy.lnk [2011/11/13 03:24:48 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk [2011/11/11 17:34:18 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\InfraRecorder.lnk [2011/11/11 17:12:55 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk [2011/11/10 03:20:56 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK ========== Files Created - No Company Name ========== [2011/11/19 12:25:42 | 000,009,504 | -HS- | C] () -- C:\WINDOWS\6777473drv.spi [2011/11/16 16:09:54 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat [2011/11/16 16:09:54 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat [2011/11/13 16:05:36 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011/11/13 12:28:41 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\DTR\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011/11/13 12:28:41 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\DTR\Desktop\Spybot - Search & Destroy.lnk [2011/11/13 03:24:48 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk [2011/11/11 17:34:18 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\InfraRecorder.lnk [2011/11/11 17:12:55 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk [2011/07/02 08:30:14 | 000,334,838 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1085031214-688789844-839522115-1006-0.dat [2011/07/02 08:30:09 | 000,334,838 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1085031214-688789844-839522115-1004-0.dat [2011/07/02 08:29:39 | 000,334,838 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat [2011/02/03 21:25:17 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2011/01/16 15:12:57 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011/01/16 15:12:53 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010/12/03 16:01:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010/11/30 22:22:04 | 000,095,617 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2010/11/30 22:08:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010/11/30 22:02:22 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/11/30 16:52:08 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010/11/30 16:48:20 | 000,334,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2005/03/21 11:41:32 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2005/03/21 11:41:31 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2004/08/04 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004/08/04 15:00:00 | 000,503,360 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2004/08/04 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004/08/04 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2004/08/04 15:00:00 | 000,088,718 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2004/08/04 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004/08/04 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004/08/04 15:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004/08/04 15:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2004/08/04 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat ========== LOP Check ========== [2010/12/18 14:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Innovative Solutions [2011/08/20 11:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DTR\Application Data\Coby Media Manager [2011/01/28 18:46:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DTR\Application Data\Foxit Software [2011/11/11 17:36:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DTR\Application Data\InfraRecorder [2011/11/20 16:05:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job ========== Purity Check ========== < End of report >

The search bar in FireFox still redirects to ZinkWink.com: http://zinkwink.com/?tmp=redir_bho_bing&prt=zsharefqbho&keywords= I think I remember seeing a prefs.js file in the FireFox directory. I wonder if that file is what sets the variable for the FireFox keyword.url preference. Unless you say otherwise, I think I will search inside file contents for the keyword "Zinkwink". If I can find a file that has that verbiage, maybe I can locate what is changing the firefox setting. My event logs, & DNS and firewall entries seem normal. Registry (HKEY_USERS/S-1-5-21-.../Software/Microsoft/Search Assistant/ACMru/5603 & 5604 had one value set to zinkwink and one set to zink. A text search of the OS found zinkwink in these 2 docs: prefs.js & user.js located within my firefox appdate directory. I plan on editing the 2 javascript files tonight then seeing what values the registry should be set to.

Kaspersky detected log: Status: Deleted (events: 72) 11/19/2011 12:25:52 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200001\4EE64A96.VBN High 11/19/2011 12:25:47 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200002\4EE64AAD.VBN High 11/19/2011 12:25:50 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200000\4EE64A74.VBN High 11/19/2011 12:25:50 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200000\4EE64A74.VBN//CryptZ High 11/19/2011 12:25:47 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200002\4EE64AAD.VBN//CryptZ High 11/19/2011 12:25:52 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200001\4EE64A96.VBN//CryptZ High 11/19/2011 12:26:18 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200003\4EE64AC5.VBN High 11/19/2011 12:26:18 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200003\4EE64AC5.VBN//CryptZ High 11/19/2011 12:26:05 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200004\4EE64ADC.VBN High 11/19/2011 12:26:05 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200004\4EE64ADC.VBN//CryptZ High 11/19/2011 12:26:22 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200005\4EE64AF4.VBN High 11/19/2011 12:26:22 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200005\4EE64AF4.VBN//CryptZ High 11/19/2011 12:26:20 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200006\4EE64B0D.VBN High 11/19/2011 12:26:20 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200006\4EE64B0D.VBN//CryptZ High 11/19/2011 12:26:43 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200007\4EE64B24.VBN High 11/19/2011 12:26:43 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200007\4EE64B24.VBN//CryptZ High 11/19/2011 12:26:34 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200008\4EE64B3A.VBN High 11/19/2011 12:26:34 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200008\4EE64B3A.VBN//CryptZ High 11/19/2011 12:26:48 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200009\4EE64B50.VBN High 11/19/2011 12:26:48 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200009\4EE64B50.VBN//CryptZ High 11/19/2011 12:26:45 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A20000A\4EE64B69.VBN High 11/19/2011 12:26:45 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A20000A\4EE64B69.VBN//CryptZ High 11/19/2011 12:27:46 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A20000B\4EE64B7F.VBN High 11/19/2011 12:27:46 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A20000B\4EE64B7F.VBN//CryptZ High 11/19/2011 12:27:40 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A20000C\4EE64B97.VBN High 11/19/2011 12:27:40 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A20000C\4EE64B97.VBN//CryptZ High 11/19/2011 12:27:43 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A20000D\4EE64BAF.VBN High 11/19/2011 12:27:43 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A20000D\4EE64BAF.VBN//CryptZ High 11/19/2011 12:28:41 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A20000E\4EE64BC8.VBN High 11/19/2011 12:28:41 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A20000E\4EE64BC8.VBN//CryptZ High 11/19/2011 12:28:37 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A20000F\4EE64BDE.VBN High 11/19/2011 12:28:37 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A20000F\4EE64BDE.VBN//CryptZ High 11/19/2011 12:29:17 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200010\4EE64BF6.VBN High 11/19/2011 12:29:17 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200010\4EE64BF6.VBN//CryptZ High 11/19/2011 12:29:21 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200011\4EE64C0E.VBN High 11/19/2011 12:29:21 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A200011\4EE64C0E.VBN//CryptZ High 11/19/2011 12:29:19 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540000\4EFFDBF2.VBN High 11/19/2011 12:29:19 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540000\4EFFDBF2.VBN//CryptZ High 11/19/2011 12:29:32 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540001\4EFFDC32.VBN High 11/19/2011 12:29:32 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540001\4EFFDC32.VBN//CryptZ High 11/19/2011 12:29:29 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540002\4EFFDC4A.VBN High 11/19/2011 12:29:29 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540002\4EFFDC4A.VBN//CryptZ High 11/19/2011 12:29:35 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540003\4EFFDC71.VBN High 11/19/2011 12:29:35 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540003\4EFFDC71.VBN//CryptZ High 11/19/2011 12:29:45 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540004\4EFFDC9C.VBN High 11/19/2011 12:29:45 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540004\4EFFDC9C.VBN//CryptZ High 11/19/2011 12:29:50 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540005\4EFFDCCC.VBN High 11/19/2011 12:29:50 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540005\4EFFDCCC.VBN//CryptZ High 11/19/2011 12:29:43 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540006\4EFFDCEC.VBN High 11/19/2011 12:29:43 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540006\4EFFDCEC.VBN//CryptZ High 11/19/2011 12:29:53 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540007\4EFFDD0A.VBN High 11/19/2011 12:29:53 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540007\4EFFDD0A.VBN//CryptZ High 11/19/2011 12:30:02 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540008\4EFFDD2D.VBN High 11/19/2011 12:30:02 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540008\4EFFDD2D.VBN//CryptZ High 11/19/2011 12:30:11 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540009\4EFFDD5D.VBN High 11/19/2011 12:30:11 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540009\4EFFDD5D.VBN//CryptZ High 11/19/2011 12:30:00 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A54000A\4EFFDD91.VBN High 11/19/2011 12:30:00 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A54000A\4EFFDD91.VBN//CryptZ High 11/19/2011 12:30:14 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A54000B\4EFFDDA6.VBN High 11/19/2011 12:30:14 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A54000B\4EFFDDA6.VBN//CryptZ High 11/19/2011 12:31:49 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A54000C\4EFFDDB9.VBN High 11/19/2011 12:31:49 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A54000C\4EFFDDB9.VBN//CryptZ High 11/19/2011 12:31:54 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A54000D\4EFFDDCC.VBN High 11/19/2011 12:31:54 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A54000D\4EFFDDCC.VBN//CryptZ High 11/19/2011 12:31:51 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A54000E\4EFFDDDE.VBN High 11/19/2011 12:31:51 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A54000E\4EFFDDDE.VBN//CryptZ High 11/19/2011 12:32:14 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A54000F\4EFFDDF0.VBN High 11/19/2011 12:32:14 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A54000F\4EFFDDF0.VBN//CryptZ High 11/19/2011 12:32:09 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540010\4EFFDE03.VBN High 11/19/2011 12:32:09 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540010\4EFFDE03.VBN//CryptZ High 11/19/2011 12:32:17 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540011\4EFFDE15.VBN High 11/19/2011 12:32:17 PM Deleted Trojan program Packed.Win32.Krap.hc C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine\0A540011\4EFFDE15.VBN//CryptZ High

After clicking I accept, and starting the eset scanner, a new window opens with this URL: http://go.eset.com/us/online-scanner/run However, there is nothing in the window except a blue background and a small white box with a red X in the upper left corner. I then opened Internet Explorer using "run as administrator". After trying again, I get this URL: res://ieframe.dll/acr_depnx_error.htm#eset.com,http://go.eset.com/us/online-scanner I get this error message: Internet Explorer has closed this webpage to help protect your computer A malfunctioning or malicious add-on has caused Internet Explorer to close this webpage. What you can do: Go to your home page Try to return to eset.com More information Windows Data Execution Prevention detected an add-on trying to use system memory incorrectly. This can be caused by a malfunction or a malicious add-on. Other things you can do: Go online to learn about the Data Execution Prevention (DEP) security feature ===================== What next?

After the MBAM scan, I went to step 2 ESET Online scan. Your link: http://www.eset.com/onlinescan/ My IE & Chrome browsers went to: http://go.eset.com/us/online-scanner Is this a redirect or legitimate? I will wait to downline the ActiveX plugin until you say so. ALSO...FireFox is back to re-directing to ZinkWink.com when typing in the "Awesome Bar". I'm definitely still infected.

Here is my MBAM scan...please note that during the MBAM scan, Symantec Endpoint Protection auto protect detected events that may have been false positives caused by the MBAM scan but I'm not sure. I included the Symantec detections following the MBAM log at the bottom of the post. Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8187 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 11/18/2011 8:05:55 AM mbam-log-2011-11-18 (08-05-55).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 249749 Time elapsed: 1 hour(s), 4 minute(s), 24 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ========================================== Symantec quarantined the following during the MBAM scan(it has done this before when running a MBAM scan): Risk Filename Original Location Status Date Bloodhound.MalPE 4ec5c197.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:14 Bloodhound.MalPE 4ec5c196.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:13 Bloodhound.MalPE 4ec5c195.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:13 Bloodhound.MalPE 4ec5c194.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:12 Bloodhound.MalPE 4ec5c18b.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:12 Bloodhound.MalPE 4ec5c155.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:12 Bloodhound.MalPE 4ec46b9e.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:11 Bloodhound.MalPE 4ec46b9d.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:11 Bloodhound.MalPE 4ec46b94.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:10 Bloodhound.MalPE 4ec46b8a.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:10 Bloodhound.MalPE 4ec46b93.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:10 Bloodhound.MalPE 4ec46b1d.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:09 Bloodhound.MalPE 4ec1c87b.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:09 Bloodhound.MalPE 4ec1c878.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:09 Bloodhound.MalPE 4ec1c871.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:08 Bloodhound.MalPE 4ec1c867.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:08 Bloodhound.MalPE 4ec1c85d.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:07 Bloodhound.MalPE 4ec1c7d4.tmp C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\ Infected 11/18/2011 7:07

Most importantly-the browser redirect is gone in FF! Great job, you rock! Anything needed to verify that I am clean?

1)In order to disable SpyBot via instructions I had to uninstall Ad-Aware. In order to download ResetTeaTimer, I had to google search it from another forum to get what appeared to be the same link (stackoverflow.com) because of browser redirect in chrome & FF from your link. From your link I was redirected to: http://www.kpn.com/web/show/id=900556?originalurl=http://home.hetnet.nl/~stefsmeenk/ResetTeaTimer.exe&destinationurl=http://home.kpn.nl/stefsmeenk/ResetTeaTimer.exe When running ResetTeaTimer.exe via Run As w/ admin privs, I get: 'taskkill' is not recognized as an internal or external command, operable program or batch file. 'taskkill' is not recognized as an internal or external command, operable program or batch file. SpyBot and Tea Timer must be closed!! Press any key to continue . . . 2)Uninstalled uTorrent 3)Deleted Java Cache - nothing suspicious was present. 4)Ran OTL - prompted reboot...re-ran after reboot and it generated log: All processes killed ========== OTL ========== Prefs.js: "http://zinkwink.com/?tmp=redir_bho_bing&prt=zsharefqbho&keywords=" removed from keyword.URL C:\Documents and Settings\DTR\Application Data\Mozilla\FireFox\Profiles\qn8vxhtz.default\user.js moved successfully. C:\Documents and Settings\DTR\Application Data\Mozilla\Firefox\Profiles\qn8vxhtz.default\extensions\{7aeb3efd-e564-43f1-b658-5058a7c5743b}\searchplugin folder moved successfully. C:\Documents and Settings\DTR\Application Data\Mozilla\Firefox\Profiles\qn8vxhtz.default\extensions\{7aeb3efd-e564-43f1-b658-5058a7c5743b}\modules folder moved successfully. C:\Documents and Settings\DTR\Application Data\Mozilla\Firefox\Profiles\qn8vxhtz.default\extensions\{7aeb3efd-e564-43f1-b658-5058a7c5743b}\META-INF folder moved successfully. C:\Documents and Settings\DTR\Application Data\Mozilla\Firefox\Profiles\qn8vxhtz.default\extensions\{7aeb3efd-e564-43f1-b658-5058a7c5743b}\defaults folder moved successfully. C:\Documents and Settings\DTR\Application Data\Mozilla\Firefox\Profiles\qn8vxhtz.default\extensions\{7aeb3efd-e564-43f1-b658-5058a7c5743b}\components folder moved successfully. C:\Documents and Settings\DTR\Application Data\Mozilla\Firefox\Profiles\qn8vxhtz.default\extensions\{7aeb3efd-e564-43f1-b658-5058a7c5743b}\chrome folder moved successfully. C:\Documents and Settings\DTR\Application Data\Mozilla\Firefox\Profiles\qn8vxhtz.default\extensions\{7aeb3efd-e564-43f1-b658-5058a7c5743b} folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7aeb3efd-e564-43f1-b658-5058a7c5743b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7aeb3efd-e564-43f1-b658-5058a7c5743b}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DriverMax_RESTART deleted successfully. C:\WINDOWS\002635_.tmp deleted successfully. C:\WINDOWS\SET3.tmp deleted successfully. Thanks!

Here is the EXTRAS.txt - Thanks! OTL Extras logfile created on: 11/16/2011 8:19:59 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Bassmaster\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 894.48 Mb Total Physical Memory | 350.04 Mb Available Physical Memory | 39.13% Memory free 1.37 Gb Paging File | 0.79 Gb Available in Paging File | 57.77% Paging File free Paging file location(s): C:\pagefile.sys 576 1152 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 55.88 Gb Total Space | 4.03 Gb Free Space | 7.21% Space Free | Partition Type: NTFS Computer Name: TROY | User Name: DTR | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe" = C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:*:Enabled:SMC Service -- (Symantec Corporation) "C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE" = C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:*:Enabled:SNAC Service -- (Symantec Corporation) "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" = C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email -- (Symantec Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation) "C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation) "C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Disabled:Winamp "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google) "C:\Program Files\Mozilla Firefox\plugin-container.exe" = C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Disabled:Plugin Container for Firefox -- (Mozilla Corporation) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 "{09D8492A-C8E2-421E-927D-46800FB327A3}" = Wireless Home Network Setup "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel "{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English "{15EFEBF6-E414-33EB-8710-A04AD1302BF8}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Web - enu "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 29 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{2D2CAE5D-FFCF-4D97-B7D6-F1AB49A00EEA}" = Coby Media Manager "{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support "{2F141715-E144-48C0-8562-D193B7AB85BC}" = Microsoft SQL Server Compact 4.0 ENU "{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU "{3BAB4914-9CC1-4CC2-A3DA-56EF62DFD373}" = Symantec Endpoint Protection "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AB6A079-178B-4144-B21F-4D1AE71666A2}" = Microsoft SQL Server 2008 R2 Native Client "{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 Database Engine Shared "{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU "{5134B35A-B559-4762-94A4-FD4918977953}" = Microsoft Web Deploy 2.0 "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu "{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}" = Microsoft ASP.NET Web Pages "{72DE3C67-FB48-450E-8BEA-4EB1B3B5355D}" = Microsoft SQL Server 2008 R2 Setup (English) "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = TIPCI "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007 "{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0021-0409-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (English) 2007 "{90120000-0021-0409-0000-0000000FF1CE}_VisualWebDeveloper_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14 "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 "{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 "{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{932D0FC7-6DF1-4136-A2EC-166E8DEFD6A4}" = Ad-Aware "{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.3 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}" = Microsoft SQL Server System CLR Types "{A51500FE-6408-4305-B071-B961F691A4CE}" = Microsoft SQL Server Compact 4.0 Web Tools ENU "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B692E59A-055C-43B7-BE0A-9C2FE0AB88B6}" = Microsoft SQL Server 2008 R2 Management Objects "{BDF820F3-79A6-4ACF-B910-43B26BB894CC}" = Microsoft Network Monitor 3.1 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C6DB11F1-EBD1-3AA4-A44D-55630E1E6FDA}" = Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU "{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support "{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 Common Files "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CC4878C0-4A6A-49CD-AAA7-DD3FCB06CC84}" = Microsoft Web Platform Installer 3.0 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 5.20 F2 "{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files "{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0}" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU "{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}" = SQL Server 2008 R2 Database Engine Shared "{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}" = SQL Server 2008 R2 Common Files "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "All ATI Software" = ATI - Software Uninstall Utility "ATI Display Driver" = ATI Display Driver "Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter "CNXT_AUDIO" = Conexant AC-Link Audio "CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_3091103C" = Data Fax SoftModem with SmartCP "DMX5_is1" = DriverMax 5 "Foxit Reader" = Foxit Reader "Google Chrome" = Google Chrome "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InfraRecorder" = InfraRecorder "InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = Texas Instruments PCIxx21/x515/xx12 drivers. "LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft Report Viewer Redistributable 2008 (KB971119)" = Microsoft Report Viewer Redistributable 2008 SP1 "Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2 "Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2 "Microsoft Visual Basic 2008 Express Edition with SP1 - ENU" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU "Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU" = Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU "Mozilla Firefox 8.0 (x86 en-US)" = Mozilla Firefox 8.0 (x86 en-US) "MsJavaVM" = Microsoft VM for Java "nbi-nb-base-6.9.1.0.0" = NetBeans IDE 6.9.1 "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Office14.PROPLUSR" = Microsoft Office Professional Plus 2010 "RealPlayer 12.0" = RealPlayer "SynTPDeinstKey" = Synaptics Pointing Device Driver "uTorrent" = µTorrent "Veetle TV" = Veetle TV 0.9.18 "VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component "VLC media player" = VLC media player 1.1.11 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 10 "Windows XP Service Pack" = Windows XP Service Pack 3 "WMFDist11" = Windows Media Format 11 runtime "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "Xvid_is1" = Xvid 1.2.2 final uninstall ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 11/13/2011 2:25:49 PM | Computer Name = TROY | Source = Application Error | ID = 1004 Description = Faulting application Smc.exe, version 11.0.4000.2261, faulting module unknown, version 0.0.0.0, fault address 0x712aac5d. Error - 11/13/2011 2:27:56 PM | Computer Name = TROY | Source = Application Error | ID = 1001 Description = Fault bucket 1063078935. Error - 11/13/2011 4:50:51 PM | Computer Name = TROY | Source = MsiInstaller | ID = 11925 Description = Product: Ad-Aware -- Error 1925. You do not have sufficient privileges to complete this installation for all users of the machine. Log on as administrator and then retry this installation. Error - 11/14/2011 4:39:31 AM | Computer Name = TROY | Source = Symantec AntiVirus | ID = 16711731 Description = Security Risk Found!Bloodhound.MalPE in File: c:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\4ec07779.tmp by: Scheduled scan. Action: Quarantine succeeded. Action Description: The file was quarantined successfully. Error - 11/14/2011 4:39:35 AM | Computer Name = TROY | Source = Symantec AntiVirus | ID = 16711731 Description = Security Risk Found!Bloodhound.MalPE in File: c:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\4ec076ff.tmp by: Scheduled scan. Action: Quarantine succeeded. Action Description: The file was quarantined successfully. Error - 11/14/2011 4:39:36 AM | Computer Name = TROY | Source = Symantec AntiVirus | ID = 16711731 Description = Security Risk Found!Bloodhound.MalPE in File: c:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\4ec0777a.tmp by: Scheduled scan. Action: Quarantine succeeded. Action Description: The file was quarantined successfully. Error - 11/14/2011 7:50:47 PM | Computer Name = TROY | Source = Application Error | ID = 1000 Description = Faulting application googleearth.exe, version 6.1.0.5001, faulting module kernel32.dll, version 5.1.2600.5781, fault address 0x00012afb. Error - 11/14/2011 7:50:52 PM | Computer Name = TROY | Source = Application Error | ID = 1001 Description = Fault bucket -1634417108. Error - 11/16/2011 2:18:59 PM | Computer Name = TROY | Source = Symantec AntiVirus | ID = 16711731 Description = Security Risk Found!Tracking Cookies in File: Unavailable by: Scheduled scan. Action: Quarantine failed : Leave Alone failed. Action Description: The file was deleted successfully. Error - 11/16/2011 5:10:07 PM | Computer Name = TROY | Source = Lavasoft Ad-Aware Service | ID = 0 Description = [ System Events ] Error - 11/13/2011 7:09:35 PM | Computer Name = TROY | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE} Error - 11/13/2011 7:27:20 PM | Computer Name = TROY | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE} Error - 11/14/2011 12:05:56 AM | Computer Name = TROY | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE} Error - 11/14/2011 12:05:59 AM | Computer Name = TROY | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE} Error - 11/14/2011 7:49:15 PM | Computer Name = TROY | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE} Error - 11/14/2011 7:49:17 PM | Computer Name = TROY | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE} Error - 11/15/2011 9:40:58 PM | Computer Name = TROY | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE} Error - 11/15/2011 9:41:00 PM | Computer Name = TROY | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE} Error - 11/16/2011 6:55:31 PM | Computer Name = TROY | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE} Error - 11/16/2011 6:55:34 PM | Computer Name = TROY | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE} < End of report >