Has someone gotten access to my system? - NIS16.5.0.135

Norton Security | Norton Internet Security
1

PLAEASE HELP

 

Has someone gained access to my system?  Please view some of my log and let me know what you think.  I keep getting:

10/6/2009 7:59 PM,Info,You allowed Local Security Authority Process to access your network resources.,Allowed,No Action Required,,Local Security Authority Process,<path>C:\Windows\System32\lsass.exe</path>,No Action Required,Allow,"0.0.0.0, 49155","Inbound TCP, Port 49155"

 

I also get that my ip address has disappeared from adapter and now connected to a new adapter??

Category: Firewall - Network and Connections

Date & Time,Severity,Activity,Status,Recommended Action,Category,Subnet Identifier,Gateway Physical Address

10/7/2009 4:22 PM,Info,"Protecting your connection to a newly detected network on adapter \"isatap.Belkin\" (IP address: fe80::5efe:192.168.2.8).",Detected,No Action Required,Firewall - Activities,,

10/7/2009 4:22 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,

10/7/2009 4:22 PM,High,You are connected to a trusted wireless network that is not secure. (00 1C DF D7 EB 41),Protected,No Action Required,,,00 1C DF D7 EB 41

10/7/2009 4:21 PM,Info,"Protecting your connection to a newly detected network on adapter \"Broadcom 802.11b/g WLAN\" (IP address: 192.168.2.8).",Detected,No Action Required,Firewall - Activities,,

10/6/2009 8:00 PM,Info,"Protecting your connection to a newly detected network on adapter \"isatap.Belkin\" (IP address: fe80::5efe:192.168.2.8).",Detected,No Action Required,Firewall - Activities,,

10/6/2009 7:59 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,

10/6/2009 7:59 PM,High,You are connected to a trusted wireless network that is not secure. (00 1C DF D7 EB 41),Protected,No Action Required,,,00 1C DF D7 EB 41

10/6/2009 7:59 PM,Info,"Protecting your connection to a newly detected network on adapter \"Broadcom 802.11b/g WLAN\" (IP address: 192.168.2.8).",Detected,No Action Required,Firewall - Activities,,

10/6/2009 5:45 PM,Info,IP address has disappeared from adapter isatap.Belkin and is no longer being protected (IP address: fe80::5efe:192.168.2.8).,Detected,No Action Required,Firewall - Activities

 

And last but not least I have a bunch of JS.Downloader stuff and names making modifications to my system or having access to my resources.  What should I do?

 

Category: Resolved Security Risks

Date & Time,Severity,Activity,Status,Recommended Action,Component,Definitions Version,ERASER Version,Risk Name,Risk Category,Risk Type,Risk State,File Name

10/6/2009 4:33 PM,Low,Tracking Cookie detected by Virus scanner,Removed,Resolved - No Action,Virus scanner,2009.10.06.005,109.2.2.4,Tracking Cookie,Cookie,File Based,Fully removed,

10/6/2009 4:05 PM,High,Auto-Protect has detected JS.Downloader,"Blocked, Blocked",Resolved - No Action,Auto-Protect,2009.10.06.005,,,Virus,,,c:\users\shana\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\i1cx3scb\text_constants_en[1].js

10/6/2009 4:05 PM,High,Auto-Protect has detected JS.Downloader,"Blocked, Blocked",Resolved - No Action,Auto-Protect,2009.10.06.005,,,Virus,,,c:\users\shana\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\i1cx3scb\mouse_block[1].js

10/6/2009 4:02 PM,High,Auto-Protect has detected JS.Downloader,"Blocked, Blocked",Resolved - No Action,Auto-Protect,2009.10.06.005,,,Virus,,,c:\users\shana\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\i1cx3scb\mouse_block[1].js

10/6/2009 4:02 PM,High,Auto-Protect has detected JS.Downloader,"Blocked, Blocked",Resolved - No Action,Auto-Protect,2009.10.06.005,,,Virus,,,c:\users\shana\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\etakauz2\text_constants_en[1].js

 

Category: Scan Results

Date & Time,Severity,Activity,Status,Task Name,Scan Time,Total items scanned,Files & Directories,Registry Entries,Processes & Start-Up Items,Network & Browser Items,Other,Trusted Files,Skipped Files,Total Security Risks Detected,Total Security Risks Resolved,Total Security Risks Requiring Attention,Cookie,Cookie Resolved

10/7/2009 5:03 PM,Info,Custom scan results,Completed,Custom scan,0:00:00:45 (d:h:m:s),"42,024","42,024",0,0,0,0,20,0,0,0,0,,

10/6/2009 5:44 PM,Info,Full System Scan results,Completed,Full System Scan,0:00:51:33 (d:h:m:s),"580,776","573,093",689,"5,519","1,469",6,"2,467","17,625",1,1,0,1,1

10/6/2009 5:44 PM,Info,Custom scan results,Completed,Custom scan,0:00:00:02 (d:h:m:s),1,1,0,0,0,0,0,1,0,0,0,,

10/6/2009 4:32 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:00:31 (d:h:m:s),"7,515","1,479",548,"5,370",12,106,600,801,0,0,0,,

10/4/2009 8:59 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:01:26 (d:h:m:s),"8,079","1,531",548,"5,882",12,106,629,3,0,0,0,,

10/1/2009 4:49 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:01:32 (d:h:m:s),"7,868","1,576",544,"5,632",12,104,629,21,0,0,0,,

 

Category: System Activity Monitoring

Date & Time,Severity,Activity,Status,Recommended Action,Program,Last Updated,Affected Area,Target file,Modified resource

10/5/2009 4:26 PM,Low,"jusched.exe modified your System Configuration., Resource",Detected,"No Action Required, No Action Required",c:\program files (x86)\java\jre6\bin\jusched.exe,"Monday, October 05, 2009 4:26 PM",System Configuration,C:\Program Files (x86)\Java\jre6\bin\javaws.exe,

10/4/2009 9:41 PM,Low,"javaw.exe modified your System Configuration., Resource",Detected,"No Action Required, No Action Required",c:\program files (x86)\java\jre6\bin\javaw.exe,"Sunday, October 04, 2009 9:41 PM",System Configuration,C:\Windows\SysWOW64\cmd.exe,

10/4/2009 9:41 PM,Low,"javaws.exe modified your System Configuration., Resource",Detected,"No Action Required, No Action Required",c:\program files (x86)\java\jre6\bin\javaws.exe,"Sunday, October 04, 2009 9:41 PM",System Configuration,C:\Program Files (x86)\Java\jre1.6.0_07\bin\javaw.exe,

10/4/2009 9:40 PM,Low,"zipper.exe made 84 modifications to your computer., Resource",Detected,"No Action Required, No Action Required",c:\program files (x86)\java\jre6\zipper.exe,"Sunday, October 04, 2009 9:40 PM",System Configuration,,"c:\program files (x86)\java\jre6\bin\awt.dll, c:\program files (x86)\java\jre6\bin\axbridge.dll, c:\program files (x86)\java\jre6\bin\client\jvm.dll, c:\program files (x86)\java\jre6\bin\cmm.dll, c:\program files (x86)\java\jre6\bin\dcpr.dll, c:\program files (x86)\java\jre6\bin\deploy.dll, c:\program files (x86)\java\jre6\bin\deploytk.dll, c:\program files (x86)\java\jre6\bin\dt_shmem.dll, c:\program files (x86)\java\jre6\bin\dt_socket.dll, c:\program files (x86)\java\jre6\bin\fontmanager.dll, c:\program files (x86)\java\jre6\bin\hpi.dll, c:\program files (x86)\java\jre6\bin\hprof.dll, c:\program files (x86)\java\jre6\bin\instrument.dll, c:\program files (x86)\java\jre6\bin\ioser12.dll, c:\program files (x86)\java\jre6\bin\j2pcsc.dll, c:\program files (x86)\java\jre6\bin\j2pkcs11.dll, c:\program files (x86)\java\jre6\bin\jaas_nt.dll, c:\program files (x86)\java\jre6\bin\java-rmi.exe, c:\program files (x86)\java\jre6\bin\java.dll, c:\program files (x86)\java\jre6\bin\java.exe, c:\program files (x86)\java\jre6\bin\javacpl.cpl, c:\program files (x86)\java\jre6\bin\javacpl.exe, c:\program files (x86)\java\jre6\bin\javaw.exe, c:\program files (x86)\java\jre6\bin\javaws.exe, c:\program files (x86)\java\jre6\bin\java_crw_demo.dll, c:\program files (x86)\java\jre6\bin\jawt.dll, c:\program files (x86)\java\jre6\bin\jbroker.exe, c:\program files (x86)\java\jre6\bin\jdbcodbc.dll, c:\program files (x86)\java\jre6\bin\jdwp.dll, c:\program files (x86)\java\jre6\bin\jkernel.dll, c:\program files (x86)\java\jre6\bin\jli.dll, c:\program files (x86)\java\jre6\bin\jp2iexp.dll, c:\program files (x86)\java\jre6\bin\jp2launcher.exe, c:\program files (x86)\java\jre6\bin\jp2native.dll, c:\program files (x86)\java\jre6\bin\jp2ssv.dll, c:\program files (x86)\java\jre6\bin\jpeg.dll, c:\program files (x86)\java\jre6\bin\jpicom.dll, c:\program files (x86)\java\jre6\bin\jpiexp.dll, c:\program files (x86)\java\jre6\bin\jpinscp.dll, c:\program files (x86)\java\jre6\bin\jpioji.dll, c:\program files (x86)\java\jre6\bin\jpishare.dll, c:\program files (x86)\java\jre6\bin\jqs.exe, c:\program files (x86)\java\jre6\bin\jqsnotify.exe, c:\program files (x86)\java\jre6\bin\jsound.dll, c:\program files (x86)\java\jre6\bin\jsoundds.dll, c:\program files (x86)\java\jre6\bin\jucheck.exe, c:\program files (x86)\java\jre6\bin\jureg.exe, c:\program files (x86)\java\jre6\bin\jusched.exe, c:\program files (x86)\java\jre6\bin\keytool.exe, c:\program files (x86)\java\jre6\bin\kinit.exe, c:\program files (x86)\java\jre6\bin\klist.exe, c:\program files (x86)\java\jre6\bin\ktab.exe, c:\program files (x86)\java\jre6\bin\management.dll, c:\program files (x86)\java\jre6\bin\mlib_image.dll, c:\program files (x86)\java\jre6\bin\msvcr71.dll, c:\program files (x86)\java\jre6\bin\msvcrt.dll, c:\program files (x86)\java\jre6\bin\net.dll, c:\program files (x86)\java\jre6\bin\new_plugin\npjp2.dll, c:\program files (x86)\java\jre6\bin\nio.dll, c:\program files (x86)\java\jre6\bin\npdeploytk.dll, c:\program files (x86)\java\jre6\bin\npjpi160_15.dll, c:\program files (x86)\java\jre6\bin\npoji610.dll, c:\program files (x86)\java\jre6\bin\npt.dll, c:\program files (x86)\java\jre6\bin\orbd.exe, c:\program files (x86)\java\jre6\bin\pack200.exe, c:\program files (x86)\java\jre6\bin\policytool.exe, c:\program files (x86)\java\jre6\bin\rmi.dll, c:\program files (x86)\java\jre6\bin\rmid.exe, c:\program files (x86)\java\jre6\bin\rmiregistry.exe, c:\program files (x86)\java\jre6\bin\servertool.exe, c:\program files (x86)\java\jre6\bin\splashscreen.dll, c:\program files (x86)\java\jre6\bin\ssv.dll, c:\program files (x86)\java\jre6\bin\ssvagent.exe, c:\program files (x86)\java\jre6\bin\sunmscapi.dll, c:\program files (x86)\java\jre6\bin\tnameserv.exe, c:\program files (x86)\java\jre6\bin\unicows.dll, c:\program files (x86)\java\jre6\bin\unpack.dll, c:\program files (x86)\java\jre6\bin\unpack200.exe, c:\program files (x86)\java\jre6\bin\verify.dll, c:\program files (x86)\java\jre6\bin\w2k_lsa_auth.dll, c:\program files (x86)\java\jre6\bin\wsdetect.dll, c:\program files (x86)\java\jre6\bin\zip.dll, c:\program files (x86)\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, c:\program files (x86)\java\jre6\lib\deploy\lzma.dll"

10/4/2009 9:39 PM,Low,"jre-6u15-windows-i586-iftw_7319bb8d.exe made 2 modifications to your computer., Resource",Detected,"No Action Required, No Action Required",c:\users\shana\appdata\local\temp\jre-6u15-windows-i586-iftw_7319bb8d.exe,"Sunday, October 04, 2009 9:39 PM",System Configuration,,"c:\users\shana\appdata\locallow\sun\java\jre1.6.0_15\jre1.6.0_15-c-l.msi, c:\users\shana\appdata\locallow\sun\java\jre1.6.0_15\lzma.dll"

10/2/2009 11:42 AM,Low,"googleearth.exe modified your System Configuration., Resource",Detected,"No Action Required, No Action Required",c:\users\shana\appdata\local\temp\7zipsfx.000\googleearth.exe,"Friday, October 02, 2009 11:42 AM",System Configuration,C:\Windows\SysWOW64\msiexec.exe,

 

Category: Silent Mode

Date & Time,Severity,Activity,Status,Recommended Action

10/5/2009 6:54 PM,Info,Light Silent Mode turned on.,Completed,No Action Required

 

Category: Norton Product Tamper Protection

Date & Time,Severity,Activity,Status,Recommended Action,Date,Actor,Actor PID,Target,Target PID,Action,Reaction,Terminal Session

9/30/2009 7:50 PM,Medium,Unauthorized access logged (Access Process Data),Logged,No Action Required,"Wednesday, September 30, 2009 7:50 PM",c:\program files (x86)\common files\adobe\updater6\adobe_updater.exe,5052,C:\Program Files (x86)\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe,2208,Access Process Data,Unauthorized access logged,1

 

<<Edit: Subject edited to reflect the product version>>

Message Edited by JerryM on 10-08-2009 09:21 AM