x-kom hosting

[Rozwiązany]Prosze o sprawdzenie logow

jumpair
utworzono
utworzono

Mateusz J.
komentarz
komentarz

Zanim cokolwiek zrobimy, przeskanuj ten plik:

C:\Windows\System32\VIE45C9.exe

na www.virustotal.com

jumpair
komentarz
komentarz

Oto wynik skanu z podanej strony

Antywirus Wersja Ostatnia aktualizacja Wynik AhnLab-V3 2008.8.29.0 2008.08.29 - AntiVir 7.8.1.23 2008.08.30 TR/Crypt.XPACK.Gen Authentium 5.1.0.4 2008.08.30 - Avast 4.8.1195.0 2008.08.30 Win32:Tibs-EJA AVG 8.0.0.161 2008.08.30 - BitDefender 7.2 2008.08.31 Trojan.Peed.Gen CAT-QuickHeal 9.50 2008.08.29 (Suspicious) - DNAScan ClamAV 0.93.1 2008.08.31 - DrWeb 4.44.0.09170 2008.08.31 Trojan.Packed.619 eSafe 7.0.17.0 2008.08.28 Suspicious File eTrust-Vet 31.6.6057 2008.08.29 - Ewido 4.0 2008.08.31 - F-Prot 4.4.4.56 2008.08.30 - F-Secure 7.60.13501.0 2008.08.31 - Fortinet 3.14.0.0 2008.08.31 - GData 19 2008.08.31 Win32:Tibs-EJA Ikarus T3.1.1.34.0 2008.08.31 - K7AntiVirus 7.10.433 2008.08.30 - Kaspersky 7.0.0.125 2008.08.31 - McAfee 5373 2008.08.29 - Microsoft 1.3807 2008.08.25 - NOD32v2 3401 2008.08.30 - Norman 5.80.02 2008.08.29 W32/Tibs.gen225 Panda 9.0.0.4 2008.08.31 - PCTools 4.4.2.0 2008.08.30 - Prevx1 V2 2008.08.31 Spyware Rising 20.59.61.00 2008.08.31 - Sophos 4.33.0 2008.08.31 Mal/EncPk-EU Sunbelt 3.1.1592.1 2008.08.30 - Symantec 10 2008.08.31 - TheHacker 6.3.0.6.068 2008.08.30 - TrendMicro 8.700.0.1004 2008.08.29 PAK_Generic.001 VBA32 3.12.8.4 2008.08.30 - ViRobot 2008.8.30.1357 2008.08.30 - VirusBuster 4.5.11.0 2008.08.30 - Webwasher-Gateway 6.6.2 2008.08.30 Trojan.Crypt.XPACK.Gen Dodatkowe informacje File size: 29184 bytes MD5...: 5f49fc21fdf50db70f0eb7ba8d294ef1 SHA1..: 2d1c70124ebfbff50cd9b25c5995b5e18c61bd0e SHA256: 4c4a3ae82fa7609b62adf782ebd6dbaf2711de0999f54cce749e1343eba8725a SHA512: 24ee13b4a4fad0f44a6fdd313db4f900d58c2fb8e66552af14136bfef477003c3f1a5a8e7a907598b4d8b299566146a5d6421f6f683d6646f610573493a4295b PEiD..: - TrID..: File type identificationWin32 Executable Generic (38.4%)Win32 Dynamic Link Library (generic) (34.2%)Clipper DOS Executable (9.1%)Generic Win/DOS Executable (9.0%)DOS Executable Generic (9.0%) PEInfo: PE Structure information( base data )entrypointaddress.: 0x402741timedatestamp.....: 0x48b68f0f (Thu Aug 28 11:42:07 2008)machinetype.......: 0x14c (I386)( 3 sections )name viradd virsiz rawdsiz ntrpy md5.text 0x1000 0x4acc 0x3600 7.98 4f950022781d1f8fdd43be4f72113786.data 0x6000 0x4875 0x800 7.89 00a018613d68b6a1a66ccfc531d232bf.rsrc 0xb000 0xf000 0x3000 6.70 bfaba878a19712e4b9a2555d127dfad6( 4 imports ) > wsock32.dll: bind, WSAStartup, listen> kernel32.dll: CreatePipe, TerminateProcess, VirtualProtect> gdi32.dll: SetRelAbs, StretchBlt, SetICMMode, ResetDCW, UpdateColors, SaveDC, TextOutW, SetDIBColorTable> shell32.dll: SHAppBarMessage, StrRChrIA, StrStrIA( 0 exports ) Prevx info: http://info.prevx.com/aboutprogramtext.asp...B794B00EA50AF7D 

Jesli to pomoze to dodam ze zaczelo sie od zainstalowania niby flash playera z linku wyswietlonego na stronie www, oczywiscie w swojej glupocie to sciagnalem. Teraz w systemie pojawia kilka roznych "ostrzezen": spowolnienie komputera, wykryty malware, excessive STMP traffic, attack detected : Zlob.P0rn.Ad ktore podaja informacje o koniecznosci odwiedzenia strony ktora to usunie. Pojawiaja sie rowniez podrobione komunikaty o wykryciu spyware i pytaniu o zgode instalacji jakiegos oprogramowania z jakiejs strony, ktorej nazwy nie ma. Naturalnie wylaczam je ale pojawiaje sie co chwile. Rowniez na pulpicie pojawiaja sie 2 ikony z odnosnikami do stron porno, ktore po skasowaniu wracaja.

Gość
komentarz
komentarz

1)

Wklej do Notatnika:

File::C:\Windows\diagnostic.exeC:\Windows\System32\2.icoC:\Windows\System32\VIE45C9.exeC:\Windows\System32\VIE43B7.exeC:\Windows\System32\VIE4C7D.exeC:\Windows\System32\VIE4914.exeC:\Windows\System32\1.icoFolder::C:\Program Files\MSARegistry::[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"\VIE43B7.exe"=-"\VIE45C9.exe"=-"\VIE4914.exe"=-"\VIE4C7D.exe"=-[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"\VIE43B7.exe"=-"\VIE45C9.exe"=-"\VIE4914.exe"=-"\VIE4C7D.exe"=-[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37e252be-7294-11dd-8cf7-001e68a0b557}][-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a0f45844-7135-11dd-88cd-001e68a0b557}]

>>Plik>>Zapisz jako... >>> CFScript

Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe

-->cfscriptb5b4me3.gif

Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania.

Jeśli pójdzie dobrze, to: Po restarcie usuń ręcznie folder C:\Qoobox.

2)

Pobierz program SDFix

* Dwuklik na SDFix.exe następnie program wypakuje się na dysk systemowy (standardowo C:\SDFix)

* Zrestartuj komputer i wejdź do trybu awaryjnego (klawisz F8 przed bootem Windowsa)

* Wejdź do folderu z SDFix kliknij dwa razy na plik RunThis.bat

* Wciśnij Y nastąpi proces usuwania.

* Kiedy usuwanie się ukończy wciśnij dowolny klawisz (Any Key). Nastąpi restart komputera.

* Po restarcie SDFix uruchomi się ponownie, żeby dokończyć proces usuwania kiedy pojawi się w oknie programu Finished, wciśnij dowolny klawisz do zakończenia scryptu i załadowania ikon na pulpicie.

* Pokaż Report.txt znajdujący się w folderze SDFix.

3)

Daj log z --> SRENG. :)

jumpair
komentarz
komentarz

Po usunieciu plikow i wpisow przez ComboFixa szkodniki przestaly sie pojawiac, oto logi:

ComboFix log

ComboFix 08-08-30.01 - Gamon 2008-08-31 13:57:55.2 - NTFSx86Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1250.1.1033.18.1030 [GMT 1:00]Running from: C:\Users\Gamon\Desktop\ComboFix.exeCommand switches used :: C:\Users\Gamon\Desktop\CFScript.txt * Created a new restore point * Resident AV is active.(((((((((((((((((((((((((((((((((((((((   Other Deletions   ))))))))))))))))))))))))))))))))))))))))))))))))).C:\Program Files\MSAC:\Program Files\MSA\msa0.datC:\Program Files\MSA\msa1.datC:\Windows\diagnostic.exeC:\Windows\System32\1.icoC:\Windows\System32\2.icoC:\Windows\System32\VIE43B7.exeC:\Windows\System32\VIE45C9.exeC:\Windows\System32\VIE4914.exeC:\Windows\System32\VIE4C7D.exe.(((((((((((((((((((((((((   Files Created from 2008-07-28 to 2008-08-31  ))))))))))))))))))))))))))))))).2008-08-31 13:49 . 2008-08-31 13:56	<DIR>	d--------	C:\327882R2FWJFW2008-08-31 00:26 . 2008-08-31 00:26	<DIR>	d--------	C:\Users\All Users\Kaspersky Lab Setup Files2008-08-31 00:26 . 2008-08-31 00:26	<DIR>	d--------	C:\ProgramData\Kaspersky Lab Setup Files2008-08-30 23:51 . 2008-08-30 23:53	<DIR>	d--------	C:\Users\All Users\Lavasoft2008-08-30 23:51 . 2008-08-30 23:53	<DIR>	d--------	C:\ProgramData\Lavasoft2008-08-30 23:51 . 2008-08-30 23:51	<DIR>	d--------	C:\Program Files\Lavasoft2008-08-30 23:50 . 2008-08-30 23:50	<DIR>	d--------	C:\Program Files\Common Files\Wise Installation Wizard2008-08-30 23:44 . 2008-08-30 23:44	<DIR>	d--------	C:\Windows\System32\Kaspersky Lab2008-08-30 23:33 . 2008-08-30 23:33	<DIR>	d--------	C:\Users\All Users\Downloaded Installations2008-08-30 23:33 . 2008-08-30 23:33	<DIR>	d--------	C:\ProgramData\Downloaded Installations2008-08-30 23:19 . 2008-08-30 23:19	<DIR>	d--------	C:\Users\All Users\ESET2008-08-30 23:19 . 2008-08-30 23:19	<DIR>	d--------	C:\ProgramData\ESET2008-08-30 23:19 . 2008-08-30 23:19	<DIR>	d--------	C:\Program Files\ESET2008-08-30 22:55 . 2008-08-30 22:55	<DIR>	d--------	C:\Users\Gamon\AppData\Roaming\Simply Super Software2008-08-30 22:55 . 2008-08-30 23:23	<DIR>	d-a------	C:\Users\All Users\TEMP2008-08-30 22:55 . 2008-08-30 22:55	<DIR>	d--------	C:\Users\All Users\Simply Super Software2008-08-30 22:55 . 2008-08-30 23:23	<DIR>	d-a------	C:\ProgramData\TEMP2008-08-30 22:55 . 2008-08-30 22:55	<DIR>	d--------	C:\ProgramData\Simply Super Software2008-08-30 22:55 . 2008-08-30 23:04	<DIR>	d--------	C:\Program Files\Trojan Remover2008-08-30 22:55 . 2006-05-25 15:52	162,304	--a------	C:\Windows\System32\ztvunrar36.dll2008-08-30 22:55 . 2003-02-02 20:06	153,088	--a------	C:\Windows\System32\UNRAR3.dll2008-08-30 22:55 . 2005-08-26 01:50	77,312	--a------	C:\Windows\System32\ztvunace26.dll2008-08-30 22:55 . 2002-03-06 01:00	75,264	--a------	C:\Windows\System32\unacev2.dll2008-08-30 22:55 . 2006-06-19 13:01	69,632	--a------	C:\Windows\System32\ztvcabinet.dll2008-08-30 22:07 . 2008-08-30 22:07	<DIR>	d--------	C:\Program Files\Trend Micro2008-08-30 21:19 . 2008-08-30 22:01	<DIR>	d--------	C:\Users\All Users\Google2008-08-30 21:18 . 2008-08-30 22:36	<DIR>	d--------	C:\Program Files\Google2008-08-30 21:17 . 2008-08-30 22:00	<DIR>	d--------	C:\Windows\System32\Adobe2008-08-30 21:17 . 2008-08-30 23:36	<DIR>	d--------	C:\Users\All Users\StrMnt2008-08-30 21:17 . 2008-08-31 00:52	<DIR>	d--------	C:\Users\All Users\pklgdorg2008-08-30 21:17 . 2008-08-30 23:36	<DIR>	d--------	C:\ProgramData\StrMnt2008-08-30 21:17 . 2008-08-31 00:52	<DIR>	d--------	C:\ProgramData\pklgdorg2008-08-30 21:16 . 2008-08-30 21:16	<DIR>	d--------	C:\Users\All Users\appsysstr2008-08-30 21:16 . 2008-08-30 21:16	<DIR>	d--------	C:\ProgramData\appsysstr2008-08-27 21:43 . 2008-08-27 21:50	139,264	--a------	C:\Windows\War3Unin.exe2008-08-27 21:43 . 2008-08-27 21:56	47,919	--a------	C:\Windows\War3Unin.dat2008-08-27 21:43 . 2008-08-27 21:50	2,829	--a------	C:\Windows\War3Unin.pif2008-08-27 21:29 . 2008-08-27 21:56	<DIR>	d--------	C:\Windows\Eurobattle.net Installer2008-08-26 22:21 . 2008-08-27 22:03	<DIR>	d--------	C:\Gry2008-08-26 20:59 . 2008-08-26 21:29	<DIR>	d--------	C:\fotki uk2008-08-26 11:40 . 2008-08-26 11:40	<DIR>	d--------	C:\Users\Gamon\AppData\Roaming\Apple Computer2008-08-26 11:39 . 2008-08-28 14:53	<DIR>	d--------	C:\Program Files\iTunes2008-08-26 11:39 . 2008-08-28 14:53	<DIR>	d--------	C:\Program Files\iPod2008-08-26 11:38 . 2008-08-26 11:39	<DIR>	d--------	C:\Users\All Users\Apple Computer2008-08-26 11:38 . 2008-08-26 11:39	<DIR>	d--------	C:\ProgramData\Apple Computer2008-08-26 11:38 . 2008-08-26 11:38	<DIR>	d--------	C:\Program Files\QuickTime2008-08-26 11:38 . 2008-08-26 11:38	<DIR>	d--------	C:\Program Files\Bonjour2008-08-26 11:37 . 2008-08-26 11:37	<DIR>	d--------	C:\Users\All Users\Apple2008-08-26 11:37 . 2008-08-26 11:37	<DIR>	d--------	C:\ProgramData\Apple2008-08-26 11:37 . 2008-08-26 11:37	<DIR>	d--------	C:\Program Files\Common Files\Apple2008-08-26 11:37 . 2008-08-26 11:37	<DIR>	d--------	C:\Program Files\Apple Software Update2008-08-26 10:47 . 2008-07-19 06:09	1,811,656	--a------	C:\Windows\System32\wuaueng.dll2008-08-26 10:47 . 2008-07-19 04:44	1,524,736	--a------	C:\Windows\System32\wucltux.dll2008-08-26 10:47 . 2008-07-19 06:09	563,912	--a------	C:\Windows\System32\wuapi.dll2008-08-26 10:47 . 2008-07-18 22:08	163,904	--a------	C:\Windows\System32\wuwebv.dll2008-08-26 10:47 . 2008-07-19 04:44	83,456	--a------	C:\Windows\System32\wudriver.dll2008-08-26 10:47 . 2008-07-19 06:10	53,448	--a------	C:\Windows\System32\wuauclt.exe2008-08-26 10:47 . 2008-07-19 06:10	45,768	--a------	C:\Windows\System32\wups2.dll2008-08-26 10:47 . 2008-07-19 06:10	36,552	--a------	C:\Windows\System32\wups.dll2008-08-26 10:47 . 2008-07-18 20:44	31,232	--a------	C:\Windows\System32\wuapp.exe2008-08-25 13:32 . 2008-08-28 19:53	<DIR>	d--------	C:\DC downloads2008-08-25 12:37 . 2008-08-25 12:37	<DIR>	d--------	C:\Users\Gamon\AppData\Roaming\CyberLink2008-08-25 12:15 . 2008-07-31 10:40	509,448	--a------	C:\Windows\System32\XAudio2_2.dll2008-08-25 12:15 . 2008-07-31 10:41	68,616	--a------	C:\Windows\System32\XAPOFX1_1.dll2008-08-25 11:56 . 2008-08-25 11:56	<DIR>	d--------	C:\Program Files\DAEMON Tools Lite2008-08-25 11:53 . 2008-08-27 21:52	<DIR>	d--------	C:\Users\Gamon\AppData\Roaming\DAEMON Tools2008-08-25 11:53 . 2008-08-25 11:53	717,296	--a------	C:\Windows\System32\drivers\sptd.sys2008-08-25 10:34 . 2008-07-16 02:32	2,048	--a------	C:\Windows\System32\tzres.dll2008-08-25 10:31 . 2008-08-25 10:31	<DIR>	d--------	C:\Program Files\MSXML 4.02008-08-25 10:28 . 2008-08-31 00:41	27,839	--a------	C:\Users\Gamon\AppData\Roaming\nvModes.dat2008-08-24 20:54 . 2008-08-25 13:39	<DIR>	d--------	C:\Program Files\sdc2212008-08-24 20:33 . 2008-08-24 20:33	<DIR>	d--------	C:\Users\All Users\Real2008-08-24 20:33 . 2008-08-24 20:33	<DIR>	d--------	C:\Program Files\K-Lite Codec Pack2008-08-24 17:07 . 2008-06-26 02:45	12,240,896	--a------	C:\Windows\System32\NlsLexicons0007.dll2008-08-24 17:06 . 2008-06-26 02:45	2,644,480	--a------	C:\Windows\System32\NlsLexicons0009.dll2008-08-24 17:06 . 2008-06-26 04:29	801,280	--a------	C:\Windows\System32\NaturalLanguage6.dll2008-08-24 17:03 . 2008-03-08 03:08	4,240,384	--a------	C:\Windows\System32\GameUXLegacyGDFs.dll2008-08-24 17:03 . 2008-03-08 05:21	1,695,744	--a------	C:\Windows\System32\gameux.dll2008-08-23 22:10 . 2008-08-23 22:10	<DIR>	d--------	C:\Users\Gamon\AppData\Roaming\URUSoft2008-08-23 22:10 . 2008-08-23 22:10	<DIR>	d--------	C:\Program Files\URUSoft2008-08-23 21:30 . 2008-08-30 14:24	<DIR>	d--------	C:\filmy2008-08-23 21:23 . 2008-08-23 21:23	<DIR>	d--------	C:\Users\Gamon\AppData\Roaming\Media Player Classic2008-08-23 21:08 . 2008-07-04 07:34	860,160	--a------	C:\Windows\System32\lameACM.acm2008-08-23 19:48 . 2008-08-30 14:55	<DIR>	d--------	C:\Dobra Nuta2008-08-23 19:35 . 2008-08-30 17:52	<DIR>	d--------	C:\Users\Gamon\AppData\Roaming\skypePM2008-08-23 19:35 . 2008-08-23 19:35	56	--ah-----	C:\Users\All Users\ezsidmv.dat2008-08-23 19:35 . 2008-08-23 19:35	56	--ah-----	C:\ProgramData\ezsidmv.dat2008-08-23 19:30 . 2008-08-31 11:45	<DIR>	d--------	C:\Users\Gamon\AppData\Roaming\Skype2008-08-23 19:29 . 2008-08-23 19:29	<DIR>	d--------	C:\Users\All Users\Skype2008-08-23 19:29 . 2008-08-23 19:29	<DIR>	d--------	C:\ProgramData\Skype2008-08-23 19:29 . 2008-08-23 19:29	<DIR>	d--------	C:\Program Files\Skype2008-08-23 19:29 . 2008-08-23 19:29	<DIR>	d--------	C:\Program Files\Common Files\Skype2008-08-23 19:07 . 2008-08-27 21:52	<DIR>	d--------	C:\Users\Gamon\AppData\Roaming\Winamp2008-08-23 19:07 . 2008-08-23 19:08	<DIR>	d--------	C:\Program Files\Winamp2008-08-23 19:07 . 2007-03-08 00:51	129,784	---------	C:\Windows\System32\pxafs.dll2008-08-23 18:56 . 2008-08-23 19:06	9,345,672	--a------	C:\Users\Gamon\winamp5541_full_emusic-7plus_pl-pl.exe2008-08-23 18:36 . 2008-08-23 18:36	0	--ah-----	C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf2008-08-23 17:25 . 2008-08-23 17:25	<DIR>	d--------	C:\Users\Gamon\AppData\Roaming\Gadu-Gadu2008-08-23 17:23 . 2008-08-23 18:11	<DIR>	d--------	C:\Users\Gamon\Gadu-Gadu2008-08-23 17:23 . 2008-08-23 17:23	<DIR>	d--------	C:\Program Files\Gadu-Gadu2008-08-23 16:47 . 2008-08-23 16:47	<DIR>	d--------	C:\NVIDIA2008-08-23 15:51 . 2008-04-26 09:25	3,600,952	--a------	C:\Windows\System32\ntkrnlpa.exe2008-08-23 15:51 . 2008-04-26 09:25	3,549,240	--a------	C:\Windows\System32\ntoskrnl.exe2008-08-23 15:51 . 2008-02-29 05:21	2,032,128	--a------	C:\Windows\System32\win32k.sys2008-08-23 15:51 . 2008-04-26 09:26	891,448	--a------	C:\Windows\System32\drivers\tcpip.sys2008-08-23 15:51 . 2008-04-12 04:32	784,896	--a------	C:\Windows\System32\rpcrt4.dll2008-08-23 15:51 . 2008-05-10 04:35	564,736	--a------	C:\Windows\System32\emdmgmt.dll2008-08-23 15:51 . 2008-04-05 02:21	72,192	--a------	C:\Windows\System32\drivers\pacer.sys2008-08-23 15:51 . 2008-04-05 04:34	15,360	--a------	C:\Windows\System32\pacerprf.dll2008-08-23 15:50 . 2008-05-08 22:59	430,080	--a------	C:\Windows\System32\vbscript.dll2008-08-23 15:50 . 2008-06-19 04:31	361,984	--a------	C:\Windows\System32\IPSECSVC.DLL2008-08-23 15:50 . 2008-04-18 06:48	269,312	--a------	C:\Windows\System32\es.dll2008-08-23 15:50 . 2008-05-08 22:59	180,224	--a------	C:\Windows\System32\scrobj.dll2008-08-23 15:50 . 2008-05-08 22:59	172,032	--a------	C:\Windows\System32\scrrun.dll2008-08-23 15:50 . 2008-05-08 22:59	155,648	--a------	C:\Windows\System32\wscript.exe2008-08-23 15:50 . 2008-05-08 22:58	135,168	--a------	C:\Windows\System32\wshom.ocx2008-08-23 15:50 . 2008-05-08 22:58	135,168	--a------	C:\Windows\System32\cscript.exe2008-08-23 15:50 . 2008-05-08 22:59	90,112	--a------	C:\Windows\System32\wshext.dll2008-08-23 15:49 . 2008-04-10 06:12	738,304	--a------	C:\Windows\System32\inetcomm.dll2008-08-23 15:48 . 2008-04-26 09:08	1,314,816	--a------	C:\Windows\System32\quartz.dll2008-08-23 15:48 . 2008-02-22 05:57	295,936	--a------	C:\Windows\System32\gdi32.dll2008-08-23 15:48 . 2008-05-10 02:33	113,664	--a------	C:\Windows\System32\drivers\rmcast.sys2008-08-23 15:44 . 2008-08-30 23:33	<DIR>	d--------	C:\Users\Gamon\AppData\Roaming\Symantec2008-08-23 15:43 . 2008-08-23 15:43	<DIR>	dr-------	C:\Users\Gamon\Searches2008-08-23 15:43 . 2008-08-23 15:43	<DIR>	dr-------	C:\Users\Gamon\Contacts.((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-08-30 22:58	---------	d-----w	C:\ProgramData\Symantec2008-08-30 22:33	---------	d-----w	C:\Program Files\Symantec2008-08-30 20:37	---------	d-----w	C:\Program Files\Norton Internet Security2008-08-30 20:37	---------	d-----w	C:\Program Files\Common Files\Symantec Shared2008-08-30 20:30	805	----a-w	C:\Windows\system32\drivers\SYMEVENT.INF2008-08-30 20:30	123,952	----a-w	C:\Windows\system32\drivers\SYMEVENT.SYS2008-08-30 20:30	10,671	----a-w	C:\Windows\system32\drivers\SYMEVENT.CAT2008-08-23 16:06	---------	d-----w	C:\Program Files\Windows Mail2008-08-23 14:39	---------	d--h--w	C:\Program Files\InstallShield Installation Information2008-07-31 09:41	238,088	----a-w	C:\Windows\System32\xactengine3_2.dll2008-07-30 16:42	23,888	----a-w	C:\Windows\system32\drivers\COH_Mon.sys2008-07-30 16:28	706	----a-w	C:\Windows\system32\drivers\COH_Mon.inf2008-07-30 16:28	10,537	----a-w	C:\Windows\system32\drivers\coh_mon.cat2008-07-25 08:34	81,920	----a-w	C:\Windows\System32\dpl100.dll2008-07-25 08:34	683,520	----a-w	C:\Windows\System32\divx.dll2008-07-23 16:50	3,596,288	----a-w	C:\Windows\System32\qt-dx331.dll2008-07-12 07:18	467,984	----a-w	C:\Windows\System32\d3dx10_39.dll2008-07-12 07:18	3,851,784	----a-w	C:\Windows\System32\D3DX9_39.dll2008-07-12 07:18	1,493,528	----a-w	C:\Windows\System32\D3DCompiler_39.dll2008-07-02 09:12	---------	d-----w	C:\ProgramData\Hewlett-Packard2008-07-02 09:09	---------	d-----w	C:\Program Files\CyberLink2008-07-02 09:05	---------	d-----w	C:\Program Files\Hewlett-Packard2008-07-02 09:03	---------	d-----w	C:\Program Files\Hp2008-07-02 08:58	319,456	----a-w	C:\Windows\DIFxAPI.dll2008-07-02 08:58	315,392	----a-w	C:\Windows\HideWin.exe2008-06-27 04:15	827,392	----a-w	C:\Windows\System32\wininet.dll2008-06-12 18:36	7,680	----a-w	C:\Windows\System32\ff_vfw.dll2008-06-12 05:28	541,696	----a-w	C:\Windows\AppPatch\AcLayers.dll2008-05-30 13:19	507,400	----a-w	C:\Windows\System32\XAudio2_1.dll2008-05-30 13:18	238,088	----a-w	C:\Windows\System32\xactengine3_1.dll2008-05-30 13:17	65,032	----a-w	C:\Windows\System32\XAPOFX1_0.dll2008-05-30 13:17	25,608	----a-w	C:\Windows\System32\X3DAudio1_4.dll2008-05-30 13:11	467,984	----a-w	C:\Windows\System32\d3dx10_38.dll2008-05-30 13:11	3,850,760	----a-w	C:\Windows\System32\D3DX9_38.dll2008-05-30 13:11	1,491,992	----a-w	C:\Windows\System32\D3DCompiler_38.dll2008-05-27 05:21	1,582,592	----a-w	C:\Windows\System32\tquery.dll2008-05-27 05:21	1,418,240	----a-w	C:\Windows\System32\mssrch.dll2008-05-27 05:17	87,552	----a-w	C:\Windows\System32\SearchFilterHost.exe2008-05-27 05:17	87,552	----a-w	C:\Windows\System32\mssitlb.dll2008-05-27 05:17	754,176	----a-w	C:\Windows\System32\propsys.dll2008-05-27 05:17	60,416	----a-w	C:\Windows\System32\msscntrs.dll2008-05-27 05:17	6,103,040	----a-w	C:\Windows\System32\chtbrkr.dll2008-05-27 05:17	34,816	----a-w	C:\Windows\System32\msscb.dll2008-05-27 05:17	32,768	----a-w	C:\Windows\System32\mssprxy.dll2008-05-27 05:17	313,344	----a-w	C:\Windows\System32\thawbrkr.dll2008-05-27 05:17	301,568	----a-w	C:\Windows\System32\srchadmin.dll2008-05-27 05:17	194,560	----a-w	C:\Windows\System32\offfilt.dll2008-05-27 05:17	143,872	----a-w	C:\Windows\System32\korwbrkr.dll2008-05-27 05:17	11,776	----a-w	C:\Windows\System32\msshooks.dll2008-05-27 05:17	1,671,680	----a-w	C:\Windows\System32\chsbrkr.dll2008-05-27 04:59	18,904	----a-w	C:\Windows\System32\StructuredQuerySchemaTrivial.bin2008-05-27 04:59	106,605	----a-w	C:\Windows\System32\StructuredQuerySchema.bin2008-05-16 10:58	12,632	----a-w	C:\Windows\System32\lsdelete.exe2008-01-21 02:43	174	--sha-w	C:\Program Files\desktop.ini.(((((((((((((((((((((((((((((   snapshot@2008-08-31_ 1.40.48.70   ))))))))))))))))))))))))))))))))))))))))).- 2008-08-30 23:49:56	2,048	--sha-w	C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat+ 2008-08-31 10:42:39	2,048	--sha-w	C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat- 2008-08-30 23:49:56	2,048	--sha-w	C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat+ 2008-08-31 10:42:39	2,048	--sha-w	C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat- 2008-08-30 23:51:42	262,144	--sha-w	C:\Windows\ServiceProfiles\LocalService\ntuser.dat+ 2008-08-31 10:44:51	262,144	--sha-w	C:\Windows\ServiceProfiles\LocalService\ntuser.dat+ 2008-08-31 10:44:51	262,144	---ha-w	C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1- 2008-08-30 23:51:37	262,144	--sha-w	C:\Windows\ServiceProfiles\NetworkService\ntuser.dat+ 2008-08-31 10:44:46	262,144	--sha-w	C:\Windows\ServiceProfiles\NetworkService\ntuser.dat+ 2008-08-31 10:44:46	262,144	---ha-w	C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1- 2008-08-31 00:39:00	16,384	--sha-w	C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat+ 2008-08-31 12:56:12	16,384	--sha-w	C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat- 2008-08-31 00:39:00	32,768	--sha-w	C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat+ 2008-08-31 12:56:12	32,768	--sha-w	C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat- 2008-08-31 00:39:00	16,384	--sha-w	C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat+ 2008-08-31 12:56:12	16,384	--sha-w	C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat- 2008-08-31 00:32:19	101,250	----a-w	C:\Windows\System32\perfc009.dat+ 2008-08-31 10:55:35	101,250	----a-w	C:\Windows\System32\perfc009.dat- 2008-08-31 00:32:19	587,178	----a-w	C:\Windows\System32\perfh009.dat+ 2008-08-31 10:55:35	587,178	----a-w	C:\Windows\System32\perfh009.dat- 2008-08-30 23:51:55	5,942	----a-w	C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2495136614-971743062-1939807076-1000_UserData.bin+ 2008-08-31 10:44:39	6,090	----a-w	C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2495136614-971743062-1939807076-1000_UserData.bin- 2008-08-30 23:51:54	77,788	----a-w	C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin+ 2008-08-31 10:44:39	79,368	----a-w	C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin- 2008-08-30 23:51:51	41,198	----a-w	C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin+ 2008-08-31 10:44:38	42,526	----a-w	C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin.(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 03:23 1233920]"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 17:36 455968]"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 11:04 2127296]"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-08-12 18:19 21741864]"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 03:23 2153472 C:\Windows\System32\oobefldr.dll][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-11-07 01:05 86016]"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-11-07 01:05 8534560]"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-11-07 01:05 81920]"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 12:31 1033512]"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-17 14:34 634880]"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-10-24 11:02 178712]"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2007-12-20 03:27 468264]"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 22:31 202032]"OnScreenDisplay"="C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 21:54 554320]"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-17 07:13 218408]"ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-02-14 11:01 51048]"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 12:06 40048]"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-09 01:24 54840]"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 17:47 480560]"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-09 00:53 311296]"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 13:00 132496]"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-08-04 00:02 36352]"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 20:42 116040]"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]"w3dr.exe"="C:\Gry\Warcraft III\w3dr.exe" [2008-08-03 15:38 61440]"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 10:47 289064]"TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2008-08-27 13:57 916560]"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-08-18 13:23 1447168]"NodLogin"="C:\Program Files\ESET\ESET NOD32 Antivirus\nodlogin.exe" [2008-08-28 14:20 359203]"NortonAntiBot"="C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe" [2007-11-12 22:59 1378840]"RtHDVCpl"="RtHDVCpl.exe" [2007-10-09 17:59 4702208 C:\Windows\RtHDVCpl.exe][HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0)[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"msacm.l3codecp"= l3codecp.acm"VIDC.YV12"= yv12vfw.dll[HKEY_LOCAL_MACHINE\software\microsoft\security center]"UacDisableNotify"=dword:00000001"InternetSettingsDisableNotify"=dword:00000001"AutoUpdateDisableNotify"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]"{8BD21AA0-19E2-4039-8589-DA4677943BCB}"= UDP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader"{84E314CE-60B1-4676-A689-B36B09161486}"= TCP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader"{87BCE3C6-2DAC-4D2D-9F0A-F8FBF4368C13}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote"{7A61B6F1-F696-4E99-8AD0-2A894DABAF25}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote"{23C8C650-3152-4070-9067-E08F8BF9B340}"= C:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector"{24C1C4A8-46DA-4F38-8012-2ED1FAD41A54}"= C:\Program Files\HP\QuickPlay\QP.exe:Quick Play"{55373D02-7050-4D14-A6BD-2CD2CB909FBE}"= C:\Program Files\HP\QuickPlay\QPService.exe:Quick Play Resident Program"{34CDFA0E-BD9E-4E70-8D60-8E92EFEBC367}"= C:\Program Files\Skype\Phone\Skype.exe:Skype"TCP Query User{EE850FFB-27BD-4708-B624-9A3E7B7F165B}C:\\program files\\sdc221\\strongdc.exe"= UDP:C:\program files\sdc221\strongdc.exe:StrongDC++"UDP Query User{8A83BF90-D335-4BDE-A691-B2F63EF1E48D}C:\\program files\\sdc221\\strongdc.exe"= TCP:C:\program files\sdc221\strongdc.exe:StrongDC++"{FE78C5F1-E942-41A1-ADB6-86EBAE1BDEEF}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour"{0F22BC4B-99A7-4E6B-800F-2001A893F531}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour"TCP Query User{07F2825C-52CB-4848-A3F2-A45D84DD43A1}C:\\gry\\warcraft iii\\war3.exe"= UDP:C:\gry\warcraft iii\war3.exe:Warcraft III"UDP Query User{0A835DB2-B65B-4D59-B2F0-9E7A532EADD7}C:\\gry\\warcraft iii\\war3.exe"= TCP:C:\gry\warcraft iii\war3.exe:Warcraft III"{46D0A911-A5C4-4576-AD0A-7D82A97F136B}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes"{889CABD8-A550-491C-86CB-7C0DE1F24B68}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]"EnableFirewall"= 0 (0x0)R1 epfwtdir;epfwtdir;C:\Windows\system32\DRIVERS\epfwtdir.sys [2008-08-18 13:27]R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20080828.002\IDSvix86.sys [2008-08-08 19:58]R2 LiveUpdate Notice;LiveUpdate Notice;c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-02-14 11:02]R2 QPCapSvc;QuickPlay Background Capture Service (QBCS);C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2007-12-20 03:28]R2 QPSched;QuickPlay Task Scheduler (QTS);C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2007-12-20 03:28]R3 COH_Mon;COH_Mon;C:\Windows\system32\Drivers\COH_Mon.sys [2008-07-30 17:42]R3 HpqRemHid;HP Remote Control HID Device;C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 18:30]R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2008-06-13 14:13]S3 GameConsoleService;GameConsoleService;C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-24 00:33]S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 03:23]S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-21 03:23]*Newly Created Service* - COMHOST[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe".Contents of the 'Scheduled Tasks' folder2008-08-30 C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - Gamon.job- c:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-08-27 01:19]2008-08-30 C:\Windows\Tasks\User_Feed_Synchronization-{8A6A2EBF-4DC7-4371-A80C-49FB95F5BEA3}.job- C:\Windows\system32\msfeedssync.exe [2008-01-21 03:24].- - - - ORPHANS REMOVED - - - -HKCU-Run-\VIE43B7.exe - C:\Windows\System32\VIE43B7.exeHKCU-Run-\VIE45C9.exe - C:\Windows\System32\VIE45C9.exeHKCU-Run-\VIE4914.exe - C:\Windows\System32\VIE4914.exeHKCU-Run-\VIE4C7D.exe - C:\Windows\System32\VIE4C7D.exeHKCU-Run-\VIED568.exe - C:\Windows\System32\VIED568.exeHKCU-Run-\VIED567.exe - C:\Windows\System32\VIED567.exeHKCU-Run-\VIEE3F7.exe - C:\Windows\System32\VIEE3F7.exeHKCU-Run-\VIEF297.exe - C:\Windows\System32\VIEF297.exeHKCU-Run-\VIECF20.exe - C:\Windows\System32\VIECF20.exeHKCU-Run-\VIED410.exe - C:\Windows\System32\VIED410.exeHKCU-Run-\VIED71C.exe - C:\Windows\System32\VIED71C.exeHKCU-Run-\VIEEBB5.exe - C:\Windows\System32\VIEEBB5.exeHKLM-Run-\VIE43B7.exe - C:\Windows\System32\VIE43B7.exeHKLM-Run-\VIE45C9.exe - C:\Windows\System32\VIE45C9.exeHKLM-Run-\VIE4914.exe - C:\Windows\System32\VIE4914.exeHKLM-Run-\VIE4C7D.exe - C:\Windows\System32\VIE4C7D.exeHKLM-Run-Diagnostic - C:\Windows\diagnostic.exe**************************************************************************catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-08-31 14:01:34Windows 6.0.6001 Service Pack 1 NTFSscanning hidden processes ... scanning hidden autostart entries ...scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"\\VIE43B7.exe"="C:\\Windows\\System32\\VIE43B7.exe""\\VIE45C9.exe"="C:\\Windows\\System32\\VIE45C9.exe""\\VIE4914.exe"="C:\\Windows\\System32\\VIE4914.exe""\\VIE4C7D.exe"="C:\\Windows\\System32\\VIE4C7D.exe"[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"\\VIE43B7.exe"="C:\\Windows\\System32\\VIE43B7.exe""\\VIE45C9.exe"="C:\\Windows\\System32\\VIE45C9.exe""\\VIE4914.exe"="C:\\Windows\\System32\\VIE4914.exe""\\VIE4C7D.exe"="C:\\Windows\\System32\\VIE4C7D.exe""\\VIED568.exe"="C:\\Windows\\System32\\VIED568.exe""\\VIED567.exe"="C:\\Windows\\System32\\VIED567.exe""\\VIEE3F7.exe"="C:\\Windows\\System32\\VIEE3F7.exe""\\VIEF297.exe"="C:\\Windows\\System32\\VIEF297.exe""\\VIECF20.exe"="C:\\Windows\\System32\\VIECF20.exe""\\VIED410.exe"="C:\\Windows\\System32\\VIED410.exe""\\VIED71C.exe"="C:\\Windows\\System32\\VIED71C.exe""\\VIEEBB5.exe"="C:\\Windows\\System32\\VIEEBB5.exe".Completion time: 2008-08-31 14:03:21ComboFix-quarantined-files.txt  2008-08-31 13:03:09ComboFix2.txt  2008-08-31 00:41:43Pre-Run: 60,667,297,792 bytes freePost-Run: 60,635,258,880 bytes free383	--- E O F ---	2008-08-29 21:03:32

Sreng log


2008-08-31,14:21:07System Repair Engineer 2.6.12.1018Smallfrogs (http://www.KZTechs.com)Windows Vista Home Premium Edition Service Pack 1 (Build 6001) - Administrative User - Completed Functions AllowedFollow item(s) have been selected:    All Boot Items (Including Registry, Startup Folders, Services and so on)    Browser Add-ons    Running Processes (Including process model information)    File Associations    Winsock Provider    Autorun.Inf    HOSTS File    Process Privileges ScanBoot ItemsRegistry[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]    &lt;Sidebar&gt;&lt;C:\Program Files\Windows Sidebar\sidebar.exe /autoRun&gt;  [(Verified)Microsoft Windows]    &lt;WindowsWelcomeCenter&gt;&lt;rundll32.exe oobefldr.dll,ShowWelcomeCenter&gt;  [(Verified)Microsoft Windows]    &lt;LightScribe Control Panel&gt;&lt;C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden&gt;  [(Verified)Hewlett-Packard Company]    &lt;Gadu-Gadu&gt;&lt;"C:\Program Files\Gadu-Gadu\gg.exe" /tray&gt;  [(Verified)Gadu-Gadu sp. z o.o.]    &lt;Skype&gt;&lt;"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized&gt;  [(Verified)Skype Technologies SA][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]    &lt;NvSvc&gt;&lt;RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart&gt;  [(Verified)Microsoft Windows Hardware Compatibility Publisher]    &lt;NvCplDaemon&gt;&lt;RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup&gt;  [(Verified)Microsoft Windows Hardware Compatibility Publisher]    &lt;NvMediaCenter&gt;&lt;RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit&gt;  [(Verified)Microsoft Windows Hardware Compatibility Publisher]    &lt;SynTPEnh&gt;&lt;C:\Program Files\Synaptics\SynTP\SynTPEnh.exe&gt;  [(Verified)Microsoft Windows Hardware Compatibility Publisher]    &lt;SMSERIAL&gt;&lt;C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe&gt;  [(Verified)Microsoft Windows Hardware Compatibility Publisher]    &lt;RtHDVCpl&gt;&lt;RtHDVCpl.exe&gt;  [(Verified)Microsoft Windows Hardware Compatibility Publisher]    &lt;IAAnotif&gt;&lt;C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe&gt;  [(Verified)Intel Corporation]    &lt;QPService&gt;&lt;"C:\Program Files\HP\QuickPlay\QPService.exe"&gt;  [(Verified)CyberLink]    &lt;QlbCtrl&gt;&lt;%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start&gt;  [(Verified)Hewlett-Packard Company]    &lt;OnScreenDisplay&gt;&lt;C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe&gt;  [(Verified)Hewlett-Packard Company]    &lt;UCam_Menu&gt;&lt;"C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"&gt;  [File is missing]    &lt;ccApp&gt;&lt;"c:\Program Files\Common Files\Symantec Shared\ccApp.exe"&gt;  [(Verified)Symantec Corporation]    &lt;Adobe Reader Speed Launcher&gt;&lt;"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"&gt;  [(Verified)"Adobe Systems, Incorporated"]    &lt;HP Software Update&gt;&lt;C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe&gt;  [(Verified)Hewlett-Packard Company]    &lt;hpWirelessAssistant&gt;&lt;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe&gt;  [(Verified)Hewlett-Packard Company]    &lt;WAWifiMessage&gt;&lt;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe&gt;  [Hewlett-Packard Development Company, L.P.]    &lt;SunJavaUpdateSched&gt;&lt;"C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"&gt;  [(Verified)"Sun Microsystems, Inc."]    &lt;WinampAgent&gt;&lt;"C:\Program Files\Winamp\winampa.exe"&gt;  []    &lt;AppleSyncNotifier&gt;&lt;C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe&gt;  [(Verified)Apple Inc.]    &lt;QuickTime Task&gt;&lt;"C:\Program Files\QuickTime\QTTask.exe" -atboottime&gt;  [Apple Inc.]    &lt;w3dr.exe&gt;&lt;C:\Gry\Warcraft III\w3dr.exe&gt;  [VT Software]    &lt;iTunesHelper&gt;&lt;"C:\Program Files\iTunes\iTunesHelper.exe"&gt;  [(Verified)Apple Inc.]    &lt;egui&gt;&lt;"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice&gt;  [(Verified)"ESET, spol. s r.o."]    &lt;NodLogin&gt;&lt;C:\Program Files\ESET\ESET NOD32 Antivirus\nodlogin.exe&gt;  []    &lt;NortonAntiBot&gt;&lt;"C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe"&gt;  [(Verified)Sana Security][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]    &lt;shell&gt;&lt;Explorer.exe&gt;  [(Verified)Microsoft Windows]    &lt;Userinit&gt;&lt;C:\Windows\system32\userinit.exe,&gt;  [(Verified)Microsoft Windows][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]    &lt;AppInit_DLLs&gt;&lt;&gt;  [N/A][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]    &lt;LightScribe Control Panel&gt;&lt;"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"&gt;  [(Verified)Hewlett-Packard Company][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]    &lt;Themes Setup&gt;&lt;%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll&gt;  [File is missing][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]    &lt;Microsoft Windows Mail 7&gt;&lt;"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE&gt;  [File is missing]==================================Startup FoldersN/A==================================Services[Lavasoft Ad-Aware Service / aawservice][Running/Auto Start]  &lt;"C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe"&gt;&lt;Lavasoft&gt;[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]  &lt;"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"&gt;&lt;Apple Inc.&gt;[Automatic LiveUpdate Scheduler / Automatic LiveUpdate Scheduler][Running/Auto Start]  &lt;"c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe"&gt;&lt;Symantec Corporation&gt;[Bonjour Service / Bonjour Service][Running/Auto Start]  &lt;"C:\Program Files\Bonjour\mDNSResponder.exe"&gt;&lt;Apple Inc.&gt;[Symantec Event Manager / ccEvtMgr][Running/Auto Start]  &lt;"c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon&gt;&lt;Symantec Corporation&gt;[Symantec Settings Manager / ccSetMgr][Running/Auto Start]  &lt;"c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon&gt;&lt;Symantec Corporation&gt;[Symantec Lic NetConnect service / CLTNetCnService][Running/Auto Start]  &lt;"c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon&gt;&lt;Symantec Corporation&gt;[Com4Qlb / Com4Qlb][Stopped/Manual Start]  &lt;"C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe"&gt;&lt;Hewlett-Packard Development Company, L.P.&gt;[COM Host / comHost][Stopped/Manual Start]  &lt;"c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe"&gt;&lt;Symantec Corporation&gt;[Eset HTTP Server / EhttpSrv][Stopped/Manual Start]  &lt;"C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe"&gt;&lt;ESET&gt;[Eset Service / ekrn][Running/Auto Start]  &lt;"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"&gt;&lt;ESET&gt;[GameConsoleService / GameConsoleService][Stopped/Manual Start]  &lt;"C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe"&gt;&lt;WildTangent, Inc.&gt;[HP Health Check Service / HP Health Check Service][Running/Auto Start]  &lt;"c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe"&gt;&lt;Hewlett-Packard&gt;[hpqwmiex / hpqwmiex][Running/Auto Start]  &lt;C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe&gt;&lt;Hewlett-Packard Development Company, L.P.&gt;[Intel(R) Matrix Storage Event Monitor / IAANTMON][Running/Auto Start]  &lt;C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe&gt;&lt;Intel Corporation&gt;[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]  &lt;"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"&gt;&lt;Macrovision Corporation&gt;[Usługa iPod / iPod Service][Running/Manual Start]  &lt;"C:\Program Files\iPod\bin\iPodService.exe"&gt;&lt;Apple Inc.&gt;[LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start]  &lt;"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"&gt;&lt;Hewlett-Packard Company&gt;[LiveUpdate / LiveUpdate][Stopped/Manual Start]  &lt;"c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE"&gt;&lt;Symantec Corporation&gt;[LiveUpdate Notice / LiveUpdate Notice][Running/Auto Start]  &lt;"c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon&gt;&lt;Symantec Corporation&gt;[QuickPlay Background Capture Service (QBCS) / QPCapSvc][Running/Auto Start]  &lt;"C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe"&gt;&lt;&gt;[QuickPlay Task Scheduler (QTS) / QPSched][Running/Auto Start]  &lt;"C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe"&gt;&lt;&gt;[Cyberlink RichVideo Service(CRVS) / RichVideo][Running/Auto Start]  &lt;"C:\Program Files\CyberLink\Shared Files\RichVideo.exe"&gt;&lt;&gt;[Symantec Core LC / Symantec Core LC][Stopped/Manual Start]  &lt;C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe&gt;&lt;&gt;[SymantecAntiBotAgent / SymantecAntiBotAgent][Running/Auto Start]  &lt;"C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe" SymantecAntiBotAgent&gt;&lt;Symantec&gt;[SymantecAntiBotWatcher / SymantecAntiBotWatcher][Running/Auto Start]  &lt;C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe&gt;&lt;Symantec&gt;==================================Drivers[adp94xx / adp94xx][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\adp94xx.sys&gt;&lt;Adaptec, Inc.&gt;[adpahci / adpahci][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\adpahci.sys&gt;&lt;Adaptec, Inc.&gt;[adpu160m / adpu160m][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\adpu160m.sys&gt;&lt;Adaptec, Inc.&gt;[adpu320 / adpu320][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\adpu320.sys&gt;&lt;Adaptec, Inc.&gt;[aic78xx / aic78xx][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\djsvs.sys&gt;&lt;Adaptec, Inc.&gt;[aliide / aliide][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\aliide.sys&gt;&lt;Acer Laboratories Inc.&gt;[arc / arc][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\arc.sys&gt;&lt;Adaptec, Inc.&gt;[arcsas / arcsas][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\arcsas.sys&gt;&lt;Adaptec, Inc.&gt;[Broadcom Extensible 802.11 Network Adapter Driver / BCM43XV][Stopped/Manual Start]  &lt;system32\DRIVERS\bcmwl6.sys&gt;&lt;Broadcom Corporation&gt;[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]  &lt;\SystemRoot\system32\drivers\brfiltlo.sys&gt;&lt;Brother Industries, Ltd.&gt;[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]  &lt;\SystemRoot\system32\drivers\brfiltup.sys&gt;&lt;Brother Industries, Ltd.&gt;[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\brserid.sys&gt;&lt;Brother Industries Ltd.&gt;[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\brserwdm.sys&gt;&lt;Brother Industries Ltd.&gt;[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\brusbmdm.sys&gt;&lt;Brother Industries Ltd.&gt;[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]  &lt;\SystemRoot\system32\drivers\brusbser.sys&gt;&lt;Brother Industries Ltd.&gt;[cmdide / cmdide][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\cmdide.sys&gt;&lt;CMD Technology, Inc.&gt;[COH_Mon / COH_Mon][Stopped/Manual Start]  &lt;\??\C:\Windows\system32\Drivers\COH_Mon.sys&gt;&lt;Symantec Corporation&gt;[CO_Mon / CO_Mon][Running/Auto Start]  &lt;\??\C:\Windows\system32\drivers\CO_Mon.sys&gt;&lt;Symantec Corporation&gt;[Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start]  &lt;system32\DRIVERS\E1G60I32.sys&gt;&lt;Intel Corporation&gt;[eamon / eamon][Running/Auto Start]  &lt;system32\DRIVERS\eamon.sys&gt;&lt;ESET&gt;[easdrv / easdrv][Running/System Start]  &lt;system32\DRIVERS\easdrv.sys&gt;&lt;ESET&gt;[Symantec Eraser Control driver / eeCtrl][Running/System Start]  &lt;\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys&gt;&lt;Symantec Corporation&gt;[elxstor / elxstor][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\elxstor.sys&gt;&lt;Emulex&gt;[epfwtdir / epfwtdir][Running/System Start]  &lt;system32\DRIVERS\epfwtdir.sys&gt;&lt;N/A&gt;[EraserUtilRebootDrv / EraserUtilRebootDrv][Running/Manual Start]  &lt;\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys&gt;&lt;Symantec Corporation&gt;[GEARAspiWDM / GEARAspiWDM][Running/Manual Start]  &lt;System32\Drivers\GEARAspiWDM.sys&gt;&lt;GEAR Software Inc.&gt;[HpCISSs / HpCISSs][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\hpcisss.sys&gt;&lt;Hewlett-Packard Company&gt;[HpqKbFilter Driver / HpqKbFiltr][Running/Manual Start]  &lt;system32\DRIVERS\HpqKbFiltr.sys&gt;&lt;Hewlett-Packard Development Company, L.P.&gt;[HP Remote Control HID Device / HpqRemHid][Running/Manual Start]  &lt;system32\DRIVERS\HpqRemHid.sys&gt;&lt;Hewlett-Packard Development Company, L.P.&gt;[HSFHWAZL / HSFHWAZL][Stopped/Manual Start]  &lt;system32\DRIVERS\VSTAZL3.SYS&gt;&lt;Conexant Systems, Inc.&gt;[HSF_DPV / HSF_DPV][Stopped/Manual Start]  &lt;system32\DRIVERS\VSTDPV3.SYS&gt;&lt;Conexant Systems, Inc.&gt;[Intel AHCI Controller / iaStor][Running/Boot Start]  &lt;\SystemRoot\system32\DRIVERS\iaStor.sys&gt;&lt;Intel Corporation&gt;[Intel RAID Controller Vista / iaStorV][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\iastorv.sys&gt;&lt;Intel Corporation&gt;[Symantec Intrusion Prevention Driver / IDSvix86][Running/System Start]  &lt;\??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20080828.002\IDSvix86.sys&gt;&lt;Symantec Corporation&gt;[iirsp / iirsp][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\iirsp.sys&gt;&lt;Intel Corp./ICP vortex GmbH&gt;[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]  &lt;system32\drivers\RTKVHDA.sys&gt;&lt;Realtek Semiconductor Corp.&gt;[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]  &lt;system32\DRIVERS\ipinip.sys&gt;&lt;N/A&gt;[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\iteatapi.sys&gt;&lt;Integrated Technology Express, Inc.&gt;[ITERAID_Service_Install / iteraid][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\iteraid.sys&gt;&lt;Integrated Technology Express, Inc.&gt;[LSI_FC / LSI_FC][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\lsi_fc.sys&gt;&lt;LSI Logic&gt;[LSI_SAS / LSI_SAS][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\lsi_sas.sys&gt;&lt;LSI Logic&gt;[LSI_SCSI / LSI_SCSI][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\lsi_scsi.sys&gt;&lt;LSI Logic&gt;[megasas / megasas][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\megasas.sys&gt;&lt;LSI Corporation&gt;[MegaSR / MegaSR][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\megasr.sys&gt;&lt;LSI Corporation, Inc.&gt;[Mraid35x / Mraid35x][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\mraid35x.sys&gt;&lt;LSI Logic Corporation&gt;[NAVENG / NAVENG][Running/Manual Start]  &lt;\??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080830.007\NAVENG.SYS&gt;&lt;Symantec Corporation&gt;[NAVEX15 / NAVEX15][Running/Manual Start]  &lt;\??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080830.007\NAVEX15.SYS&gt;&lt;Symantec Corporation&gt;[Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit / NETw3v32][Stopped/Manual Start]  &lt;system32\DRIVERS\NETw3v32.sys&gt;&lt;Intel Corporation&gt;[Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit / NETw4v32][Running/Manual Start]  &lt;system32\DRIVERS\NETw4v32.sys&gt;&lt;Intel Corporation&gt;[nfrd960 / nfrd960][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\nfrd960.sys&gt;&lt;IBM Corporation&gt;[N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\ntrigdigi.sys&gt;&lt;N-trig Innovative Technologies&gt;[NVIDIA nForce Networking Controller Driver / NVENETFD][Stopped/Manual Start]  &lt;system32\DRIVERS\nvm60x32.sys&gt;&lt;NVIDIA Corporation&gt;[nvlddmkm / nvlddmkm][Running/Manual Start]  &lt;system32\DRIVERS\nvlddmkm.sys&gt;&lt;NVIDIA Corporation&gt;[NVIDIA nForce RAID Driver    / nvraid][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\nvraid.sys&gt;&lt;NVIDIA Corporation&gt;[nvstor / nvstor][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\nvstor.sys&gt;&lt;NVIDIA Corporation&gt;[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]  &lt;system32\DRIVERS\nwlnkflt.sys&gt;&lt;N/A&gt;[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]  &lt;system32\DRIVERS\nwlnkfwd.sys&gt;&lt;N/A&gt;[QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\ql2300.sys&gt;&lt;QLogic Corporation&gt;[QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\ql40xx.sys&gt;&lt;QLogic Corporation&gt;[rimmptsk / rimmptsk][Running/Auto Start]  &lt;system32\DRIVERS\rimmptsk.sys&gt;&lt;REDC&gt;[rimsptsk / rimsptsk][Running/Auto Start]  &lt;system32\DRIVERS\rimsptsk.sys&gt;&lt;REDC&gt;[Ricoh xD-Picture Card Driver / rismxdp][Running/Auto Start]  &lt;system32\DRIVERS\rixdptsk.sys&gt;&lt;REDC&gt;[Realtek 8169 NT Driver / RTL8169][Stopped/Manual Start]  &lt;system32\DRIVERS\Rtlh86.sys&gt;&lt;Realtek Corporation&gt;[SiSRaid4 / SiSRaid4][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\sisraid4.sys&gt;&lt;Silicon Integrated Systems&gt;[smserial / smserial][Running/Manual Start]  &lt;system32\DRIVERS\smserial.sys&gt;&lt;Motorola Inc.&gt;[SPBBCDrv / SPBBCDrv][Running/System Start]  &lt;\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys&gt;&lt;Symantec Corporation&gt;[sptd / sptd][Running/Boot Start]  &lt;\SystemRoot\System32\Drivers\sptd.sys&gt;&lt;N/A&gt;[SRTSP / SRTSP][Running/Manual Start]  &lt;System32\Drivers\SRTSP.SYS&gt;&lt;Symantec Corporation&gt;[SRTSPL / SRTSPL][Stopped/Manual Start]  &lt;System32\Drivers\SRTSPL.SYS&gt;&lt;Symantec Corporation&gt;[SRTSPX / SRTSPX][Running/System Start]  &lt;System32\Drivers\SRTSPX.SYS&gt;&lt;Symantec Corporation&gt;[SymantecAntiBotDriver / SymantecAntiBotDriver][Running/Manual Start]  &lt;\??\C:\Program Files\Symantec\Norton AntiBot\agent\driver\platform_VISTA\AntiBotDriver.sys&gt;&lt;Symantec Corporation.&gt;[SymantecAntiBotFilter / SymantecAntiBotFilter][Running/Manual Start]  &lt;\??\C:\Program Files\Symantec\Norton AntiBot\agent\driver\platform_VISTA\AntiBotFilter.sys&gt;&lt;Symantec Corporation.&gt;[SymantecAntiBotShim / SymantecAntiBotShim][Running/Manual Start]  &lt;\??\C:\Program Files\Symantec\Norton AntiBot\agent\driver\platform_VISTA\AntiBotShim.sys&gt;&lt;Symantec Corporation.&gt;[Symc8xx / Symc8xx][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\symc8xx.sys&gt;&lt;LSI Logic&gt;[SYMDNS / SYMDNS][Running/Manual Start]  &lt;\SystemRoot\System32\Drivers\SYMDNS.SYS&gt;&lt;Symantec Corporation&gt;[SymEvent / SymEvent][Running/Manual Start]  &lt;\??\C:\Windows\system32\Drivers\SYMEVENT.SYS&gt;&lt;Symantec Corporation&gt;[SYMFW / SYMFW][Running/Manual Start]  &lt;\SystemRoot\System32\Drivers\SYMFW.SYS&gt;&lt;Symantec Corporation&gt;[Symantec Network Security Intermediate Filter Driver / SymIM][Running/System Start]  &lt;system32\DRIVERS\SymIMv.sys&gt;&lt;Symantec Corporation&gt;[SymIMMP / SymIMMP][Stopped/Manual Start]  &lt;system32\DRIVERS\SymIM.sys&gt;&lt;N/A&gt;[SYMNDISV / SYMNDISV][Running/Manual Start]  &lt;\SystemRoot\System32\Drivers\SYMNDISV.SYS&gt;&lt;Symantec Corporation&gt;[SYMREDRV / SYMREDRV][Running/Manual Start]  &lt;\SystemRoot\System32\Drivers\SYMREDRV.SYS&gt;&lt;Symantec Corporation&gt;[SYMTDI / SYMTDI][Running/System Start]  &lt;\SystemRoot\System32\Drivers\SYMTDI.SYS&gt;&lt;Symantec Corporation&gt;[Sym_hi / Sym_hi][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\sym_hi.sys&gt;&lt;LSI Logic&gt;[Sym_u3 / Sym_u3][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\sym_u3.sys&gt;&lt;LSI Logic&gt;[Synaptics TouchPad Driver / SynTP][Running/Manual Start]  &lt;system32\DRIVERS\SynTP.sys&gt;&lt;Synaptics, Inc.&gt;[uliahci / uliahci][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\uliahci.sys&gt;&lt;ULi Electronics Inc.&gt;[UlSata / UlSata][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\ulsata.sys&gt;&lt;Promise Technology, Inc.&gt;[ulsata2 / ulsata2][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\ulsata2.sys&gt;&lt;Promise Technology, Inc.&gt;[viaide / viaide][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\viaide.sys&gt;&lt;VIA Technologies, Inc.&gt;[vsmraid / vsmraid][Stopped/Disabled]  &lt;\SystemRoot\system32\drivers\vsmraid.sys&gt;&lt;VIA Technologies Inc.,Ltd&gt;[winachsf / winachsf][Stopped/Manual Start]  &lt;system32\DRIVERS\VSTCNXT3.SYS&gt;&lt;Conexant Systems, Inc.&gt;==================================Browser Add-ons[Adobe PDF Reader Link Helper]  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} &lt;C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated&gt;[Skype add-on (mastermind)]  {22BF413B-C6D2-4d91-82A9-A0F997BA588C} &lt;C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, Skype Technologies S.A.&gt;[]  {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} &lt;c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll, (Signed) Symantec Corporation&gt;[Symantec Intrusion Prevention]  {6D53EC84-6AAE-4787-AEEE-F4628F01010C} &lt;C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll, (Signed) Symantec Corporation&gt;[SSVHelper Class]  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} &lt;C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll, (Signed) Sun Microsystems, Inc.&gt;[Java Plug-in 1.6.0_02]  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} &lt;C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll, (Signed) Sun Microsystems, Inc.&gt;[Send to OneNote from Internet Explorer button]  {2670000A-7350-4f3c-8081-5663EE0C6C49} &lt;C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll, (Signed) Microsoft Corporation&gt;[Skype add-on (button)]  {77BF5300-1474-4EC7-9980-D32B190E9B07} &lt;C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, Skype Technologies S.A.&gt;[&amp;Research]  {92780B25-18CC-41C8-B9BE-3C9C571A8263} &lt;C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL, (Signed) Microsoft Corporation&gt;[Show Norton Toolbar]  {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} &lt;c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll, (Signed) Symantec Corporation&gt;[CKAVWebScan Object]  {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} &lt;C:\Windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll, Kaspersky Lab&gt;[Shockwave ActiveX Control]  {233C1507-6A77-46A4-9443-F871F945D258} &lt;C:\Windows\System32\Adobe\Director\swdir.dll, N/A&gt;[Java Plug-in 1.6.0_02]  {8AD9C840-044E-11D1-B3E9-00805F499D93} &lt;C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll, (Signed) Sun Microsystems, Inc.&gt;[Java Plug-in 1.6.0_02]  {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} &lt;C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll, (Signed) Sun Microsystems, Inc.&gt;[Java Plug-in 1.6.0_02]  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} &lt;C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll, (Signed) Sun Microsystems, Inc.&gt;[Adobe PDF Reader Link Helper]  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} &lt;C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated&gt;[]  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} &lt;, &gt;[CKAVWebScan Object]  {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} &lt;C:\Windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll, Kaspersky Lab&gt;[]  {17492023-C23A-453E-A040-C7C580BBF700} &lt;, &gt;[Skype add-on (mastermind)]  {22BF413B-C6D2-4D91-82A9-A0F997BA588C} &lt;C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, Skype Technologies S.A.&gt;[Windows Media Player]  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} &lt;C:\Windows\System32\wmpdxm.dll, (Signed) Microsoft Corporation&gt;[]  {2318C2B1-4965-11D4-9B18-009027A5CD4F} &lt;, &gt;[Shockwave ActiveX Control]  {233C1507-6A77-46A4-9443-F871F945D258} &lt;C:\Windows\System32\Adobe\Director\swdir.dll, N/A&gt;[HTML Document]  {25336920-03F9-11CF-8FD0-00AA00686F13} &lt;C:\Windows\system32\mshtml.dll, (Signed) Microsoft Corporation&gt;[]  {2670000A-7350-4F3C-8081-5663EE0C6C49} &lt;, &gt;[XML DOM Document]  {2933BF90-7B36-11D2-B20E-00C04F983E60} &lt;%SystemRoot%\System32\msxml3.dll, (Signed) N/A&gt;[XML Document]  {48123BC4-99D9-11D1-A6B3-00C04FD91555} &lt;%SystemRoot%\System32\msxml3.dll, (Signed) N/A&gt;[]  {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} &lt;c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll, (Signed) Symantec Corporation&gt;[CKAVReportCtrl Object]  {6117669B-8C2D-41FA-A6D9-9E484B999CF0} &lt;C:\Windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll, Kaspersky Lab&gt;[Symantec Intrusion Prevention]  {6D53EC84-6AAE-4787-AEEE-F4628F01010C} &lt;C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll, (Signed) Symantec Corporation&gt;[SSVHelper Class]  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} &lt;C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll, (Signed) Sun Microsystems, Inc.&gt;[Skype add-on (button)]  {77BF5300-1474-4EC7-9980-D32B190E9B07} &lt;C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, Skype Technologies S.A.&gt;[Show Norton Toolbar]  {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} &lt;c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll, (Signed) Symantec Corporation&gt;[Microsoft Web Browser]  {8856F961-340A-11D0-A96B-00C04FD705A2} &lt;C:\Windows\system32\ieframe.dll, (Signed) Microsoft Corporation&gt;[]  {92780B25-18CC-41C8-B9BE-3C9C571A8263} &lt;, &gt;[]  {AA58ED58-01DD-4D91-8333-CF10577473F7} &lt;, &gt;[Microsoft Office 12 Authorization Control]  {C9712B19-838B-45A5-ABF2-9A315DDDED50} &lt;C:\PROGRA~1\MICROS~3\Office12\AUTHZAX.DLL, (Signed) Microsoft Corporation&gt;[RealPlayer G2 Control]  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} &lt;C:\Windows\system32\rmoc3260.dll, (Signed) RealNetworks, Inc.&gt;[Shockwave Flash Object]  {D27CDB6E-AE6D-11CF-96B8-444553540000} &lt;C:\Windows\system32\Macromed\Flash\Flash9d.ocx, N/A&gt;[QuickTimeCheck Class]  {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} &lt;C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx, (Signed) Apple Inc.&gt;[XML HTTP Request]  {ED8C108E-4349-11D2-91A4-00C04F7969E8} &lt;%SystemRoot%\System32\msxml3.dll, (Signed) N/A&gt;[XML HTTP]  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} &lt;%SystemRoot%\System32\msxml3.dll, (Signed) N/A&gt;[E&amp;xport to Microsoft Excel]  &lt;res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000, N/A&gt;==================================Running Processes[PID: 564 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)][PID: 640 / SYSTEM][C:\Windows\system32\csrss.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 692 / SYSTEM][C:\Windows\system32\csrss.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 700 / SYSTEM][C:\Windows\system32\wininit.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 736 / SYSTEM][C:\Windows\system32\services.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 748 / SYSTEM][C:\Windows\system32\lsass.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 760 / SYSTEM][C:\Windows\system32\lsm.exe]  [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)][PID: 896 / SYSTEM][C:\Windows\system32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 960 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 1000 / SYSTEM][C:\Windows\System32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{36354072-C4F6-4E58-BA1B-333138E9116B}\mpengine.dll]  [Microsoft Corporation, 1.1.3807.0][PID: 1064 / SYSTEM][C:\Windows\system32\winlogon.exe]  [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)][PID: 1080 / LOCAL SERVICE][C:\Windows\System32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 1128 / SYSTEM][C:\Windows\System32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)][PID: 1140 / SYSTEM][C:\Windows\system32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,4,12][PID: 1248 / NETWORK SERVICE][C:\Windows\system32\SLsvc.exe]  [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 1276 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,4,12][PID: 1404 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,4,12][PID: 1528 / SYSTEM][C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe]  [Lavasoft, 7,1,0,12]    [C:\Program Files\Lavasoft\Ad-Aware\CEAPI.dll]  [Lavasoft, 7,1,0,12]    [C:\Program Files\Lavasoft\Ad-Aware\PKArchive85u.dll]  [PKWARE, Inc., 8.4.1045.0]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 1672 / SYSTEM][C:\Windows\System32\spoolsv.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\System32\msonpmon.dll]  [Microsoft Corporation, 12.3.4518.1014]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Windows\system32\spool\PRTPROCS\W32X86\msonpppr.dll]  [Microsoft Corporation, 12.3.4518.1014]    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,4,12][PID: 1696 / SYSTEM][C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe]  [Symantec, 3.1.0.838]    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]    [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\boost_thread-vc71-mt-1_32.dll]  [N/A, ]    [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\boost_log-vc71-mt-1_32.dll]  [N/A, ]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)]    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,4,12]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [c:\Program Files\Common Files\Symantec Shared\ccL70U.dll]  [Symantec Corporation, 107.0.3.7][PID: 1768][c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe]  [Symantec Corporation, 107.0.3.7]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [c:\Program Files\Common Files\Symantec Shared\ccL70U.dll]  [Symantec Corporation, 107.0.3.7]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 107.0.3.7]    [c:\Program Files\Common Files\Symantec Shared\ccSvc.dll]  [Symantec Corporation, 107.0.3.7]    [c:\Program Files\Common Files\Symantec Shared\CCIPC.dll]  [Symantec Corporation, 107.0.3.7]    [c:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 107.0.3.7]    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETPLG.DLL]  [Symantec Corporation, 107.0.3.7]    [C:\PROGRA~1\NORTON~1\NORTON~1\AVPSVC32.DLL]  [Symantec Corporation, 15.0.5.5]    [c:\Program Files\Norton Internet Security\Norton AntiVirus\AVSubmit.dll]  [Symantec Corporation, 15.0.0.58]    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSUBENG.DLL]  [Symantec Corporation, 107.0.3.7]    [C:\PROGRA~1\COMMON~1\SYMANT~1\HOMENET\HNCORE.DLL]  [Symantec Corporation, 3.0.0.113]    [C:\PROGRA~1\NORTON~1\ISDATASV.DLL]  [Symantec Corporation, 15.0.5.5]    [C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSVC.DLL]  [Symantec Corporation, 8.0.2.6]    [c:\Program Files\Common Files\Symantec Shared\ccL70.dll]  [Symantec Corporation, 107.0.3.7]    [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\TPROCPLG.DLL]  [Symantec Corporation, 4.1.0.6]    [C:\PROGRA~1\COMMON~1\SYMANT~1\NPC\2.0\WMIMONTR.DLL]  [Symantec Corporation, 2008.1.00.98]    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEVTPLG.DLL]  [Symantec Corporation, 107.0.3.7]    [C:\PROGRA~1\COMMON~1\SYMANT~1\APPCORE\APPPLG32.DLL]  [Symantec Corporation, 1.3.00.68]    [C:\PROGRA~1\COMMON~1\SYMANT~1\HTEC\HTEC.DLL]  [Symantec Corporation, 2.0.0.48]    [c:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll]  [Symantec Corporation, 1.3.00.68]    [C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSPLUG.DLL]  [Symantec Corporation, 8.2.0.86]    [c:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll]  [Symantec Corporation, 107.0.3.7]    [C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\SRTSP32.DLL]  [Symantec Corporation, 10.2.2.6]    [c:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll]  [Symantec Corporation, 1.3.00.68]    [C:\PROGRA~1\COMMON~1\SYMANT~1\NCWHYPEX\NCWHYPEX.DLL]  [Symantec Corporation, 15.0.5.5]    [c:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 107.0.3.7]    [C:\PROGRA~1\COMMON~1\SYMANT~1\FIREWALL\FWAGENT.DLL]  [Symantec Corporation, 3.0.0.97]    [C:\Program Files\Common Files\Symantec Shared\SymNeti.dll]  [Symantec Corporation, 8.0.2.6]    [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL]  [Symantec Corporation, 4.0.0.134]    [C:\PROGRA~1\COMMON~1\SYMANT~1\PIF\{96E26~1\PIFENG.DLL]  [Symantec Corporation, 1.5.0.12]    [c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVScan.dll]  [Symantec Corporation, 3.0.00.140]    [c:\Program Files\Common Files\Symantec Shared\AntiVirus\avDefMgr.dll]  [Symantec Corporation, 3.1.00.5]    [C:\Windows\system32\msjetoledb40.dll]  [, ]    [c:\Program Files\Common Files\Symantec Shared\AntiVirus\avModule.dll]  [Symantec Corporation, 3.0.00.140]    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL]  [Symantec Corporation, 107.0.3.7]    [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.762]    [C:\PROGRA~1\NORTON~1\NORTON~1\NAVEVENT.DLL]  [Symantec Corporation, 15.0.0.58]    [c:\Program Files\Common Files\Symantec Shared\QBackup.dll]  [Symantec Corporation, 3.0.00.140]    [c:\Program Files\Common Files\Symantec Shared\SPBBC\ccTrstPc.dll]  [Symantec Corporation, 4.1.0.6]    [c:\Program Files\Common Files\Symantec Shared\Firewall\FWHelper.dll]  [Symantec Corporation, 3.1.0.4]    [c:\Program Files\Norton Internet Security\isDataCl.dll]  [Symantec Corporation, 15.0.5.5]    [c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll]  [Symantec Corporation, 3.1.00.5]    [c:\Program Files\Norton Internet Security\isPwd.dll]  [Symantec Corporation, 15.0.0.178]    [c:\Program Files\Norton Internet Security\SetEvtHp.dll]  [Symantec Corporation, 15.0.0.178]    [c:\Program Files\Norton Internet Security\fwPlugin.dll]  [Symantec Corporation, 15.0.0.178]    [c:\Program Files\Norton Internet Security\fwEvent.dll]  [Symantec Corporation, 15.0.0.178]    [C:\PROGRA~1\COMMON~1\SYMANT~1\OPC\{C86EA~1\CLTNETCN.DLL]  [Symantec Corporation, 8.0.0.103]    [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\WSCR_Fix.DLL]  [Symantec Corporation, 2008.1.00.98]    [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\WSCRHLPR.dll]  [Symantec Corporation, 2008.1.00.98]    [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\WmiData.dll]  [Symantec Corporation, 2008.1.00.98]    [c:\Program Files\Common Files\Symantec Shared\coShared\WA\2.0\NppCCWkr.dll]  [Symantec Corporation, 2008.2.0.84]    [c:\Program Files\Common Files\Symantec Shared\coShared\WA\2.0\NppDSMgr.dll]  [Symantec Corporation, 2008.2.0.84]    [c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coRegMon.dll]  [Symantec Corporation, 2008.2.0.84]    [c:\Program Files\Common Files\Symantec Shared\coShared\CW\2.0\CWBB.dll]  [Symantec Corporation, 2008.2.0.84]    [c:\Program Files\Common Files\Symantec Shared\COL\BBIF.DLL]  [Symantec Corporation, 2007.1.1.1009]    [c:\Program Files\Common Files\Symantec Shared\coShared\CW\2.0\CWCon.dll]  [Symantec Corporation, 2008.2.0.84]    [C:\PROGRA~2\Symantec\SyKnAppS\SyKnAppS.dll]  [Symantec Corporation, 2.5.0.22]    [c:\Program Files\Common Files\Symantec Shared\ccALEng.dll]  [Symantec Corporation, 107.0.3.7]    [c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCCli.dll]  [Symantec Corporation, 4.0.0.134]    [c:\Program Files\Common Files\Symantec Shared\ccScanw.dll]  [Symantec Corporation, 107.0.3.7]    [c:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL]  [Symantec Corporation, 71.3.0.25]    [c:\Program Files\Common Files\Symantec Shared\MSL\msl.dll]  [Symantec Corporation, 107.0.0.102]    [c:\Program Files\Norton Internet Security\IMCfg.dll]  [Symantec Corporation, 15.0.5.5]    [c:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll]  [Symantec Corporation, 4.0.0.134]    [C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080830.007\ccEraser.dll]  [Symantec Corporation, 108.2.1.3]    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,4,12][PID: 2004 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 244 / SYSTEM][C:\Windows\system32\taskeng.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2240 / Gamon][C:\Windows\system32\taskeng.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\system32\nvapi.dll]  [NVIDIA Corporation, 7.15.11.6743][PID: 2276 / Gamon][C:\Windows\system32\Dwm.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\system32\nvd3dum.dll]  [NVIDIA Corporation, 7.15.11.6743][PID: 2332 / Gamon][C:\Windows\Explorer.EXE]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]    [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\PROGRA~1\WI4EB4~1\wmpband.dll]  [Microsoft Corporation, 11.0.6000.6324 (vista_rtm.061101-2205)]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [c:\Program Files\Common Files\Symantec Shared\ccL70U.dll]  [Symantec Corporation, 107.0.3.7]    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]    [c:\PROGRA~1\NORTON~1\NORTON~1\NavShExt.dll]  [Symantec Corporation, 15.0.0.58]    [C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll]  [ESET, 3.0.672 ]    [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 8.0.0.2006102200][PID: 2588 / Gamon][C:\Windows\System32\rundll32.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\system32\NvMcTray.dll]  [NVIDIA Corporation, 7.15.11.6743]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\System32\nvapi.dll]  [NVIDIA Corporation, 7.15.11.6743][PID: 2636 / Gamon][C:\Windows\System32\rundll32.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\System32\NVSVC.DLL]  [NVIDIA Corporation, 7.15.11.6743]    [C:\Windows\System32\nvapi.dll]  [NVIDIA Corporation, 7.15.11.6743][PID: 2664 / Gamon][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe]  [Synaptics, Inc., 10.2.4 18Jan08]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\system32\SynCOM.dll]  [Synaptics, Inc., 10.2.4 18Jan08]    [C:\Windows\system32\SynTPAPI.dll]  [Synaptics, Inc., 10.2.4 18Jan08][PID: 2676 / Gamon][C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe]  [Motorola Inc., 6.12.06]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Program Files\Motorola\SMSERIAL\sm56eng.dll]  [Motorola Inc., 6.12.06]    [C:\Program Files\Motorola\SMSERIAL\sm56fra.dll]  [Motorola Inc., 6.12.06]    [C:\Program Files\Motorola\SMSERIAL\sm56brz.dll]  [Motorola Inc., 6.12.06]    [C:\Program Files\Motorola\SMSERIAL\sm56chs.dll]  [Motorola Inc., 6.12.06]    [C:\Program Files\Motorola\SMSERIAL\sm56cht.dll]  [Motorola Inc., 6.12.06]    [C:\Program Files\Motorola\SMSERIAL\sm56ger.dll]  [Motorola Inc., 6.12.06]    [C:\Program Files\Motorola\SMSERIAL\sm56ita.dll]  [Motorola Inc., 6.12.06]    [C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll]  [Motorola Inc., 6.12.06]    [C:\Program Files\Motorola\SMSERIAL\sm56esp.dll]  [Motorola Inc., 6.12.06]    [C:\Program Files\Motorola\SMSERIAL\sm56kor.dll]  [Motorola Inc., 6.12.06]    [C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll]  [Motorola Inc., 6.12.06][PID: 2692 / Gamon][C:\Windows\RtHDVCpl.exe]  [Realtek Semiconductor, 1, 0, 0, 98]    [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2704 / Gamon][C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe]  [Intel Corporation, 7.8.0.1013]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll]  [Intel Corporation, 7.8.0.1013]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Program Files\Intel\Intel Matrix Storage Manager\IAAMon_ENU.dll]  [Intel Corporation, 7.8.0.1013][PID: 2712 / Gamon][C:\Program Files\Hp\QuickPlay\QPService.exe]  [CyberLink Corp., 4.5.0.0000]    [C:\Program Files\Hp\QuickPlay\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]    [C:\Program Files\Hp\QuickPlay\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]    [C:\Program Files\Hp\QuickPlay\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\system32\MFC71ENU.DLL]  [Microsoft Corporation, 7.10.3077.0]    [C:\Program Files\Hp\QuickPlay\helper.dll]  [CyberLink Corp., 3.00.4021 ]    [C:\Program Files\HP\QuickPlay\Kernel\common\CLRCEngine3.dll]  [CyberLink Corp., 4, 5, 0, 2212]    [C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL]  [Microsoft Corporation, 12.0.4518.1014]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapX.dll]  [Cyberlink, 5.00.3619]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Program Files\HP\QuickPlay\Kernel\TV\CLAuMixer.dll]  [CyberLink Corp., 1.01.1027 ]    [C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll]  [, 5.00.3028]    [C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll]  [N/A, ]    [C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll]  [, 5.00.3619]    [C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRRec4.dll]  [CyberLink Corp., 4.02.4819]    [C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll]  [, 1.00.1012][PID: 2728 / Gamon][C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe]  [ Hewlett-Packard Development Company, L.P., 6, 3, 5, 1]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.DLL]  [Hewlett-Packard Development Company, L.P., 6, 3, 5, 1]    [C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hpqExec.DLL]  [Hewlett-Packard Company, 6, 3, 4, 2]    [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)][PID: 2740 / Gamon][C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe]  [ Hewlett-Packard Development Company, L.P., 1.0.0.4]    [C:\Program Files\Hewlett-Packard\HP QuickTouch\HPShared.dll]  [ Hewlett-Packard Development Company, L.P., 1.0.0.4]    [C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\MFC80ENU.DLL]  [Microsoft Corporation, 8.00.50727.762][PID: 2768 / Gamon][C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe]  [Adobe Systems Incorporated, 8.0.0.0]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2812][c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe]  [Symantec Corporation, 107.0.3.7]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [c:\Program Files\Common Files\Symantec Shared\ccL70U.dll]  [Symantec Corporation, 107.0.3.7]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 107.0.3.7]    [c:\Program Files\Common Files\Symantec Shared\ccSvc.dll]  [Symantec Corporation, 107.0.3.7]    [c:\Program Files\Common Files\Symantec Shared\CCIPC.dll]  [Symantec Corporation, 107.0.3.7]    [c:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 107.0.3.7]    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCAPPPLG.DLL]  [Symantec Corporation, 107.0.3.7]    [C:\PROGRA~1\COMMON~1\SYMANT~1\NPC\NPCLU.DLL]  [Symantec Corporation, 2008.2.00.5]    [C:\PROGRA~1\COMMON~1\SYMANT~1\NPC\2.0\NPCTRAY.DLL]  [Symantec Corporation, 2008.1.00.98]    [C:\PROGRA~1\COMMON~1\SYMANT~1\COL\SESHLP.DLL]  [Symantec Corporation, 6.1.2.4]    [c:\Program Files\Common Files\Symantec Shared\auCOLPwd.dll]  [Symantec Corporation, 2007.1.1.1009]    [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\uiAlert.dll]  [Symantec Corporation, 2008.1.00.98]    [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.762]    [c:\Program Files\Common Files\Symantec Shared\NPC\DataPvdr.dll]  [Symantec Corporation, 2008.1.00.98]    [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\uiHost.dll]  [Symantec Corporation, 2008.1.00.98]    [c:\Program Files\Common Files\Symantec Shared\AppCore\AppPlg32.dll]  [Symantec Corporation, 1.3.00.68]    [c:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 107.0.3.7]    [c:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 107.0.3.7]    [c:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll]  [Symantec Corporation, 1.3.00.68]    [c:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll]  [Symantec Corporation, 107.0.3.7]    [c:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll]  [Symantec Corporation, 1.3.00.68]    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 107.0.3.7]    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL]  [Symantec Corporation, 107.0.3.7]    [c:\Program Files\Norton Internet Security\fwAlert.dll]  [Symantec Corporation, 15.0.0.178]    [c:\Program Files\Norton Internet Security\ISDataCl.dll]  [Symantec Corporation, 15.0.5.5]    [c:\Program Files\Norton Internet Security\coDataPr.dll]  [Symantec Corporation, 2008.2.0.84]    [c:\Program Files\Norton Internet Security\09\01\coDataPr.loc]  [Symantec Corporation, 2008.2.0.84]    [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\uiDataCl.dll]  [Symantec Corporation, 2008.1.00.98]    [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\pcStatus.dll]  [Symantec Corporation, 2008.1.00.98]    [C:\PROGRA~1\NORTON~1\NORTON~1\AVPAPP32.DLL]  [Symantec Corporation, 15.0.0.58]    [C:\PROGRA~1\NORTON~1\NISTRAY.DLL]  [Symantec Corporation, 15.0.0.60]    [C:\PROGRA~1\NORTON~1\ISLALERT.DLL]  [Symantec Corporation, 15.0.0.178]    [C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\NPC\2.0\UICNTNR.DLL]  [Symantec Corporation, 2008.1.00.98]    [c:\Program Files\Common Files\Symantec Shared\PIF\{96E26A03-A25A-400b-B9B4-564C9BD00F46}\AlertEng.dll]  [Symantec Corporation, 1.5.0.12]    [c:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll]  [Symantec Corporation, 6.1.7.18]    [c:\Program Files\Norton Internet Security\SetEvtHp.dll]  [Symantec Corporation, 15.0.0.178]    [c:\Program Files\Common Files\Symantec Shared\COH\sH0007.dll]  [Symantec Corporation, 6,1,7,18]    [C:\Program Files\Common Files\Symantec Shared\SymNeti.dll]  [Symantec Corporation, 8.0.2.6]    [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\WSCRHLPR.dll]  [Symantec Corporation, 2008.1.00.98]    [c:\Program Files\Norton Internet Security\fwEvent.dll]  [Symantec Corporation, 15.0.0.178]    [c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll]  [Symantec Corporation, 3.1.00.5]    [C:\Program Files\Common Files\Symantec Shared\SymRedir.dll]  [Symantec Corporation, 8.0.2.6]    [c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVMail.dll]  [Symantec Corporation, 3.0.00.140]    [c:\Program Files\Norton Internet Security\isPwd.dll]  [Symantec Corporation, 15.0.0.178]    [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\WSCRMain.dll]  [Symantec Corporation, 2008.1.00.98]    [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\WmiClnt.dll]  [Symantec Corporation, 2008.1.00.98]    [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\WmiData.dll]  [Symantec Corporation, 2008.1.00.98]    [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\uiLicPlg.dll]  [Symantec Corporation, 2008.1.00.98]    [c:\Program Files\Common Files\Symantec Shared\NPC\PEPEvnt.dll]  [Symantec Corporation, 2008.1.00.98]    [c:\Program Files\Common Files\Symantec Shared\CF\PEP2.dll]  [Symantec Corporation, 2006.1.03.35]    [c:\Program Files\Common Files\Symantec Shared\coShared\CIM\2.0\AcctMgr.dll]  [Symantec Corporation, 2008.2.1.3]    [c:\Program Files\Common Files\Symantec Shared\coShared\CIM\2.0\DSMigrat.dll]  [Symantec Corporation, 2008.2.1.3]    [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)]    [c:\Program Files\Common Files\Symantec Shared\coShared\CIM\2.0\coParse.dll]  [Symantec Corporation, 1, 0, 0, 1][PID: 2964 / Gamon][C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe]  [Hewlett-Packard, 80, 1, 0, 0]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2972 / Gamon][C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe]  [Hewlett-Packard Development Company, L.P., 3, 0, 8, 2]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2980 / Gamon][C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe]  [Hewlett-Packard Development Company, L.P., 3.0.4.1]    [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2988 / Gamon][C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe]  [Sun Microsystems, Inc., 6.0.20.6]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 3000 / Gamon][C:\Program Files\Winamp\winampa.exe]  [N/A, ]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 3020 / SYSTEM][C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe]  [Apple Inc., 2.1.29.0][PID: 3140 / SYSTEM][C:\Program Files\Bonjour\mDNSResponder.exe]  [Apple Inc., 1,0,4,12][PID: 3188 / SYSTEM][C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe]  [ESET, 3.0.672 ]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll]  [ESET, 3.0.672 ]    [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll]  [ESET, 3.0.672 ]    [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll]  [ESET, 3.0.672 ]    [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll]  [ESET, 3.0.672 ]    [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll]  [ESET, 3.0.672 ]    [C:\Program Files\ESET\ESET NOD32 Antivirus\updater.dll]  [ESET, 3.0.672 ]    [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll]  [ESET, 3.0.672 ][PID: 3220 / Gamon][C:\Program Files\iTunes\iTunesHelper.exe]  [Apple Inc., 7.7.1.11]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Program Files\iTunes\iTunesHelper.Resources\pl.lproj\iTunesHelperLocalized.DLL]  [Apple Inc., 7.7.1.3]    [C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL]  [Apple Inc., 7.7.1.11]    [C:\Program Files\QuickTime\QTSystem\QuickTime.qts]  [Apple Inc., 7.5 (861)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)]    [C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll]  [Apple Inc., 7, 8, 176, 0][PID: 3304 / SYSTEM][C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe]  [Intel Corporation, 7.8.0.1013]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll]  [Intel Corporation, 7.8.0.1013]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll]  [Intel Corporation, 7.8.0.1013][PID: 3360 / SYSTEM][C:\Program Files\Common Files\LightScribe\LSSrvc.exe]  [Hewlett-Packard Company, 1.10.13.1]    [C:\Program Files\Common Files\LightScribe\LSSProxy.dll]  [Hewlett-Packard Company, 1.10.13.1]    [C:\Program Files\Common Files\LightScribe\LSLog.dll]  [Hewlett-Packard Company, 1.10.13.1]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 3452 / Gamon][C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe]  [ESET, 3.0.672 ]    [C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.762]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\MFC80ENU.DLL]  [Microsoft Corporation, 8.00.50727.762]    [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll]  [ESET, 3.0.672 ]    [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll]  [ESET, 3.0.672 ]    [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll]  [ESET, 3.0.672 ]    [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll]  [ESET, 3.0.672 ]    [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll]  [ESET, 3.0.672 ]    [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll]  [ESET, 3.0.672 ][PID: 3480 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 3492 / SYSTEM][C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe]  [, 5.00.3526]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll]  [, 5.00.3619]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRRec4.dll]  [CyberLink Corp., 4.02.4819]    [C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll]  [N/A, ][PID: 3524 / Gamon][C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NortonAntiBot.exe]  [Symantec, 3.1.0.838]    [C:\Windows\system32\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]    [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\boost_thread-vc71-mt-1_32.dll]  [N/A, ]    [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\boost_log-vc71-mt-1_32.dll]  [N/A, ]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\system32\MFC71ENU.DLL]  [Microsoft Corporation, 7.10.3077.0]    [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\EN_US\TrayRes.dll]  [Symantec, 3.1.0.838]    [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\EN_US\TrayMsgs.dll]  [Symantec, 3.1.0.838]    [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\JScript.dll]  [Microsoft Corporation, 5.6.0.8825][PID: 3536 / Gamon][C:\Program Files\Windows Sidebar\sidebar.exe]  [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll]  [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)]    [C:\Windows\system32\nvd3dum.dll]  [NVIDIA Corporation, 7.15.11.6743]    [C:\Windows\system32\icm32.dll]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 3584 / Gamon][C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe]  [Hewlett-Packard Company, 1.10.13.1]    [C:\Program Files\Common Files\LightScribe\QtCore4.dll]  [N/A, ]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Program Files\Common Files\LightScribe\QtGui4.dll]  [N/A, ]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll]  [N/A, ][PID: 2272 / SYSTEM][C:\Program Files\CyberLink\Shared Files\RichVideo.exe]  [, 2.0.1120  ]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2468 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2192 / SYSTEM][C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe]  [Symantec, 3.1.0.838]    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]    [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\boost_thread-vc71-mt-1_32.dll]  [N/A, ]    [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\boost_log-vc71-mt-1_32.dll]  [N/A, ]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 1484 / SYSTEM][C:\Windows\System32\svchost.exe]  [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 1556 / SYSTEM][C:\Windows\system32\SearchIndexer.exe]  [Microsoft Corporation, 7.0.6001.16503 (longhorn(wmbla).080526-2159)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2760 / SYSTEM][C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe]  [Hewlett-Packard Development Company, L.P., 2, 0, 1, 9]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2216 / SYSTEM][C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe]  [, 5.00.3619]    [C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll]  [N/A, ]    [C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll]  [, 5.00.3028]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll]  [, 1.00.1012][PID: 3932 / SYSTEM][C:\Program Files\iPod\bin\iPodService.exe]  [Apple Inc., 7.7.1.11]    [C:\Program Files\iPod\bin\iPodService.Resources\pl.lproj\iPodServiceLocalized.DLL]  [Apple Inc., 7.7.1.3]    [C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL]  [Apple Inc., 7.7.1.11][PID: 4492 / SYSTEM][C:\Windows\system32\wbem\wmiprvse.exe]  [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)][PID: 4984 / Gamon][C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABMonitor.exe]  [Symantec, 3.1.0.838]    [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]    [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]    [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\boost_thread-vc71-mt-1_32.dll]  [N/A, ]    [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\boost_log-vc71-mt-1_32.dll]  [N/A, ]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 5084 / Gamon][C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe]  [, 1, 10, 1, 3]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 5740 / Gamon][C:\Program Files\Synaptics\SynTP\SynTPHelper.exe]  [Synaptics, Inc., 10.2.4 18Jan08][PID: 4656][c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe]  [Symantec Corporation, 3.4.0.164]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 107.0.3.7]    [c:\Program Files\Common Files\Symantec Shared\ccL70U.dll]  [Symantec Corporation, 107.0.3.7][PID: 5172 / SYSTEM][c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe]  [Hewlett-Packard, 2.3.0.2]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.1434]    [C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5b3e3b0551bcaa722c27dbb089c431e4\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)]    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System\267d4c344058092e6950c11594244f90\System.ni.dll]  [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)]    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\80a3d0416c6660b86e245bd1f6b66fd8\System.ServiceProcess.ni.dll]  [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)]    [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\8fe7232e97fdf63c6b146e93f432d7d7\System.Runtime.Remoting.ni.dll]  [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)]    [C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll]  [Hewlett-Packard, 2.0.0.2][PID: 4972 / SYSTEM][C:\Windows\system32\SearchProtocolHost.exe]  [Microsoft Corporation, 7.0.6001.16503 (longhorn(wmbla).080526-2159)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL]  [Microsoft Corporation, 12.0.4518.1014]    [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.1434][PID: 5508 / SYSTEM][C:\Windows\system32\SearchFilterHost.exe]  [Microsoft Corporation, 7.0.6001.16503 (longhorn(wmbla).080526-2159)]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 4388 / Gamon][C:\Users\Gamon\Downloads\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.6.12.1018][PID: 4172 / Gamon][C:\Users\Gamon\Downloads\sreng2\SRE9552d3d9.EXE]  [Smallfrogs Studio, 2.6.12.1018]    [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll]  [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)]    [C:\Users\Gamon\Downloads\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]    [C:\Program Files\Bonjour\mdnsNSP.dll]  [Apple Inc., 1,0,4,12][PID: 5216 / SYSTEM][\\?\C:\Windows\system32\wbem\WMIADAP.EXE]  [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]==================================File Associations.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1].EXE  OK. ["%1" %*].COM  OK. ["%1" %*].PIF  OK. ["%1" %*].REG  OK. [regedit.exe "%1"].BAT  OK. ["%1" %*].SCR  OK. ["%1" /S].CHM  OK. ["%SystemRoot%\hh.exe" %1].HLP  OK. [%SystemRoot%\winhlp32.exe %1].INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1].INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1].VBS  OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*].JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*].LNK  OK. [{00021401-0000-0000-C000-000000000046}]==================================Winsock ProviderN/A==================================Autorun.InfN/A==================================HOSTS File127.0.0.1       localhost::1             localhost==================================Process Privileges ScanN/A==================================API HOOKN/A==================================Hidden ProcessN/A==================================

Co do SDFixa, uruchomilem w trybie awaryjnym, uruchomilem RunThis.bat jednak program nie startowal, probowalem kilka razy, moze cos pomieszalem.

Teraz wyglada na to ze szkodnikow nie ma, jednak jesli cos jeszcze powinienem zrobic, prosze o podpowiedz

Dziekuje za pomoc

Gość
komentarz
komentarz

ComboFix jest czysty, ale za to SRENG nie!

Uruchom System Repair Engineer zakładka System Repair >> Browser Add-ons >> odszukaj i usuń.

{08B0E5C0-4FCB-11CF-AAA5-00401C608501}

{17492023-C23A-453E-A040-C7C580BBF700}

{2318C2B1-4965-11D4-9B18-009027A5CD4F}

{2670000A-7350-4F3C-8081-5663EE0C6C49}

{92780B25-18CC-41C8-B9BE-3C9C571A8263}

{AA58ED58-01DD-4D91-8333-CF10577473F7}

Potem nowy SRENG ;)

Mateusz J.
komentarz
komentarz

Masz 2 antywirusy, odinstaluj jeden.

Proszę przeskanować komputer:

SpyBotem

Ad-aware

Następnie nowe logi z ComboFix i HijackThis.

jumpair
komentarz
komentarz

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.