Mateusz J. komentarz 31 sierpnia 2008 komentarz 31 sierpnia 2008 Zanim cokolwiek zrobimy, przeskanuj ten plik: C:\Windows\System32\VIE45C9.exe na www.virustotal.com
jumpair komentarz 31 sierpnia 2008 Autor komentarz 31 sierpnia 2008 Oto wynik skanu z podanej strony Antywirus Wersja Ostatnia aktualizacja Wynik AhnLab-V3 2008.8.29.0 2008.08.29 - AntiVir 7.8.1.23 2008.08.30 TR/Crypt.XPACK.Gen Authentium 5.1.0.4 2008.08.30 - Avast 4.8.1195.0 2008.08.30 Win32:Tibs-EJA AVG 8.0.0.161 2008.08.30 - BitDefender 7.2 2008.08.31 Trojan.Peed.Gen CAT-QuickHeal 9.50 2008.08.29 (Suspicious) - DNAScan ClamAV 0.93.1 2008.08.31 - DrWeb 4.44.0.09170 2008.08.31 Trojan.Packed.619 eSafe 7.0.17.0 2008.08.28 Suspicious File eTrust-Vet 31.6.6057 2008.08.29 - Ewido 4.0 2008.08.31 - F-Prot 4.4.4.56 2008.08.30 - F-Secure 7.60.13501.0 2008.08.31 - Fortinet 3.14.0.0 2008.08.31 - GData 19 2008.08.31 Win32:Tibs-EJA Ikarus T3.1.1.34.0 2008.08.31 - K7AntiVirus 7.10.433 2008.08.30 - Kaspersky 7.0.0.125 2008.08.31 - McAfee 5373 2008.08.29 - Microsoft 1.3807 2008.08.25 - NOD32v2 3401 2008.08.30 - Norman 5.80.02 2008.08.29 W32/Tibs.gen225 Panda 9.0.0.4 2008.08.31 - PCTools 4.4.2.0 2008.08.30 - Prevx1 V2 2008.08.31 Spyware Rising 20.59.61.00 2008.08.31 - Sophos 4.33.0 2008.08.31 Mal/EncPk-EU Sunbelt 3.1.1592.1 2008.08.30 - Symantec 10 2008.08.31 - TheHacker 6.3.0.6.068 2008.08.30 - TrendMicro 8.700.0.1004 2008.08.29 PAK_Generic.001 VBA32 3.12.8.4 2008.08.30 - ViRobot 2008.8.30.1357 2008.08.30 - VirusBuster 4.5.11.0 2008.08.30 - Webwasher-Gateway 6.6.2 2008.08.30 Trojan.Crypt.XPACK.Gen Dodatkowe informacje File size: 29184 bytes MD5...: 5f49fc21fdf50db70f0eb7ba8d294ef1 SHA1..: 2d1c70124ebfbff50cd9b25c5995b5e18c61bd0e SHA256: 4c4a3ae82fa7609b62adf782ebd6dbaf2711de0999f54cce749e1343eba8725a SHA512: 24ee13b4a4fad0f44a6fdd313db4f900d58c2fb8e66552af14136bfef477003c3f1a5a8e7a907598b4d8b299566146a5d6421f6f683d6646f610573493a4295b PEiD..: - TrID..: File type identificationWin32 Executable Generic (38.4%)Win32 Dynamic Link Library (generic) (34.2%)Clipper DOS Executable (9.1%)Generic Win/DOS Executable (9.0%)DOS Executable Generic (9.0%) PEInfo: PE Structure information( base data )entrypointaddress.: 0x402741timedatestamp.....: 0x48b68f0f (Thu Aug 28 11:42:07 2008)machinetype.......: 0x14c (I386)( 3 sections )name viradd virsiz rawdsiz ntrpy md5.text 0x1000 0x4acc 0x3600 7.98 4f950022781d1f8fdd43be4f72113786.data 0x6000 0x4875 0x800 7.89 00a018613d68b6a1a66ccfc531d232bf.rsrc 0xb000 0xf000 0x3000 6.70 bfaba878a19712e4b9a2555d127dfad6( 4 imports ) > wsock32.dll: bind, WSAStartup, listen> kernel32.dll: CreatePipe, TerminateProcess, VirtualProtect> gdi32.dll: SetRelAbs, StretchBlt, SetICMMode, ResetDCW, UpdateColors, SaveDC, TextOutW, SetDIBColorTable> shell32.dll: SHAppBarMessage, StrRChrIA, StrStrIA( 0 exports ) Prevx info: http://info.prevx.com/aboutprogramtext.asp...B794B00EA50AF7D Jesli to pomoze to dodam ze zaczelo sie od zainstalowania niby flash playera z linku wyswietlonego na stronie www, oczywiscie w swojej glupocie to sciagnalem. Teraz w systemie pojawia kilka roznych "ostrzezen": spowolnienie komputera, wykryty malware, excessive STMP traffic, attack detected : Zlob.P0rn.Ad ktore podaja informacje o koniecznosci odwiedzenia strony ktora to usunie. Pojawiaja sie rowniez podrobione komunikaty o wykryciu spyware i pytaniu o zgode instalacji jakiegos oprogramowania z jakiejs strony, ktorej nazwy nie ma. Naturalnie wylaczam je ale pojawiaje sie co chwile. Rowniez na pulpicie pojawiaja sie 2 ikony z odnosnikami do stron porno, ktore po skasowaniu wracaja.
Gość komentarz 31 sierpnia 2008 komentarz 31 sierpnia 2008 1) Wklej do Notatnika: File::C:\Windows\diagnostic.exeC:\Windows\System32\2.icoC:\Windows\System32\VIE45C9.exeC:\Windows\System32\VIE43B7.exeC:\Windows\System32\VIE4C7D.exeC:\Windows\System32\VIE4914.exeC:\Windows\System32\1.icoFolder::C:\Program Files\MSARegistry::[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"\VIE43B7.exe"=-"\VIE45C9.exe"=-"\VIE4914.exe"=-"\VIE4C7D.exe"=-[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"\VIE43B7.exe"=-"\VIE45C9.exe"=-"\VIE4914.exe"=-"\VIE4C7D.exe"=-[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37e252be-7294-11dd-8cf7-001e68a0b557}][-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a0f45844-7135-11dd-88cd-001e68a0b557}] >>Plik>>Zapisz jako... >>> CFScript Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe --> Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania. Jeśli pójdzie dobrze, to: Po restarcie usuń ręcznie folder C:\Qoobox. 2) Pobierz program SDFix * Dwuklik na SDFix.exe następnie program wypakuje się na dysk systemowy (standardowo C:\SDFix) * Zrestartuj komputer i wejdź do trybu awaryjnego (klawisz F8 przed bootem Windowsa) * Wejdź do folderu z SDFix kliknij dwa razy na plik RunThis.bat * Wciśnij Y nastąpi proces usuwania. * Kiedy usuwanie się ukończy wciśnij dowolny klawisz (Any Key). Nastąpi restart komputera. * Po restarcie SDFix uruchomi się ponownie, żeby dokończyć proces usuwania kiedy pojawi się w oknie programu Finished, wciśnij dowolny klawisz do zakończenia scryptu i załadowania ikon na pulpicie. * Pokaż Report.txt znajdujący się w folderze SDFix. 3) Daj log z --> SRENG.
jumpair komentarz 31 sierpnia 2008 Autor komentarz 31 sierpnia 2008 Po usunieciu plikow i wpisow przez ComboFixa szkodniki przestaly sie pojawiac, oto logi: ComboFix log ComboFix 08-08-30.01 - Gamon 2008-08-31 13:57:55.2 - NTFSx86Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.1.1033.18.1030 [GMT 1:00]Running from: C:\Users\Gamon\Desktop\ComboFix.exeCommand switches used :: C:\Users\Gamon\Desktop\CFScript.txt * Created a new restore point * Resident AV is active.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).C:\Program Files\MSAC:\Program Files\MSA\msa0.datC:\Program Files\MSA\msa1.datC:\Windows\diagnostic.exeC:\Windows\System32\1.icoC:\Windows\System32\2.icoC:\Windows\System32\VIE43B7.exeC:\Windows\System32\VIE45C9.exeC:\Windows\System32\VIE4914.exeC:\Windows\System32\VIE4C7D.exe.((((((((((((((((((((((((( Files Created from 2008-07-28 to 2008-08-31 ))))))))))))))))))))))))))))))).2008-08-31 13:49 . 2008-08-31 13:56 <DIR> d-------- C:\327882R2FWJFW2008-08-31 00:26 . 2008-08-31 00:26 <DIR> d-------- C:\Users\All Users\Kaspersky Lab Setup Files2008-08-31 00:26 . 2008-08-31 00:26 <DIR> d-------- C:\ProgramData\Kaspersky Lab Setup Files2008-08-30 23:51 . 2008-08-30 23:53 <DIR> d-------- C:\Users\All Users\Lavasoft2008-08-30 23:51 . 2008-08-30 23:53 <DIR> d-------- C:\ProgramData\Lavasoft2008-08-30 23:51 . 2008-08-30 23:51 <DIR> d-------- C:\Program Files\Lavasoft2008-08-30 23:50 . 2008-08-30 23:50 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard2008-08-30 23:44 . 2008-08-30 23:44 <DIR> d-------- C:\Windows\System32\Kaspersky Lab2008-08-30 23:33 . 2008-08-30 23:33 <DIR> d-------- C:\Users\All Users\Downloaded Installations2008-08-30 23:33 . 2008-08-30 23:33 <DIR> d-------- C:\ProgramData\Downloaded Installations2008-08-30 23:19 . 2008-08-30 23:19 <DIR> d-------- C:\Users\All Users\ESET2008-08-30 23:19 . 2008-08-30 23:19 <DIR> d-------- C:\ProgramData\ESET2008-08-30 23:19 . 2008-08-30 23:19 <DIR> d-------- C:\Program Files\ESET2008-08-30 22:55 . 2008-08-30 22:55 <DIR> d-------- C:\Users\Gamon\AppData\Roaming\Simply Super Software2008-08-30 22:55 . 2008-08-30 23:23 <DIR> d-a------ C:\Users\All Users\TEMP2008-08-30 22:55 . 2008-08-30 22:55 <DIR> d-------- C:\Users\All Users\Simply Super Software2008-08-30 22:55 . 2008-08-30 23:23 <DIR> d-a------ C:\ProgramData\TEMP2008-08-30 22:55 . 2008-08-30 22:55 <DIR> d-------- C:\ProgramData\Simply Super Software2008-08-30 22:55 . 2008-08-30 23:04 <DIR> d-------- C:\Program Files\Trojan Remover2008-08-30 22:55 . 2006-05-25 15:52 162,304 --a------ C:\Windows\System32\ztvunrar36.dll2008-08-30 22:55 . 2003-02-02 20:06 153,088 --a------ C:\Windows\System32\UNRAR3.dll2008-08-30 22:55 . 2005-08-26 01:50 77,312 --a------ C:\Windows\System32\ztvunace26.dll2008-08-30 22:55 . 2002-03-06 01:00 75,264 --a------ C:\Windows\System32\unacev2.dll2008-08-30 22:55 . 2006-06-19 13:01 69,632 --a------ C:\Windows\System32\ztvcabinet.dll2008-08-30 22:07 . 2008-08-30 22:07 <DIR> d-------- C:\Program Files\Trend Micro2008-08-30 21:19 . 2008-08-30 22:01 <DIR> d-------- C:\Users\All Users\Google2008-08-30 21:18 . 2008-08-30 22:36 <DIR> d-------- C:\Program Files\Google2008-08-30 21:17 . 2008-08-30 22:00 <DIR> d-------- C:\Windows\System32\Adobe2008-08-30 21:17 . 2008-08-30 23:36 <DIR> d-------- C:\Users\All Users\StrMnt2008-08-30 21:17 . 2008-08-31 00:52 <DIR> d-------- C:\Users\All Users\pklgdorg2008-08-30 21:17 . 2008-08-30 23:36 <DIR> d-------- C:\ProgramData\StrMnt2008-08-30 21:17 . 2008-08-31 00:52 <DIR> d-------- C:\ProgramData\pklgdorg2008-08-30 21:16 . 2008-08-30 21:16 <DIR> d-------- C:\Users\All Users\appsysstr2008-08-30 21:16 . 2008-08-30 21:16 <DIR> d-------- C:\ProgramData\appsysstr2008-08-27 21:43 . 2008-08-27 21:50 139,264 --a------ C:\Windows\War3Unin.exe2008-08-27 21:43 . 2008-08-27 21:56 47,919 --a------ C:\Windows\War3Unin.dat2008-08-27 21:43 . 2008-08-27 21:50 2,829 --a------ C:\Windows\War3Unin.pif2008-08-27 21:29 . 2008-08-27 21:56 <DIR> d-------- C:\Windows\Eurobattle.net Installer2008-08-26 22:21 . 2008-08-27 22:03 <DIR> d-------- C:\Gry2008-08-26 20:59 . 2008-08-26 21:29 <DIR> d-------- C:\fotki uk2008-08-26 11:40 . 2008-08-26 11:40 <DIR> d-------- C:\Users\Gamon\AppData\Roaming\Apple Computer2008-08-26 11:39 . 2008-08-28 14:53 <DIR> d-------- C:\Program Files\iTunes2008-08-26 11:39 . 2008-08-28 14:53 <DIR> d-------- C:\Program Files\iPod2008-08-26 11:38 . 2008-08-26 11:39 <DIR> d-------- C:\Users\All Users\Apple Computer2008-08-26 11:38 . 2008-08-26 11:39 <DIR> d-------- C:\ProgramData\Apple Computer2008-08-26 11:38 . 2008-08-26 11:38 <DIR> d-------- C:\Program Files\QuickTime2008-08-26 11:38 . 2008-08-26 11:38 <DIR> d-------- C:\Program Files\Bonjour2008-08-26 11:37 . 2008-08-26 11:37 <DIR> d-------- C:\Users\All Users\Apple2008-08-26 11:37 . 2008-08-26 11:37 <DIR> d-------- C:\ProgramData\Apple2008-08-26 11:37 . 2008-08-26 11:37 <DIR> d-------- C:\Program Files\Common Files\Apple2008-08-26 11:37 . 2008-08-26 11:37 <DIR> d-------- C:\Program Files\Apple Software Update2008-08-26 10:47 . 2008-07-19 06:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll2008-08-26 10:47 . 2008-07-19 04:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll2008-08-26 10:47 . 2008-07-19 06:09 563,912 --a------ C:\Windows\System32\wuapi.dll2008-08-26 10:47 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll2008-08-26 10:47 . 2008-07-19 04:44 83,456 --a------ C:\Windows\System32\wudriver.dll2008-08-26 10:47 . 2008-07-19 06:10 53,448 --a------ C:\Windows\System32\wuauclt.exe2008-08-26 10:47 . 2008-07-19 06:10 45,768 --a------ C:\Windows\System32\wups2.dll2008-08-26 10:47 . 2008-07-19 06:10 36,552 --a------ C:\Windows\System32\wups.dll2008-08-26 10:47 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe2008-08-25 13:32 . 2008-08-28 19:53 <DIR> d-------- C:\DC downloads2008-08-25 12:37 . 2008-08-25 12:37 <DIR> d-------- C:\Users\Gamon\AppData\Roaming\CyberLink2008-08-25 12:15 . 2008-07-31 10:40 509,448 --a------ C:\Windows\System32\XAudio2_2.dll2008-08-25 12:15 . 2008-07-31 10:41 68,616 --a------ C:\Windows\System32\XAPOFX1_1.dll2008-08-25 11:56 . 2008-08-25 11:56 <DIR> d-------- C:\Program Files\DAEMON Tools Lite2008-08-25 11:53 . 2008-08-27 21:52 <DIR> d-------- C:\Users\Gamon\AppData\Roaming\DAEMON Tools2008-08-25 11:53 . 2008-08-25 11:53 717,296 --a------ C:\Windows\System32\drivers\sptd.sys2008-08-25 10:34 . 2008-07-16 02:32 2,048 --a------ C:\Windows\System32\tzres.dll2008-08-25 10:31 . 2008-08-25 10:31 <DIR> d-------- C:\Program Files\MSXML 4.02008-08-25 10:28 . 2008-08-31 00:41 27,839 --a------ C:\Users\Gamon\AppData\Roaming\nvModes.dat2008-08-24 20:54 . 2008-08-25 13:39 <DIR> d-------- C:\Program Files\sdc2212008-08-24 20:33 . 2008-08-24 20:33 <DIR> d-------- C:\Users\All Users\Real2008-08-24 20:33 . 2008-08-24 20:33 <DIR> d-------- C:\Program Files\K-Lite Codec Pack2008-08-24 17:07 . 2008-06-26 02:45 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll2008-08-24 17:06 . 2008-06-26 02:45 2,644,480 --a------ C:\Windows\System32\NlsLexicons0009.dll2008-08-24 17:06 . 2008-06-26 04:29 801,280 --a------ C:\Windows\System32\NaturalLanguage6.dll2008-08-24 17:03 . 2008-03-08 03:08 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll2008-08-24 17:03 . 2008-03-08 05:21 1,695,744 --a------ C:\Windows\System32\gameux.dll2008-08-23 22:10 . 2008-08-23 22:10 <DIR> d-------- C:\Users\Gamon\AppData\Roaming\URUSoft2008-08-23 22:10 . 2008-08-23 22:10 <DIR> d-------- C:\Program Files\URUSoft2008-08-23 21:30 . 2008-08-30 14:24 <DIR> d-------- C:\filmy2008-08-23 21:23 . 2008-08-23 21:23 <DIR> d-------- C:\Users\Gamon\AppData\Roaming\Media Player Classic2008-08-23 21:08 . 2008-07-04 07:34 860,160 --a------ C:\Windows\System32\lameACM.acm2008-08-23 19:48 . 2008-08-30 14:55 <DIR> d-------- C:\Dobra Nuta2008-08-23 19:35 . 2008-08-30 17:52 <DIR> d-------- C:\Users\Gamon\AppData\Roaming\skypePM2008-08-23 19:35 . 2008-08-23 19:35 56 --ah----- C:\Users\All Users\ezsidmv.dat2008-08-23 19:35 . 2008-08-23 19:35 56 --ah----- C:\ProgramData\ezsidmv.dat2008-08-23 19:30 . 2008-08-31 11:45 <DIR> d-------- C:\Users\Gamon\AppData\Roaming\Skype2008-08-23 19:29 . 2008-08-23 19:29 <DIR> d-------- C:\Users\All Users\Skype2008-08-23 19:29 . 2008-08-23 19:29 <DIR> d-------- C:\ProgramData\Skype2008-08-23 19:29 . 2008-08-23 19:29 <DIR> d-------- C:\Program Files\Skype2008-08-23 19:29 . 2008-08-23 19:29 <DIR> d-------- C:\Program Files\Common Files\Skype2008-08-23 19:07 . 2008-08-27 21:52 <DIR> d-------- C:\Users\Gamon\AppData\Roaming\Winamp2008-08-23 19:07 . 2008-08-23 19:08 <DIR> d-------- C:\Program Files\Winamp2008-08-23 19:07 . 2007-03-08 00:51 129,784 --------- C:\Windows\System32\pxafs.dll2008-08-23 18:56 . 2008-08-23 19:06 9,345,672 --a------ C:\Users\Gamon\winamp5541_full_emusic-7plus_pl-pl.exe2008-08-23 18:36 . 2008-08-23 18:36 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf2008-08-23 17:25 . 2008-08-23 17:25 <DIR> d-------- C:\Users\Gamon\AppData\Roaming\Gadu-Gadu2008-08-23 17:23 . 2008-08-23 18:11 <DIR> d-------- C:\Users\Gamon\Gadu-Gadu2008-08-23 17:23 . 2008-08-23 17:23 <DIR> d-------- C:\Program Files\Gadu-Gadu2008-08-23 16:47 . 2008-08-23 16:47 <DIR> d-------- C:\NVIDIA2008-08-23 15:51 . 2008-04-26 09:25 3,600,952 --a------ C:\Windows\System32\ntkrnlpa.exe2008-08-23 15:51 . 2008-04-26 09:25 3,549,240 --a------ C:\Windows\System32\ntoskrnl.exe2008-08-23 15:51 . 2008-02-29 05:21 2,032,128 --a------ C:\Windows\System32\win32k.sys2008-08-23 15:51 . 2008-04-26 09:26 891,448 --a------ C:\Windows\System32\drivers\tcpip.sys2008-08-23 15:51 . 2008-04-12 04:32 784,896 --a------ C:\Windows\System32\rpcrt4.dll2008-08-23 15:51 . 2008-05-10 04:35 564,736 --a------ C:\Windows\System32\emdmgmt.dll2008-08-23 15:51 . 2008-04-05 02:21 72,192 --a------ C:\Windows\System32\drivers\pacer.sys2008-08-23 15:51 . 2008-04-05 04:34 15,360 --a------ C:\Windows\System32\pacerprf.dll2008-08-23 15:50 . 2008-05-08 22:59 430,080 --a------ C:\Windows\System32\vbscript.dll2008-08-23 15:50 . 2008-06-19 04:31 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL2008-08-23 15:50 . 2008-04-18 06:48 269,312 --a------ C:\Windows\System32\es.dll2008-08-23 15:50 . 2008-05-08 22:59 180,224 --a------ C:\Windows\System32\scrobj.dll2008-08-23 15:50 . 2008-05-08 22:59 172,032 --a------ C:\Windows\System32\scrrun.dll2008-08-23 15:50 . 2008-05-08 22:59 155,648 --a------ C:\Windows\System32\wscript.exe2008-08-23 15:50 . 2008-05-08 22:58 135,168 --a------ C:\Windows\System32\wshom.ocx2008-08-23 15:50 . 2008-05-08 22:58 135,168 --a------ C:\Windows\System32\cscript.exe2008-08-23 15:50 . 2008-05-08 22:59 90,112 --a------ C:\Windows\System32\wshext.dll2008-08-23 15:49 . 2008-04-10 06:12 738,304 --a------ C:\Windows\System32\inetcomm.dll2008-08-23 15:48 . 2008-04-26 09:08 1,314,816 --a------ C:\Windows\System32\quartz.dll2008-08-23 15:48 . 2008-02-22 05:57 295,936 --a------ C:\Windows\System32\gdi32.dll2008-08-23 15:48 . 2008-05-10 02:33 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys2008-08-23 15:44 . 2008-08-30 23:33 <DIR> d-------- C:\Users\Gamon\AppData\Roaming\Symantec2008-08-23 15:43 . 2008-08-23 15:43 <DIR> dr------- C:\Users\Gamon\Searches2008-08-23 15:43 . 2008-08-23 15:43 <DIR> dr------- C:\Users\Gamon\Contacts.(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-08-30 22:58 --------- d-----w C:\ProgramData\Symantec2008-08-30 22:33 --------- d-----w C:\Program Files\Symantec2008-08-30 20:37 --------- d-----w C:\Program Files\Norton Internet Security2008-08-30 20:37 --------- d-----w C:\Program Files\Common Files\Symantec Shared2008-08-30 20:30 805 ----a-w C:\Windows\system32\drivers\SYMEVENT.INF2008-08-30 20:30 123,952 ----a-w C:\Windows\system32\drivers\SYMEVENT.SYS2008-08-30 20:30 10,671 ----a-w C:\Windows\system32\drivers\SYMEVENT.CAT2008-08-23 16:06 --------- d-----w C:\Program Files\Windows Mail2008-08-23 14:39 --------- d--h--w C:\Program Files\InstallShield Installation Information2008-07-31 09:41 238,088 ----a-w C:\Windows\System32\xactengine3_2.dll2008-07-30 16:42 23,888 ----a-w C:\Windows\system32\drivers\COH_Mon.sys2008-07-30 16:28 706 ----a-w C:\Windows\system32\drivers\COH_Mon.inf2008-07-30 16:28 10,537 ----a-w C:\Windows\system32\drivers\coh_mon.cat2008-07-25 08:34 81,920 ----a-w C:\Windows\System32\dpl100.dll2008-07-25 08:34 683,520 ----a-w C:\Windows\System32\divx.dll2008-07-23 16:50 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll2008-07-12 07:18 467,984 ----a-w C:\Windows\System32\d3dx10_39.dll2008-07-12 07:18 3,851,784 ----a-w C:\Windows\System32\D3DX9_39.dll2008-07-12 07:18 1,493,528 ----a-w C:\Windows\System32\D3DCompiler_39.dll2008-07-02 09:12 --------- d-----w C:\ProgramData\Hewlett-Packard2008-07-02 09:09 --------- d-----w C:\Program Files\CyberLink2008-07-02 09:05 --------- d-----w C:\Program Files\Hewlett-Packard2008-07-02 09:03 --------- d-----w C:\Program Files\Hp2008-07-02 08:58 319,456 ----a-w C:\Windows\DIFxAPI.dll2008-07-02 08:58 315,392 ----a-w C:\Windows\HideWin.exe2008-06-27 04:15 827,392 ----a-w C:\Windows\System32\wininet.dll2008-06-12 18:36 7,680 ----a-w C:\Windows\System32\ff_vfw.dll2008-06-12 05:28 541,696 ----a-w C:\Windows\AppPatch\AcLayers.dll2008-05-30 13:19 507,400 ----a-w C:\Windows\System32\XAudio2_1.dll2008-05-30 13:18 238,088 ----a-w C:\Windows\System32\xactengine3_1.dll2008-05-30 13:17 65,032 ----a-w C:\Windows\System32\XAPOFX1_0.dll2008-05-30 13:17 25,608 ----a-w C:\Windows\System32\X3DAudio1_4.dll2008-05-30 13:11 467,984 ----a-w C:\Windows\System32\d3dx10_38.dll2008-05-30 13:11 3,850,760 ----a-w C:\Windows\System32\D3DX9_38.dll2008-05-30 13:11 1,491,992 ----a-w C:\Windows\System32\D3DCompiler_38.dll2008-05-27 05:21 1,582,592 ----a-w C:\Windows\System32\tquery.dll2008-05-27 05:21 1,418,240 ----a-w C:\Windows\System32\mssrch.dll2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\SearchFilterHost.exe2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\mssitlb.dll2008-05-27 05:17 754,176 ----a-w C:\Windows\System32\propsys.dll2008-05-27 05:17 60,416 ----a-w C:\Windows\System32\msscntrs.dll2008-05-27 05:17 6,103,040 ----a-w C:\Windows\System32\chtbrkr.dll2008-05-27 05:17 34,816 ----a-w C:\Windows\System32\msscb.dll2008-05-27 05:17 32,768 ----a-w C:\Windows\System32\mssprxy.dll2008-05-27 05:17 313,344 ----a-w C:\Windows\System32\thawbrkr.dll2008-05-27 05:17 301,568 ----a-w C:\Windows\System32\srchadmin.dll2008-05-27 05:17 194,560 ----a-w C:\Windows\System32\offfilt.dll2008-05-27 05:17 143,872 ----a-w C:\Windows\System32\korwbrkr.dll2008-05-27 05:17 11,776 ----a-w C:\Windows\System32\msshooks.dll2008-05-27 05:17 1,671,680 ----a-w C:\Windows\System32\chsbrkr.dll2008-05-27 04:59 18,904 ----a-w C:\Windows\System32\StructuredQuerySchemaTrivial.bin2008-05-27 04:59 106,605 ----a-w C:\Windows\System32\StructuredQuerySchema.bin2008-05-16 10:58 12,632 ----a-w C:\Windows\System32\lsdelete.exe2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini.((((((((((((((((((((((((((((( snapshot@2008-08-31_ 1.40.48.70 ))))))))))))))))))))))))))))))))))))))))).- 2008-08-30 23:49:56 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat+ 2008-08-31 10:42:39 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat- 2008-08-30 23:49:56 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat+ 2008-08-31 10:42:39 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat- 2008-08-30 23:51:42 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat+ 2008-08-31 10:44:51 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat+ 2008-08-31 10:44:51 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1- 2008-08-30 23:51:37 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat+ 2008-08-31 10:44:46 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat+ 2008-08-31 10:44:46 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1- 2008-08-31 00:39:00 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat+ 2008-08-31 12:56:12 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat- 2008-08-31 00:39:00 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat+ 2008-08-31 12:56:12 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat- 2008-08-31 00:39:00 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat+ 2008-08-31 12:56:12 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat- 2008-08-31 00:32:19 101,250 ----a-w C:\Windows\System32\perfc009.dat+ 2008-08-31 10:55:35 101,250 ----a-w C:\Windows\System32\perfc009.dat- 2008-08-31 00:32:19 587,178 ----a-w C:\Windows\System32\perfh009.dat+ 2008-08-31 10:55:35 587,178 ----a-w C:\Windows\System32\perfh009.dat- 2008-08-30 23:51:55 5,942 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2495136614-971743062-1939807076-1000_UserData.bin+ 2008-08-31 10:44:39 6,090 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2495136614-971743062-1939807076-1000_UserData.bin- 2008-08-30 23:51:54 77,788 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin+ 2008-08-31 10:44:39 79,368 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin- 2008-08-30 23:51:51 41,198 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin+ 2008-08-31 10:44:38 42,526 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 03:23 1233920]"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 17:36 455968]"Gadu-Gadu"="C:\Program Files\Gadu-Gadu\gg.exe" [2008-03-20 11:04 2127296]"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-08-12 18:19 21741864]"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 03:23 2153472 C:\Windows\System32\oobefldr.dll][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-11-07 01:05 86016]"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-11-07 01:05 8534560]"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-11-07 01:05 81920]"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 12:31 1033512]"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-17 14:34 634880]"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-10-24 11:02 178712]"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2007-12-20 03:27 468264]"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 22:31 202032]"OnScreenDisplay"="C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 21:54 554320]"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-17 07:13 218408]"ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-02-14 11:01 51048]"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 12:06 40048]"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-09 01:24 54840]"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 17:47 480560]"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-09 00:53 311296]"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 13:00 132496]"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-08-04 00:02 36352]"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 20:42 116040]"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]"w3dr.exe"="C:\Gry\Warcraft III\w3dr.exe" [2008-08-03 15:38 61440]"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 10:47 289064]"TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2008-08-27 13:57 916560]"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-08-18 13:23 1447168]"NodLogin"="C:\Program Files\ESET\ESET NOD32 Antivirus\nodlogin.exe" [2008-08-28 14:20 359203]"NortonAntiBot"="C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe" [2007-11-12 22:59 1378840]"RtHDVCpl"="RtHDVCpl.exe" [2007-10-09 17:59 4702208 C:\Windows\RtHDVCpl.exe][HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0)[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"msacm.l3codecp"= l3codecp.acm"VIDC.YV12"= yv12vfw.dll[HKEY_LOCAL_MACHINE\software\microsoft\security center]"UacDisableNotify"=dword:00000001"InternetSettingsDisableNotify"=dword:00000001"AutoUpdateDisableNotify"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]"{8BD21AA0-19E2-4039-8589-DA4677943BCB}"= UDP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader"{84E314CE-60B1-4676-A689-B36B09161486}"= TCP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader"{87BCE3C6-2DAC-4D2D-9F0A-F8FBF4368C13}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote"{7A61B6F1-F696-4E99-8AD0-2A894DABAF25}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote"{23C8C650-3152-4070-9067-E08F8BF9B340}"= C:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector"{24C1C4A8-46DA-4F38-8012-2ED1FAD41A54}"= C:\Program Files\HP\QuickPlay\QP.exe:Quick Play"{55373D02-7050-4D14-A6BD-2CD2CB909FBE}"= C:\Program Files\HP\QuickPlay\QPService.exe:Quick Play Resident Program"{34CDFA0E-BD9E-4E70-8D60-8E92EFEBC367}"= C:\Program Files\Skype\Phone\Skype.exe:Skype"TCP Query User{EE850FFB-27BD-4708-B624-9A3E7B7F165B}C:\\program files\\sdc221\\strongdc.exe"= UDP:C:\program files\sdc221\strongdc.exe:StrongDC++"UDP Query User{8A83BF90-D335-4BDE-A691-B2F63EF1E48D}C:\\program files\\sdc221\\strongdc.exe"= TCP:C:\program files\sdc221\strongdc.exe:StrongDC++"{FE78C5F1-E942-41A1-ADB6-86EBAE1BDEEF}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour"{0F22BC4B-99A7-4E6B-800F-2001A893F531}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour"TCP Query User{07F2825C-52CB-4848-A3F2-A45D84DD43A1}C:\\gry\\warcraft iii\\war3.exe"= UDP:C:\gry\warcraft iii\war3.exe:Warcraft III"UDP Query User{0A835DB2-B65B-4D59-B2F0-9E7A532EADD7}C:\\gry\\warcraft iii\\war3.exe"= TCP:C:\gry\warcraft iii\war3.exe:Warcraft III"{46D0A911-A5C4-4576-AD0A-7D82A97F136B}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes"{889CABD8-A550-491C-86CB-7C0DE1F24B68}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]"EnableFirewall"= 0 (0x0)R1 epfwtdir;epfwtdir;C:\Windows\system32\DRIVERS\epfwtdir.sys [2008-08-18 13:27]R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20080828.002\IDSvix86.sys [2008-08-08 19:58]R2 LiveUpdate Notice;LiveUpdate Notice;c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-02-14 11:02]R2 QPCapSvc;QuickPlay Background Capture Service (QBCS);C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2007-12-20 03:28]R2 QPSched;QuickPlay Task Scheduler (QTS);C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2007-12-20 03:28]R3 COH_Mon;COH_Mon;C:\Windows\system32\Drivers\COH_Mon.sys [2008-07-30 17:42]R3 HpqRemHid;HP Remote Control HID Device;C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 18:30]R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2008-06-13 14:13]S3 GameConsoleService;GameConsoleService;C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-24 00:33]S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 03:23]S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-21 03:23]*Newly Created Service* - COMHOST[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe".Contents of the 'Scheduled Tasks' folder2008-08-30 C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - Gamon.job- c:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-08-27 01:19]2008-08-30 C:\Windows\Tasks\User_Feed_Synchronization-{8A6A2EBF-4DC7-4371-A80C-49FB95F5BEA3}.job- C:\Windows\system32\msfeedssync.exe [2008-01-21 03:24].- - - - ORPHANS REMOVED - - - -HKCU-Run-\VIE43B7.exe - C:\Windows\System32\VIE43B7.exeHKCU-Run-\VIE45C9.exe - C:\Windows\System32\VIE45C9.exeHKCU-Run-\VIE4914.exe - C:\Windows\System32\VIE4914.exeHKCU-Run-\VIE4C7D.exe - C:\Windows\System32\VIE4C7D.exeHKCU-Run-\VIED568.exe - C:\Windows\System32\VIED568.exeHKCU-Run-\VIED567.exe - C:\Windows\System32\VIED567.exeHKCU-Run-\VIEE3F7.exe - C:\Windows\System32\VIEE3F7.exeHKCU-Run-\VIEF297.exe - C:\Windows\System32\VIEF297.exeHKCU-Run-\VIECF20.exe - C:\Windows\System32\VIECF20.exeHKCU-Run-\VIED410.exe - C:\Windows\System32\VIED410.exeHKCU-Run-\VIED71C.exe - C:\Windows\System32\VIED71C.exeHKCU-Run-\VIEEBB5.exe - C:\Windows\System32\VIEEBB5.exeHKLM-Run-\VIE43B7.exe - C:\Windows\System32\VIE43B7.exeHKLM-Run-\VIE45C9.exe - C:\Windows\System32\VIE45C9.exeHKLM-Run-\VIE4914.exe - C:\Windows\System32\VIE4914.exeHKLM-Run-\VIE4C7D.exe - C:\Windows\System32\VIE4C7D.exeHKLM-Run-Diagnostic - C:\Windows\diagnostic.exe**************************************************************************catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-08-31 14:01:34Windows 6.0.6001 Service Pack 1 NTFSscanning hidden processes ... scanning hidden autostart entries ...scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"\\VIE43B7.exe"="C:\\Windows\\System32\\VIE43B7.exe""\\VIE45C9.exe"="C:\\Windows\\System32\\VIE45C9.exe""\\VIE4914.exe"="C:\\Windows\\System32\\VIE4914.exe""\\VIE4C7D.exe"="C:\\Windows\\System32\\VIE4C7D.exe"[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"\\VIE43B7.exe"="C:\\Windows\\System32\\VIE43B7.exe""\\VIE45C9.exe"="C:\\Windows\\System32\\VIE45C9.exe""\\VIE4914.exe"="C:\\Windows\\System32\\VIE4914.exe""\\VIE4C7D.exe"="C:\\Windows\\System32\\VIE4C7D.exe""\\VIED568.exe"="C:\\Windows\\System32\\VIED568.exe""\\VIED567.exe"="C:\\Windows\\System32\\VIED567.exe""\\VIEE3F7.exe"="C:\\Windows\\System32\\VIEE3F7.exe""\\VIEF297.exe"="C:\\Windows\\System32\\VIEF297.exe""\\VIECF20.exe"="C:\\Windows\\System32\\VIECF20.exe""\\VIED410.exe"="C:\\Windows\\System32\\VIED410.exe""\\VIED71C.exe"="C:\\Windows\\System32\\VIED71C.exe""\\VIEEBB5.exe"="C:\\Windows\\System32\\VIEEBB5.exe".Completion time: 2008-08-31 14:03:21ComboFix-quarantined-files.txt 2008-08-31 13:03:09ComboFix2.txt 2008-08-31 00:41:43Pre-Run: 60,667,297,792 bytes freePost-Run: 60,635,258,880 bytes free383 --- E O F --- 2008-08-29 21:03:32 Sreng log 2008-08-31,14:21:07System Repair Engineer 2.6.12.1018Smallfrogs (http://www.KZTechs.com)Windows Vista Home Premium Edition Service Pack 1 (Build 6001) - Administrative User - Completed Functions AllowedFollow item(s) have been selected: All Boot Items (Including Registry, Startup Folders, Services and so on) Browser Add-ons Running Processes (Including process model information) File Associations Winsock Provider Autorun.Inf HOSTS File Process Privileges ScanBoot ItemsRegistry[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <Sidebar><C:\Program Files\Windows Sidebar\sidebar.exe /autoRun> [(Verified)Microsoft Windows] <WindowsWelcomeCenter><rundll32.exe oobefldr.dll,ShowWelcomeCenter> [(Verified)Microsoft Windows] <LightScribe Control Panel><C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden> [(Verified)Hewlett-Packard Company] <Gadu-Gadu><"C:\Program Files\Gadu-Gadu\gg.exe" /tray> [(Verified)Gadu-Gadu sp. z o.o.] <Skype><"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized> [(Verified)Skype Technologies SA][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <NvSvc><RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <NvCplDaemon><RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <NvMediaCenter><RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <SMSERIAL><C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <RtHDVCpl><RtHDVCpl.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <IAAnotif><C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe> [(Verified)Intel Corporation] <QPService><"C:\Program Files\HP\QuickPlay\QPService.exe"> [(Verified)CyberLink] <QlbCtrl><%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start> [(Verified)Hewlett-Packard Company] <OnScreenDisplay><C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe> [(Verified)Hewlett-Packard Company] <UCam_Menu><"C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"> [File is missing] <ccApp><"c:\Program Files\Common Files\Symantec Shared\ccApp.exe"> [(Verified)Symantec Corporation] <Adobe Reader Speed Launcher><"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"] <HP Software Update><C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe> [(Verified)Hewlett-Packard Company] <hpWirelessAssistant><C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe> [(Verified)Hewlett-Packard Company] <WAWifiMessage><C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe> [Hewlett-Packard Development Company, L.P.] <SunJavaUpdateSched><"C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."] <WinampAgent><"C:\Program Files\Winamp\winampa.exe"> [] <AppleSyncNotifier><C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe> [(Verified)Apple Inc.] <QuickTime Task><"C:\Program Files\QuickTime\QTTask.exe" -atboottime> [Apple Inc.] <w3dr.exe><C:\Gry\Warcraft III\w3dr.exe> [VT Software] <iTunesHelper><"C:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)Apple Inc.] <egui><"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice> [(Verified)"ESET, spol. s r.o."] <NodLogin><C:\Program Files\ESET\ESET NOD32 Antivirus\nodlogin.exe> [] <NortonAntiBot><"C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe"> [(Verified)Sana Security][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Windows] <Userinit><C:\Windows\system32\userinit.exe,> [(Verified)Microsoft Windows][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><> [N/A][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] <LightScribe Control Panel><"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"> [(Verified)Hewlett-Packard Company][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <Microsoft Windows Mail 7><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [File is missing]==================================Startup FoldersN/A==================================Services[Lavasoft Ad-Aware Service / aawservice][Running/Auto Start] <"C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe"><Lavasoft>[Apple Mobile Device / Apple Mobile Device][Running/Auto Start] <"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple Inc.>[Automatic LiveUpdate Scheduler / Automatic LiveUpdate Scheduler][Running/Auto Start] <"c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe"><Symantec Corporation>[Bonjour Service / Bonjour Service][Running/Auto Start] <"C:\Program Files\Bonjour\mDNSResponder.exe"><Apple Inc.>[Symantec Event Manager / ccEvtMgr][Running/Auto Start] <"c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><Symantec Corporation>[Symantec Settings Manager / ccSetMgr][Running/Auto Start] <"c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><Symantec Corporation>[Symantec Lic NetConnect service / CLTNetCnService][Running/Auto Start] <"c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><Symantec Corporation>[Com4Qlb / Com4Qlb][Stopped/Manual Start] <"C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe"><Hewlett-Packard Development Company, L.P.>[COM Host / comHost][Stopped/Manual Start] <"c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe"><Symantec Corporation>[Eset HTTP Server / EhttpSrv][Stopped/Manual Start] <"C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe"><ESET>[Eset Service / ekrn][Running/Auto Start] <"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"><ESET>[GameConsoleService / GameConsoleService][Stopped/Manual Start] <"C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe"><WildTangent, Inc.>[HP Health Check Service / HP Health Check Service][Running/Auto Start] <"c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe"><Hewlett-Packard>[hpqwmiex / hpqwmiex][Running/Auto Start] <C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe><Hewlett-Packard Development Company, L.P.>[Intel(R) Matrix Storage Event Monitor / IAANTMON][Running/Auto Start] <C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe><Intel Corporation>[InstallDriver Table Manager / IDriverT][Stopped/Manual Start] <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>[Usługa iPod / iPod Service][Running/Manual Start] <"C:\Program Files\iPod\bin\iPodService.exe"><Apple Inc.>[LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start] <"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>[LiveUpdate / LiveUpdate][Stopped/Manual Start] <"c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE"><Symantec Corporation>[LiveUpdate Notice / LiveUpdate Notice][Running/Auto Start] <"c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><Symantec Corporation>[QuickPlay Background Capture Service (QBCS) / QPCapSvc][Running/Auto Start] <"C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe"><>[QuickPlay Task Scheduler (QTS) / QPSched][Running/Auto Start] <"C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe"><>[Cyberlink RichVideo Service(CRVS) / RichVideo][Running/Auto Start] <"C:\Program Files\CyberLink\Shared Files\RichVideo.exe"><>[Symantec Core LC / Symantec Core LC][Stopped/Manual Start] <C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe><>[SymantecAntiBotAgent / SymantecAntiBotAgent][Running/Auto Start] <"C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe" SymantecAntiBotAgent><Symantec>[SymantecAntiBotWatcher / SymantecAntiBotWatcher][Running/Auto Start] <C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe><Symantec>==================================Drivers[adp94xx / adp94xx][Stopped/Disabled] <\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>[adpahci / adpahci][Stopped/Disabled] <\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>[adpu160m / adpu160m][Stopped/Disabled] <\SystemRoot\system32\drivers\adpu160m.sys><Adaptec, Inc.>[adpu320 / adpu320][Stopped/Disabled] <\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>[aic78xx / aic78xx][Stopped/Disabled] <\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>[aliide / aliide][Stopped/Disabled] <\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>[arc / arc][Stopped/Disabled] <\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>[arcsas / arcsas][Stopped/Disabled] <\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>[Broadcom Extensible 802.11 Network Adapter Driver / BCM43XV][Stopped/Manual Start] <system32\DRIVERS\bcmwl6.sys><Broadcom Corporation>[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start] <\SystemRoot\system32\drivers\brfiltlo.sys><Brother Industries, Ltd.>[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start] <\SystemRoot\system32\drivers\brfiltup.sys><Brother Industries, Ltd.>[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled] <\SystemRoot\system32\drivers\brserid.sys><Brother Industries Ltd.>[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled] <\SystemRoot\system32\drivers\brserwdm.sys><Brother Industries Ltd.>[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled] <\SystemRoot\system32\drivers\brusbmdm.sys><Brother Industries Ltd.>[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start] <\SystemRoot\system32\drivers\brusbser.sys><Brother Industries Ltd.>[cmdide / cmdide][Stopped/Disabled] <\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>[COH_Mon / COH_Mon][Stopped/Manual Start] <\??\C:\Windows\system32\Drivers\COH_Mon.sys><Symantec Corporation>[CO_Mon / CO_Mon][Running/Auto Start] <\??\C:\Windows\system32\drivers\CO_Mon.sys><Symantec Corporation>[Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start] <system32\DRIVERS\E1G60I32.sys><Intel Corporation>[eamon / eamon][Running/Auto Start] <system32\DRIVERS\eamon.sys><ESET>[easdrv / easdrv][Running/System Start] <system32\DRIVERS\easdrv.sys><ESET>[Symantec Eraser Control driver / eeCtrl][Running/System Start] <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys><Symantec Corporation>[elxstor / elxstor][Stopped/Disabled] <\SystemRoot\system32\drivers\elxstor.sys><Emulex>[epfwtdir / epfwtdir][Running/System Start] <system32\DRIVERS\epfwtdir.sys><N/A>[EraserUtilRebootDrv / EraserUtilRebootDrv][Running/Manual Start] <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys><Symantec Corporation>[GEARAspiWDM / GEARAspiWDM][Running/Manual Start] <System32\Drivers\GEARAspiWDM.sys><GEAR Software Inc.>[HpCISSs / HpCISSs][Stopped/Disabled] <\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>[HpqKbFilter Driver / HpqKbFiltr][Running/Manual Start] <system32\DRIVERS\HpqKbFiltr.sys><Hewlett-Packard Development Company, L.P.>[HP Remote Control HID Device / HpqRemHid][Running/Manual Start] <system32\DRIVERS\HpqRemHid.sys><Hewlett-Packard Development Company, L.P.>[HSFHWAZL / HSFHWAZL][Stopped/Manual Start] <system32\DRIVERS\VSTAZL3.SYS><Conexant Systems, Inc.>[HSF_DPV / HSF_DPV][Stopped/Manual Start] <system32\DRIVERS\VSTDPV3.SYS><Conexant Systems, Inc.>[Intel AHCI Controller / iaStor][Running/Boot Start] <\SystemRoot\system32\DRIVERS\iaStor.sys><Intel Corporation>[Intel RAID Controller Vista / iaStorV][Stopped/Disabled] <\SystemRoot\system32\drivers\iastorv.sys><Intel Corporation>[Symantec Intrusion Prevention Driver / IDSvix86][Running/System Start] <\??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20080828.002\IDSvix86.sys><Symantec Corporation>[iirsp / iirsp][Stopped/Disabled] <\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] <system32\drivers\RTKVHDA.sys><Realtek Semiconductor Corp.>[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start] <system32\DRIVERS\ipinip.sys><N/A>[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled] <\SystemRoot\system32\drivers\iteatapi.sys><Integrated Technology Express, Inc.>[ITERAID_Service_Install / iteraid][Stopped/Disabled] <\SystemRoot\system32\drivers\iteraid.sys><Integrated Technology Express, Inc.>[LSI_FC / LSI_FC][Stopped/Disabled] <\SystemRoot\system32\drivers\lsi_fc.sys><LSI Logic>[LSI_SAS / LSI_SAS][Stopped/Disabled] <\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>[LSI_SCSI / LSI_SCSI][Stopped/Disabled] <\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>[megasas / megasas][Stopped/Disabled] <\SystemRoot\system32\drivers\megasas.sys><LSI Corporation>[MegaSR / MegaSR][Stopped/Disabled] <\SystemRoot\system32\drivers\megasr.sys><LSI Corporation, Inc.>[Mraid35x / Mraid35x][Stopped/Disabled] <\SystemRoot\system32\drivers\mraid35x.sys><LSI Logic Corporation>[NAVENG / NAVENG][Running/Manual Start] <\??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080830.007\NAVENG.SYS><Symantec Corporation>[NAVEX15 / NAVEX15][Running/Manual Start] <\??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080830.007\NAVEX15.SYS><Symantec Corporation>[Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit / NETw3v32][Stopped/Manual Start] <system32\DRIVERS\NETw3v32.sys><Intel Corporation>[Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit / NETw4v32][Running/Manual Start] <system32\DRIVERS\NETw4v32.sys><Intel Corporation>[nfrd960 / nfrd960][Stopped/Disabled] <\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>[N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled] <\SystemRoot\system32\drivers\ntrigdigi.sys><N-trig Innovative Technologies>[NVIDIA nForce Networking Controller Driver / NVENETFD][Stopped/Manual Start] <system32\DRIVERS\nvm60x32.sys><NVIDIA Corporation>[nvlddmkm / nvlddmkm][Running/Manual Start] <system32\DRIVERS\nvlddmkm.sys><NVIDIA Corporation>[NVIDIA nForce RAID Driver / nvraid][Stopped/Disabled] <\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>[nvstor / nvstor][Stopped/Disabled] <\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start] <system32\DRIVERS\nwlnkflt.sys><N/A>[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start] <system32\DRIVERS\nwlnkfwd.sys><N/A>[QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled] <\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>[QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled] <\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>[rimmptsk / rimmptsk][Running/Auto Start] <system32\DRIVERS\rimmptsk.sys><REDC>[rimsptsk / rimsptsk][Running/Auto Start] <system32\DRIVERS\rimsptsk.sys><REDC>[Ricoh xD-Picture Card Driver / rismxdp][Running/Auto Start] <system32\DRIVERS\rixdptsk.sys><REDC>[Realtek 8169 NT Driver / RTL8169][Stopped/Manual Start] <system32\DRIVERS\Rtlh86.sys><Realtek Corporation>[SiSRaid4 / SiSRaid4][Stopped/Disabled] <\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>[smserial / smserial][Running/Manual Start] <system32\DRIVERS\smserial.sys><Motorola Inc.>[SPBBCDrv / SPBBCDrv][Running/System Start] <\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation>[sptd / sptd][Running/Boot Start] <\SystemRoot\System32\Drivers\sptd.sys><N/A>[SRTSP / SRTSP][Running/Manual Start] <System32\Drivers\SRTSP.SYS><Symantec Corporation>[SRTSPL / SRTSPL][Stopped/Manual Start] <System32\Drivers\SRTSPL.SYS><Symantec Corporation>[SRTSPX / SRTSPX][Running/System Start] <System32\Drivers\SRTSPX.SYS><Symantec Corporation>[SymantecAntiBotDriver / SymantecAntiBotDriver][Running/Manual Start] <\??\C:\Program Files\Symantec\Norton AntiBot\agent\driver\platform_VISTA\AntiBotDriver.sys><Symantec Corporation.>[SymantecAntiBotFilter / SymantecAntiBotFilter][Running/Manual Start] <\??\C:\Program Files\Symantec\Norton AntiBot\agent\driver\platform_VISTA\AntiBotFilter.sys><Symantec Corporation.>[SymantecAntiBotShim / SymantecAntiBotShim][Running/Manual Start] <\??\C:\Program Files\Symantec\Norton AntiBot\agent\driver\platform_VISTA\AntiBotShim.sys><Symantec Corporation.>[Symc8xx / Symc8xx][Stopped/Disabled] <\SystemRoot\system32\drivers\symc8xx.sys><LSI Logic>[SYMDNS / SYMDNS][Running/Manual Start] <\SystemRoot\System32\Drivers\SYMDNS.SYS><Symantec Corporation>[SymEvent / SymEvent][Running/Manual Start] <\??\C:\Windows\system32\Drivers\SYMEVENT.SYS><Symantec Corporation>[SYMFW / SYMFW][Running/Manual Start] <\SystemRoot\System32\Drivers\SYMFW.SYS><Symantec Corporation>[Symantec Network Security Intermediate Filter Driver / SymIM][Running/System Start] <system32\DRIVERS\SymIMv.sys><Symantec Corporation>[SymIMMP / SymIMMP][Stopped/Manual Start] <system32\DRIVERS\SymIM.sys><N/A>[SYMNDISV / SYMNDISV][Running/Manual Start] <\SystemRoot\System32\Drivers\SYMNDISV.SYS><Symantec Corporation>[SYMREDRV / SYMREDRV][Running/Manual Start] <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>[SYMTDI / SYMTDI][Running/System Start] <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>[Sym_hi / Sym_hi][Stopped/Disabled] <\SystemRoot\system32\drivers\sym_hi.sys><LSI Logic>[Sym_u3 / Sym_u3][Stopped/Disabled] <\SystemRoot\system32\drivers\sym_u3.sys><LSI Logic>[Synaptics TouchPad Driver / SynTP][Running/Manual Start] <system32\DRIVERS\SynTP.sys><Synaptics, Inc.>[uliahci / uliahci][Stopped/Disabled] <\SystemRoot\system32\drivers\uliahci.sys><ULi Electronics Inc.>[UlSata / UlSata][Stopped/Disabled] <\SystemRoot\system32\drivers\ulsata.sys><Promise Technology, Inc.>[ulsata2 / ulsata2][Stopped/Disabled] <\SystemRoot\system32\drivers\ulsata2.sys><Promise Technology, Inc.>[viaide / viaide][Stopped/Disabled] <\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>[vsmraid / vsmraid][Stopped/Disabled] <\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>[winachsf / winachsf][Stopped/Manual Start] <system32\DRIVERS\VSTCNXT3.SYS><Conexant Systems, Inc.>==================================Browser Add-ons[Adobe PDF Reader Link Helper] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>[Skype add-on (mastermind)] {22BF413B-C6D2-4d91-82A9-A0F997BA588C} <C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, Skype Technologies S.A.>[] {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} <c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll, (Signed) Symantec Corporation>[Symantec Intrusion Prevention] {6D53EC84-6AAE-4787-AEEE-F4628F01010C} <C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll, (Signed) Symantec Corporation>[SSVHelper Class] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>[Java Plug-in 1.6.0_02] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>[Send to OneNote from Internet Explorer button] {2670000A-7350-4f3c-8081-5663EE0C6C49} <C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll, (Signed) Microsoft Corporation>[Skype add-on (button)] {77BF5300-1474-4EC7-9980-D32B190E9B07} <C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, Skype Technologies S.A.>[&Research] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL, (Signed) Microsoft Corporation>[Show Norton Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} <c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll, (Signed) Symantec Corporation>[CKAVWebScan Object] {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} <C:\Windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll, Kaspersky Lab>[Shockwave ActiveX Control] {233C1507-6A77-46A4-9443-F871F945D258} <C:\Windows\System32\Adobe\Director\swdir.dll, N/A>[Java Plug-in 1.6.0_02] {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll, (Signed) Sun Microsystems, Inc.>[Java Plug-in 1.6.0_02] {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>[Java Plug-in 1.6.0_02] {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll, (Signed) Sun Microsystems, Inc.>[Adobe PDF Reader Link Helper] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>[] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >[CKAVWebScan Object] {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} <C:\Windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll, Kaspersky Lab>[] {17492023-C23A-453E-A040-C7C580BBF700} <, >[Skype add-on (mastermind)] {22BF413B-C6D2-4D91-82A9-A0F997BA588C} <C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, Skype Technologies S.A.>[Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\Windows\System32\wmpdxm.dll, (Signed) Microsoft Corporation>[] {2318C2B1-4965-11D4-9B18-009027A5CD4F} <, >[Shockwave ActiveX Control] {233C1507-6A77-46A4-9443-F871F945D258} <C:\Windows\System32\Adobe\Director\swdir.dll, N/A>[HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\Windows\system32\mshtml.dll, (Signed) Microsoft Corporation>[] {2670000A-7350-4F3C-8081-5663EE0C6C49} <, >[XML DOM Document] {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>[XML Document] {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>[] {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} <c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll, (Signed) Symantec Corporation>[CKAVReportCtrl Object] {6117669B-8C2D-41FA-A6D9-9E484B999CF0} <C:\Windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll, Kaspersky Lab>[Symantec Intrusion Prevention] {6D53EC84-6AAE-4787-AEEE-F4628F01010C} <C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll, (Signed) Symantec Corporation>[SSVHelper Class] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>[Skype add-on (button)] {77BF5300-1474-4EC7-9980-D32B190E9B07} <C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll, Skype Technologies S.A.>[Show Norton Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} <c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll, (Signed) Symantec Corporation>[Microsoft Web Browser] {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\Windows\system32\ieframe.dll, (Signed) Microsoft Corporation>[] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >[] {AA58ED58-01DD-4D91-8333-CF10577473F7} <, >[Microsoft Office 12 Authorization Control] {C9712B19-838B-45A5-ABF2-9A315DDDED50} <C:\PROGRA~1\MICROS~3\Office12\AUTHZAX.DLL, (Signed) Microsoft Corporation>[RealPlayer G2 Control] {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\Windows\system32\rmoc3260.dll, (Signed) RealNetworks, Inc.>[Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash9d.ocx, N/A>[QuickTimeCheck Class] {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx, (Signed) Apple Inc.>[XML HTTP Request] {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>[XML HTTP] {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>[E&xport to Microsoft Excel] <res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000, N/A>==================================Running Processes[PID: 564 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)][PID: 640 / SYSTEM][C:\Windows\system32\csrss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 692 / SYSTEM][C:\Windows\system32\csrss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 700 / SYSTEM][C:\Windows\system32\wininit.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 736 / SYSTEM][C:\Windows\system32\services.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 748 / SYSTEM][C:\Windows\system32\lsass.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 760 / SYSTEM][C:\Windows\system32\lsm.exe] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)][PID: 896 / SYSTEM][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 960 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 1000 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{36354072-C4F6-4E58-BA1B-333138E9116B}\mpengine.dll] [Microsoft Corporation, 1.1.3807.0][PID: 1064 / SYSTEM][C:\Windows\system32\winlogon.exe] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)][PID: 1080 / LOCAL SERVICE][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 1128 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll] [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)][PID: 1140 / SYSTEM][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12][PID: 1248 / NETWORK SERVICE][C:\Windows\system32\SLsvc.exe] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 1276 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12][PID: 1404 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12][PID: 1528 / SYSTEM][C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe] [Lavasoft, 7,1,0,12] [C:\Program Files\Lavasoft\Ad-Aware\CEAPI.dll] [Lavasoft, 7,1,0,12] [C:\Program Files\Lavasoft\Ad-Aware\PKArchive85u.dll] [PKWARE, Inc., 8.4.1045.0] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 1672 / SYSTEM][C:\Windows\System32\spoolsv.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\System32\msonpmon.dll] [Microsoft Corporation, 12.3.4518.1014] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Windows\system32\spool\PRTPROCS\W32X86\msonpppr.dll] [Microsoft Corporation, 12.3.4518.1014] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12][PID: 1696 / SYSTEM][C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe] [Symantec, 3.1.0.838] [C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\boost_thread-vc71-mt-1_32.dll] [N/A, ] [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\boost_log-vc71-mt-1_32.dll] [N/A, ] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll] [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.1434] [c:\Program Files\Common Files\Symantec Shared\ccL70U.dll] [Symantec Corporation, 107.0.3.7][PID: 1768][c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe] [Symantec Corporation, 107.0.3.7] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.1434] [c:\Program Files\Common Files\Symantec Shared\ccL70U.dll] [Symantec Corporation, 107.0.3.7] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 107.0.3.7] [c:\Program Files\Common Files\Symantec Shared\ccSvc.dll] [Symantec Corporation, 107.0.3.7] [c:\Program Files\Common Files\Symantec Shared\CCIPC.dll] [Symantec Corporation, 107.0.3.7] [c:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 107.0.3.7] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETPLG.DLL] [Symantec Corporation, 107.0.3.7] [C:\PROGRA~1\NORTON~1\NORTON~1\AVPSVC32.DLL] [Symantec Corporation, 15.0.5.5] [c:\Program Files\Norton Internet Security\Norton AntiVirus\AVSubmit.dll] [Symantec Corporation, 15.0.0.58] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSUBENG.DLL] [Symantec Corporation, 107.0.3.7] [C:\PROGRA~1\COMMON~1\SYMANT~1\HOMENET\HNCORE.DLL] [Symantec Corporation, 3.0.0.113] [C:\PROGRA~1\NORTON~1\ISDATASV.DLL] [Symantec Corporation, 15.0.5.5] [C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSVC.DLL] [Symantec Corporation, 8.0.2.6] [c:\Program Files\Common Files\Symantec Shared\ccL70.dll] [Symantec Corporation, 107.0.3.7] [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\TPROCPLG.DLL] [Symantec Corporation, 4.1.0.6] [C:\PROGRA~1\COMMON~1\SYMANT~1\NPC\2.0\WMIMONTR.DLL] [Symantec Corporation, 2008.1.00.98] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEVTPLG.DLL] [Symantec Corporation, 107.0.3.7] [C:\PROGRA~1\COMMON~1\SYMANT~1\APPCORE\APPPLG32.DLL] [Symantec Corporation, 1.3.00.68] [C:\PROGRA~1\COMMON~1\SYMANT~1\HTEC\HTEC.DLL] [Symantec Corporation, 2.0.0.48] [c:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll] [Symantec Corporation, 1.3.00.68] [C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSPLUG.DLL] [Symantec Corporation, 8.2.0.86] [c:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll] [Symantec Corporation, 107.0.3.7] [C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\SRTSP32.DLL] [Symantec Corporation, 10.2.2.6] [c:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll] [Symantec Corporation, 1.3.00.68] [C:\PROGRA~1\COMMON~1\SYMANT~1\NCWHYPEX\NCWHYPEX.DLL] [Symantec Corporation, 15.0.5.5] [c:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 107.0.3.7] [C:\PROGRA~1\COMMON~1\SYMANT~1\FIREWALL\FWAGENT.DLL] [Symantec Corporation, 3.0.0.97] [C:\Program Files\Common Files\Symantec Shared\SymNeti.dll] [Symantec Corporation, 8.0.2.6] [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL] [Symantec Corporation, 4.0.0.134] [C:\PROGRA~1\COMMON~1\SYMANT~1\PIF\{96E26~1\PIFENG.DLL] [Symantec Corporation, 1.5.0.12] [c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVScan.dll] [Symantec Corporation, 3.0.00.140] [c:\Program Files\Common Files\Symantec Shared\AntiVirus\avDefMgr.dll] [Symantec Corporation, 3.1.00.5] [C:\Windows\system32\msjetoledb40.dll] [, ] [c:\Program Files\Common Files\Symantec Shared\AntiVirus\avModule.dll] [Symantec Corporation, 3.0.00.140] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL] [Symantec Corporation, 107.0.3.7] [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\PROGRA~1\NORTON~1\NORTON~1\NAVEVENT.DLL] [Symantec Corporation, 15.0.0.58] [c:\Program Files\Common Files\Symantec Shared\QBackup.dll] [Symantec Corporation, 3.0.00.140] [c:\Program Files\Common Files\Symantec Shared\SPBBC\ccTrstPc.dll] [Symantec Corporation, 4.1.0.6] [c:\Program Files\Common Files\Symantec Shared\Firewall\FWHelper.dll] [Symantec Corporation, 3.1.0.4] [c:\Program Files\Norton Internet Security\isDataCl.dll] [Symantec Corporation, 15.0.5.5] [c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll] [Symantec Corporation, 3.1.00.5] [c:\Program Files\Norton Internet Security\isPwd.dll] [Symantec Corporation, 15.0.0.178] [c:\Program Files\Norton Internet Security\SetEvtHp.dll] [Symantec Corporation, 15.0.0.178] [c:\Program Files\Norton Internet Security\fwPlugin.dll] [Symantec Corporation, 15.0.0.178] [c:\Program Files\Norton Internet Security\fwEvent.dll] [Symantec Corporation, 15.0.0.178] [C:\PROGRA~1\COMMON~1\SYMANT~1\OPC\{C86EA~1\CLTNETCN.DLL] [Symantec Corporation, 8.0.0.103] [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\WSCR_Fix.DLL] [Symantec Corporation, 2008.1.00.98] [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\WSCRHLPR.dll] [Symantec Corporation, 2008.1.00.98] [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\WmiData.dll] [Symantec Corporation, 2008.1.00.98] [c:\Program Files\Common Files\Symantec Shared\coShared\WA\2.0\NppCCWkr.dll] [Symantec Corporation, 2008.2.0.84] [c:\Program Files\Common Files\Symantec Shared\coShared\WA\2.0\NppDSMgr.dll] [Symantec Corporation, 2008.2.0.84] [c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coRegMon.dll] [Symantec Corporation, 2008.2.0.84] [c:\Program Files\Common Files\Symantec Shared\coShared\CW\2.0\CWBB.dll] [Symantec Corporation, 2008.2.0.84] [c:\Program Files\Common Files\Symantec Shared\COL\BBIF.DLL] [Symantec Corporation, 2007.1.1.1009] [c:\Program Files\Common Files\Symantec Shared\coShared\CW\2.0\CWCon.dll] [Symantec Corporation, 2008.2.0.84] [C:\PROGRA~2\Symantec\SyKnAppS\SyKnAppS.dll] [Symantec Corporation, 2.5.0.22] [c:\Program Files\Common Files\Symantec Shared\ccALEng.dll] [Symantec Corporation, 107.0.3.7] [c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCCli.dll] [Symantec Corporation, 4.0.0.134] [c:\Program Files\Common Files\Symantec Shared\ccScanw.dll] [Symantec Corporation, 107.0.3.7] [c:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL] [Symantec Corporation, 71.3.0.25] [c:\Program Files\Common Files\Symantec Shared\MSL\msl.dll] [Symantec Corporation, 107.0.0.102] [c:\Program Files\Norton Internet Security\IMCfg.dll] [Symantec Corporation, 15.0.5.5] [c:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll] [Symantec Corporation, 4.0.0.134] [C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080830.007\ccEraser.dll] [Symantec Corporation, 108.2.1.3] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12][PID: 2004 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 244 / SYSTEM][C:\Windows\system32\taskeng.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2240 / Gamon][C:\Windows\system32\taskeng.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 7.15.11.6743][PID: 2276 / Gamon][C:\Windows\system32\Dwm.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.6743][PID: 2332 / Gamon][C:\Windows\Explorer.EXE] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll] [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\PROGRA~1\WI4EB4~1\wmpband.dll] [Microsoft Corporation, 11.0.6000.6324 (vista_rtm.061101-2205)] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.1434] [c:\Program Files\Common Files\Symantec Shared\ccL70U.dll] [Symantec Corporation, 107.0.3.7] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [c:\PROGRA~1\NORTON~1\NORTON~1\NavShExt.dll] [Symantec Corporation, 15.0.0.58] [C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll] [ESET, 3.0.672 ] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 8.0.0.2006102200][PID: 2588 / Gamon][C:\Windows\System32\rundll32.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\system32\NvMcTray.dll] [NVIDIA Corporation, 7.15.11.6743] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\System32\nvapi.dll] [NVIDIA Corporation, 7.15.11.6743][PID: 2636 / Gamon][C:\Windows\System32\rundll32.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\System32\NVSVC.DLL] [NVIDIA Corporation, 7.15.11.6743] [C:\Windows\System32\nvapi.dll] [NVIDIA Corporation, 7.15.11.6743][PID: 2664 / Gamon][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics, Inc., 10.2.4 18Jan08] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\system32\SynCOM.dll] [Synaptics, Inc., 10.2.4 18Jan08] [C:\Windows\system32\SynTPAPI.dll] [Synaptics, Inc., 10.2.4 18Jan08][PID: 2676 / Gamon][C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe] [Motorola Inc., 6.12.06] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Program Files\Motorola\SMSERIAL\sm56eng.dll] [Motorola Inc., 6.12.06] [C:\Program Files\Motorola\SMSERIAL\sm56fra.dll] [Motorola Inc., 6.12.06] [C:\Program Files\Motorola\SMSERIAL\sm56brz.dll] [Motorola Inc., 6.12.06] [C:\Program Files\Motorola\SMSERIAL\sm56chs.dll] [Motorola Inc., 6.12.06] [C:\Program Files\Motorola\SMSERIAL\sm56cht.dll] [Motorola Inc., 6.12.06] [C:\Program Files\Motorola\SMSERIAL\sm56ger.dll] [Motorola Inc., 6.12.06] [C:\Program Files\Motorola\SMSERIAL\sm56ita.dll] [Motorola Inc., 6.12.06] [C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll] [Motorola Inc., 6.12.06] [C:\Program Files\Motorola\SMSERIAL\sm56esp.dll] [Motorola Inc., 6.12.06] [C:\Program Files\Motorola\SMSERIAL\sm56kor.dll] [Motorola Inc., 6.12.06] [C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll] [Motorola Inc., 6.12.06][PID: 2692 / Gamon][C:\Windows\RtHDVCpl.exe] [Realtek Semiconductor, 1, 0, 0, 98] [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll] [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2704 / Gamon][C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe] [Intel Corporation, 7.8.0.1013] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll] [Intel Corporation, 7.8.0.1013] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Program Files\Intel\Intel Matrix Storage Manager\IAAMon_ENU.dll] [Intel Corporation, 7.8.0.1013][PID: 2712 / Gamon][C:\Program Files\Hp\QuickPlay\QPService.exe] [CyberLink Corp., 4.5.0.0000] [C:\Program Files\Hp\QuickPlay\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Hp\QuickPlay\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Hp\QuickPlay\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\system32\MFC71ENU.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Hp\QuickPlay\helper.dll] [CyberLink Corp., 3.00.4021 ] [C:\Program Files\HP\QuickPlay\Kernel\common\CLRCEngine3.dll] [CyberLink Corp., 4, 5, 0, 2212] [C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL] [Microsoft Corporation, 12.0.4518.1014] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapX.dll] [Cyberlink, 5.00.3619] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Program Files\HP\QuickPlay\Kernel\TV\CLAuMixer.dll] [CyberLink Corp., 1.01.1027 ] [C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll] [, 5.00.3028] [C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll] [N/A, ] [C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll] [, 5.00.3619] [C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRRec4.dll] [CyberLink Corp., 4.02.4819] [C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll] [, 1.00.1012][PID: 2728 / Gamon][C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe] [ Hewlett-Packard Development Company, L.P., 6, 3, 5, 1] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.DLL] [Hewlett-Packard Development Company, L.P., 6, 3, 5, 1] [C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hpqExec.DLL] [Hewlett-Packard Company, 6, 3, 4, 2] [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll] [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)][PID: 2740 / Gamon][C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe] [ Hewlett-Packard Development Company, L.P., 1.0.0.4] [C:\Program Files\Hewlett-Packard\HP QuickTouch\HPShared.dll] [ Hewlett-Packard Development Company, L.P., 1.0.0.4] [C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\MFC80ENU.DLL] [Microsoft Corporation, 8.00.50727.762][PID: 2768 / Gamon][C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe] [Adobe Systems Incorporated, 8.0.0.0] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2812][c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe] [Symantec Corporation, 107.0.3.7] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.1434] [c:\Program Files\Common Files\Symantec Shared\ccL70U.dll] [Symantec Corporation, 107.0.3.7] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 107.0.3.7] [c:\Program Files\Common Files\Symantec Shared\ccSvc.dll] [Symantec Corporation, 107.0.3.7] [c:\Program Files\Common Files\Symantec Shared\CCIPC.dll] [Symantec Corporation, 107.0.3.7] [c:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 107.0.3.7] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCAPPPLG.DLL] [Symantec Corporation, 107.0.3.7] [C:\PROGRA~1\COMMON~1\SYMANT~1\NPC\NPCLU.DLL] [Symantec Corporation, 2008.2.00.5] [C:\PROGRA~1\COMMON~1\SYMANT~1\NPC\2.0\NPCTRAY.DLL] [Symantec Corporation, 2008.1.00.98] [C:\PROGRA~1\COMMON~1\SYMANT~1\COL\SESHLP.DLL] [Symantec Corporation, 6.1.2.4] [c:\Program Files\Common Files\Symantec Shared\auCOLPwd.dll] [Symantec Corporation, 2007.1.1.1009] [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\uiAlert.dll] [Symantec Corporation, 2008.1.00.98] [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.DLL] [Microsoft Corporation, 8.00.50727.762] [c:\Program Files\Common Files\Symantec Shared\NPC\DataPvdr.dll] [Symantec Corporation, 2008.1.00.98] [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\uiHost.dll] [Symantec Corporation, 2008.1.00.98] [c:\Program Files\Common Files\Symantec Shared\AppCore\AppPlg32.dll] [Symantec Corporation, 1.3.00.68] [c:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] [Symantec Corporation, 107.0.3.7] [c:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 107.0.3.7] [c:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll] [Symantec Corporation, 1.3.00.68] [c:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll] [Symantec Corporation, 107.0.3.7] [c:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll] [Symantec Corporation, 1.3.00.68] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL] [Symantec Corporation, 107.0.3.7] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL] [Symantec Corporation, 107.0.3.7] [c:\Program Files\Norton Internet Security\fwAlert.dll] [Symantec Corporation, 15.0.0.178] [c:\Program Files\Norton Internet Security\ISDataCl.dll] [Symantec Corporation, 15.0.5.5] [c:\Program Files\Norton Internet Security\coDataPr.dll] [Symantec Corporation, 2008.2.0.84] [c:\Program Files\Norton Internet Security\09\01\coDataPr.loc] [Symantec Corporation, 2008.2.0.84] [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\uiDataCl.dll] [Symantec Corporation, 2008.1.00.98] [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\pcStatus.dll] [Symantec Corporation, 2008.1.00.98] [C:\PROGRA~1\NORTON~1\NORTON~1\AVPAPP32.DLL] [Symantec Corporation, 15.0.0.58] [C:\PROGRA~1\NORTON~1\NISTRAY.DLL] [Symantec Corporation, 15.0.0.60] [C:\PROGRA~1\NORTON~1\ISLALERT.DLL] [Symantec Corporation, 15.0.0.178] [C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\NPC\2.0\UICNTNR.DLL] [Symantec Corporation, 2008.1.00.98] [c:\Program Files\Common Files\Symantec Shared\PIF\{96E26A03-A25A-400b-B9B4-564C9BD00F46}\AlertEng.dll] [Symantec Corporation, 1.5.0.12] [c:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll] [Symantec Corporation, 6.1.7.18] [c:\Program Files\Norton Internet Security\SetEvtHp.dll] [Symantec Corporation, 15.0.0.178] [c:\Program Files\Common Files\Symantec Shared\COH\sH0007.dll] [Symantec Corporation, 6,1,7,18] [C:\Program Files\Common Files\Symantec Shared\SymNeti.dll] [Symantec Corporation, 8.0.2.6] [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\WSCRHLPR.dll] [Symantec Corporation, 2008.1.00.98] [c:\Program Files\Norton Internet Security\fwEvent.dll] [Symantec Corporation, 15.0.0.178] [c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll] [Symantec Corporation, 3.1.00.5] [C:\Program Files\Common Files\Symantec Shared\SymRedir.dll] [Symantec Corporation, 8.0.2.6] [c:\Program Files\Common Files\Symantec Shared\AntiVirus\AVMail.dll] [Symantec Corporation, 3.0.00.140] [c:\Program Files\Norton Internet Security\isPwd.dll] [Symantec Corporation, 15.0.0.178] [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\WSCRMain.dll] [Symantec Corporation, 2008.1.00.98] [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\WmiClnt.dll] [Symantec Corporation, 2008.1.00.98] [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\WmiData.dll] [Symantec Corporation, 2008.1.00.98] [c:\Program Files\Common Files\Symantec Shared\NPC\2.0\uiLicPlg.dll] [Symantec Corporation, 2008.1.00.98] [c:\Program Files\Common Files\Symantec Shared\NPC\PEPEvnt.dll] [Symantec Corporation, 2008.1.00.98] [c:\Program Files\Common Files\Symantec Shared\CF\PEP2.dll] [Symantec Corporation, 2006.1.03.35] [c:\Program Files\Common Files\Symantec Shared\coShared\CIM\2.0\AcctMgr.dll] [Symantec Corporation, 2008.2.1.3] [c:\Program Files\Common Files\Symantec Shared\coShared\CIM\2.0\DSMigrat.dll] [Symantec Corporation, 2008.2.1.3] [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll] [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)] [c:\Program Files\Common Files\Symantec Shared\coShared\CIM\2.0\coParse.dll] [Symantec Corporation, 1, 0, 0, 1][PID: 2964 / Gamon][C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe] [Hewlett-Packard, 80, 1, 0, 0] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2972 / Gamon][C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe] [Hewlett-Packard Development Company, L.P., 3, 0, 8, 2] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2980 / Gamon][C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe] [Hewlett-Packard Development Company, L.P., 3.0.4.1] [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll] [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2988 / Gamon][C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.20.6] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 3000 / Gamon][C:\Program Files\Winamp\winampa.exe] [N/A, ] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 3020 / SYSTEM][C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] [Apple Inc., 2.1.29.0][PID: 3140 / SYSTEM][C:\Program Files\Bonjour\mDNSResponder.exe] [Apple Inc., 1,0,4,12][PID: 3188 / SYSTEM][C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe] [ESET, 3.0.672 ] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll] [ESET, 3.0.672 ] [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll] [ESET, 3.0.672 ] [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll] [ESET, 3.0.672 ] [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll] [ESET, 3.0.672 ] [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll] [ESET, 3.0.672 ] [C:\Program Files\ESET\ESET NOD32 Antivirus\updater.dll] [ESET, 3.0.672 ] [C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll] [ESET, 3.0.672 ][PID: 3220 / Gamon][C:\Program Files\iTunes\iTunesHelper.exe] [Apple Inc., 7.7.1.11] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Program Files\iTunes\iTunesHelper.Resources\pl.lproj\iTunesHelperLocalized.DLL] [Apple Inc., 7.7.1.3] [C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL] [Apple Inc., 7.7.1.11] [C:\Program Files\QuickTime\QTSystem\QuickTime.qts] [Apple Inc., 7.5 (861)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll] [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)] [C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll] [Apple Inc., 7, 8, 176, 0][PID: 3304 / SYSTEM][C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe] [Intel Corporation, 7.8.0.1013] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll] [Intel Corporation, 7.8.0.1013] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll] [Intel Corporation, 7.8.0.1013][PID: 3360 / SYSTEM][C:\Program Files\Common Files\LightScribe\LSSrvc.exe] [Hewlett-Packard Company, 1.10.13.1] [C:\Program Files\Common Files\LightScribe\LSSProxy.dll] [Hewlett-Packard Company, 1.10.13.1] [C:\Program Files\Common Files\LightScribe\LSLog.dll] [Hewlett-Packard Company, 1.10.13.1] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 3452 / Gamon][C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe] [ESET, 3.0.672 ] [C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\MFC80ENU.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll] [ESET, 3.0.672 ] [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll] [ESET, 3.0.672 ] [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll] [ESET, 3.0.672 ] [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll] [ESET, 3.0.672 ] [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll] [ESET, 3.0.672 ] [C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll] [ESET, 3.0.672 ][PID: 3480 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 3492 / SYSTEM][C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe] [, 5.00.3526] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll] [, 5.00.3619] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRRec4.dll] [CyberLink Corp., 4.02.4819] [C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll] [N/A, ][PID: 3524 / Gamon][C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NortonAntiBot.exe] [Symantec, 3.1.0.838] [C:\Windows\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\boost_thread-vc71-mt-1_32.dll] [N/A, ] [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\boost_log-vc71-mt-1_32.dll] [N/A, ] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\system32\MFC71ENU.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\EN_US\TrayRes.dll] [Symantec, 3.1.0.838] [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\EN_US\TrayMsgs.dll] [Symantec, 3.1.0.838] [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\JScript.dll] [Microsoft Corporation, 5.6.0.8825][PID: 3536 / Gamon][C:\Program Files\Windows Sidebar\sidebar.exe] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18000_none_9e752e5ac9c619f3\gdiplus.dll] [Microsoft Corporation, 5.2.6001.18000 (longhorn_rtm.080118-1840)] [C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.6743] [C:\Windows\system32\icm32.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 3584 / Gamon][C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe] [Hewlett-Packard Company, 1.10.13.1] [C:\Program Files\Common Files\LightScribe\QtCore4.dll] [N/A, ] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Program Files\Common Files\LightScribe\QtGui4.dll] [N/A, ] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll] [N/A, ][PID: 2272 / SYSTEM][C:\Program Files\CyberLink\Shared Files\RichVideo.exe] [, 2.0.1120 ] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2468 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2192 / SYSTEM][C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe] [Symantec, 3.1.0.838] [C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\boost_thread-vc71-mt-1_32.dll] [N/A, ] [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\boost_log-vc71-mt-1_32.dll] [N/A, ] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 1484 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)][PID: 1556 / SYSTEM][C:\Windows\system32\SearchIndexer.exe] [Microsoft Corporation, 7.0.6001.16503 (longhorn(wmbla).080526-2159)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2760 / SYSTEM][C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe] [Hewlett-Packard Development Company, L.P., 2, 0, 1, 9] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 2216 / SYSTEM][C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe] [, 5.00.3619] [C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll] [N/A, ] [C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll] [, 5.00.3028] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll] [, 1.00.1012][PID: 3932 / SYSTEM][C:\Program Files\iPod\bin\iPodService.exe] [Apple Inc., 7.7.1.11] [C:\Program Files\iPod\bin\iPodService.Resources\pl.lproj\iPodServiceLocalized.DLL] [Apple Inc., 7.7.1.3] [C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL] [Apple Inc., 7.7.1.11][PID: 4492 / SYSTEM][C:\Windows\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)][PID: 4984 / Gamon][C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABMonitor.exe] [Symantec, 3.1.0.838] [C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\boost_thread-vc71-mt-1_32.dll] [N/A, ] [C:\Program Files\Symantec\Norton AntiBot\agent\Bin\boost_log-vc71-mt-1_32.dll] [N/A, ] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 5084 / Gamon][C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe] [, 1, 10, 1, 3] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 5740 / Gamon][C:\Program Files\Synaptics\SynTP\SynTPHelper.exe] [Synaptics, Inc., 10.2.4 18Jan08][PID: 4656][c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe] [Symantec Corporation, 3.4.0.164] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [c:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 107.0.3.7] [c:\Program Files\Common Files\Symantec Shared\ccL70U.dll] [Symantec Corporation, 107.0.3.7][PID: 5172 / SYSTEM][c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe] [Hewlett-Packard, 2.3.0.2] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.1434] [C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5b3e3b0551bcaa722c27dbb089c431e4\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System\267d4c344058092e6950c11594244f90\System.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\80a3d0416c6660b86e245bd1f6b66fd8\System.ServiceProcess.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\8fe7232e97fdf63c6b146e93f432d7d7\System.Runtime.Remoting.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll] [Hewlett-Packard, 2.0.0.2][PID: 4972 / SYSTEM][C:\Windows\system32\SearchProtocolHost.exe] [Microsoft Corporation, 7.0.6001.16503 (longhorn(wmbla).080526-2159)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL] [Microsoft Corporation, 12.0.4518.1014] [C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1434_none_d08b6002442c891f\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.1434][PID: 5508 / SYSTEM][C:\Windows\system32\SearchFilterHost.exe] [Microsoft Corporation, 7.0.6001.16503 (longhorn(wmbla).080526-2159)] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)][PID: 4388 / Gamon][C:\Users\Gamon\Downloads\sreng2\SREngLdr.EXE] [Smallfrogs Studio, 2.6.12.1018][PID: 4172 / Gamon][C:\Users\Gamon\Downloads\sreng2\SRE9552d3d9.EXE] [Smallfrogs Studio, 2.6.12.1018] [C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll] [Microsoft Corporation, 6.10 (longhorn_rtm.080118-1840)] [C:\Users\Gamon\Downloads\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,4,12][PID: 5216 / SYSTEM][\\?\C:\Windows\system32\wbem\WMIADAP.EXE] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]==================================File Associations.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1].EXE OK. ["%1" %*].COM OK. ["%1" %*].PIF OK. ["%1" %*].REG OK. [regedit.exe "%1"].BAT OK. ["%1" %*].SCR OK. ["%1" /S].CHM OK. ["%SystemRoot%\hh.exe" %1].HLP OK. [%SystemRoot%\winhlp32.exe %1].INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1].INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1].VBS OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*].JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*].LNK OK. [{00021401-0000-0000-C000-000000000046}]==================================Winsock ProviderN/A==================================Autorun.InfN/A==================================HOSTS File127.0.0.1 localhost::1 localhost==================================Process Privileges ScanN/A==================================API HOOKN/A==================================Hidden ProcessN/A================================== Co do SDFixa, uruchomilem w trybie awaryjnym, uruchomilem RunThis.bat jednak program nie startowal, probowalem kilka razy, moze cos pomieszalem. Teraz wyglada na to ze szkodnikow nie ma, jednak jesli cos jeszcze powinienem zrobic, prosze o podpowiedz Dziekuje za pomoc
Gość komentarz 31 sierpnia 2008 komentarz 31 sierpnia 2008 ComboFix jest czysty, ale za to SRENG nie! Uruchom System Repair Engineer zakładka System Repair >> Browser Add-ons >> odszukaj i usuń. {08B0E5C0-4FCB-11CF-AAA5-00401C608501} {17492023-C23A-453E-A040-C7C580BBF700} {2318C2B1-4965-11D4-9B18-009027A5CD4F} {2670000A-7350-4F3C-8081-5663EE0C6C49} {92780B25-18CC-41C8-B9BE-3C9C571A8263} {AA58ED58-01DD-4D91-8333-CF10577473F7} Potem nowy SRENG
Mateusz J. komentarz 31 sierpnia 2008 komentarz 31 sierpnia 2008 Masz 2 antywirusy, odinstaluj jeden. Proszę przeskanować komputer: SpyBotem Ad-aware Następnie nowe logi z ComboFix i HijackThis.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.