ComboFix 12-11-20.02 - KRZYSIO 2012-11-20  18:55:21.1.2 - x86 MINIMAL
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1045.18.3065.2569 [GMT 1:00]
Running from: c:\users\KRZYSIO\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\939F5E835D.sys
c:\users\KRZYSIO\AppData\Local\assembly\tmp
c:\users\Public\sdelevURL.tmp
c:\windows\system32\delete.bat
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\winhelp.ini
.
.
(((((((((((((((((((((((((   Files Created from 2012-10-20 to 2012-11-20  )))))))))))))))))))))))))))))))
.
.
2012-11-20 18:03 . 2012-11-20 18:07	--------	d-----w-	c:\users\KRZYSIO\AppData\Local\temp
2012-11-20 16:26 . 2012-11-20 16:26	388096	----a-r-	c:\users\KRZYSIO\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-11-20 16:26 . 2012-11-20 16:26	--------	d-----w-	c:\program files\Trend Micro
2012-11-18 20:37 . 2012-11-18 20:37	--------	d-----w-	c:\program files\ESET
2012-11-18 20:07 . 2012-11-18 20:07	--------	d-----w-	c:\program files\AML Products
2012-11-18 19:57 . 2012-11-19 17:43	40776	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2012-11-18 18:19 . 2012-11-18 18:19	--------	d-----w-	c:\users\KRZYSIO\AppData\Roaming\ArcaBit
2012-11-18 17:28 . 2012-11-18 17:28	--------	d-----w-	c:\program files\SkanerOnline
2012-11-18 14:25 . 2012-11-18 14:25	--------	d-----w-	c:\users\KRZYSIO\AppData\Roaming\f-secure
2012-11-18 14:23 . 2012-11-18 14:23	--------	d-----w-	c:\programdata\F-Secure
2012-11-18 14:12 . 2012-11-19 20:42	--------	d-----w-	c:\program files\Panda Security
2012-11-18 13:16 . 2012-11-19 18:19	--------	d-----w-	c:\users\KRZYSIO\AppData\Roaming\ArcaVirMicroScan
2012-11-18 13:15 . 2012-11-18 18:00	--------	d-----w-	c:\users\KRZYSIO\AppData\Roaming\QuickScan
2012-11-17 19:36 . 2012-11-17 19:37	--------	d-----w-	c:\users\KRZYSIO\DoctorWeb
2012-11-17 19:10 . 2012-11-17 19:10	--------	d-----w-	c:\users\KRZYSIO\AppData\Roaming\Malwarebytes
2012-11-17 19:10 . 2012-11-17 19:10	--------	d-----w-	c:\programdata\Malwarebytes
2012-11-17 18:41 . 2012-11-17 18:41	--------	d-----w-	c:\program files\PortReporter
2012-11-16 21:46 . 2012-11-16 21:46	--------	d-----w-	c:\programdata\CPA_VA
2012-11-16 21:37 . 2012-11-18 12:08	--------	d-----w-	c:\programdata\Comodo
2012-11-16 21:36 . 2012-11-19 19:27	--------	d-----w-	c:\program files\Comodo
2012-11-16 21:10 . 2012-10-17 00:32	6918632	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{9137B1B7-E59A-4582-A52F-553C897465ED}\mpengine.dll
2012-11-16 21:00 . 2012-11-16 21:00	--------	d-----w-	c:\users\KRZYSIO\AppData\Local\Broadcom
2012-11-16 20:30 . 2012-11-16 20:30	--------	d-----w-	c:\users\KRZYSIO\AppData\Local\GG
2012-11-16 20:23 . 2012-11-16 20:23	--------	d-----w-	c:\programdata\LightScribe
2012-11-16 20:20 . 2012-11-16 20:31	--------	d-----w-	c:\program files\Gadu-Gadu
2012-11-16 19:07 . 2012-11-16 19:07	--------	d-----w-	c:\program files\Sygate
2012-11-16 18:53 . 2012-11-20 18:02	--------	d-----w-	c:\users\KRZYSIO\AppData\Local\assembly
2012-11-16 18:18 . 2012-11-16 18:18	101720	----a-w-	c:\windows\system32\drivers\SBREDrv.sys
2012-11-16 18:13 . 2012-11-16 18:13	--------	d-----w-	c:\program files\Toolbar Cleaner
2012-11-16 18:06 . 2012-11-16 18:07	--------	d-----w-	c:\users\KRZYSIO\AppData\Local\Google
2012-11-16 18:05 . 2012-11-20 16:53	--------	d-----w-	c:\users\KRZYSIO\AppData\Local\Deployment
2012-11-16 18:05 . 2012-11-16 18:05	--------	d-----w-	c:\users\KRZYSIO\AppData\Local\Apps
2012-11-16 17:55 . 2012-11-16 17:55	--------	d-----w-	c:\users\KRZYSIO\AppData\Local\ATI
2012-11-16 17:50 . 2012-10-12 14:29	2047488	----a-w-	c:\windows\system32\win32k.sys
2012-11-16 17:50 . 2012-09-25 16:19	75776	----a-w-	c:\windows\system32\synceng.dll
2012-11-08 21:18 . 2012-11-08 21:18	--------	d-----w-	c:\users\KRZYSIO\AppData\Local\WinZip Courier
2012-11-08 21:04 . 2012-11-08 21:04	--------	d-----w-	c:\users\KRZYSIO\AppData\Local\WinZip
2012-11-08 21:03 . 2012-11-08 21:04	--------	d-----w-	c:\programdata\WinZip
2012-11-07 22:37 . 2012-11-07 22:37	82952	----a-w-	c:\windows\system32\drivers\inspect.sys
2012-11-07 22:37 . 2012-11-07 22:37	42264	----a-w-	c:\windows\system32\drivers\cmdhlp.sys
2012-11-07 22:37 . 2012-11-07 22:37	494416	----a-w-	c:\windows\system32\drivers\cmdGuard.sys
2012-11-07 22:37 . 2012-11-07 22:37	19632	----a-w-	c:\windows\system32\drivers\cmderd.sys
2012-11-07 22:37 . 2012-11-07 22:37	34024	----a-w-	c:\windows\system32\cmdcsr.dll
2012-11-07 22:37 . 2012-11-07 22:37	301264	----a-w-	c:\windows\system32\guard32.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-08 16:55 . 2012-10-01 16:38	26984	----a-w-	c:\windows\system32\drivers\avgtpx86.sys
2012-09-13 13:28 . 2012-10-10 14:29	2048	----a-w-	c:\windows\system32\tzres.dll
2012-08-29 11:27 . 2012-10-10 14:29	3602816	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-08-29 11:27 . 2012-10-10 14:29	3550080	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-08-25 11:50 . 2012-09-22 11:43	916992	----a-w-	c:\windows\system32\wininet.dll
2012-08-25 11:44 . 2012-09-22 11:43	43520	----a-w-	c:\windows\system32\licmgr10.dll
2012-08-25 11:44 . 2012-09-22 11:43	1469440	----a-w-	c:\windows\system32\inetcpl.cpl
2012-08-25 11:44 . 2012-09-22 11:43	109056	----a-w-	c:\windows\system32\iesysprep.dll
2012-08-25 11:44 . 2012-09-22 11:43	71680	----a-w-	c:\windows\system32\iesetup.dll
2012-08-25 10:11 . 2012-09-22 11:43	385024	----a-w-	c:\windows\system32\html.iec
2012-08-25 08:31 . 2012-09-22 11:43	133632	----a-w-	c:\windows\system32\ieUnatt.exe
2012-08-25 08:29 . 2012-09-22 11:43	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2012-08-24 15:53 . 2012-10-10 14:29	172544	----a-w-	c:\windows\system32\wintrust.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay1]
@="{E68D0A50-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A50-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:41	1232896	----a-w-	c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay2]
@="{E68D0A51-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A51-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:41	1232896	----a-w-	c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay3]
@="{E68D0A52-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A52-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:41	1232896	----a-w-	c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GGDriveOverlay4]
@="{E68D0A53-3C40-4712-B90D-DCFA93FF2534}"
[HKEY_CLASSES_ROOT\CLSID\{E68D0A53-3C40-4712-B90D-DCFA93FF2534}]
2012-06-05 09:41	1232896	----a-w-	c:\programdata\GG\ggdrive\ggdrive-overlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2011-08-16 1379840]
"Sidebar"="c:\program files\windows sidebar\sidebar.exe" [2009-04-11 1233920]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-03 17415344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-12-16 186904]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2007-11-28 298536]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2009-02-12 355896]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2009-01-28 24848]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-08-08 319000]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-03-10 506936]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-12-04 75016]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2009-01-14 11223040]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-02-18 177720]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 215552]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-01-09 2393376]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"ALLUpdate"="c:\program files\ALLPlayer\ALLUpdate.exe" [2011-08-16 1379840]
"Sidebar"="c:\program files\windows sidebar\sidebar.exe" [2009-04-11 1233920]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"BTCentre"="c:\genius\PenMouse\gBTMouseTask.exe" [2011-05-05 491520]
"PenMouse"="c:\genius\PenMouse\PenMouse.exe" [2011-05-04 102400]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 6756048]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 3117344]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"adawarebp"="reg.exe delete HKCU\Software\AppDataLow\Software\adawarebp" [X]
"adawarebp_XP"="reg.exe delete HKCU\Software\adawarebp" [X]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-3-1 789032]
GlobeTrotter Connect.lnk - c:\program files\Option\GlobeTrotter Connect\GlobeTrotter Connect.exe [2008-7-11 782336]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK32.EXE [2012-10-18 685496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3517503380-3881505670-3387673457-1004]
"EnableNotificationsRef"=dword:00000001
.
R2 0044401270983584mcinstcleanup;McAfee Application Installer Cleanup (0044401270983584); [x]
S2 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient\accoca.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Bioscrypt	REG_MULTI_SZ   	ASBroker ASChannel
bthsvcs	REG_MULTI_SZ   	BthServ
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
WindowsMobile	REG_MULTI_SZ   	wcescomm rapimgr
LocalServiceRestricted	REG_MULTI_SZ   	WcesComm RapiMgr
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-01-09 23:28	451872	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-08 12:03]
.
2012-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-08 12:03]
.
2012-11-20 c:\windows\Tasks\User_Feed_Synchronization-{1595F9A8-3FA6-43F7-A28C-A42B7DC1019D}.job
- c:\windows\system32\msfeedssync.exe [2012-09-22 08:30]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&ksport do programu Microsoft Excel
IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel
IE: Google Sidewiki...
IE: Search the Web
IE: Wyslij &do programu OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Wyslij obraz do urzadzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Wyslij strone do urzadzenia &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: torrent-polska.eu\www
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{005E9034-5057-4724-93EE-D50897E72D42}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{41284A3D-B844-4C1E-8A39-7D7A69FC0E65}: NameServer = 8.26.56.26,156.154.70.22
.
.
------- File Associations -------
.
.scr=STATISTICAScrollsheet
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file)
Toolbar-{6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file)
HKCU-Run-IPBlocker - c:\program files\URL.BIZ ip blocker 1.0\ipblocker.exe
HKLM-Run-vProt - c:\program files\AVG Secure Search\vprot.exe
HKLM-Run-ROC_ROC_NT - c:\program files\AVG Secure Search\ROC_ROC_NT.exe
Notify-DeviceNP - DeviceNP.dll
SafeBoot-Wdf01000.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-20 19:08
Windows 6.0.6002 Service Pack 2 NTFS
.
detected NTDLL code modification:
ZwClose
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3517503380-3881505670-3387673457-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{53919742-E0F5-ACAB-0406-86E1D3E33E2C}*]
"hahknhijbllnmlal"=hex:6b,61,6a,6b,67,6f,68,67,6a,6f,6d,64,63,6d,61,6d,6e,64,
   69,6a,64,6c,00,02
"ianjdgfbgopebhcnlk"=hex:6b,61,6a,6b,67,6f,68,67,6a,6f,6d,64,63,6d,70,6c,69,64,
   6f,6a,70,6b,00,02
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(956)
c:\windows\system32\guard32.dll
c:\program files\Hewlett-Packard\IAM\bin\ASWLNPkg.dll
c:\program files\Hewlett-Packard\IAM\bin\itmsg.dll
.
- - - - - - - > 'Explorer.exe'(2520)
c:\windows\system32\guard32.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Fingerprint Sensor\AtService.exe
c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe
c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Hpservice.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\ActivIdentity\ActivClient\acevents.exe
c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe
c:\program files\Option\GlobeTrotter Connect\GtDetectSc.exe
c:\program files\iPlus\Drivers\driverVista\GTMax3.6\GtFlashSwitch.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\PDF Complete\pdfsvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2012-11-20  19:15:08 - machine was rebooted
ComboFix-quarantined-files.txt  2012-11-20 18:14
.
Pre-Run: 229 305 896 960 bajtów wolnych
Post-Run: 225 688 375 296 bajtów wolnych
.
- - End Of File - - 121D123615E91FFF0ABA736B1AA3FFF0