x-kom hosting

"qooqlle" natarczywie powracająca strona startowa

leon_w
utworzono
utworzono

Witam,
Od jakiegoś czasu na moich przeglądarkach (mozilla i IE) ustawia się strona startowa "qooqlle". Mimo ustawienia innej, po restarcie kompa zawsze ustawia sie "qooqlle". Prubowałem przeskanowac kompa Malwarebytes' Anti-Malware, nawet cos znalazl i usunął, ale problem pozostał.
System windows vista home basic, 32 bitowy
Logi:
[log]OTL Extras logfile created on: 2010-12-17 17:42:17 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Rybcia\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 60,00 Gb Total Space | 11,78 Gb Free Space | 19,64% Space Free | Partition Type: NTFS
Drive D: | 60,00 Gb Total Space | 41,36 Gb Free Space | 68,94% Space Free | Partition Type: NTFS
Drive E: | 28,05 Gb Total Space | 17,73 Gb Free Space | 63,21% Space Free | Partition Type: NTFS

Computer Name: RYBCIA-PC | User Name: Rybcia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1486510819-589907670-3929606539-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{191E0701-14E1-4283-956D-643D68EF9444}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{26E18894-FF36-42B1-B568-BB326A5EABAD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2FE29153-67D5-4BDD-9E57-BA9DEE4188B2}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3BB71F59-AF2D-4748-8F06-708F6AE66304}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{440468FA-A5D7-4C9F-BD53-EACF0EA283F0}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{470568E2-66E6-4437-A4E8-AC4C6D861049}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{4A897434-DF60-498A-BF30-286900DD2A79}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{589A2950-A578-4137-B2FA-92C7080AFEA2}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{62660398-0F17-4107-9A2D-6998D3047ACB}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{6BADE3FB-4284-4FC5-B4F0-F94E2349F55C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6EB97094-9E91-4DCB-B05D-978C3BFFE092}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6FC4F9C9-3834-4779-A45E-4F9AA87B16AA}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{72848565-3B82-4124-811A-48EA69BCA2C2}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{773DB696-6EFE-47F0-9021-B84698CC674C}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{77F93525-B9D3-40CC-9A73-331D5E3FC67F}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{80F4654F-3D35-4F38-B43F-0CE85392ED11}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{823ED6BE-67E3-465E-A910-62CEC68AE5AD}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{82CB1DA8-7E9A-4470-A75D-67FA48D57EAC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{880BC97F-F606-47E1-B480-05FFC0693BC1}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{8CCE9039-9F5E-4CEF-918C-C9C8111F8ADF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{944F3894-F224-4BA0-94D3-B241E3552B14}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{ABA1D1F0-1245-49FC-AE69-332D62EE3704}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{AF5D2A18-52EF-4B79-A68E-4538256D2FE2}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B4A9DA6B-74C9-4C42-AC76-0BD77D85F308}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{B536B7D5-EBEA-40F2-A7B4-0FBB71DD9972}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B6745AD4-1656-4E84-A8D0-CB0777AF1F07}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BB57A100-B68E-436C-A23D-4693FCF2D7C6}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C245BA1E-5F2D-4BA8-BBB8-D4807BA0D5DA}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{C2E98927-B850-49F3-BB64-BF74D58CD1EA}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C5A2FA85-8703-4E80-A97F-E85363E1C6DD}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{C65A9E91-BEEF-45B9-A980-F3C2C7DA176F}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{CC78C95B-67B1-49DD-92BF-A9D6FE597B77}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D0FC839F-CDC8-48C3-A00D-A44FF0C6685D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D7D45426-BCE3-457C-9003-330993300579}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{E5459AD7-8706-4A41-881D-B25B0AE49C7F}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{E946131A-BF86-445B-9643-0ACA25EFDBC8}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EC09BA49-4E1A-44E2-AEA1-9A2CE13AFB65}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{ED06CF83-758B-4829-B6C9-4C2D6F1741DD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{021E3650-072D-44AB-8518-9EDDB1D29767}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{02239491-CE60-4260-B1AA-0ED6668EA1C3}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0A762005-7D44-41CE-8928-4844D2D70E69}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{0C1A69F4-6DC3-45BA-875A-3F6C232288CA}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0DEDFB7D-79A5-4981-BCF1-969C94E15275}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{2A8F4048-9A54-495B-880A-37B66307CB73}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2CFEE533-2B0D-45DB-85A3-5510D02D7BB0}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{35B1446D-DB98-43F7-A630-BB2C9328004A}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{399DA14C-40A2-40CE-8DAA-EA65AE12D186}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{462E05D5-BF52-43E8-AF37-2201CD9B517A}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4DDDD3C8-1725-4207-A13B-DE845388BC4F}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{5696790E-C2FA-4A63-BB68-F2B955E41FF9}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{57A13F58-F461-4CE6-8EF0-4D4B5AA5AD6E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5FA63B2A-0DFC-4D34-A91E-FA970FA6D4AA}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{735D747E-CDF7-4713-A23B-B8FD0EC9EFA2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{74DAFF3A-9F32-4A5C-9361-FD41030E0C50}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A4222704-9A06-4BF2-8F5E-5C26C9295130}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B5F049CD-ADC5-4854-8491-95A22D709F92}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B9F5F74B-BDCE-490F-87E9-CAAAFD0960B5}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{BAC5F0FE-A1D0-4E28-8099-21108A389471}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C21EE91F-5E01-4528-BA88-D621DE602440}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C48967BC-078C-40DA-8605-93E998525605}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D9920BDE-E053-4AB5-B9A6-D97D52B9B2CB}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{E477C1A2-255B-4F67-99AB-054C87FD95B0}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{E78D2D65-8860-49C4-81BB-43B8EA040A83}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ED19F409-5163-48A4-9152-60A3402F46E9}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F2AA3FED-C664-4AEF-97FB-CE55BC3FA5B5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F30247DD-552C-4E49-9424-17B8439D7812}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FEA9B0B4-A0DC-40B8-A238-36B1CBDB9C62}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"TCP Query User{117287FE-64CE-4C30-B82F-78A325AE4B28}D:\gry\serious sam\bin\serioussam.exe" = protocol=6 | dir=in | app=d:\gry\serious sam\bin\serioussam.exe |
"TCP Query User{12000210-1508-4BA5-944E-617252B8C946}C:\program files\wolfenstein - enemy territory\et.exe" = protocol=6 | dir=in | app=c:\program files\wolfenstein - enemy territory\et.exe |
"TCP Query User{5B370856-3305-4FEC-9013-44C49AB2E230}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{95B4CB90-CBC4-437D-8515-4D844F7A66B1}D:\gry\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=d:\gry\counter-strike 1.6\hl.exe |
"TCP Query User{A82DD9C1-86CC-4F5F-87B7-F6EC11A2593C}C:\program files\tlen.pl\tlen.exe" = protocol=6 | dir=in | app=c:\program files\tlen.pl\tlen.exe |
"TCP Query User{B1864BC8-88C7-4C18-908B-4DDF220EF4BB}F:\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=f:\counter-strike 1.6\hl.exe |
"TCP Query User{B2EF484A-E7B3-4C38-A527-A37A5DAE42A9}C:\program files\wolfenstein - enemy territory\et.exe" = protocol=6 | dir=in | app=c:\program files\wolfenstein - enemy territory\et.exe |
"TCP Query User{C4927CC7-1003-4786-B7C4-A0FB126E64B9}C:\program files\wolfenstein - enemy territory\etded.exe" = protocol=6 | dir=in | app=c:\program files\wolfenstein - enemy territory\etded.exe |
"TCP Query User{EF35CEC8-C3DF-4E7E-9CB2-F5B8F097AE6A}C:\program files\tlen.pl\tlen.exe" = protocol=6 | dir=in | app=c:\program files\tlen.pl\tlen.exe |
"TCP Query User{F85D55AE-5FD3-4925-BC0F-C6B5681E9315}D:\gry\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=d:\gry\counter-strike 1.6\hl.exe |
"UDP Query User{2C81EAB4-7F92-4CAB-A6AB-1D1B52D4E395}C:\program files\wolfenstein - enemy territory\et.exe" = protocol=17 | dir=in | app=c:\program files\wolfenstein - enemy territory\et.exe |
"UDP Query User{2D928810-9814-4439-9228-6EA1F8CCDC9B}C:\program files\tlen.pl\tlen.exe" = protocol=17 | dir=in | app=c:\program files\tlen.pl\tlen.exe |
"UDP Query User{2FDE4721-29E5-4433-B3FB-2711F767F06B}C:\program files\tlen.pl\tlen.exe" = protocol=17 | dir=in | app=c:\program files\tlen.pl\tlen.exe |
"UDP Query User{3B1E4D77-160D-46C0-AEF3-488D7AEFA148}D:\gry\serious sam\bin\serioussam.exe" = protocol=17 | dir=in | app=d:\gry\serious sam\bin\serioussam.exe |
"UDP Query User{3C58EAE8-52C5-45FA-BDA3-342945F9581D}D:\gry\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=d:\gry\counter-strike 1.6\hl.exe |
"UDP Query User{863AC858-C565-41CD-8F98-94EE669A782B}D:\gry\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=d:\gry\counter-strike 1.6\hl.exe |
"UDP Query User{945D3AB2-156F-46B2-90CA-7D62CC423A8B}C:\program files\wolfenstein - enemy territory\etded.exe" = protocol=17 | dir=in | app=c:\program files\wolfenstein - enemy territory\etded.exe |
"UDP Query User{C9FB773B-CB03-4385-9F92-4DA127295EB0}C:\program files\wolfenstein - enemy territory\et.exe" = protocol=17 | dir=in | app=c:\program files\wolfenstein - enemy territory\et.exe |
"UDP Query User{DF0D8D89-4513-4A4C-926A-10A005763F75}F:\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=f:\counter-strike 1.6\hl.exe |
"UDP Query User{E63E8399-22DC-4769-81F7-DE4FD8A1E4AC}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
""SubEdit-Player"" = "SubEdit-Player"
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{228F6876-A313-40A3-91C0-C3CBE6997D09}" = Symantec
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 17
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2908F0CB-C1D4-447F-97A2-CFC135C9F8D4}" = Internet Worm Protection
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}" = Norton AntiVirus Help
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{45B3A3BD-F90D-48FE-A147-D74878A51045}" = Nero 7 Essentials
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6A9087C0-0500-49D6-90CA-5BD512A5BE88}" = Symantec Real Time Storage Protection Component
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{78764173-3805-4916-B3CE-B433702B8870}" = O2Micro Flash Memory Card Reader Driver Installer(x86)
"{81717D01-32F6-449C-85E1-41AFD678E545}" = LG Intelligent Update
"{819C8257-BEA2-4599-BB00-9C83881CDF12}" = SymNet
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum obsługi urządzeń z systemem Windows Mobile
"{9455E8B0-4D73-4A9D-BFA3-D2C213BFD28F}" = LG Smart Cam
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1045-7B44-A91000000001}" = Adobe Reader 9.1 - Polish
"{B52D7A21-03E5-4C0C-82FA-FD8EB4C92149}" = AxessManager
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1FF75E7-DD42-4CFD-B052-20B3FFF4EDB8}" = Norton AntiVirus SYMLT MSI
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton AntiVirus Parent MSI
"{E7044E25-3038-4A76-9064-344AC038043E}" = Centrum obsługi urządzeń z systemem Windows Mobile — aktualizacja sterowników
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"avast5" = avast! Free Antivirus
"Big Kahuna Reef 2" = Big Kahuna Reef 2
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"EzManual" = EzManual
"ffdshow_is1" = ffdshow [rev 2639] [2009-01-27]
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Miranda Chrome" = Miranda Chrome 1.0.3
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"Poradnik wędkarza_is1" = Poradnik wędkarza
"QuickTime" = QuickTime
"RealAlt_is1" = Real Alternative 1.9.0 Lite
"SkanerOnline" = Skaner on-line mks_vir
"Speed Reader PL_is1" = Speed Reader PL
"SubEdit - Vista WMP Patch_is1" = SubEdit - Vista WMP Patch
"SubEdit-Player_is1" = SubEdit-Player
"SymSetup.{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus (Symantec Corporation)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tlen.pl" = Tlen.pl
"Winamp" = Winamp (remove only)
"WinRAR archiver" = Archiwizator WinRAR
"Wolfenstein - Enemy Territory" = Wolfenstein - Enemy Territory
"Zumas Revenge! - Adventure" = Zumas Revenge! - Adventure

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1486510819-589907670-3929606539-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Antivirus Events ]
Error - 2009-03-29 13:05:40 | Computer Name = Rybcia-PC | Source = avast! | ID = 33554522
Description =

Error - 2009-03-30 06:44:49 | Computer Name = Rybcia-PC | Source = avast! | ID = 33554522
Description =

Error - 2009-03-30 16:02:43 | Computer Name = Rybcia-PC | Source = avast! | ID = 33554522
Description =

Error - 2009-03-31 08:24:39 | Computer Name = Rybcia-PC | Source = avast! | ID = 33554522
Description =

Error - 2009-04-01 09:09:07 | Computer Name = Rybcia-PC | Source = avast! | ID = 33554522
Description =

Error - 2009-04-01 21:12:07 | Computer Name = Rybcia-PC | Source = avast! | ID = 33554522
Description =

Error - 2009-04-02 08:33:28 | Computer Name = Rybcia-PC | Source = avast! | ID = 33554522
Description =

Error - 2009-04-02 12:37:15 | Computer Name = Rybcia-PC | Source = avast! | ID = 33554522
Description =

Error - 2009-04-03 08:43:40 | Computer Name = Rybcia-PC | Source = avast! | ID = 33554522
Description =

Error - 2010-08-15 14:28:34 | Computer Name = Rybcia-PC | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 2010-12-07 14:57:14 | Computer Name = Rybcia-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd iexplore.exe, wersja 8.0.6001.18975, sygnatura
czasowa 0x4c8710a6, moduł powodujący błąd mshtml.dll, wersja 8.0.6001.18975, sygnatura
czasowa 0x4c87263d, kod wyjątku 0xc0000005, przesunięcie błędu 0x0042e98d, identyfikator
procesu 0xa10, godzina rozpoczęcia aplikacji 0x01cb963162546789.

Error - 2010-12-08 13:33:19 | Computer Name = Rybcia-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd AWC.exe, wersja 3.4.0.677, sygnatura czasowa
0x2a425e19, moduł powodujący błąd ntdll.dll, wersja 6.0.6002.18005, sygnatura czasowa
0x49e03821, kod wyjątku 0xc000012f, przesunięcie błędu 0x00009eed, identyfikator
procesu 0xc90, godzina rozpoczęcia aplikacji 0x01cb96fdff593419.

Error - 2010-12-10 06:43:52 | Computer Name = Rybcia-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd AWC.exe, wersja 3.4.0.677, sygnatura czasowa
0x2a425e19, moduł powodujący błąd ntdll.dll, wersja 6.0.6002.18005, sygnatura czasowa
0x49e03821, kod wyjątku 0xc000012f, przesunięcie błędu 0x00009eed, identyfikator
procesu 0xc58, godzina rozpoczęcia aplikacji 0x01cb985720e1a149.

Error - 2010-12-11 05:09:59 | Computer Name = Rybcia-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd AWC.exe, wersja 3.4.0.677, sygnatura czasowa
0x2a425e19, moduł powodujący błąd ntdll.dll, wersja 6.0.6002.18005, sygnatura czasowa
0x49e03821, kod wyjątku 0xc000012f, przesunięcie błędu 0x00009eed, identyfikator
procesu 0xda4, godzina rozpoczęcia aplikacji 0x01cb99132e9914bb.

Error - 2010-12-11 09:27:21 | Computer Name = Rybcia-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd AWC.exe, wersja 3.4.0.677, sygnatura czasowa
0x2a425e19, moduł powodujący błąd ntdll.dll, wersja 6.0.6002.18005, sygnatura czasowa
0x49e03821, kod wyjątku 0xc000012f, przesunięcie błędu 0x00009eed, identyfikator
procesu 0xd10, godzina rozpoczęcia aplikacji 0x01cb99372126f5be.

Error - 2010-12-13 13:29:19 | Computer Name = Rybcia-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd AWC.exe, wersja 3.4.0.677, sygnatura czasowa
0x2a425e19, moduł powodujący błąd ntdll.dll, wersja 6.0.6002.18005, sygnatura czasowa
0x49e03821, kod wyjątku 0xc000012f, przesunięcie błędu 0x00009eed, identyfikator
procesu 0xd2c, godzina rozpoczęcia aplikacji 0x01cb9aeb45524873.

Error - 2010-12-16 12:19:10 | Computer Name = Rybcia-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd AWC.exe, wersja 3.4.0.677, sygnatura czasowa
0x2a425e19, moduł powodujący błąd ntdll.dll, wersja 6.0.6002.18005, sygnatura czasowa
0x49e03821, kod wyjątku 0xc000012f, przesunięcie błędu 0x00009eed, identyfikator
procesu 0xdb0, godzina rozpoczęcia aplikacji 0x01cb9d3cf642b12f.

Error - 2010-12-16 15:19:56 | Computer Name = Rybcia-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 2010-12-17 04:20:10 | Computer Name = Rybcia-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd AWC.exe, wersja 3.4.0.677, sygnatura czasowa
0x2a425e19, moduł powodujący błąd ntdll.dll, wersja 6.0.6002.18005, sygnatura czasowa
0x49e03821, kod wyjątku 0xc000012f, przesunięcie błędu 0x00009eed, identyfikator
procesu 0xdf8, godzina rozpoczęcia aplikacji 0x01cb9dc336a833e7.

Error - 2010-12-17 04:46:26 | Computer Name = Rybcia-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd AWC.exe, wersja 3.4.0.677, sygnatura czasowa
0x2a425e19, moduł powodujący błąd ntdll.dll, wersja 6.0.6002.18005, sygnatura czasowa
0x49e03821, kod wyjątku 0xc000012f, przesunięcie błędu 0x00009eed, identyfikator
procesu 0xf80, godzina rozpoczęcia aplikacji 0x01cb9dc6ddf6e580.

[ System Events ]
Error - 2010-12-17 04:19:23 | Computer Name = Rybcia-PC | Source = volmgr | ID = 262190
Description = Inicjowanie zrzutu awaryjnego nie powiodło się!

Error - 2010-12-17 04:43:30 | Computer Name = Rybcia-PC | Source = volmgr | ID = 262190
Description = Inicjowanie zrzutu awaryjnego nie powiodło się!

Error - 2010-12-17 04:43:38 | Computer Name = Rybcia-PC | Source = volmgr | ID = 262190
Description = Inicjowanie zrzutu awaryjnego nie powiodło się!

Error - 2010-12-17 07:21:26 | Computer Name = Rybcia-PC | Source = volmgr | ID = 262190
Description = Inicjowanie zrzutu awaryjnego nie powiodło się!

Error - 2010-12-17 07:21:33 | Computer Name = Rybcia-PC | Source = volmgr | ID = 262190
Description = Inicjowanie zrzutu awaryjnego nie powiodło się!

Error - 2010-12-17 09:17:40 | Computer Name = Rybcia-PC | Source = volmgr | ID = 262190
Description = Inicjowanie zrzutu awaryjnego nie powiodło się!

Error - 2010-12-17 09:17:47 | Computer Name = Rybcia-PC | Source = volmgr | ID = 262190
Description = Inicjowanie zrzutu awaryjnego nie powiodło się!

Error - 2010-12-17 12:16:13 | Computer Name = Rybcia-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 17:14:36 na 2010-12-17 było nieoczekiwane.

Error - 2010-12-17 12:15:58 | Computer Name = Rybcia-PC | Source = volmgr | ID = 262190
Description = Inicjowanie zrzutu awaryjnego nie powiodło się!

Error - 2010-12-17 12:16:05 | Computer Name = Rybcia-PC | Source = volmgr | ID = 262190
Description = Inicjowanie zrzutu awaryjnego nie powiodło się!


< End of report >
[/log]
[log]
Logfile of random's system information tool 1.08 (written by random/random)
Run by Rybcia at 2010-12-17 17:25:20
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 12 GB (20%) free of 61 GB
Total RAM: 3063 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:25:41, on 2010-12-17
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\lg_swupdate\GiljabiStart.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\LG Software\System Control Manager\MGSysCtrl.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\VM303_STI.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Tlen.pl\tlen.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Rybcia\Downloads\RSIT.exe
C:\Program Files\trend micro\Rybcia.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [LG Intelligent Update] "C:\Program Files\lg_swupdate\giljabistart.exe" Gilautouc
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\LG Software\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BigDog303] C:\Windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GProton] %ALLUSERSPROFILE%\GProton.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA')
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Harmonogram automatycznej usługi LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Evil Driver Daemon (NishService) - Unknown owner - C:\Program Files\LG Software\System Control Manager\edd.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

--
End of file - 11084 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\AWC Update.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cac607f4664228.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton AntiVirus - Uruchom pełne skanowanie systemu - Rybcia.job
C:\Windows\tasks\User_Feed_Synchronization-{E54434B2-2155-4FA7-A0F1-D8891CE248BA}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-15 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-10 842296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-12-10 929224]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-15 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"LG Intelligent Update"=C:\Program Files\lg_swupdate\giljabistart.exe [2009-04-23 251184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-06-20 4493312]
"Skytel"=C:\Windows\Skytel.exe [2007-06-15 1826816]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-09-15 1021224]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-10-24 107112]
"osCheck"=C:\Program Files\Norton AntiVirus\osCheck.exe [2006-10-27 22696]
"MGSysCtrl"=C:\Program Files\LG Software\System Control Manager\MGSysCtrl.exe [2007-07-06 565248]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-11-26 1629480]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-11-26 1057064]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2006-03-10 35328]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"ALUAlert"=C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe [2006-11-24 112320]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-04-25 77824]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"BigDog303"=C:\Windows\VM303_STI.EXE [2006-01-24 61440]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"GProton"=C:\ProgramData\GProton.exe [2010-12-04 7793152]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-11-29 963976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-10 216520]
"Komunikator"=C:\Program Files\Tlen.pl\tlen.exe [2009-01-17 5853672]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-03-13 319792]
"CollaborationHost"=C:\Windows\system32\p2phost.exe [2008-01-19 192000]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-12-17 14:43:31 ----D---- C:\Program Files\trend micro
2010-12-17 14:43:30 ----D---- C:\rsit
2010-12-16 17:35:06 ----A---- C:\Windows\system32\tzres.dll
2010-12-16 17:34:24 ----A---- C:\Windows\system32\win32k.sys
2010-12-16 17:34:13 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-16 17:34:12 ----A---- C:\Windows\system32\taskschd.dll
2010-12-16 17:34:11 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-16 17:34:10 ----A---- C:\Windows\system32\taskeng.exe
2010-12-16 17:34:10 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-16 17:34:04 ----A---- C:\Windows\system32\consent.exe
2010-12-16 17:34:00 ----A---- C:\Windows\system32\fontsub.dll
2010-12-16 17:34:00 ----A---- C:\Windows\system32\atmlib.dll
2010-12-16 17:34:00 ----A---- C:\Windows\system32\atmfd.dll
2010-12-16 17:33:47 ----A---- C:\Windows\system32\iertutil.dll
2010-12-16 17:33:46 ----A---- C:\Windows\system32\mshtml.dll
2010-12-16 17:33:45 ----A---- C:\Windows\system32\mstime.dll
2010-12-16 17:33:45 ----A---- C:\Windows\system32\ieframe.dll
2010-12-16 17:33:38 ----A---- C:\Windows\system32\ie4uinit.exe
2010-12-16 17:33:37 ----A---- C:\Windows\system32\wininet.dll
2010-12-16 17:33:37 ----A---- C:\Windows\system32\urlmon.dll
2010-12-16 17:33:37 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-16 17:33:36 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-16 17:33:36 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-16 17:33:35 ----A---- C:\Windows\system32\occache.dll
2010-12-16 17:33:35 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-16 17:33:35 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-16 17:33:35 ----A---- C:\Windows\system32\ieUnatt.exe
2010-12-16 17:33:35 ----A---- C:\Windows\system32\ieui.dll
2010-12-16 17:33:35 ----A---- C:\Windows\system32\iesysprep.dll
2010-12-16 17:33:35 ----A---- C:\Windows\system32\iesetup.dll
2010-12-16 17:33:35 ----A---- C:\Windows\system32\iepeers.dll
2010-12-16 17:33:34 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-16 17:33:34 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-16 17:33:34 ----A---- C:\Windows\system32\iernonce.dll
2010-12-07 18:33:56 ----D---- C:\Users\Rybcia\AppData\Roaming\Malwarebytes
2010-12-07 18:28:37 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-12-07 18:28:36 ----D---- C:\ProgramData\Malwarebytes
2010-12-07 18:28:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-12-07 18:28:32 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-12-07 18:07:43 ----D---- C:\Program Files\SkanerOnline
2010-12-04 11:19:17 ----RASH---- C:\ProgramData\GProton.exe
2010-11-26 23:47:03 ----D---- C:\Program Files\Wolfenstein - Enemy Territory
2010-11-20 14:13:21 ----D---- C:\ProgramData\Alwil Software

======List of files/folders modified in the last 1 months======

2010-12-17 17:25:31 ----D---- C:\Windows\Temp
2010-12-17 17:18:09 ----D---- C:\Users\Rybcia\AppData\Roaming\uTorrent
2010-12-17 15:07:33 ----D---- C:\Windows\Prefetch
2010-12-17 15:07:27 ----D---- C:\Windows\system32\catroot2
2010-12-17 15:07:23 ----SHD---- C:\System Volume Information
2010-12-17 14:43:31 ----RD---- C:\Program Files
2010-12-17 09:55:49 ----D---- C:\Windows\winsxs
2010-12-17 09:42:39 ----D---- C:\Windows\System32
2010-12-17 09:42:39 ----D---- C:\Program Files\Windows Mail
2010-12-17 09:42:38 ----D---- C:\Program Files\Internet Explorer
2010-12-17 09:42:37 ----D---- C:\Windows\system32\migration
2010-12-17 09:36:03 ----D---- C:\Windows\rescache
2010-12-17 09:25:02 ----D---- C:\Windows\system32\pl-PL
2010-12-17 09:24:29 ----D---- C:\Windows\system32\catroot
2010-12-16 17:25:19 ----A---- C:\Windows\system32\mrt.exe
2010-12-07 18:28:37 ----D---- C:\Windows\system32\drivers
2010-12-07 18:28:36 ----HD---- C:\ProgramData
2010-12-07 18:07:44 ----SD---- C:\Windows\Downloaded Program Files
2010-11-25 13:04:20 ----D---- C:\Users\Rybcia\AppData\Roaming\Mozilla
2010-11-25 13:03:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-25 13:03:26 ----D---- C:\Windows\inf
2010-11-20 14:19:11 ----D---- C:\Program Files\Alwil Software
2010-11-20 14:16:06 ----SHD---- C:\Windows\Installer
2010-11-20 14:14:51 ----D---- C:\Windows

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2007-04-03 39680]
R0 O2SDRDR;O2SDRDR; C:\Windows\system32\DRIVERS\o2sd.sys [2007-04-02 35712]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2005-12-05 20640]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-01-23 717296]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-02-27 371248]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\IDS-DI~1\20090415.001\IDSvix86.sys [2009-02-09 272432]
R1 InCDPass;InCDPass; C:\Windows\system32\drivers\InCDPass.sys [2007-11-26 36776]
R1 incdrm;InCD Reader; C:\Windows\system32\drivers\InCDRm.sys [2007-11-26 38440]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2006-10-06 406672]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2008-10-03 187952]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-01-13 954368]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-02-27 101936]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-06-22 1788056]
R3 MGHwCtrl;MGHwCtrl; \??\C:\Windows\system32\drivers\MGHwCtrl.sys [2006-07-03 9088]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090421.006\NAVENG.SYS [2009-03-16 89104]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090421.006\NAVEX15.SYS [2009-03-16 876144]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-03-05 76288]
R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2008-10-03 12848]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-04-02 124464]
R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2008-10-03 146096]
R3 SYMIDS;SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [2008-10-03 39984]
R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2008-10-03 37936]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2008-10-03 27696]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-09-15 191408]
R4 InCDfs;InCD File System; C:\Windows\system32\drivers\InCDFs.sys [2007-11-26 118952]
S3 ab639ko2;ab639ko2; C:\Windows\system32\drivers\ab639ko2.sys []
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
S3 usb_rndisx;Karta USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 ZSMC303;VIMICRO USB PC Camera (VC0303); C:\Windows\System32\Drivers\usbVM303.sys [2006-02-23 391300]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
R2 Harmonogram automatycznej usługi LiveUpdate;Harmonogram automatycznej usługi LiveUpdate; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-11-24 194240]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-11-26 1554728]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
R2 NishService;Evil Driver Daemon; C:\Program Files\LG Software\System Control Manager\edd.exe [2006-03-02 40960]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Oz128 Driver\o2flash.exe [2007-02-12 65536]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024]
R2 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2006-09-20 46736]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2009-02-07 1251720]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-13 135664]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-03-13 182768]
S3 ISPwdSvc;Symantec IS Password Validation; C:\Program Files\Norton AntiVirus\isPwdSvc.exe [2006-10-27 80552]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-11-24 2541248]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------
[/log]

[log]
OTL logfile created on: 2010-12-17 17:42:17 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Rybcia\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 60,00 Gb Total Space | 11,78 Gb Free Space | 19,64% Space Free | Partition Type: NTFS
Drive D: | 60,00 Gb Total Space | 41,36 Gb Free Space | 68,94% Space Free | Partition Type: NTFS
Drive E: | 28,05 Gb Total Space | 17,73 Gb Free Space | 63,21% Space Free | Partition Type: NTFS

Computer Name: RYBCIA-PC | User Name: Rybcia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-12-17 14:39:23 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Rybcia\Downloads\OTL.exe
PRC - [2010-11-04 17:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2010-11-02 05:25:18 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
PRC - [2010-09-07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-09-07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-08-17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010-07-24 08:56:01 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010-07-24 08:55:55 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-10-11 04:17:36 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009-06-15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-04-25 21:08:08 | 000,077,824 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2009-04-23 05:26:01 | 000,251,184 | ---- | M] (BIT LEADER) -- C:\Program Files\lg_swupdate\GiljabiStart.exe
PRC - [2009-04-11 07:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009-04-11 07:28:08 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009-04-11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-04-11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009-04-11 07:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2009-04-11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-04-11 07:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 07:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009-02-07 21:54:33 | 001,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2008-02-11 19:13:12 | 000,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2008-02-11 19:13:10 | 000,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008-02-11 19:13:08 | 000,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2008-02-11 19:13:02 | 000,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2008-01-19 08:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008-01-19 08:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2008-01-19 08:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008-01-19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:14 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008-01-19 08:33:05 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2007-11-26 14:54:22 | 001,629,480 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
PRC - [2007-11-26 14:54:12 | 001,554,728 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
PRC - [2007-11-26 14:54:02 | 001,057,064 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe
PRC - [2007-09-15 01:50:54 | 001,021,224 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2007-07-06 13:44:04 | 000,565,248 | ---- | M] (MSI) -- C:\Program Files\LG Software\System Control Manager\MGSysCtrl.exe
PRC - [2007-06-20 08:56:16 | 004,493,312 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007-05-31 09:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdc.exe
PRC - [2007-05-14 03:54:36 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2007-03-14 21:01:30 | 000,071,216 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2007-02-12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
PRC - [2006-11-24 13:03:34 | 000,194,240 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006-11-24 13:03:34 | 000,112,320 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
PRC - [2006-10-24 23:08:40 | 000,107,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2006-10-24 23:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2006-10-05 04:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006-09-20 18:05:16 | 000,046,736 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
PRC - [2006-03-10 18:45:12 | 000,035,328 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2006-03-02 16:43:24 | 000,040,960 | ---- | M] () -- C:\Program Files\LG Software\System Control Manager\edd.exe
PRC - [2006-01-24 22:07:00 | 000,061,440 | ---- | M] (Vimicro) -- C:\Windows\VM303_STI.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-12-17 14:39:23 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Rybcia\Downloads\OTL.exe
MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010-07-26 16:51:48 | 011,584,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2010-06-28 18:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-04-16 17:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-09-24 23:54:55 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2009-07-17 14:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-06-15 15:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-06-15 15:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-04-23 13:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-04-11 07:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009-04-11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009-04-11 07:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009-04-11 07:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009-04-11 07:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-04-11 07:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009-04-11 07:28:24 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2009-04-11 07:28:24 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2009-04-11 07:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009-04-11 07:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-04-11 07:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009-04-11 07:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2009-04-11 07:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2009-04-11 07:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-04-11 07:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009-04-11 07:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-04-11 07:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2009-04-11 07:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-04-11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009-04-11 07:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009-04-11 07:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009-04-11 07:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009-04-11 07:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2009-04-11 07:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009-04-11 07:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2009-04-11 07:27:49 | 001,202,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2008-01-19 08:37:12 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2008-01-19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2008-01-19 08:36:48 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2008-01-19 08:36:47 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2008-01-19 08:36:35 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-01-19 08:35:57 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2008-01-19 08:33:52 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2008-01-19 08:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-09-07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-09-07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-09-07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-09-25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009-02-07 21:54:33 | 001,251,720 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008-01-29 17:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008-01-19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-11-26 14:54:12 | 001,554,728 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2007-05-31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007-02-12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files\O2Micro Oz128 Driver\o2flash.exe -- (o2flash)
SRV - [2006-11-24 13:03:34 | 002,541,248 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2006-11-24 13:03:34 | 000,194,240 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Harmonogram automatycznej usługi LiveUpdate)
SRV - [2006-10-27 00:18:36 | 000,080,552 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton AntiVirus\isPwdSvc.exe -- (ISPwdSvc)
SRV - [2006-10-24 23:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - [2006-10-24 23:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2006-10-24 23:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2006-10-24 23:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2006-10-05 04:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006-09-20 18:05:16 | 000,046,736 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
SRV - [2006-03-02 16:43:24 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Program Files\LG Software\System Control Manager\edd.exe -- (NishService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010-09-07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-09-07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-09-07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-09-07 16:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010-09-07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-04-11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009-04-02 17:07:56 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009-03-16 09:00:00 | 000,876,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090421.006\NAVEX15.SYS -- (NAVEX15)
DRV - [2009-03-16 09:00:00 | 000,089,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090421.006\NAVENG.SYS -- (NAVENG)
DRV - [2009-02-27 10:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009-02-27 10:00:00 | 000,101,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009-02-09 23:59:20 | 000,272,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ids-diskless\20090415.001\IDSvix86.sys -- (IDSvix86)
DRV - [2009-01-23 14:35:40 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-01-13 08:45:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008-10-03 13:14:12 | 000,037,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2008-10-03 13:14:10 | 000,187,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2008-10-03 13:14:10 | 000,146,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2008-10-03 13:14:10 | 000,039,984 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2008-10-03 13:14:10 | 000,027,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2008-10-03 13:14:08 | 000,012,848 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2008-02-11 18:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007-11-30 23:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007-11-30 23:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007-11-30 23:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007-11-26 14:54:12 | 000,038,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007-11-26 14:54:12 | 000,036,776 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2007-11-26 14:54:02 | 000,118,952 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2007-09-15 01:50:56 | 000,191,408 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007-06-22 09:34:12 | 001,788,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-04-03 10:04:28 | 000,039,680 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\o2media.sys -- (O2MDRDR)
DRV - [2007-04-02 16:11:08 | 000,035,712 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\o2sd.sys -- (O2SDRDR)
DRV - [2007-03-05 20:28:00 | 000,076,288 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006-11-28 07:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006-11-02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006-11-02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006-11-02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006-11-02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006-11-02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006-11-02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006-11-02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006-11-02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006-11-02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006-11-02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006-11-02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006-11-02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006-11-02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006-11-02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006-11-02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006-11-02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006-11-02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006-11-02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006-11-02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006-11-02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006-10-06 14:26:16 | 000,406,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006-07-03 10:31:26 | 000,009,088 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MGHwCtrl.sys -- (MGHwCtrl)
DRV - [2006-02-23 00:30:00 | 000,391,300 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbVM303.sys -- (ZSMC303) VIMICRO USB PC Camera (VC0303)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1486510819-589907670-3929606539-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
IE - HKU\S-1-5-21-1486510819-589907670-3929606539-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1486510819-589907670-3929606539-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ftp_port: 9666
FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.backup.gopher_port: 9666
FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"
FF - prefs.js..network.proxy.backup.socks_port: 9666
FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ssl_port: 9666
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 9666
FF - prefs.js..network.proxy.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.gopher_port: 9666
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9666
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-24 08:56:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-24 08:56:46 | 000,000,000 | ---D | M]

[2010-04-08 10:44:46 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\mozilla\Extensions
[2010-12-17 17:43:02 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\mozilla\Firefox\Profiles\ii3x6mel.default\extensions
[2010-07-04 19:09:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Rybcia\AppData\Roaming\mozilla\Firefox\Profiles\ii3x6mel.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-12-17 17:17:41 | 000,001,860 | ---- | M] () -- C:\Users\Rybcia\AppData\Roaming\Mozilla\FireFox\Profiles\ii3x6mel.default\searchplugins\search.xml
[2010-04-08 10:44:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-07-24 08:56:09 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-07-24 08:56:09 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-07-24 08:56:09 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-07-24 08:56:09 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-07-24 08:56:09 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-07-24 08:56:09 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1486510819-589907670-3929606539-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1486510819-589907670-3929606539-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE (Symantec Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BigDog303] C:\Windows\VM303_STI.EXE (Vimicro)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [GProton] C:\ProgramData\GProton.exe ()
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LG Intelligent Update] C:\Program Files\lg_swupdate\giljabistart.exe (BIT LEADER)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\LG Software\System Control Manager\MGSysCtrl.exe (MSI)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton AntiVirus\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1486510819-589907670-3929606539-1000..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1486510819-589907670-3929606539-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1486510819-589907670-3929606539-1000..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe (o2.pl Sp. z o.o.)
O4 - HKU\S-1-5-21-1486510819-589907670-3929606539-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.21.99.95 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Rybcia\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Rybcia\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6882f5d7-f879-11df-ba69-001d924bb02a}\Shell\AutoRun\command - "" = K:\urDrive.exe -- File not found
O33 - MountPoints2\{7e99e2c1-feb4-11dd-81a2-001d924bb02a}\Shell\AutoRun\command - "" = K:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-12-17 17:14:20 | 000,000,000 | ---D | C] -- C:\Users\Rybcia\Desktop\logi
[2010-12-17 14:43:31 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-12-17 14:43:30 | 000,000,000 | ---D | C] -- C:\rsit
[2010-12-16 17:35:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010-12-16 17:34:24 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010-12-16 17:34:12 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010-12-16 17:34:11 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010-12-16 17:34:10 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010-12-16 17:34:04 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010-12-16 17:34:00 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010-12-16 17:33:45 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010-12-16 17:33:38 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010-12-16 17:33:37 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010-12-16 17:33:36 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010-12-16 17:33:36 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010-12-16 17:33:36 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010-12-16 17:33:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010-12-16 17:33:35 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010-12-16 17:33:35 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010-12-16 17:33:35 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010-12-16 17:33:35 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010-12-16 17:33:35 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010-12-16 17:33:35 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010-12-16 17:33:34 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010-12-16 17:33:34 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010-12-16 17:33:34 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010-12-16 17:33:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010-12-11 14:36:23 | 000,000,000 | ---D | C] -- C:\Users\Rybcia\Desktop\et
[2010-12-07 18:33:56 | 000,000,000 | ---D | C] -- C:\Users\Rybcia\AppData\Roaming\Malwarebytes
[2010-12-07 18:28:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-12-07 18:28:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-12-07 18:28:32 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-12-07 18:28:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-12-07 18:07:43 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2010-11-27 09:05:45 | 000,000,000 | ---D | C] -- C:\Users\Rybcia\Desktop\etpro
[2010-11-26 23:47:03 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfenstein - Enemy Territory
[2010-11-20 14:14:51 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2010-11-20 14:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010-11-17 18:20:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010-11-12 18:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Reflexive
[2010-11-12 18:43:06 | 000,000,000 | ---D | C] -- C:\Program Files\Zumas Revenge! - Adventure
[2010-10-27 18:19:44 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010-10-27 18:19:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010-10-27 18:19:37 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010-10-19 16:51:35 | 000,000,000 | ---D | C] -- C:\Users\Rybcia\Documents\Nowy folder
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-12-17 17:42:34 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E54434B2-2155-4FA7-A0F1-D8891CE248BA}.job
[2010-12-17 17:40:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-12-17 17:18:24 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010-12-17 17:16:45 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cac607f4664228.job
[2010-12-17 17:16:30 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\AWC Update.job
[2010-12-17 17:16:28 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-12-17 17:16:27 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-12-17 17:16:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-12-17 12:43:20 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010-12-17 09:44:47 | 000,228,544 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-12-07 18:28:38 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-12-06 16:28:39 | 000,144,384 | ---- | M] () -- C:\Users\Rybcia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-04 12:26:55 | 000,000,224 | ---- | M] () -- C:\Users\Rybcia\Documents\PDVD_MediaDisc.PlayList
[2010-12-04 11:19:15 | 007,793,152 | RHS- | M] () -- C:\ProgramData\GProton.exe
[2010-11-29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-11-29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-11-26 23:47:35 | 000,000,869 | ---- | M] () -- C:\Users\Rybcia\Desktop\Wolfenstein - Enemy Territory.lnk
[2010-11-25 13:03:27 | 000,672,140 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010-11-25 13:03:27 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-11-25 13:03:27 | 000,130,516 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010-11-25 13:03:27 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-11-20 14:16:27 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010-11-20 14:16:22 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010-11-13 13:10:31 | 000,001,001 | ---- | M] () -- C:\Users\Public\Desktop\Zumas Revenge! - Adventure.lnk
[2010-11-13 13:10:30 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Download Free Full Mini Games.lnk
[2010-11-12 20:00:45 | 000,000,490 | ---- | M] () -- C:\Windows\tasks\Norton AntiVirus - Uruchom pełne skanowanie systemu - Rybcia.job
[2010-11-04 19:56:07 | 000,345,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010-11-04 19:55:38 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010-11-04 19:55:38 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010-11-02 06:58:38 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010-11-02 06:58:11 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010-11-02 06:58:11 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010-11-02 06:57:41 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010-11-02 06:57:34 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010-11-02 06:57:27 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010-11-02 06:57:11 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010-11-02 06:57:11 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010-11-02 06:57:11 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010-11-02 06:57:10 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010-11-02 06:57:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010-11-02 06:57:04 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010-11-02 06:01:31 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010-11-02 05:26:10 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010-11-02 05:25:52 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010-11-02 05:25:18 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010-11-02 05:24:44 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010-10-28 14:20:12 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010-10-23 16:36:04 | 109,384,614 | ---- | M] () -- C:\Users\Rybcia\Documents\LO.10.2010.pdf
[2010-10-19 10:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-12-07 18:28:38 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-12-04 12:26:55 | 000,000,224 | ---- | C] () -- C:\Users\Rybcia\Documents\PDVD_MediaDisc.PlayList
[2010-12-04 11:19:17 | 007,793,152 | RHS- | C] () -- C:\ProgramData\GProton.exe
[2010-11-26 23:47:35 | 000,000,869 | ---- | C] () -- C:\Users\Rybcia\Desktop\Wolfenstein - Enemy Territory.lnk
[2010-11-20 14:16:27 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010-11-12 18:44:00 | 000,001,001 | ---- | C] () -- C:\Users\Public\Desktop\Zumas Revenge! - Adventure.lnk
[2010-11-12 18:43:59 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\Download Free Full Mini Games.lnk
[2010-10-23 16:19:55 | 109,384,614 | ---- | C] () -- C:\Users\Rybcia\Documents\LO.10.2010.pdf
[2009-10-22 08:55:44 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009-10-18 18:39:18 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009-04-25 21:05:30 | 000,000,163 | ---- | C] () -- C:\Windows\disney.ini
[2009-02-19 19:43:37 | 000,026,340 | ---- | C] () -- C:\Users\Rybcia\AppData\Roaming\UserTile.png
[2009-02-07 19:16:07 | 000,477,696 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009-02-03 09:35:24 | 000,000,130 | ---- | C] () -- C:\Windows\ODBC.INI
[2009-01-23 14:35:40 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009-01-17 16:42:33 | 000,144,384 | ---- | C] () -- C:\Users\Rybcia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-01-11 18:51:30 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009-01-05 12:35:36 | 000,098,304 | ---- | C] () -- C:\Windows\System32\MGHwCtrl.dll
[2009-01-05 12:35:36 | 000,032,768 | ---- | C] () -- C:\Windows\System32\MGFPCtrl.dll
[2009-01-05 12:35:36 | 000,024,576 | ---- | C] () -- C:\Windows\System32\MGPwrShm.dll
[2009-01-05 12:26:19 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009-01-05 12:19:51 | 000,910,304 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2009-01-05 12:19:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1244.dll
[2009-01-05 12:13:53 | 000,010,511 | ---- | C] () -- C:\Windows\lg_up.ini
[2009-01-05 12:13:17 | 000,000,979 | ---- | C] () -- C:\Windows\lgcenter.ini
[2009-01-05 12:10:21 | 000,001,356 | ---- | C] () -- C:\Users\Rybcia\AppData\Local\d3d9caps.dat
[2008-02-11 18:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2006-11-02 11:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2004-06-09 21:38:01 | 000,184,320 | ---- | C] () -- C:\Windows\System32\JPeg32.dll

[color=#E56717]========== LOP Check ==========[/color]

[2009-09-24 11:02:19 | 000,000,000 | -HSD | M] -- C:\Users\Rybcia\AppData\Roaming\.#
[2009-01-23 14:54:43 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\DAEMON Tools
[2009-01-23 14:55:39 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\DAEMON Tools Lite
[2009-11-12 21:04:17 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\DAEMON Tools Pro
[2010-05-14 14:01:46 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\GameHouse
[2009-11-18 22:06:25 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\IObit
[2009-02-19 19:43:25 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\PeerNetworking
[2010-05-30 14:29:34 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\Tlen.pl
[2010-12-17 17:40:51 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\uTorrent
[2010-12-17 17:18:24 | 000,000,372 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2010-12-17 17:16:30 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\AWC Update.job
[2010-12-17 12:43:20 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010-12-17 17:42:34 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E54434B2-2155-4FA7-A0F1-D8891CE248BA}.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2006-09-18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009-04-11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2007-02-03 11:26:48 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006-09-18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010-05-30 12:24:36 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-12-07 19:57:25 | 000,007,568 | ---- | M] () -- C:\mksbasel.cpp.log
[2010-05-30 12:24:36 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-12-17 17:16:05 | 3525,914,624 | -HS- | M] () -- C:\pagefile.sys
[2009-01-05 12:24:02 | 000,000,420 | ---- | M] () -- C:\RHDSetup.log


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-01-19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008-01-19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008-01-19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008-01-19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2009-01-05 12:39:37 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\AGP440.sys
[2009-01-05 12:39:37 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\AGP440.sys
[2009-01-05 12:39:37 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=BF34B4A0E0B64440C5389AA6B902F4AD -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\AGP440.sys
[2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006-11-02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009-04-11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008-01-19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008-01-19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006-11-02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009-01-05 12:43:19 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5a9555b4\atapi.sys
[2009-01-05 12:43:19 | 000,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20509_none_dbe4850d3d78c736\atapi.sys
[2009-02-08 00:29:11 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2009-02-08 00:29:11 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2009-02-08 00:29:09 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys
[2009-02-08 00:29:09 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2008-01-19 06:49:10 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys
[2008-01-19 06:49:10 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys
[2006-11-02 09:51:03 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=AC3DD1708B22761EBD7CBE14DCC3B5D7 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6000.16386_none_c1e9df570ab23787\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-01-19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008-01-19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009-04-11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006-11-02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009-04-11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006-11-02 10:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2009-01-05 12:46:16 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=4297773D4D54B2D309DE85233E5B82EE -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20504_none_a66e8748380286ff\ndis.sys
[2008-01-19 08:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006-11-02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008-01-19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 64 bytes -> C:\Users\Rybcia\Desktop\Joga dla poczÄ…tkujacych_xvid.avi:TOC.WMV

< End of report >
[/log]

Mam nadzieje że wszystko zrobiłem jak należy. Prosze o pomoc w usunięciu tego problemu.

Tomek01
komentarz
komentarz

Zmień Avasta na innego antywirusa. Ja używam Aviry, zresztą nie tylko ja :)


W OTL, w oknie Custom scan/fixes wklej:
[code]:Processes
Explorer.exe

:OTL
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1486510819-589907670-3929606539-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [GProton] C:\ProgramData\GProton.exe ()

:Files
C:\ProgramData\GProton.exe
C:\Users\Rybcia\AppData\Roaming\.#
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\AWC Update.job

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GProton"=-

:Commands
[emptytemp]
[start explorer]
[Reboot][/code]

Klikasz run fix, komputer uruchamia się ponownie.
Wrzuć log z usuwania oraz nowe logi: OTL i RSIT

leon_w
komentarz
komentarz

Po wykonaniu skryptu program się zwiesił, więc wykonałem go drugi raz. Tym razem wszystko poszło jak należy.
Ze stroną startową już jest wszystko ok.

[log]All processes killed
========== PROCESSES ==========
No active process named Explorer.exe was found!
========== OTL ==========
Prefs.js: "http://www.qooqlle.com/" removed from browser.startup.homepage
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1486510819-589907670-3929606539-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GProton not found.
File C:\ProgramData\GProton.exe not found.
========== FILES ==========
File\Folder C:\ProgramData\GProton.exe not found.
File\Folder C:\Users\Rybcia\AppData\Roaming\.# not found.
File\Folder C:\Windows\tasks\AWC Startup.job not found.
File\Folder C:\Windows\tasks\AWC Update.job not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GProton not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User

User: Public

User: Rybcia
->Temp folder emptied: 484245 bytes
->Temporary Internet Files folder emptied: 51252254 bytes
->Java cache emptied: 48295381 bytes
->FireFox cache emptied: 54796578 bytes
->Flash cache emptied: 6576 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1326240 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 24543788 bytes
RecycleBin emptied: 202082 bytes

Total Files Cleaned = 173,00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 12182010_100515

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
[/log]

[log]
Logfile of random's system information tool 1.08 (written by random/random)
Run by Rybcia at 2010-12-18 20:08:24
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 15 GB (24%) free of 61 GB
Total RAM: 3063 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:08:51, on 2010-12-18
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\lg_swupdate\GiljabiStart.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\LG Software\System Control Manager\MGSysCtrl.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\VM303_STI.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Rybcia\Downloads\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\trend micro\Rybcia.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [LG Intelligent Update] "C:\Program Files\lg_swupdate\giljabistart.exe" Gilautouc
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\LG Software\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BigDog303] C:\Windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA')
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Harmonogram automatycznej usługi LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Evil Driver Daemon (NishService) - Unknown owner - C:\Program Files\LG Software\System Control Manager\edd.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

--
End of file - 10795 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore1cac607f4664228.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton AntiVirus - Uruchom pełne skanowanie systemu - Rybcia.job
C:\Windows\tasks\User_Feed_Synchronization-{E54434B2-2155-4FA7-A0F1-D8891CE248BA}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-15 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-10 842296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-15 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"LG Intelligent Update"=C:\Program Files\lg_swupdate\giljabistart.exe [2009-04-23 251184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-06-20 4493312]
"Skytel"=C:\Windows\Skytel.exe [2007-06-15 1826816]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-09-15 1021224]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-10-24 107112]
"osCheck"=C:\Program Files\Norton AntiVirus\osCheck.exe [2006-10-27 22696]
"MGSysCtrl"=C:\Program Files\LG Software\System Control Manager\MGSysCtrl.exe [2007-07-06 565248]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-11-26 1629480]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-11-26 1057064]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2006-03-10 35328]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"ALUAlert"=C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe [2006-11-24 112320]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-04-25 77824]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"BigDog303"=C:\Windows\VM303_STI.EXE [2006-01-24 61440]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-11-29 963976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-10 216520]
"Komunikator"=C:\Program Files\Tlen.pl\tlen.exe [2009-01-17 5853672]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-03-13 319792]
"CollaborationHost"=C:\Windows\system32\p2phost.exe [2008-01-19 192000]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-12-18 09:36:05 ----D---- C:\_OTL
2010-12-17 14:43:31 ----D---- C:\Program Files\trend micro
2010-12-17 14:43:30 ----D---- C:\rsit
2010-12-16 17:35:06 ----A---- C:\Windows\system32\tzres.dll
2010-12-16 17:34:24 ----A---- C:\Windows\system32\win32k.sys
2010-12-16 17:34:13 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-16 17:34:12 ----A---- C:\Windows\system32\taskschd.dll
2010-12-16 17:34:11 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-16 17:34:10 ----A---- C:\Windows\system32\taskeng.exe
2010-12-16 17:34:10 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-16 17:34:04 ----A---- C:\Windows\system32\consent.exe
2010-12-16 17:34:00 ----A---- C:\Windows\system32\fontsub.dll
2010-12-16 17:34:00 ----A---- C:\Windows\system32\atmlib.dll
2010-12-16 17:34:00 ----A---- C:\Windows\system32\atmfd.dll
2010-12-16 17:33:47 ----A---- C:\Windows\system32\iertutil.dll
2010-12-16 17:33:46 ----A---- C:\Windows\system32\mshtml.dll
2010-12-16 17:33:45 ----A---- C:\Windows\system32\mstime.dll
2010-12-16 17:33:45 ----A---- C:\Windows\system32\ieframe.dll
2010-12-16 17:33:38 ----A---- C:\Windows\system32\ie4uinit.exe
2010-12-16 17:33:37 ----A---- C:\Windows\system32\wininet.dll
2010-12-16 17:33:37 ----A---- C:\Windows\system32\urlmon.dll
2010-12-16 17:33:37 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-16 17:33:36 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-16 17:33:36 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-16 17:33:35 ----A---- C:\Windows\system32\occache.dll
2010-12-16 17:33:35 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-16 17:33:35 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-16 17:33:35 ----A---- C:\Windows\system32\ieUnatt.exe
2010-12-16 17:33:35 ----A---- C:\Windows\system32\ieui.dll
2010-12-16 17:33:35 ----A---- C:\Windows\system32\iesysprep.dll
2010-12-16 17:33:35 ----A---- C:\Windows\system32\iesetup.dll
2010-12-16 17:33:35 ----A---- C:\Windows\system32\iepeers.dll
2010-12-16 17:33:34 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-16 17:33:34 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-16 17:33:34 ----A---- C:\Windows\system32\iernonce.dll
2010-12-07 18:33:56 ----D---- C:\Users\Rybcia\AppData\Roaming\Malwarebytes
2010-12-07 18:28:37 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-12-07 18:28:36 ----D---- C:\ProgramData\Malwarebytes
2010-12-07 18:28:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-12-07 18:28:32 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-12-07 18:07:43 ----D---- C:\Program Files\SkanerOnline
2010-11-26 23:47:03 ----D---- C:\Program Files\Wolfenstein - Enemy Territory
2010-11-20 14:13:21 ----D---- C:\ProgramData\Alwil Software

======List of files/folders modified in the last 1 months======

2010-12-18 20:08:01 ----D---- C:\Windows\Temp
2010-12-18 20:00:44 ----D---- C:\Users\Rybcia\AppData\Roaming\uTorrent
2010-12-18 10:08:31 ----D---- C:\Windows\System32
2010-12-18 09:36:14 ----D---- C:\Windows\Tasks
2010-12-18 09:36:12 ----HD---- C:\ProgramData
2010-12-18 09:36:12 ----D---- C:\Program Files\DAEMON Tools Toolbar
2010-12-17 15:07:33 ----D---- C:\Windows\Prefetch
2010-12-17 15:07:27 ----D---- C:\Windows\system32\catroot2
2010-12-17 15:07:23 ----SHD---- C:\System Volume Information
2010-12-17 14:43:31 ----RD---- C:\Program Files
2010-12-17 09:55:49 ----D---- C:\Windows\winsxs
2010-12-17 09:42:39 ----D---- C:\Program Files\Windows Mail
2010-12-17 09:42:38 ----D---- C:\Program Files\Internet Explorer
2010-12-17 09:42:37 ----D---- C:\Windows\system32\migration
2010-12-17 09:36:03 ----D---- C:\Windows\rescache
2010-12-17 09:25:02 ----D---- C:\Windows\system32\pl-PL
2010-12-17 09:24:29 ----D---- C:\Windows\system32\catroot
2010-12-16 17:25:19 ----A---- C:\Windows\system32\mrt.exe
2010-12-07 18:28:37 ----D---- C:\Windows\system32\drivers
2010-12-07 18:07:44 ----SD---- C:\Windows\Downloaded Program Files
2010-11-25 13:04:20 ----D---- C:\Users\Rybcia\AppData\Roaming\Mozilla
2010-11-25 13:03:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-25 13:03:26 ----D---- C:\Windows\inf
2010-11-20 14:19:11 ----D---- C:\Program Files\Alwil Software
2010-11-20 14:16:06 ----SHD---- C:\Windows\Installer
2010-11-20 14:14:51 ----D---- C:\Windows

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2007-04-03 39680]
R0 O2SDRDR;O2SDRDR; C:\Windows\system32\DRIVERS\o2sd.sys [2007-04-02 35712]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2005-12-05 20640]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-01-23 717296]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-02-27 371248]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\IDS-DI~1\20090415.001\IDSvix86.sys [2009-02-09 272432]
R1 InCDPass;InCDPass; C:\Windows\system32\drivers\InCDPass.sys [2007-11-26 36776]
R1 incdrm;InCD Reader; C:\Windows\system32\drivers\InCDRm.sys [2007-11-26 38440]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2006-10-06 406672]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2008-10-03 187952]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-01-13 954368]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-02-27 101936]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-06-22 1788056]
R3 MGHwCtrl;MGHwCtrl; \??\C:\Windows\system32\drivers\MGHwCtrl.sys [2006-07-03 9088]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090421.006\NAVENG.SYS [2009-03-16 89104]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090421.006\NAVEX15.SYS [2009-03-16 876144]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-03-05 76288]
R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2008-10-03 12848]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-04-02 124464]
R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2008-10-03 146096]
R3 SYMIDS;SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [2008-10-03 39984]
R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2008-10-03 37936]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2008-10-03 27696]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-09-15 191408]
R4 InCDfs;InCD File System; C:\Windows\system32\drivers\InCDFs.sys [2007-11-26 118952]
S3 a7zzkj7p;a7zzkj7p; C:\Windows\system32\drivers\a7zzkj7p.sys []
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
S3 usb_rndisx;Karta USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 ZSMC303;VIMICRO USB PC Camera (VC0303); C:\Windows\System32\Drivers\usbVM303.sys [2006-02-23 391300]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
R2 Harmonogram automatycznej usługi LiveUpdate;Harmonogram automatycznej usługi LiveUpdate; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-11-24 194240]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-11-26 1554728]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
R2 NishService;Evil Driver Daemon; C:\Program Files\LG Software\System Control Manager\edd.exe [2006-03-02 40960]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Oz128 Driver\o2flash.exe [2007-02-12 65536]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024]
R2 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2006-09-20 46736]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2009-02-07 1251720]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-13 135664]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-03-13 182768]
S3 ISPwdSvc;Symantec IS Password Validation; C:\Program Files\Norton AntiVirus\isPwdSvc.exe [2006-10-27 80552]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-11-24 2541248]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------
[/log]
[log]OTL logfile created on: 2010-12-18 10:23:06 - Run 3
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Rybcia\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 60,00 Gb Total Space | 14,29 Gb Free Space | 23,82% Space Free | Partition Type: NTFS
Drive D: | 60,00 Gb Total Space | 41,36 Gb Free Space | 68,94% Space Free | Partition Type: NTFS
Drive E: | 28,05 Gb Total Space | 17,73 Gb Free Space | 63,21% Space Free | Partition Type: NTFS

Computer Name: RYBCIA-PC | User Name: Rybcia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-12-17 14:39:23 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Rybcia\Downloads\OTL.exe
PRC - [2010-11-04 17:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2010-09-07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010-09-07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-08-17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2009-10-11 04:17:45 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2009-10-11 04:17:36 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009-06-15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-04-25 21:08:08 | 000,077,824 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\QuickTime\qttask.exe
PRC - [2009-04-23 05:26:01 | 000,251,184 | ---- | M] (BIT LEADER) -- C:\Program Files\lg_swupdate\GiljabiStart.exe
PRC - [2009-04-11 07:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009-04-11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009-04-11 07:28:08 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009-04-11 07:28:07 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe
PRC - [2009-04-11 07:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-04-11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009-04-11 07:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2009-04-11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-04-11 07:27:59 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe
PRC - [2009-04-11 07:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 07:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2008-02-11 19:13:12 | 000,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2008-02-11 19:13:10 | 000,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008-02-11 19:13:08 | 000,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2008-02-11 19:13:02 | 000,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2008-01-19 08:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008-01-19 08:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2008-01-19 08:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008-01-19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 08:33:19 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
PRC - [2008-01-19 08:33:14 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008-01-19 08:33:05 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2007-11-26 14:54:22 | 001,629,480 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
PRC - [2007-11-26 14:54:12 | 001,554,728 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
PRC - [2007-11-26 14:54:02 | 001,057,064 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCD.exe
PRC - [2007-09-15 01:50:54 | 001,021,224 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2007-07-06 13:44:04 | 000,565,248 | ---- | M] (MSI) -- C:\Program Files\LG Software\System Control Manager\MGSysCtrl.exe
PRC - [2007-06-20 08:56:16 | 004,493,312 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007-05-31 09:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdc.exe
PRC - [2007-05-14 03:54:36 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2007-03-14 21:01:30 | 000,071,216 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2007-02-12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
PRC - [2006-11-24 13:03:34 | 000,194,240 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006-11-24 13:03:34 | 000,112,320 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
PRC - [2006-10-24 23:08:40 | 000,107,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2006-10-24 23:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2006-10-05 04:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006-09-20 18:05:16 | 000,046,736 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
PRC - [2006-03-10 18:45:12 | 000,035,328 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2006-03-02 16:43:24 | 000,040,960 | ---- | M] () -- C:\Program Files\LG Software\System Control Manager\edd.exe
PRC - [2006-01-24 22:07:00 | 000,061,440 | ---- | M] (Vimicro) -- C:\Windows\VM303_STI.EXE


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-12-17 14:39:23 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Rybcia\Downloads\OTL.exe
MOD - [2010-08-31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010-07-26 16:51:48 | 011,584,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2010-06-28 18:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-04-16 17:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-09-24 23:54:55 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2009-07-17 14:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-06-15 15:53:43 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-06-15 15:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-04-23 13:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-04-11 07:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009-04-11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009-04-11 07:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009-04-11 07:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009-04-11 07:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-04-11 07:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009-04-11 07:28:24 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2009-04-11 07:28:24 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2009-04-11 07:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009-04-11 07:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-04-11 07:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009-04-11 07:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2009-04-11 07:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2009-04-11 07:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-04-11 07:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009-04-11 07:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-04-11 07:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2009-04-11 07:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-04-11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009-04-11 07:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009-04-11 07:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009-04-11 07:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009-04-11 07:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2009-04-11 07:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009-04-11 07:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2009-04-11 07:27:49 | 001,202,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2008-01-19 08:37:12 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2008-01-19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2008-01-19 08:36:48 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2008-01-19 08:36:47 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2008-01-19 08:36:35 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-01-19 08:35:57 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2008-01-19 08:33:52 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2008-01-19 08:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006-11-02 10:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-09-07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010-09-07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010-09-07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-03-18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-09-25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009-02-07 21:54:33 | 001,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008-01-29 17:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008-01-19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-11-26 14:54:12 | 001,554,728 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2007-05-31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007-02-12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files\O2Micro Oz128 Driver\o2flash.exe -- (o2flash)
SRV - [2006-11-24 13:03:34 | 002,541,248 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2006-11-24 13:03:34 | 000,194,240 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Harmonogram automatycznej usługi LiveUpdate)
SRV - [2006-10-27 00:18:36 | 000,080,552 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton AntiVirus\isPwdSvc.exe -- (ISPwdSvc)
SRV - [2006-10-24 23:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - [2006-10-24 23:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2006-10-24 23:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2006-10-24 23:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2006-10-05 04:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006-09-20 18:05:16 | 000,046,736 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
SRV - [2006-03-02 16:43:24 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Program Files\LG Software\System Control Manager\edd.exe -- (NishService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010-09-07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010-09-07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010-09-07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010-09-07 16:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010-09-07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009-04-11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009-04-02 17:07:56 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009-03-16 09:00:00 | 000,876,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090421.006\NAVEX15.SYS -- (NAVEX15)
DRV - [2009-03-16 09:00:00 | 000,089,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20090421.006\NAVENG.SYS -- (NAVENG)
DRV - [2009-02-27 10:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009-02-27 10:00:00 | 000,101,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009-02-09 23:59:20 | 000,272,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ids-diskless\20090415.001\IDSvix86.sys -- (IDSvix86)
DRV - [2009-01-23 14:35:40 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-01-13 08:45:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008-10-03 13:14:12 | 000,037,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2008-10-03 13:14:10 | 000,187,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2008-10-03 13:14:10 | 000,146,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2008-10-03 13:14:10 | 000,039,984 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2008-10-03 13:14:10 | 000,027,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2008-10-03 13:14:08 | 000,012,848 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2008-02-11 18:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007-11-30 23:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007-11-30 23:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007-11-30 23:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007-11-26 14:54:12 | 000,038,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDRm.sys -- (incdrm)
DRV - [2007-11-26 14:54:12 | 000,036,776 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2007-11-26 14:54:02 | 000,118,952 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2007-09-15 01:50:56 | 000,191,408 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007-06-22 09:34:12 | 001,788,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-04-03 10:04:28 | 000,039,680 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\o2media.sys -- (O2MDRDR)
DRV - [2007-04-02 16:11:08 | 000,035,712 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\o2sd.sys -- (O2SDRDR)
DRV - [2007-03-05 20:28:00 | 000,076,288 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006-11-28 07:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006-11-02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006-11-02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006-11-02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006-11-02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006-11-02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006-11-02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006-11-02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006-11-02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006-11-02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006-11-02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006-11-02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006-11-02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006-11-02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006-11-02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006-11-02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006-11-02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006-11-02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006-11-02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006-11-02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006-11-02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006-10-06 14:26:16 | 000,406,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006-07-03 10:31:26 | 000,009,088 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MGHwCtrl.sys -- (MGHwCtrl)
DRV - [2006-02-23 00:30:00 | 000,391,300 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbVM303.sys -- (ZSMC303) VIMICRO USB PC Camera (VC0303)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1486510819-589907670-3929606539-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/
IE - HKU\S-1-5-21-1486510819-589907670-3929606539-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1486510819-589907670-3929606539-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "qooqlle"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ftp_port: 9666
FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.backup.gopher_port: 9666
FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"
FF - prefs.js..network.proxy.backup.socks_port: 9666
FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ssl_port: 9666
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 9666
FF - prefs.js..network.proxy.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.gopher_port: 9666
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9666
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-24 08:56:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-24 08:56:46 | 000,000,000 | ---D | M]

[2010-04-08 10:44:46 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\mozilla\Extensions
[2010-12-17 17:43:02 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\mozilla\Firefox\Profiles\ii3x6mel.default\extensions
[2010-07-04 19:09:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Rybcia\AppData\Roaming\mozilla\Firefox\Profiles\ii3x6mel.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-12-18 09:29:23 | 000,001,860 | ---- | M] () -- C:\Users\Rybcia\AppData\Roaming\Mozilla\FireFox\Profiles\ii3x6mel.default\searchplugins\search.xml
[2010-04-08 10:44:22 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-07-24 08:56:09 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-07-24 08:56:09 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-07-24 08:56:09 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-07-24 08:56:09 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-07-24 08:56:09 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-07-24 08:56:09 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1486510819-589907670-3929606539-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE (Symantec Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BigDog303] C:\Windows\VM303_STI.EXE (Vimicro)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LG Intelligent Update] C:\Program Files\lg_swupdate\giljabistart.exe (BIT LEADER)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\LG Software\System Control Manager\MGSysCtrl.exe (MSI)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton AntiVirus\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1486510819-589907670-3929606539-1000..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1486510819-589907670-3929606539-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1486510819-589907670-3929606539-1000..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe (o2.pl Sp. z o.o.)
O4 - HKU\S-1-5-21-1486510819-589907670-3929606539-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.21.99.95 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Rybcia\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Rybcia\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6882f5d7-f879-11df-ba69-001d924bb02a}\Shell\AutoRun\command - "" = K:\urDrive.exe -- File not found
O33 - MountPoints2\{7e99e2c1-feb4-11dd-81a2-001d924bb02a}\Shell\AutoRun\command - "" = K:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-12-18 09:36:05 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-12-17 17:14:20 | 000,000,000 | ---D | C] -- C:\Users\Rybcia\Desktop\logi
[2010-12-17 14:43:31 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010-12-17 14:43:30 | 000,000,000 | ---D | C] -- C:\rsit
[2010-12-16 17:35:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010-12-16 17:34:24 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010-12-16 17:34:12 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010-12-16 17:34:11 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010-12-16 17:34:10 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010-12-16 17:34:04 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010-12-16 17:34:00 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010-12-16 17:33:45 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010-12-16 17:33:38 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010-12-16 17:33:37 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010-12-16 17:33:36 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010-12-16 17:33:36 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010-12-16 17:33:36 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010-12-16 17:33:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010-12-16 17:33:35 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010-12-16 17:33:35 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010-12-16 17:33:35 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010-12-16 17:33:35 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010-12-16 17:33:35 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010-12-16 17:33:35 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010-12-16 17:33:34 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010-12-16 17:33:34 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010-12-16 17:33:34 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010-12-16 17:33:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010-12-11 14:36:23 | 000,000,000 | ---D | C] -- C:\Users\Rybcia\Desktop\et
[2010-12-07 18:33:56 | 000,000,000 | ---D | C] -- C:\Users\Rybcia\AppData\Roaming\Malwarebytes
[2010-12-07 18:28:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-12-07 18:28:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-12-07 18:28:32 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-12-07 18:28:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-12-07 18:07:43 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2010-11-27 09:05:45 | 000,000,000 | ---D | C] -- C:\Users\Rybcia\Desktop\etpro
[2010-11-26 23:47:03 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfenstein - Enemy Territory
[2010-11-20 14:14:51 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2010-11-20 14:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010-11-17 18:20:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010-11-12 18:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Reflexive
[2010-11-12 18:43:06 | 000,000,000 | ---D | C] -- C:\Program Files\Zumas Revenge! - Adventure
[2010-10-27 18:19:44 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010-10-27 18:19:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010-10-27 18:19:37 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010-10-19 16:51:35 | 000,000,000 | ---D | C] -- C:\Users\Rybcia\Documents\Nowy folder

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-12-18 10:15:42 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E54434B2-2155-4FA7-A0F1-D8891CE248BA}.job
[2010-12-18 10:10:16 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cac607f4664228.job
[2010-12-18 10:10:07 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-12-18 10:10:07 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-12-18 10:09:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-12-18 10:09:05 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010-12-18 09:40:14 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-12-17 21:20:22 | 000,000,490 | ---- | M] () -- C:\Windows\tasks\Norton AntiVirus - Uruchom pełne skanowanie systemu - Rybcia.job
[2010-12-17 09:44:47 | 000,228,544 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-12-07 18:28:38 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-12-06 16:28:39 | 000,144,384 | ---- | M] () -- C:\Users\Rybcia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-04 12:26:55 | 000,000,224 | ---- | M] () -- C:\Users\Rybcia\Documents\PDVD_MediaDisc.PlayList
[2010-11-29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-11-29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-11-26 23:47:35 | 000,000,869 | ---- | M] () -- C:\Users\Rybcia\Desktop\Wolfenstein - Enemy Territory.lnk
[2010-11-25 13:03:27 | 000,672,140 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010-11-25 13:03:27 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-11-25 13:03:27 | 000,130,516 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010-11-25 13:03:27 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-11-20 14:16:27 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010-11-20 14:16:22 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010-11-13 13:10:31 | 000,001,001 | ---- | M] () -- C:\Users\Public\Desktop\Zumas Revenge! - Adventure.lnk
[2010-11-13 13:10:30 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Download Free Full Mini Games.lnk
[2010-11-04 19:56:07 | 000,345,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010-11-04 19:55:38 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010-11-04 19:55:38 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010-11-02 06:58:38 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010-11-02 06:58:11 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010-11-02 06:58:11 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010-11-02 06:57:41 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010-11-02 06:57:34 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010-11-02 06:57:27 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010-11-02 06:57:11 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010-11-02 06:57:11 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010-11-02 06:57:11 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010-11-02 06:57:10 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010-11-02 06:57:10 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010-11-02 06:57:04 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010-11-02 06:01:31 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010-11-02 05:26:10 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010-11-02 05:25:52 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010-11-02 05:25:18 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010-11-02 05:24:44 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010-10-28 14:20:12 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010-10-23 16:36:04 | 109,384,614 | ---- | M] () -- C:\Users\Rybcia\Documents\LO.10.2010.pdf
[2010-10-19 10:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-12-07 18:28:38 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-12-04 12:26:55 | 000,000,224 | ---- | C] () -- C:\Users\Rybcia\Documents\PDVD_MediaDisc.PlayList
[2010-11-26 23:47:35 | 000,000,869 | ---- | C] () -- C:\Users\Rybcia\Desktop\Wolfenstein - Enemy Territory.lnk
[2010-11-20 14:16:27 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010-11-12 18:44:00 | 000,001,001 | ---- | C] () -- C:\Users\Public\Desktop\Zumas Revenge! - Adventure.lnk
[2010-11-12 18:43:59 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\Download Free Full Mini Games.lnk
[2010-10-23 16:19:55 | 109,384,614 | ---- | C] () -- C:\Users\Rybcia\Documents\LO.10.2010.pdf
[2009-10-22 08:55:44 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009-10-18 18:39:18 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009-04-25 21:05:30 | 000,000,163 | ---- | C] () -- C:\Windows\disney.ini
[2009-02-19 19:43:37 | 000,026,340 | ---- | C] () -- C:\Users\Rybcia\AppData\Roaming\UserTile.png
[2009-02-07 19:16:07 | 000,477,696 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009-02-03 09:35:24 | 000,000,130 | ---- | C] () -- C:\Windows\ODBC.INI
[2009-01-23 14:35:40 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009-01-17 16:42:33 | 000,144,384 | ---- | C] () -- C:\Users\Rybcia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-01-11 18:51:30 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009-01-05 12:35:36 | 000,098,304 | ---- | C] () -- C:\Windows\System32\MGHwCtrl.dll
[2009-01-05 12:35:36 | 000,032,768 | ---- | C] () -- C:\Windows\System32\MGFPCtrl.dll
[2009-01-05 12:35:36 | 000,024,576 | ---- | C] () -- C:\Windows\System32\MGPwrShm.dll
[2009-01-05 12:26:19 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009-01-05 12:19:51 | 000,910,304 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2009-01-05 12:19:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1244.dll
[2009-01-05 12:13:53 | 000,010,511 | ---- | C] () -- C:\Windows\lg_up.ini
[2009-01-05 12:13:17 | 000,000,979 | ---- | C] () -- C:\Windows\lgcenter.ini
[2009-01-05 12:10:21 | 000,001,356 | ---- | C] () -- C:\Users\Rybcia\AppData\Local\d3d9caps.dat
[2008-02-11 18:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2006-11-02 11:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2004-06-09 21:38:01 | 000,184,320 | ---- | C] () -- C:\Windows\System32\JPeg32.dll

[color=#E56717]========== LOP Check ==========[/color]

[2009-01-23 14:54:43 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\DAEMON Tools
[2009-01-23 14:55:39 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\DAEMON Tools Lite
[2009-11-12 21:04:17 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\DAEMON Tools Pro
[2010-05-14 14:01:46 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\GameHouse
[2009-11-18 22:06:25 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\IObit
[2009-02-19 19:43:25 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\PeerNetworking
[2010-05-30 14:29:34 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\Tlen.pl
[2010-12-18 10:14:17 | 000,000,000 | ---D | M] -- C:\Users\Rybcia\AppData\Roaming\uTorrent
[2010-12-18 10:09:05 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010-12-18 10:15:42 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E54434B2-2155-4FA7-A0F1-D8891CE248BA}.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 64 bytes -> C:\Users\Rybcia\Desktop\Joga dla poczÄ…tkujacych_xvid.avi:TOC.WMV

< End of report >
[/log]

Dziękuje za pomoc.

Tomek01
komentarz
komentarz

Jeszcze wklej do OTL:

[code]:OTL
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/

[Emptytemp][/code]
RunFix...


Teraz już czysto.
W OTL użyj funkcji CleanUp.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.