ComboFix 11-12-24.01 - PC 2011-12-25  10:44:57.9.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.48.1045.18.4095.2740 [GMT 1:00]
Uruchomiony z: c:\users\PC\Desktop\ComboFix.exe
AV: McAfee  Anti-Virus i Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee  Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee  Anti-Virus i Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Rezydentny antywirus jest aktywny
.
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\LP
c:\program files (x86)\LP\4F13\475B.tmp
c:\program files (x86)\LP\4F13\4C4D.tmp
c:\program files (x86)\LP\4F13\4FB5.tmp
c:\program files (x86)\LP\4F13\605.exe
c:\program files (x86)\LP\4F13\C042.tmp
c:\program files (x86)\LP\4F13\FF36.tmp
c:\users\PC\AppData\Local\atyuos.exe
c:\users\PC\AppData\Local\c6bd7451\U
c:\users\PC\AppData\Local\c6bd7451\U\80000000.@
c:\users\PC\AppData\Local\c6bd7451\U\800000cf.@
c:\users\PC\AppData\Local\c6bd7451\X
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\auth.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\burnlib.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\dsp_sps.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\enc_aacplus.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\enc_flac.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\enc_lame.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\enc_vorbis.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\enc_wav.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\enc_wma.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\gen_classicart.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\gen_crasher.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\gen_ff.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\gen_find_on_disk.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\gen_hotkeys.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\gen_jumpex.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\gen_ml.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\gen_nopro.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\gen_orgler.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\gen_skinmanager.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\gen_timerestore.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\gen_tray.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\gen_undo.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_avi.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_cdda.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_dshow.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_flac.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_flv.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_linein.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_midi.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_mkv.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_mod.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_mp3.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_mp4.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_nsv.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_swf.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_vorbis.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_wav.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_wave.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_wm.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\in_wv.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_addons.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_autotag.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_bookmarks.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_devices.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_disc.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_downloads.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_enqplay.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_history.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_impex.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_local.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_nowplaying.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_online.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_orb.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_playlists.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_plg.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_pmp.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_rg.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_transcode.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ml_wire.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\ombrowser.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\out_disk.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\out_ds.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\out_wave.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\playlist.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\pmp_activesync.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\pmp_android.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\pmp_ipod.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\pmp_njb.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\pmp_p4s.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\pmp_usb.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\pmp_wifi.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\tagz.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\vis_avs.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\vis_milk2.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\vis_nsfs.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\winamp.lng
c:\users\PC\AppData\Local\Temp\WLZFF25.tmp\winampa.lng
c:\users\PC\AppData\Roaming\3E076
c:\users\PC\AppData\Roaming\3E076\2074F.exe
c:\users\PC\AppData\Roaming\3E076\6871.E07
c:\users\PC\AppData\Roaming\dwme.exe
c:\users\PC\AppData\Roaming\EurekaLog
c:\users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cloud AV 2012
c:\users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cloud AV 2012\Cloud AV 2012.lnk
c:\users\PC\AppData\Roaming\QqhYXwkUVlB
c:\users\PC\AppData\Roaming\QqhYXwkUVlB\Cloud AV 2012.ico
c:\users\PC\AppData\Roaming\s33oonGG4aH6sJ\Cloud AV 2012v121.exe
c:\users\PC\AppData\Roaming\YtttzPPNycA1v
c:\users\PC\AppData\Roaming\YtttzPPNycA1v\Cloud AV 2012.ico
c:\windows\assembly\tmp\U
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2011-11-25 do 2011-12-25  )))))))))))))))))))))))))))))))
.
.
2011-12-25 10:06 . 2011-12-25 10:06	--------	d-----w-	c:\users\Public\AppData\Local\temp
2011-12-25 10:06 . 2011-12-25 10:06	--------	d-----w-	c:\users\HomeGroupUser$\AppData\Local\temp
2011-12-25 10:06 . 2011-12-25 10:06	--------	d-----w-	c:\users\Gość\AppData\Local\temp
2011-12-25 10:06 . 2011-12-25 10:06	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-12-25 10:06 . 2011-12-25 10:06	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2011-12-25 09:40 . 2011-12-25 09:40	--------	d-----w-	c:\users\PC\AppData\Roaming\PonF4amH5W7E8R
2011-12-25 09:26 . 2011-12-25 09:26	--------	d-----w-	c:\program files (x86)\76871
2011-12-25 09:25 . 2011-12-25 09:25	--------	d-----w-	c:\users\PC\AppData\Roaming\FUUVVelIB
2011-12-25 09:25 . 2011-12-25 09:25	--------	d-----w-	c:\users\PC\AppData\Roaming\brrzzPNNyxAuv2o
2011-12-25 09:25 . 2011-12-25 10:05	--------	d-----w-	c:\users\PC\AppData\Roaming\s33oonGG4aH6sJ
2011-12-25 09:25 . 2011-12-25 09:25	--------	d-----w-	c:\users\PC\AppData\Roaming\BgTZqqjYCwkIr
2011-12-25 09:25 . 2011-12-25 09:25	--------	d-----w-	c:\users\PC\AppData\Roaming\eEEEL88gTZqhCwU
2011-12-25 09:25 . 2011-12-25 09:25	--------	d-----w-	c:\users\PC\AppData\Roaming\u77ffRLL9gXqjCe
2011-12-24 15:29 . 2011-12-24 15:30	--------	d-----w-	c:\program files (x86)\SpywareBlaster
2011-12-24 14:15 . 2011-12-25 00:03	--------	d-----w-	c:\program files (x86)\Spyware Doctor
2011-12-24 14:15 . 2011-12-24 23:41	--------	d-----w-	c:\programdata\PC Tools
2011-12-24 14:01 . 2011-12-24 14:15	--------	d-----w-	c:\users\PC\AppData\Roaming\GetRightToGo
2011-12-21 19:53 . 2011-12-21 19:53	--------	d-----w-	c:\users\PC\AppData\Local\CyberLink
2011-12-21 15:32 . 2011-12-21 15:32	--------	d-----w-	c:\users\Public\CyberLink
2011-12-21 15:31 . 2011-12-21 15:33	--------	d-----w-	c:\users\PC\AppData\Roaming\CyberLink
2011-12-21 15:31 . 2011-12-21 19:53	--------	d-----w-	c:\programdata\PDVD
2011-12-21 15:31 . 2011-12-21 15:31	--------	d-----w-	c:\users\PC\AppData\Local\MediaServer
2011-12-21 15:26 . 2011-12-21 15:26	--------	d-----w-	c:\program files (x86)\CyberLink
2011-12-21 15:26 . 2011-12-21 15:26	--------	d-----w-	c:\programdata\install_clap
2011-12-21 15:01 . 2011-12-21 19:53	--------	d-----w-	c:\programdata\CyberLink
2011-12-21 14:51 . 2011-12-21 14:51	--------	d-----w-	c:\programdata\Kaspersky Lab
2011-12-20 09:49 . 2011-12-22 20:08	43992	----a-w-	c:\program files (x86)\Mozilla Firefox\mozutils.dll
2011-12-20 09:49 . 2011-12-17 01:19	626688	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2011-12-20 09:49 . 2011-12-17 01:19	548864	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2011-12-20 09:49 . 2011-12-17 01:19	479232	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2011-12-14 18:45 . 2011-10-26 05:21	43520	----a-w-	c:\windows\system32\csrsrv.dll
2011-12-14 18:44 . 2011-11-05 05:32	2048	----a-w-	c:\windows\system32\tzres.dll
2011-12-14 18:44 . 2011-11-05 04:26	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2011-12-14 18:43 . 2011-11-24 04:52	3145216	----a-w-	c:\windows\system32\win32k.sys
2011-12-14 18:43 . 2011-10-15 06:31	723456	----a-w-	c:\windows\system32\EncDec.dll
2011-12-14 18:43 . 2011-10-15 05:38	534528	----a-w-	c:\windows\SysWow64\EncDec.dll
2011-12-05 13:01 . 2011-01-30 07:07	--------	d-----w-	C:\let-it-snow
2011-12-05 12:57 . 2010-12-14 17:08	--------	d-----w-	C:\nksnow
2011-12-02 21:13 . 2011-12-02 21:13	--------	d-----w-	c:\program files (x86)\FLV Player
2011-12-02 21:13 . 2011-12-02 21:13	--------	d-----w-	c:\windows\Applian FLV Player
2011-12-01 18:55 . 2011-12-01 18:55	--------	d-----w-	c:\users\PC\AppData\Roaming\Thinstall
2011-11-27 13:40 . 2011-11-27 13:40	--------	d-----w-	c:\users\PC\AppData\Local\DDMSettings
2011-11-25 15:30 . 2011-11-25 15:30	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2011-11-25 14:46 . 2010-04-27 02:25	15872	----a-w-	c:\windows\system32\drivers\ss_bwhnt.sys
2011-11-25 14:46 . 2010-04-27 02:25	18944	----a-w-	c:\windows\system32\drivers\ss_bmdfl.sys
2011-11-25 14:46 . 2010-04-27 02:25	161280	----a-w-	c:\windows\system32\drivers\ss_bmdm.sys
2011-11-25 14:46 . 2010-04-27 02:25	15360	----a-w-	c:\windows\system32\drivers\ss_bcmnt.sys
2011-11-25 14:46 . 2010-04-27 02:25	127488	----a-w-	c:\windows\system32\drivers\ss_bbus.sys
2011-11-25 14:42 . 2011-11-25 14:42	--------	d-----w-	c:\program files (x86)\MarkAny
2011-11-25 14:24 . 2011-11-25 14:24	--------	d-----w-	c:\users\PC\AppData\Roaming\Motive
2011-11-25 14:23 . 2011-11-25 14:24	--------	d-----w-	c:\program files\TPSA
2011-11-25 14:19 . 2011-12-24 23:30	--------	d-----w-	c:\program files (x86)\Common Files\Motive
2011-11-25 14:19 . 2011-11-25 14:23	--------	d-----w-	c:\program files\Common Files\Motive
2011-11-25 14:19 . 2011-11-25 14:29	--------	d-----w-	c:\programdata\Motive
2011-11-25 14:18 . 2011-11-25 14:23	--------	d-----w-	c:\program files (x86)\TPSA
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-21 17:11 . 2011-11-21 17:11	525544	----a-w-	c:\windows\system32\deployJava1.dll
2011-11-19 15:54 . 2011-11-19 15:54	75776	----a-w-	c:\windows\cadkasdeinst01e.exe
2011-11-14 21:56 . 2011-11-14 21:56	388096	----a-r-	c:\users\PC\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-11 22:53 . 2011-05-22 14:50	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-26 03:05 . 2011-10-26 03:05	10496512	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2011-10-26 02:16 . 2011-10-26 02:16	24866816	----a-w-	c:\windows\system32\atio6axx.dll
2011-10-26 02:06 . 2011-10-26 02:06	159744	----a-w-	c:\windows\system32\atiapfxx.exe
2011-10-26 02:05 . 2011-04-20 02:09	748544	----a-w-	c:\windows\SysWow64\aticfx32.dll
2011-10-26 02:04 . 2011-04-20 02:07	892416	----a-w-	c:\windows\system32\aticfx64.dll
2011-10-26 02:01 . 2011-10-26 02:01	466944	----a-w-	c:\windows\system32\ATIDEMGX.dll
2011-10-26 02:01 . 2011-10-26 02:01	517120	----a-w-	c:\windows\system32\atieclxx.exe
2011-10-26 02:00 . 2011-10-26 02:00	204288	----a-w-	c:\windows\system32\atiesrxx.exe
2011-10-26 01:59 . 2011-10-26 01:59	18757120	----a-w-	c:\windows\SysWow64\atioglxx.dll
2011-10-26 01:59 . 2011-10-26 01:59	120320	----a-w-	c:\windows\system32\atitmm64.dll
2011-10-26 01:59 . 2011-10-26 01:59	423424	----a-w-	c:\windows\system32\atipdl64.dll
2011-10-26 01:59 . 2011-10-26 01:59	356352	----a-w-	c:\windows\SysWow64\atipdlxx.dll
2011-10-26 01:59 . 2011-10-26 01:59	278528	----a-w-	c:\windows\SysWow64\Oemdspif.dll
2011-10-26 01:58 . 2011-10-26 01:58	21504	----a-w-	c:\windows\system32\atimuixx.dll
2011-10-26 01:58 . 2011-10-26 01:58	59392	----a-w-	c:\windows\system32\atiedu64.dll
2011-10-26 01:58 . 2011-10-26 01:58	43520	----a-w-	c:\windows\SysWow64\ati2edxx.dll
2011-10-26 01:55 . 2011-10-26 01:55	4292096	----a-w-	c:\windows\SysWow64\atidxx32.dll
2011-10-26 01:46 . 2011-04-20 01:49	5041664	----a-w-	c:\windows\system32\atidxx64.dll
2011-10-26 01:43 . 2011-10-26 01:43	1113088	----a-w-	c:\windows\system32\atiumd6v.dll
2011-10-26 01:43 . 2011-10-26 01:43	1828864	----a-w-	c:\windows\SysWow64\atiumdmv.dll
2011-10-26 01:43 . 2011-10-26 01:43	4044288	----a-w-	c:\windows\system32\atiumd6a.dll
2011-10-26 01:38 . 2011-10-26 01:38	51200	----a-w-	c:\windows\system32\aticalrt64.dll
2011-10-26 01:38 . 2011-10-26 01:38	46080	----a-w-	c:\windows\SysWow64\aticalrt.dll
2011-10-26 01:38 . 2011-10-26 01:38	44544	----a-w-	c:\windows\system32\aticalcl64.dll
2011-10-26 01:38 . 2011-10-26 01:38	44032	----a-w-	c:\windows\SysWow64\aticalcl.dll
2011-10-26 01:38 . 2011-10-26 01:38	9978880	----a-w-	c:\windows\system32\aticaldd64.dll
2011-10-26 01:35 . 2011-04-20 01:38	4353536	----a-w-	c:\windows\SysWow64\atiumdag.dll
2011-10-26 01:34 . 2011-10-26 01:34	8449024	----a-w-	c:\windows\SysWow64\aticaldd.dll
2011-10-26 01:32 . 2011-04-20 01:30	4189184	----a-w-	c:\windows\SysWow64\atiumdva.dll
2011-10-26 01:29 . 2011-10-26 01:29	5510144	----a-w-	c:\windows\system32\atiumd64.dll
2011-10-26 01:29 . 2011-04-20 01:27	58880	----a-w-	c:\windows\system32\coinst.dll
2011-10-26 01:22 . 2011-10-26 01:22	486912	----a-w-	c:\windows\system32\atiadlxx.dll
2011-10-26 01:22 . 2011-10-26 01:22	339968	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2011-10-26 01:22 . 2011-10-26 01:22	17408	----a-w-	c:\windows\system32\atig6pxx.dll
2011-10-26 01:22 . 2011-10-26 01:22	14336	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2011-10-26 01:22 . 2011-10-26 01:22	14336	----a-w-	c:\windows\system32\atiglpxx.dll
2011-10-26 01:22 . 2011-10-26 01:22	39936	----a-w-	c:\windows\system32\atig6txx.dll
2011-10-26 01:22 . 2011-10-26 01:22	32768	----a-w-	c:\windows\SysWow64\atigktxx.dll
2011-10-26 01:21 . 2011-10-26 01:21	326656	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2011-10-26 01:21 . 2011-04-20 01:21	40960	----a-w-	c:\windows\system32\atiuxp64.dll
2011-10-26 01:21 . 2011-10-26 01:21	31744	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2011-10-26 01:21 . 2011-10-26 01:21	38912	----a-w-	c:\windows\system32\atiu9p64.dll
2011-10-26 01:20 . 2011-04-20 01:21	29184	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2011-10-26 01:20 . 2011-10-26 01:20	53248	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2011-10-26 01:16 . 2011-10-26 01:16	54784	----a-w-	c:\windows\system32\atimpc64.dll
2011-10-26 01:16 . 2011-10-26 01:16	54784	----a-w-	c:\windows\system32\amdpcom64.dll
2011-10-26 01:15 . 2011-10-26 01:15	53760	----a-w-	c:\windows\SysWow64\atimpc32.dll
2011-10-26 01:15 . 2011-10-26 01:15	53760	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2011-10-25 20:21 . 2011-10-25 20:21	66560	----a-w-	c:\windows\system32\OpenVideo64.dll
2011-10-25 20:21 . 2011-10-25 20:21	56832	----a-w-	c:\windows\SysWow64\OpenVideo.dll
2011-10-25 20:21 . 2011-10-25 20:21	66560	----a-w-	c:\windows\system32\OVDecoder64.dll
2011-10-25 20:21 . 2011-10-25 20:21	56832	----a-w-	c:\windows\SysWow64\OVDecoder.dll
2011-10-25 20:21 . 2011-10-25 20:21	16991744	----a-w-	c:\windows\system32\amdocl64.dll
2011-10-25 20:20 . 2011-10-25 20:20	13950464	----a-w-	c:\windows\SysWow64\amdocl.dll
2011-10-21 19:24 . 2011-10-21 19:24	725936	----a-w-	C:\free-furvious.zip
2011-10-21 19:23 . 2011-10-21 19:23	262307	----a-w-	C:\brightsky.zip
2011-10-20 23:26 . 2011-10-20 23:26	94208	----a-w-	c:\windows\SysWow64\dpl100.dll
2011-10-20 16:48 . 2011-08-04 10:21	310984	----a-w-	c:\windows\system32\drivers\atksgt.sys
2011-10-18 13:32 . 2011-11-15 16:47	161168	----a-w-	c:\windows\system32\mfevtps.exe
2011-10-18 00:27 . 2011-11-15 07:19	8570192	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4EA2869F-1350-47A1-ADF5-F7612374DE37}\mpengine.dll
2011-10-15 12:16 . 2011-11-15 22:35	10248	----a-w-	c:\windows\system32\drivers\mfeclnk.sys
2011-10-15 12:16 . 2011-11-15 22:34	75808	----a-w-	c:\windows\system32\drivers\mfenlfk.sys
2011-10-15 12:16 . 2011-11-15 22:34	65264	----a-w-	c:\windows\system32\drivers\cfwids.sys
2011-10-15 12:16 . 2011-11-15 22:34	481768	----a-w-	c:\windows\system32\drivers\mfefirek.sys
2011-10-15 12:16 . 2011-11-15 22:34	284648	----a-w-	c:\windows\system32\drivers\mfewfpk.sys
2011-10-15 12:16 . 2011-11-15 22:34	229528	----a-w-	c:\windows\system32\drivers\mfeavfk.sys
2011-10-15 12:16 . 2011-11-15 22:34	100912	----a-w-	c:\windows\system32\drivers\mferkdet.sys
2011-10-15 12:16 . 2011-03-13 10:20	647080	----a-w-	c:\windows\system32\drivers\mfehidk.sys
2011-10-15 12:16 . 2011-03-13 10:20	160280	----a-w-	c:\windows\system32\drivers\mfeapfk.sys
2011-09-29 16:29 . 2011-11-09 06:24	1923952	----a-w-	c:\windows\system32\drivers\tcpip.sys
2011-09-28 20:45 . 2011-09-28 20:45	98304	----a-r-	c:\users\PC\AppData\Roaming\Microsoft\Installer\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}\icons.exe
.
.
(((((((((((((((((((((((((((((   SnapShot@2011-12-21_10.38.50   )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-06-17 21:08 . 2011-12-24 23:30	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-06-17 21:08 . 2011-11-18 00:28	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 04:54 . 2011-11-18 00:28	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-12-24 23:30	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-11-18 00:28	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-24 23:30	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-24 23:30	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-11-18 00:28	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-05-22 15:20 . 2011-12-25 10:10	58494              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-12-25 10:10	31276              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-05-22 15:20 . 2011-12-25 10:10	13116              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-946895887-3485042716-126150702-1000_UserData.bin
- 2011-05-22 13:23 . 2011-12-21 09:24	32768              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-05-22 13:23 . 2011-12-25 10:05	32768              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-11-15 22:37 . 2011-12-21 09:24	32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-11-15 22:37 . 2011-12-25 10:05	32768              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-21 09:24	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-25 10:05	16384              c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2011-12-25 09:43	91408              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-12-21 15:29 . 2011-12-21 15:29	85945              c:\windows\Installer\{F232C87C-6E92-4775-8210-DFE90B7777D9}\ARPPRODUCTICON.exe
+ 2011-05-22 21:40 . 2011-12-25 10:07	3446              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
- 2011-05-22 21:40 . 2011-12-21 00:03	3446              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
+ 2011-12-25 10:08 . 2011-12-25 10:08	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-21 07:48 . 2011-12-21 07:48	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-21 07:48 . 2011-12-21 07:48	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-12-25 10:08 . 2011-12-25 10:08	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 17:55 . 2011-12-25 00:09	699350              c:\windows\system32\perfh015.dat
- 2009-07-14 17:55 . 2011-12-21 07:53	699350              c:\windows\system32\perfh015.dat
- 2009-07-14 02:36 . 2011-12-21 07:53	616484              c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-12-25 00:09	616484              c:\windows\system32\perfh009.dat
+ 2009-07-14 17:55 . 2011-12-25 00:09	135500              c:\windows\system32\perfc015.dat
- 2009-07-14 17:55 . 2011-12-21 07:53	135500              c:\windows\system32\perfc015.dat
- 2009-07-14 02:36 . 2011-12-21 07:53	106864              c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-12-25 00:09	106864              c:\windows\system32\perfc009.dat
+ 2009-07-14 05:12 . 2011-12-25 10:05	245760              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 05:12 . 2011-12-21 09:24	245760              c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:01 . 2011-12-25 10:07	382372              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-12-21 00:03	382372              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2008-08-08 13:46 . 2008-08-08 13:46	242176              c:\windows\Installer\edb836.msi
+ 2011-04-19 03:21 . 2011-04-19 03:21	235520              c:\windows\Installer\74d4c.msi
+ 2011-10-18 16:55 . 2011-10-18 16:55	369664              c:\windows\Installer\1a5e3e5.msi
+ 2009-07-14 04:45 . 2011-12-25 09:42	7150698              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2011-12-16 07:55	7150698              c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-05-22 15:17 . 2011-12-25 10:07	41249372              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-946895887-3485042716-126150702-1000-12288.dat
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-09-16 1674896]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DevconDefaultDB"="c:\windows\system32\READREG" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Usługa Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-04 136176]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R3 AbilisT;Abilis Systems Single DVB-T Tuner;c:\windows\system32\Drivers\AbilisBdaTuner.sys [x]
R3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [x]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
R3 gupdatem;Usługa Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-04 136176]
R3 kxwdmdrv;kX WDM Driver Service;c:\windows\system32\drivers\kx.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x]
R3 ST330;ST330;c:\windows\system32\DRIVERS\st330.sys [x]
R3 STBUS;STBUS;c:\windows\system32\DRIVERS\stbus.sys [x]
R3 STETH;SpeedTouch Ethernet Adapter NT Driver;c:\windows\system32\DRIVERS\steth.sys [x]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/12/21 16:31];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-09-16 09:36 148976]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-09-23 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-09-14 83240]
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-10-12 75048]
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-10-12 292136]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe [2011-08-04 441344]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-10-18 208536]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S2 MOBKbackup;1%;c:\program files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-04-13 231224]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-09-14 75248]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
--- Inne Usługi/Sterowniki w Pamięci ---
.
*Deregistered* - mfeavfk01
.
Zawartość folderu 'Zaplanowane zadania'
.
2011-10-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc91ac332c4714.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-04 12:16]
.
2011-10-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-946895887-3485042716-126150702-1000Core1cc94f641dda746.job
- c:\users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-04 12:16]
.
2011-11-12 c:\windows\Tasks\MSIAfterburner.job
- c:\program files (x86)\MSI Afterburner\MSIAfterburner.exe [2011-10-02 13:50]
.
2011-12-21 c:\windows\Tasks\PDVD11Serv.EXE_20111221_163122_0884.job
- c:\program files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe [2011-12-21 13:48]
.
2011-06-18 c:\windows\Tasks\RDReminder.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2011-05-29 16:03]
.
2011-11-13 c:\windows\Tasks\RegCure Program Check.job
- c:\program files (x86)\RegCure\RegCure.exe [2010-05-19 23:20]
.
2011-11-13 c:\windows\Tasks\RegCure.job
- c:\program files (x86)\RegCure\RegCure.exe [2010-05-19 23:20]
.
2011-11-15 c:\windows\Tasks\{74FAE564-F4E2-4B44-82D7-F08E929610F3}.job
- c:\program files (x86)\Skype\Phone\Skype.exe [2011-10-13 08:27]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-13 19:11	3816248	----a-w-	c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-13 19:11	3816248	----a-w-	c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-13 19:11	3816248	----a-w-	c:\program files (x86)\McAfee Online Backup\MOBKshell.dll
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:55253
IE: E&ksport do programu Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: Sothink SWF Catcher - c:\program files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
BHO-{EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7} - c:\program files (x86)\RegTweaker\key.dll
Wow6432Node-HKLM-Run-o0uuccS2ibD3nG8234A - c:\windows\system32\Cloud AV 2012v121.exe
Wow6432Node-HKLM-Run-EtttxPP0ycSivDo - c:\users\PC\AppData\Roaming\dwme.exe
Wow6432Node-HKLM-Run-605.exe - c:\program files (x86)\LP\4F13\605.exe
Wow6432Node-HKLM-Run-syyccS1iiv3on4m8234A - c:\users\PC\AppData\Roaming\s33oonGG4aH6sJ\Cloud AV 2012v121.exe
Wow6432Node-HKLM-Run-yWWWK88fRL9TXqU - c:\users\PC\AppData\Roaming\dwme.exe
SafeBoot-16497322.sys
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\st330service]
"ImagePath"="C:\Program Files (x86)/Thomson/ST330/service/st330service.exe -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_USERS\S-1-5-21-946895887-3485042716-126150702-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:2a,c2,5d,f2,3e,98,7e,64,f8,95,20,b7,ba,58,95,7b,28,03,06,97,31,25,33,
   bc,16,33,07,6b,77,4e,dd,fb,0d,d8,b4,68,f9,bb,d3,5f,48,a1,a7,f8,6e,ae,76,24,\
"??"=hex:87,63,d3,27,2e,40,08,67,15,db,8a,24,55,f6,e8,42
.
[HKEY_USERS\S-1-5-21-946895887-3485042716-126150702-1000\Software\SecuROM\License information*]
"datasecu"=hex:c7,f7,20,f3,3f,11,4f,1d,46,a1,25,0d,07,a7,4e,6e,66,8b,7a,fa,c1,
   d3,e6,1a,2c,42,7a,00,3e,ed,98,e5,85,a2,12,a6,08,16,47,bf,08,43,5a,a5,b1,1e,\
"rkeysecu"=hex:e3,bf,c2,61,42,56,24,0c,08,e9,fc,11,98,9f,e9,5e
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\10.0\Word\Text Converters\Import\¬ z*]
"Name"="€z"
"Path"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\TextConv\\MSWRD632.CNV"
"Extensions"="€z"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\program files (x86)\Common Files\Motive\McciCMService.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
.
**************************************************************************
.
Czas ukończenia: 2011-12-25  11:16:29 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2011-12-25 10:16
ComboFix2.txt  2011-12-21 10:43
.
Przed: 1 020 522 496 bajtów wolnych
Po: 1 312 043 008 bajtów wolnych
.
- - End Of File - - 95271EEDB29390E6605381BA591DB8A6