ComboFix 12-07-30.01 - Anitka Dziadosz 2012-07-30  18:30:33.1.2 - x64 NETWORK
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1250.48.1045.18.4093.3264 [GMT 2:00]
Uruchomiony z: c:\users\Anitka Dziadosz\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Utworzono nowy punkt przywracania
.
.
(((((((((((((((((((((((((((((((((((((((   Usunięto   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini
c:\users\Anitka Dziadosz\AppData\Roaming\AdobeDLM.log
c:\windows\IsUn0415.exe
c:\windows\SysWow64\system
.
.
(((((((((((((((((((((((((   Pliki utworzone od 2012-06-28 do 2012-07-30  )))))))))))))))))))))))))))))))
.
.
2012-07-25 20:48 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDBCC75.tmp
2012-07-25 20:48 . 2012-07-25 20:48	2288	----a-w-	c:\windows\MANC66A.tmp
2012-07-25 20:48 . 2012-07-25 20:48	1472	----a-w-	c:\windows\VWLC699.tmp
2012-07-25 20:48 . 2012-07-25 20:48	17371294	----a-w-	c:\windows\WLFC69A.tmp
2012-07-25 19:07 . 2012-07-25 19:07	--------	d-----w-	c:\users\Anitka Dziadosz\AppData\Roaming\hellomoto
2012-07-24 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDBAE6F.tmp
2012-07-24 20:01 . 2012-07-24 20:01	2288	----a-w-	c:\windows\MANA92E.tmp
2012-07-24 20:01 . 2012-07-24 20:01	1472	----a-w-	c:\windows\VWLA92F.tmp
2012-07-24 20:01 . 2012-07-24 20:01	17282260	----a-w-	c:\windows\WLFA950.tmp
2012-07-24 17:44 . 2012-06-29 10:04	9133488	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{F3BABCC4-9359-4252-9396-FEDE4781BF78}\mpengine.dll
2012-07-23 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDB92AA.tmp
2012-07-23 20:01 . 2012-07-23 20:01	1472	----a-w-	c:\windows\VWL8DD8.tmp
2012-07-23 20:01 . 2012-07-23 20:01	17190812	----a-w-	c:\windows\WLF8DF8.tmp
2012-07-23 20:01 . 2012-07-23 20:01	2288	----a-w-	c:\windows\MAN8DD7.tmp
2012-07-22 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDBEFF.tmp
2012-07-22 20:01 . 2012-07-22 20:01	2284	----a-w-	c:\windows\MAN9FD.tmp
2012-07-22 20:01 . 2012-07-22 20:01	1470	----a-w-	c:\windows\VWL9FE.tmp
2012-07-22 20:01 . 2012-07-22 20:01	17099378	----a-w-	c:\windows\WLFA0F.tmp
2012-07-21 20:02 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDB15B8.tmp
2012-07-21 20:02 . 2012-07-21 20:02	2288	----a-w-	c:\windows\MAN12D8.tmp
2012-07-21 20:02 . 2012-07-21 20:02	1472	----a-w-	c:\windows\VWL12E8.tmp
2012-07-21 20:02 . 2012-07-21 20:02	17007944	----a-w-	c:\windows\WLF12F9.tmp
2012-07-20 20:01 . 2012-07-20 20:01	2284	----a-w-	c:\windows\MANB7D.tmp
2012-07-20 20:01 . 2012-07-20 20:01	1470	----a-w-	c:\windows\VWLB7E.tmp
2012-07-20 20:01 . 2012-07-20 20:01	16919370	----a-w-	c:\windows\WLFB9E.tmp
2012-07-20 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDBDA2.tmp
2012-07-19 20:01 . 2012-07-19 20:01	2288	----a-w-	c:\windows\MAN5EBD.tmp
2012-07-19 20:01 . 2012-07-19 20:01	16832050	----a-w-	c:\windows\WLF5EED.tmp
2012-07-19 20:01 . 2012-07-19 20:01	1472	----a-w-	c:\windows\VWL5ECD.tmp
2012-07-19 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDB6074.tmp
2012-07-18 20:01 . 2012-07-18 20:01	2288	----a-w-	c:\windows\MANC88B.tmp
2012-07-18 20:01 . 2012-07-18 20:01	16743862	----a-w-	c:\windows\WLFC8CC.tmp
2012-07-18 20:01 . 2012-07-18 20:01	1472	----a-w-	c:\windows\VWLC88C.tmp
2012-07-18 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDBCA91.tmp
2012-07-17 20:01 . 2012-07-17 20:01	2288	----a-w-	c:\windows\MAN3095.tmp
2012-07-17 20:01 . 2012-07-17 20:01	1472	----a-w-	c:\windows\VWL3096.tmp
2012-07-17 20:01 . 2012-07-17 20:01	16655698	----a-w-	c:\windows\WLF30A7.tmp
2012-07-17 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDB3115.tmp
2012-07-16 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDB37BE.tmp
2012-07-16 20:01 . 2012-07-16 20:01	2288	----a-w-	c:\windows\MAN3404.tmp
2012-07-16 20:01 . 2012-07-16 20:01	1472	----a-w-	c:\windows\VWL3405.tmp
2012-07-16 20:01 . 2012-07-16 20:01	16568598	----a-w-	c:\windows\WLF3454.tmp
2012-07-15 20:02 . 2012-07-15 20:01	16482436	----a-w-	c:\windows\WLFD353.tmp
2012-07-15 20:02 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDBD566.tmp
2012-07-15 20:01 . 2012-07-15 20:02	1472	----a-w-	c:\windows\VWLD323.tmp
2012-07-15 20:01 . 2012-07-15 20:02	2288	----a-w-	c:\windows\MAND312.tmp
2012-07-14 20:01 . 2012-07-14 20:01	2288	----a-w-	c:\windows\MAN20E8.tmp
2012-07-14 20:01 . 2012-07-14 20:01	16396298	----a-w-	c:\windows\WLF2109.tmp
2012-07-14 20:01 . 2012-07-14 20:01	1472	----a-w-	c:\windows\VWL20F9.tmp
2012-07-14 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDB2168.tmp
2012-07-13 20:40 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDB62C1.tmp
2012-07-13 20:40 . 2012-07-13 20:40	2288	----a-w-	c:\windows\MAN5FB2.tmp
2012-07-13 20:40 . 2012-07-13 20:40	1472	----a-w-	c:\windows\VWL5FB3.tmp
2012-07-13 20:40 . 2012-07-13 20:40	16310148	----a-w-	c:\windows\WLF6031.tmp
2012-07-11 20:03 . 2012-06-13 13:58	2769408	----a-w-	c:\windows\system32\win32k.sys
2012-07-10 20:01 . 2012-07-10 20:01	2288	----a-w-	c:\windows\MAN8312.tmp
2012-07-10 20:01 . 2012-07-10 20:01	1472	----a-w-	c:\windows\VWL8323.tmp
2012-07-10 20:01 . 2012-07-10 20:01	16220232	----a-w-	c:\windows\WLF8343.tmp
2012-07-10 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDB85F2.tmp
2012-07-09 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDB1C0E.tmp
2012-07-09 20:01 . 2012-07-09 20:01	2288	----a-w-	c:\windows\MAN172B.tmp
2012-07-09 20:01 . 2012-07-09 20:01	1472	----a-w-	c:\windows\VWL173C.tmp
2012-07-09 20:01 . 2012-07-09 20:01	16130946	----a-w-	c:\windows\WLF174C.tmp
2012-07-08 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDB7734.tmp
2012-07-08 20:01 . 2012-07-08 20:01	2288	----a-w-	c:\windows\MAN7463.tmp
2012-07-08 20:01 . 2012-07-08 20:01	1472	----a-w-	c:\windows\VWL74B2.tmp
2012-07-08 20:01 . 2012-07-08 20:01	16044760	----a-w-	c:\windows\WLF7501.tmp
2012-07-07 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDBB2.tmp
2012-07-07 20:01 . 2012-07-07 20:01	2284	----a-w-	c:\windows\MANFEEB.tmp
2012-07-07 20:01 . 2012-07-07 20:01	1472	----a-w-	c:\windows\VWLFEEC.tmp
2012-07-07 20:01 . 2012-07-07 20:01	15958610	----a-w-	c:\windows\WLFFF1C.tmp
2012-07-06 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDB950A.tmp
2012-07-06 20:01 . 2012-07-06 20:01	2288	----a-w-	c:\windows\MAN9249.tmp
2012-07-06 20:01 . 2012-07-06 20:01	1472	----a-w-	c:\windows\VWL9259.tmp
2012-07-06 20:01 . 2012-07-06 20:01	15872388	----a-w-	c:\windows\WLF9373.tmp
2012-07-05 20:01 . 2012-07-05 20:01	2288	----a-w-	c:\windows\MAN5242.tmp
2012-07-05 20:01 . 2012-07-05 20:01	15786178	----a-w-	c:\windows\WLF5263.tmp
2012-07-05 20:01 . 2012-07-05 20:01	1472	----a-w-	c:\windows\VWL5243.tmp
2012-07-05 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDB53CB.tmp
2012-07-04 20:01 . 2012-07-04 20:01	2288	----a-w-	c:\windows\MANDE21.tmp
2012-07-04 20:01 . 2012-07-04 20:01	1472	----a-w-	c:\windows\VWLDE22.tmp
2012-07-04 20:01 . 2012-07-04 20:01	15700004	----a-w-	c:\windows\WLFDE42.tmp
2012-07-04 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDBE084.tmp
2012-07-03 20:02 . 2012-07-03 20:02	2288	----a-w-	c:\windows\MAN6C03.tmp
2012-07-03 20:02 . 2012-07-03 20:02	15613818	----a-w-	c:\windows\WLF6C14.tmp
2012-07-03 20:02 . 2012-07-03 20:02	1472	----a-w-	c:\windows\VWL6C04.tmp
2012-07-03 20:02 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDB6E18.tmp
2012-07-02 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDB6E0C.tmp
2012-07-02 20:01 . 2012-07-02 20:02	2288	----a-w-	c:\windows\MAN69B6.tmp
2012-07-02 20:01 . 2012-07-02 20:02	1472	----a-w-	c:\windows\VWL69B7.tmp
2012-07-02 20:01 . 2012-07-02 20:01	15527680	----a-w-	c:\windows\WLF69E6.tmp
2012-07-01 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDBE2A4.tmp
2012-07-01 20:01 . 2012-07-01 20:01	2288	----a-w-	c:\windows\MANE0CD.tmp
2012-07-01 20:01 . 2012-07-01 20:01	1472	----a-w-	c:\windows\VWLE0DE.tmp
2012-07-01 20:01 . 2012-07-01 20:01	15441458	----a-w-	c:\windows\WLFE0EE.tmp
2012-06-30 20:01 . 2008-10-25 19:16	28156	----a-w-	c:\windows\SDB78C0.tmp
2012-06-30 20:01 . 2012-06-30 20:01	2288	----a-w-	c:\windows\MAN75FF.tmp
2012-06-30 20:01 . 2012-06-30 20:01	1472	----a-w-	c:\windows\VWL7600.tmp
2012-06-30 20:01 . 2012-06-30 20:01	15355272	----a-w-	c:\windows\WLF7611.tmp
.
.
.
((((((((((((((((((((((((((((((((((((((((   Sekcja Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 20:04 . 2006-11-02 12:35	59701280	----a-w-	c:\windows\system32\mrt.exe
2012-06-29 20:01 . 2012-06-29 20:01	2288	----a-w-	c:\windows\MANA87A.tmp
2012-06-29 20:01 . 2012-06-29 20:01	1472	----a-w-	c:\windows\VWLA889.tmp
2012-06-29 20:01 . 2012-06-29 20:01	15269074	----a-w-	c:\windows\WLFA89A.tmp
2012-06-28 20:01 . 2012-06-28 20:01	2288	----a-w-	c:\windows\MANF926.tmp
2012-06-28 20:01 . 2012-06-28 20:01	15180884	----a-w-	c:\windows\WLFF937.tmp
2012-06-28 20:01 . 2012-06-28 20:01	1472	----a-w-	c:\windows\VWLF927.tmp
2012-06-27 20:01 . 2012-06-27 20:01	1472	----a-w-	c:\windows\VWL7AE8.tmp
2012-06-27 20:01 . 2012-06-27 20:01	2288	----a-w-	c:\windows\MAN7AE7.tmp
2012-06-27 20:01 . 2012-06-27 20:01	15093076	----a-w-	c:\windows\WLF7AF9.tmp
2012-06-26 20:02 . 2012-06-26 20:02	2288	----a-w-	c:\windows\MAN6BA0.tmp
2012-06-26 20:02 . 2012-06-26 20:02	1472	----a-w-	c:\windows\VWL6BB1.tmp
2012-06-26 20:02 . 2012-06-26 20:02	15006854	----a-w-	c:\windows\WLF6BC2.tmp
2012-06-25 20:02 . 2012-06-25 20:02	2288	----a-w-	c:\windows\MAN3F50.tmp
2012-06-25 20:02 . 2012-06-25 20:02	1472	----a-w-	c:\windows\VWL3F51.tmp
2012-06-25 20:02 . 2012-06-25 20:02	14920668	----a-w-	c:\windows\WLF3F81.tmp
2012-06-24 20:01 . 2012-06-24 20:01	2288	----a-w-	c:\windows\MAN2203.tmp
2012-06-24 20:01 . 2012-06-24 20:01	1472	----a-w-	c:\windows\VWL2232.tmp
2012-06-24 20:01 . 2012-06-24 20:01	14828160	----a-w-	c:\windows\WLF2281.tmp
2012-06-23 20:01 . 2012-06-23 20:01	2288	----a-w-	c:\windows\MANC20D.tmp
2012-06-23 20:01 . 2012-06-23 20:01	1472	----a-w-	c:\windows\VWLC366.tmp
2012-06-23 20:01 . 2012-06-23 20:01	14730260	----a-w-	c:\windows\WLFC376.tmp
2012-06-22 20:01 . 2012-06-22 20:01	2288	----a-w-	c:\windows\MAN7338.tmp
2012-06-22 20:01 . 2012-06-22 20:01	1472	----a-w-	c:\windows\VWL7339.tmp
2012-06-22 20:01 . 2012-06-22 20:01	14632348	----a-w-	c:\windows\WLF7349.tmp
2012-06-20 20:02 . 2012-06-20 20:02	2288	----a-w-	c:\windows\MANF1F2.tmp
2012-06-20 20:02 . 2012-06-20 20:02	1472	----a-w-	c:\windows\VWLF212.tmp
2012-06-20 20:02 . 2012-06-20 20:02	14536634	----a-w-	c:\windows\WLFF223.tmp
2012-06-19 20:01 . 2012-06-19 20:01	2288	----a-w-	c:\windows\MAN8A8D.tmp
2012-06-19 20:01 . 2012-06-19 20:01	1472	----a-w-	c:\windows\VWL8A8E.tmp
2012-06-19 20:01 . 2012-06-19 20:01	14443204	----a-w-	c:\windows\WLF8AAE.tmp
2012-06-18 20:02 . 2012-06-18 20:02	2288	----a-w-	c:\windows\MAN70FA.tmp
2012-06-18 20:02 . 2012-06-18 20:02	1472	----a-w-	c:\windows\VWL710B.tmp
2012-06-18 20:02 . 2012-06-18 20:02	14350072	----a-w-	c:\windows\WLF711B.tmp
2012-06-17 20:01 . 2012-06-17 20:01	2288	----a-w-	c:\windows\MAN45DA.tmp
2012-06-17 20:01 . 2012-06-17 20:01	1472	----a-w-	c:\windows\VWL45EB.tmp
2012-06-17 20:01 . 2012-06-17 20:01	14260740	----a-w-	c:\windows\WLF45FB.tmp
2012-06-12 20:03 . 2012-06-12 20:03	2288	----a-w-	c:\windows\MANAAD2.tmp
2012-06-12 20:03 . 2012-06-12 20:03	1472	----a-w-	c:\windows\VWLAAD3.tmp
2012-06-12 20:03 . 2012-06-12 20:03	14169864	----a-w-	c:\windows\WLFAAF3.tmp
2012-06-11 20:04 . 2012-06-11 20:04	2288	----a-w-	c:\windows\MANE7E6.tmp
2012-06-11 20:04 . 2012-06-11 20:04	1472	----a-w-	c:\windows\VWLE7E7.tmp
2012-06-11 20:04 . 2012-06-11 20:04	14075116	----a-w-	c:\windows\WLFE7F8.tmp
2012-06-09 20:01 . 2012-06-09 20:01	2288	----a-w-	c:\windows\MANE34E.tmp
2012-06-09 20:01 . 2012-06-09 20:01	1472	----a-w-	c:\windows\VWLE34F.tmp
2012-06-09 20:01 . 2012-06-09 20:01	13980296	----a-w-	c:\windows\WLFE360.tmp
2012-06-08 20:01 . 2012-06-08 20:01	2288	----a-w-	c:\windows\MANA24E.tmp
2012-06-08 20:01 . 2012-06-08 20:01	1472	----a-w-	c:\windows\VWLA24F.tmp
2012-06-08 20:01 . 2012-06-08 20:01	13885536	----a-w-	c:\windows\WLFA25F.tmp
2012-06-07 20:01 . 2012-06-07 20:01	2288	----a-w-	c:\windows\MANF033.tmp
2012-06-07 20:01 . 2012-06-07 20:01	1472	----a-w-	c:\windows\VWLF044.tmp
2012-06-07 20:01 . 2012-06-07 20:01	13791198	----a-w-	c:\windows\WLFF045.tmp
2012-06-07 09:16 . 2012-06-07 09:16	2288	----a-w-	c:\windows\MANBF00.tmp
2012-06-07 09:16 . 2012-06-07 09:16	1472	----a-w-	c:\windows\VWLBF30.tmp
2012-06-07 09:16 . 2012-06-07 09:16	13701584	----a-w-	c:\windows\WLFBF41.tmp
2012-06-05 20:01 . 2012-06-05 20:01	1472	----a-w-	c:\windows\VWL87E1.tmp
2012-06-05 20:01 . 2012-06-05 20:01	2288	----a-w-	c:\windows\MAN87C1.tmp
2012-06-05 20:01 . 2012-06-05 20:01	13615374	----a-w-	c:\windows\WLF87F2.tmp
2012-06-04 20:02 . 2012-06-04 20:02	2288	----a-w-	c:\windows\MAN6097.tmp
2012-06-04 20:02 . 2012-06-04 20:02	1472	----a-w-	c:\windows\VWL6098.tmp
2012-06-04 20:02 . 2012-06-04 20:02	13529200	----a-w-	c:\windows\WLF60A8.tmp
2012-06-03 20:02 . 2012-06-03 20:02	2288	----a-w-	c:\windows\MANEF2A.tmp
2012-06-03 20:02 . 2012-06-03 20:02	1472	----a-w-	c:\windows\VWLEF2B.tmp
2012-06-03 20:02 . 2012-06-03 20:02	13439700	----a-w-	c:\windows\WLFEF3C.tmp
2012-06-02 22:19 . 2012-06-22 14:35	38424	----a-w-	c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 14:35	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-22 14:35	57880	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 14:35	44056	----a-w-	c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 14:35	35864	----a-w-	c:\windows\SysWow64\wups.dll
2012-06-02 22:19 . 2012-06-22 14:35	701976	----a-w-	c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-22 14:35	577048	----a-w-	c:\windows\SysWow64\wuapi.dll
2012-06-02 22:15 . 2012-06-22 14:35	2622464	----a-w-	c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-22 14:35	99840	----a-w-	c:\windows\system32\wudriver.dll
2012-06-02 22:12 . 2012-06-22 14:35	88576	----a-w-	c:\windows\SysWow64\wudriver.dll
2012-06-02 20:01 . 2012-06-02 20:01	2288	----a-w-	c:\windows\MAN6D43.tmp
2012-06-02 20:01 . 2012-06-02 20:01	1472	----a-w-	c:\windows\VWL6D44.tmp
2012-06-02 20:01 . 2012-06-02 20:01	13347466	----a-w-	c:\windows\WLF6D65.tmp
2012-06-02 13:19 . 2012-06-22 14:35	171904	----a-w-	c:\windows\SysWow64\wuwebv.dll
2012-06-02 13:19 . 2012-06-22 14:35	186752	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-22 14:35	36864	----a-w-	c:\windows\system32\wuapp.exe
2012-06-02 13:12 . 2012-06-22 14:35	33792	----a-w-	c:\windows\SysWow64\wuapp.exe
2012-05-31 20:02 . 2012-05-31 20:02	2288	----a-w-	c:\windows\MANBEB7.tmp
2012-05-31 20:02 . 2012-05-31 20:02	1472	----a-w-	c:\windows\VWLBEB8.tmp
2012-05-31 20:02 . 2012-05-31 20:02	13258558	----a-w-	c:\windows\WLFBEC8.tmp
2012-05-31 10:25 . 2010-02-07 14:16	279656	------w-	c:\windows\system32\MpSigStub.exe
2012-05-30 20:01 . 2012-05-30 20:01	2288	----a-w-	c:\windows\MANDDFE.tmp
2012-05-30 20:01 . 2012-05-30 20:01	1472	----a-w-	c:\windows\VWLDDFF.tmp
2012-05-30 20:01 . 2012-05-30 20:01	13172384	----a-w-	c:\windows\WLFDE20.tmp
2012-05-29 20:01 . 2012-05-29 20:01	2288	----a-w-	c:\windows\MANEBF8.tmp
2012-05-29 20:01 . 2012-05-29 20:01	1472	----a-w-	c:\windows\VWLEBF9.tmp
2012-05-29 20:01 . 2012-05-29 20:01	13086198	----a-w-	c:\windows\WLFEC09.tmp
2012-05-28 20:02 . 2012-05-28 20:02	2288	----a-w-	c:\windows\MANC49F.tmp
2012-05-28 20:02 . 2012-05-28 20:02	1472	----a-w-	c:\windows\VWLC4AF.tmp
2012-05-28 20:02 . 2012-05-28 20:02	13000000	----a-w-	c:\windows\WLFC4C0.tmp
2012-05-27 20:01 . 2012-05-27 20:01	2288	----a-w-	c:\windows\MANE0CB.tmp
2012-05-27 20:01 . 2012-05-27 20:01	1472	----a-w-	c:\windows\VWLE0FA.tmp
2012-05-27 20:01 . 2012-05-27 20:01	12913850	----a-w-	c:\windows\WLFE11B.tmp
2012-05-26 20:01 . 2012-05-26 20:01	2288	----a-w-	c:\windows\MANEEE3.tmp
2012-05-26 20:01 . 2012-05-26 20:01	1472	----a-w-	c:\windows\VWLEEE4.tmp
2012-05-26 20:01 . 2012-05-26 20:01	12827688	----a-w-	c:\windows\WLFEEF5.tmp
.
.
(((((((((((((((((((((((((((((((((((((   Wpisy startowe rejestru   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{930f1200-f5f1-4870-bac6-e233ec8e7023}"= "c:\program files (x86)\Softonic_English\tbSoft.dll" [2008-09-15 1784856]
.
[HKEY_CLASSES_ROOT\clsid\{930f1200-f5f1-4870-bac6-e233ec8e7023}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{930f1200-f5f1-4870-bac6-e233ec8e7023}]
2008-09-15 03:47	1784856	----a-w-	c:\program files (x86)\Softonic_English\tbSoft.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{930f1200-f5f1-4870-bac6-e233ec8e7023}"= "c:\program files (x86)\Softonic_English\tbSoft.dll" [2008-09-15 1784856]
.
[HKEY_CLASSES_ROOT\clsid\{930f1200-f5f1-4870-bac6-e233ec8e7023}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1555968]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"Gadu-Gadu 10"="c:\program files (x86)\Gadu-Gadu 10\gg.exe" [2011-07-04 13374048]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TSS.exe" [2008-08-04 1242424]
"CLMLServer"="c:\program files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe" [2008-07-11 188416]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-07-31 417792]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"adiras"="c:\windows\adirasx64.exe" [2007-02-13 253008]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-12-09 74752]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Przyspieszenie uruchomienia programu AutoCAD.lnk - c:\program files (x86)\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"Adobe Photo Downloader"="c:\program files (x86)\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"PCMAgent"="c:\program files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe"
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe"
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
Themes
.
Zawartość folderu 'Zaplanowane zadania'
.
2012-07-25 c:\windows\Tasks\User_Feed_Synchronization-{CD419AA0-7C00-4225-8B2B-7AEAC00F4440}.job
- c:\windows\system32\msfeedssync.exe [2012-06-13 03:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RAVCpl64.exe" [2008-04-08 6156288]
"Skytel"="Skytel.exe" [2007-11-21 1826816]
"LXBTCATS"="c:\windows\system32\spool\DRIVERS\x64\3\LXBTtime.dll" [2007-05-02 28672]
"lxbtmon.exe"="c:\program files (x86)\Lexmark 5200 Series\lxbtmon.exe" [2007-05-02 230320]
"EzPrint"="c:\program files (x86)\Lexmark 5200 Series\ezprint.exe" [2007-05-02 103344]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1216808]
"TURegOpt"="c:\users\Anitka Dziadosz\AppData\Local\Microsoft\Windows\1149\TURegOpt.exe" [2012-07-25 48640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Skan uzupełniający -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.onet.pl/
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Anitka Dziadosz\AppData\Roaming\Mozilla\Firefox\Profiles\ahl7rxby.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/ig
.
- - - - USUNIĘTO PUSTE WPISY - - - -
.
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
WebBrowser-{930F1200-F5F1-4870-BAC6-E233EC8E7023} - (no file)
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
AddRemove-Lexmark 5200 Series - c:\program files (x86) (x86)\Lexmark 5200 Series\Install\x64\Uninst.exe
AddRemove-Pharaoh - c:\windows\IsUn0415.exe
.
.
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash9e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash9e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash9e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash9e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil9e.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil9e.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@SACL=
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Czas ukończenia: 2012-07-30  18:49:10 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt  2012-07-30 16:49
.
Przed: 51 360 788 480 bajtów wolnych
Po: 52 081 872 896 bajtów wolnych
.
- - End Of File - - C676B7ED499A758C74ADBB5B719C8115