Skocz do zawartości
Zaloguj się, aby obserwować  
janikp

Robak w komputerze

Polecane posty

Witam

Jestem nowy tutaj na forum. Nie zakladam nowego watku tylko sie podepne do podobnego.

Mam problem podobny jak kolega, prawdopodobnie mam jakies smieci na komputerzew dodatku skąs robal uzyskal dane do FTP serwera i wczoraj polozył mi strone firmowa.

Zeskanowalem go OLT oraz GMER i o ile ten pierwszy udalo sie to przy tym drugim nie uzyskalem zadnego pliku z LOGAMI. Z OLT zalaczam plik ponizej.


OTL logfile created on: 2012-11-20 00:33:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\user\Pulpit\olt
Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,50 Gb Total Physical Memory | 0,76 Gb Available Physical Memory | 50,40% Memory free
3,35 Gb Paging File | 2,75 Gb Available in Paging File | 81,88% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 20,58 Gb Total Space | 1,67 Gb Free Space | 8,12% Space Free | Partition Type: NTFS
Drive D: | 16,51 Gb Total Space | 3,00 Gb Free Space | 18,20% Space Free | Partition Type: FAT32
Drive E: | 18,44 Gb Total Space | 2,23 Gb Free Space | 12,10% Space Free | Partition Type: FAT32
Drive F: | 18,98 Gb Total Space | 4,95 Gb Free Space | 26,10% Space Free | Partition Type: FAT32
Drive J: | 37,31 Gb Total Space | 18,90 Gb Free Space | 50,66% Space Free | Partition Type: NTFS

Computer Name: ADMIN | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-11-19 10:00:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Pulpit\olt\OTL.exe
PRC - [2012-11-08 00:37:37 | 001,990,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012-11-08 00:37:11 | 006,756,048 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2012-11-03 07:41:35 | 003,377,288 | ---- | M] (GG Network S.A.) -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe
PRC - [2012-11-03 07:41:32 | 003,704,968 | ---- | M] (GG Network S.A.) -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GG\Application\ggdrive\ggdrive.exe
PRC - [2012-10-19 05:39:41 | 000,153,736 | ---- | M] (GG Network S.A.) -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GG\Application\ggapp.exe
PRC - [2012-09-18 12:12:28 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012-08-08 09:17:00 | 000,540,056 | ---- | M] (Lavasoft) -- C:\Documents and Settings\All Users\Dane aplikacji\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2011-08-23 20:20:18 | 000,887,976 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011-07-06 15:32:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2011-02-02 13:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2011-01-11 18:04:04 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2010-04-06 14:35:06 | 004,142,080 | ---- | M] () -- C:\Program Files\Dude\dude.exe
PRC - [2010-02-04 03:50:14 | 001,982,976 | ---- | M] () -- C:\Program Files\EMS\ScheduleService.exe
PRC - [2009-08-20 16:42:38 | 001,560,576 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RaUI.exe
PRC - [2009-07-14 20:53:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RaRegistry.exe
PRC - [2008-10-15 16:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\winvnc4.exe
PRC - [2007-10-29 13:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-11-18 14:53:26 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2012-11-03 07:41:17 | 009,816,192 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GG\Application\FMSBWChecker\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
MOD - [2012-10-19 05:39:51 | 001,945,600 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GG\Application\xulrunner\mozjs.dll
MOD - [2012-10-05 01:33:28 | 000,070,352 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
MOD - [2012-09-12 09:21:52 | 000,135,168 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GG\Application\ggdrive\zlib1.dll
MOD - [2011-09-15 10:07:08 | 001,203,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\ad9facc364268611cc4ca65f77caeddd\System.WorkflowServices.ni.dll
MOD - [2011-09-15 10:05:18 | 000,365,056 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\76a5d670ce969c0c65a905b7303d4bbf\System.ServiceModel.Routing.ni.dll
MOD - [2011-09-15 10:05:15 | 001,127,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\dbf07cb14b4dcc210cdf8b5d90a12a56\System.ServiceModel.Discovery.ni.dll
MOD - [2011-09-15 10:05:11 | 000,082,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\c3831eb95ccf3904bab81a97a9b08ed3\System.ServiceModel.Channels.ni.dll
MOD - [2011-09-15 10:04:22 | 001,388,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\52481fccddb053768631c640d5059d4b\System.ServiceModel.Activities.ni.dll
MOD - [2011-09-15 10:04:10 | 001,065,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\9eac876f58a3ebca8878b8654efdc817\System.IdentityModel.ni.dll
MOD - [2011-09-15 10:04:06 | 017,919,488 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\250b525aa8c17327216e102569c0d766\System.ServiceModel.ni.dll
MOD - [2011-09-15 10:03:09 | 001,046,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\51c60db370e050d9cdcac17060aaac53\System.ServiceModel.Web.ni.dll
MOD - [2011-09-15 10:00:14 | 000,220,672 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\6e7f1bdc845816dfc797f8002b76b5e8\System.ServiceProcess.ni.dll
MOD - [2011-09-15 10:00:05 | 001,864,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\149f2dcb9c9706e592d1980a945850c2\System.Web.Services.ni.dll
MOD - [2011-09-15 09:59:34 | 000,784,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\8b6e9d6171aad3561263ce2cd05c57df\System.EnterpriseServices.ni.dll
MOD - [2011-09-15 09:59:34 | 000,230,912 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\8b6e9d6171aad3561263ce2cd05c57df\System.EnterpriseServices.Wrapper.dll
MOD - [2011-09-15 09:59:32 | 000,645,632 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\dd9dbf82e44454689976a49a9e4ddb6d\System.Transactions.ni.dll
MOD - [2011-09-15 09:59:30 | 001,011,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f3989d3e9cb8904e4edf23ede5adb6c1\System.Runtime.DurableInstancing.ni.dll
MOD - [2011-09-15 09:59:27 | 000,142,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4d2a51c03b27e615ff9f1c430f2014ba\SMDiagnostics.ni.dll
MOD - [2011-09-15 09:59:25 | 002,625,024 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
MOD - [2011-09-14 21:18:58 | 006,754,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\92cccedc7cda413ff6fc6492cb256b58\System.Data.ni.dll
MOD - [2011-09-14 21:18:29 | 005,571,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\e997d0200c25f7db6bd32313d50b729d\System.Xml.ni.dll
MOD - [2011-09-14 21:18:17 | 000,973,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\ac18c2dcd06bd2a0589bac94ccae5716\System.Configuration.ni.dll
MOD - [2011-09-14 21:18:02 | 001,651,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd57bc19f5807c6dbe8f88d4a23277f6\System.Drawing.ni.dll
MOD - [2011-09-14 21:17:43 | 007,025,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
MOD - [2011-09-14 21:17:15 | 009,000,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
MOD - [2011-09-14 21:16:54 | 014,415,872 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
MOD - [2011-02-02 13:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
MOD - [2010-04-06 14:35:06 | 004,142,080 | ---- | M] () -- C:\Program Files\Dude\dude.exe
MOD - [2010-04-06 14:34:28 | 000,372,224 | ---- | M] () -- C:\Program Files\Dude\libfreetype-6.dll
MOD - [2010-04-06 14:34:28 | 000,335,360 | ---- | M] () -- C:\Program Files\Dude\libcairo-2.dll
MOD - [2010-04-06 14:34:28 | 000,281,088 | ---- | M] () -- C:\Program Files\Dude\libxml2-2.dll
MOD - [2010-04-06 14:34:28 | 000,236,032 | ---- | M] () -- C:\Program Files\Dude\libgio-2.0-0.dll
MOD - [2010-04-06 14:34:28 | 000,233,984 | ---- | M] () -- C:\Program Files\Dude\libnetsnmp-15.dll
MOD - [2010-04-06 14:34:28 | 000,178,176 | ---- | M] () -- C:\Program Files\Dude\librsvg-2-2.dll
MOD - [2010-04-06 14:34:28 | 000,165,376 | ---- | M] () -- C:\Program Files\Dude\libcroco-0.6-3.dll
MOD - [2010-04-06 14:34:28 | 000,163,840 | ---- | M] () -- C:\Program Files\Dude\libpixman-1-0.dll
MOD - [2010-04-06 14:34:28 | 000,153,600 | ---- | M] () -- C:\Program Files\Dude\libpng12-0.dll
MOD - [2010-04-06 14:34:28 | 000,140,288 | ---- | M] () -- C:\Program Files\Dude\libfontconfig-1.dll
MOD - [2010-04-06 14:34:28 | 000,119,808 | ---- | M] () -- C:\Program Files\Dude\libjpeg-62.dll
MOD - [2010-04-06 14:34:28 | 000,108,544 | ---- | M] () -- C:\Program Files\Dude\libexpat-1.dll
MOD - [2010-04-06 14:34:28 | 000,039,936 | ---- | M] () -- C:\Program Files\Dude\libpangocairo-1.0-0.dll
MOD - [2010-02-05 03:42:18 | 001,757,184 | ---- | M] () -- C:\Program Files\EMS\PdvrServer.dll
MOD - [2010-02-04 03:50:14 | 001,982,976 | ---- | M] () -- C:\Program Files\EMS\ScheduleService.exe
MOD - [2009-11-16 19:31:58 | 000,069,632 | ---- | M] () -- C:\Program Files\PSPad editor\PSPadShell.dll
MOD - [2009-08-20 20:59:58 | 000,860,160 | ---- | M] () -- C:\Program Files\Ralink\Common\RaWLAPI.dll
MOD - [2009-05-11 10:45:40 | 000,147,456 | ---- | M] () -- C:\WINDOWS\system32\DiagFunc.dll
MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL
MOD - [2007-10-29 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012-11-08 00:37:37 | 001,990,464 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012-09-18 12:12:28 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011-09-14 22:05:44 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011-07-06 15:32:20 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\ramaint.exe -- (LMIMaint)
SRV - [2011-07-06 15:32:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011-02-02 13:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2011-01-11 18:04:04 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010-02-04 03:50:14 | 001,982,976 | ---- | M] () [Auto | Running] -- C:\Program Files\EMS\ScheduleService.exe -- (EMSService)
SRV - [2009-10-20 19:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009-07-14 20:53:00 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\Ralink\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2008-10-15 16:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files\RealVNC\VNC4\winvnc4.exe -- (WinVNC4)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012-11-08 00:38:17 | 000,099,080 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2012-11-08 00:38:16 | 000,032,640 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012-11-08 00:38:14 | 000,497,952 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012-11-08 00:38:13 | 000,018,096 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmderd.sys -- (cmderd)
DRV - [2011-07-06 15:32:50 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2011-01-11 18:04:04 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2011-01-11 18:04:04 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2009-10-20 19:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009-06-12 16:21:40 | 000,500,096 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61)
DRV - [2009-04-21 14:31:10 | 000,019,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Scutum50.sys -- (Scutum50)
DRV - [2004-08-22 15:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\d347prt.sys -- (d347prt)
DRV - [2004-08-22 15:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\d347bus.sys -- (d347bus)
DRV - [2001-08-17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-448539723-1677128483-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=128
IE - HKU\S-1-5-21-448539723-1677128483-839522115-1003\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-448539723-1677128483-839522115-1003\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
IE - HKU\S-1-5-21-448539723-1677128483-839522115-1003\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKU\S-1-5-21-448539723-1677128483-839522115-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000
IE - HKU\S-1-5-21-448539723-1677128483-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: "Ask.com Search"
FF - prefs.js..browser.search.defaultenginename: "Ask.com Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="
FF - prefs.js..browser.search.order.1: "Ask.com Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Ask.com Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl"
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.664
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=827316&p="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-11-19 17:09:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-10-17 11:02:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

[2012-03-19 15:18:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Extensions
[2012-03-19 15:17:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles cf2l7dg.Domyślny użytkownik\extensions
[2012-03-19 15:17:43 | 000,000,000 | ---D | M] (Facemoods) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles cf2l7dg.Domyślny użytkownik\extensions\ffxtlbr@Facemoods.com
[2012-11-19 17:06:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ur0n3tqw.default\extensions
[2012-03-19 15:20:30 | 000,000,000 | ---D | M] ("Winamp Toolbar") -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ur0n3tqw.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2012-03-19 15:20:30 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ur0n3tqw.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2012-11-19 17:06:16 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ur0n3tqw.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012-03-19 15:20:36 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ur0n3tqw.default\extensions\LogMeInClient@logmein(2).com
[2012-03-19 15:20:35 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ur0n3tqw.default\extensions\LogMeInClient@logmein.com
[2012-09-09 15:05:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ur0n3tqw.default\extensions\staged
[2012-03-19 15:20:31 | 000,000,000 | ---D | M] ("KMPlayer Toolbar") -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ur0n3tqw.default\extensions oolbar@ask.com
[2012-03-19 15:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\y553adgw.default\extensions
[2012-03-19 15:20:21 | 000,000,000 | ---D | M] (Facemoods) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\y553adgw.default\extensions\ffxtlbr@Facemoods.com
[2010-10-10 15:46:56 | 000,004,669 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles cf2l7dg.Domyślny użytkownik\extensions\ffxtlbr@Facemoods.com\content\xpiInstallLgc.js
[2012-01-31 19:20:49 | 001,331,409 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ur0n3tqw.default\extensions\firebug@software.joehewitt.com.xpi
[2012-02-05 08:32:16 | 000,020,591 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ur0n3tqw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2011-09-10 20:15:13 | 000,089,388 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ur0n3tqw.default\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}.xpi
[2012-02-11 19:54:29 | 000,709,293 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ur0n3tqw.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2010-10-10 15:46:56 | 000,004,669 | ---- | M] () (No name found) -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\y553adgw.default\extensions\ffxtlbr@Facemoods.com\content\xpiInstallLgc.js
[2009-02-26 17:31:08 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ur0n3tqw.default\searchplugins\ask.xml
[2012-01-01 21:45:34 | 000,002,572 | ---- | M] () -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ur0n3tqw.default\searchplugins\askcom.xml
[2012-09-18 12:15:19 | 000,002,306 | ---- | M] () -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ur0n3tqw.default\searchplugins\askcomsearch.xml
[2011-09-10 20:15:25 | 000,001,565 | ---- | M] () -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ur0n3tqw.default\searchplugins\web-search.xml
[2008-08-28 16:18:38 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\user\Dane aplikacji\Mozilla\Firefox\Profiles\ur0n3tqw.default\searchplugins\winamp-search.xml
[2012-03-19 15:15:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-03-13 05:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-03-13 06:36:36 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-03-13 06:36:36 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-03-13 06:36:36 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-03-13 06:36:36 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-03-13 06:36:36 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-03-13 06:36:36 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage: http://start.facemoods.com/?a=ddr
CHR - default_search_provider: Ask.com (Enabled)
CHR - default_search_provider: search_url = http://websearch.ask.com/redirect?client=ff&src=crm&tb=PTV&o=15184&locale=en_US&apn_uid=d607eab2-6a26-4b0e-80ce-d392c10d2e66&apn_ptnrs=RY&apn_sauid=2B6A539B-F047-40F1-BBB0-090849BEE0E7&apn_dtid=YYYYYYYYPL&q={searchTerms}&
CHR - default_search_provider: suggest_url = http://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}
CHR - homepage: http://start.facemoods.com/?a=ddr
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: registryAccess (Enabled) = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aaaaoggiphohkihibdkcnhnokmkfmhnj\7.15.1.22688_0\background/registryAccess.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: HOEM ActiveX plugin (Enabled) = C:\Program Files\Google\Chrome\Application\plugins\np_hoem_x.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Facemoods = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.6.4_0\
CHR - Extension: Facemoods = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.6.4_0\facemoods\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\

O1 HOSTS File: ([2012-01-11 11:27:16 | 000,000,769 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (KMPlayer Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (KMPlayer Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {56CF4856-ECB4-4E46-A897-A378821F97B9} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {56CF4856-ECB4-4E46-A897-A378821F97B9} - No CLSID value found.
O3 - HKU\S-1-5-21-448539723-1677128483-839522115-1003\..\Toolbar\WebBrowser: (no name) - {56CF4856-ECB4-4E46-A897-A378821F97B9} - No CLSID value found.
O3 - HKU\S-1-5-21-448539723-1677128483-839522115-1003\..\Toolbar\WebBrowser: (KMPlayer Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\Documents and Settings\All Users\Dane aplikacji\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [ADBlocker] C:\Program Files\Anvisoft\Anvi Smart Defender oolbox\adblocker\ADBlockerTray.exe -tray File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DudeServer] C:\Program Files\Dude\dude.exe ()
O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKU\S-1-5-21-448539723-1677128483-839522115-1003..\Run: [GG] C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe (GG Network S.A.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
O4 - Startup: C:\Documents and Settings\user\Menu Start\Programy\Autostart\The Dude.lnk = C:\Program Files\Dude\dude.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-448539723-1677128483-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {108D3206-846A-4A93-BACB-F0572D043ED7} http://46.151.116.36:81/webrec.cab (SurveillanceCtrl Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A13E7E61-7658-41A3-86F1-DEB2A9B71CB4}: NameServer = 46.151.112.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-08-31 21:31:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011-09-12 22:37:16 | 000,000,000 | ---D | M] - D:\autocad -- [ FAT32 ]
O32 - AutoRun File - [2011-09-14 20:42:18 | 000,000,000 | ---D | M] - D:\autocad2012 -- [ FAT32 ]
O32 - AutoRun File - [2011-05-23 12:16:30 | 000,000,000 | ---D | M] - D:\automapa -- [ FAT32 ]
O32 - AutoRun File - [2011-09-17 13:52:14 | 000,000,000 | ---D | M] - F:\autocad -- [ FAT32 ]
O32 - AutoRun File - [2011-09-22 17:25:39 | 000,000,000 | ---D | M] - J:\AUTOCAD -- [ NTFS ]
O32 - AutoRun File - [2011-09-22 18:15:51 | 000,000,000 | ---D | M] - J:\AUTOCADmap -- [ NTFS ]
O32 - AutoRun File - [2011-09-19 10:52:25 | 3430,132,311 | ---- | M] () - J:\AutoCAD_Map_3D_2012_English_Win_32bit.exe -- [ NTFS ]
O33 - MountPoints2\{12ce0d83-7c05-11e1-b8ff-000c76123456}\Shell - "" = AutoRun
O33 - MountPoints2\{12ce0d83-7c05-11e1-b8ff-000c76123456}\Shell\AutoRun\command - "" = I:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-11-20 00:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Pulpit\olt
[2012-11-19 18:35:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Malwarebytes
[2012-11-19 18:34:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2012-11-19 18:34:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2012-11-19 18:34:01 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012-11-19 18:33:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012-11-19 17:31:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Dane aplikacji\Ad-Aware Antivirus
[2012-11-19 17:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\adawarebp
[2012-11-19 17:12:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft
[2012-11-19 17:09:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\Downloaded Installations
[2012-11-19 17:08:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\blekko toolbars
[2012-11-19 17:06:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Ad-Aware Browsing Protection
[2012-11-19 17:06:19 | 000,000,000 | ---D | C] -- C:\Program Files\adawaretb
[2012-11-19 17:06:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\adawaretb
[2012-11-19 17:06:18 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
[2012-11-19 17:06:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\LavasoftStatistics
[2012-11-19 17:05:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Ad-Aware Antivirus
[2012-11-19 16:42:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\FileZilla
[2012-11-19 16:41:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\FileZilla FTP Client
[2012-11-19 16:41:06 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2012-11-19 16:27:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Anvisoft
[2012-11-19 16:26:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Anvisoft
[2012-11-19 16:26:21 | 000,000,000 | ---D | C] -- C:\Program Files\Anvisoft
[2012-11-18 21:12:01 | 000,000,000 | ---D | C] -- C:\Program Files\ProgDVB
[2012-11-17 21:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Roiz
[2012-11-17 21:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Qeyzep
[2012-11-17 21:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dane aplikacji\Afut
[2012-11-14 00:54:49 | 000,000,000 | ---D | C] -- C:\Program Files\Pyxis
[2012-11-14 00:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Pyxis
[2012-10-25 19:10:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Ubiquiti-Networks
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-11-20 00:49:30 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2012-11-20 00:46:00 | 000,000,232 | ---- | M] () -- C:\WINDOWS asks\Scheduled Update for Ask Toolbar.job
[2012-11-20 00:38:00 | 000,001,032 | ---- | M] () -- C:\WINDOWS asks\GoogleUpdateTaskMachineUA.job
[2012-11-20 00:31:03 | 000,000,691 | ---- | M] () -- C:\dude.conf
[2012-11-20 00:30:49 | 000,000,050 | ---- | M] () -- C:\WINDOWS\PdvrServer.INI
[2012-11-20 00:30:32 | 000,023,773 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012-11-20 00:30:15 | 000,001,028 | ---- | M] () -- C:\WINDOWS asks\GoogleUpdateTaskMachineCore.job
[2012-11-20 00:30:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-11-20 00:30:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-11-20 00:30:06 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys
[2012-11-20 00:26:35 | 000,000,052 | ---- | M] () -- C:\Documents and Settings\user\defogger_reenable
[2012-11-19 23:29:03 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2012-11-19 20:54:28 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2012-11-19 20:28:21 | 000,306,491 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\iptv.pdf
[2012-11-19 18:34:30 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
[2012-11-19 17:35:54 | 000,000,898 | ---- | M] () -- C:\WINDOWS asks\Ad-Aware Antivirus Scheduled Scan.job
[2012-11-19 16:41:42 | 000,001,663 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\FileZilla Client.lnk
[2012-11-18 13:17:15 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2012-11-16 09:34:40 | 000,011,232 | ---- | M] () -- C:\Documents and Settings\user\.avcln
[2012-11-14 01:16:50 | 000,000,638 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\PYXIS.lnk
[2012-11-14 00:55:49 | 000,000,496 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\Skrót do Pyxis.lnk
[2012-11-09 12:56:56 | 000,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2012-11-09 12:56:56 | 000,000,003 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2012-11-08 00:38:17 | 000,099,080 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2012-11-08 00:38:16 | 000,032,640 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2012-11-08 00:38:14 | 000,497,952 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys
[2012-11-08 00:38:13 | 000,018,096 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmderd.sys
[2012-11-08 00:37:35 | 000,034,024 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cmdcsr.dll
[2012-11-08 00:37:34 | 000,301,264 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll
[2012-11-05 15:49:04 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2012-11-05 15:22:21 | 000,357,873 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\zmiana domena.pdf
[2012-10-30 15:03:19 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012-10-29 22:43:14 | 000,000,789 | ---- | M] () -- C:\WINDOWS\System\CmiCnfg.ini
[2012-10-29 07:21:54 | 000,555,118 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-10-29 07:21:54 | 000,493,054 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-10-29 07:21:54 | 000,104,274 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-10-29 07:21:54 | 000,083,598 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-10-28 22:34:52 | 012,365,782 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\routeros-mipsle-4.17.npk
[2012-10-23 19:51:11 | 000,170,889 | ---- | M] () -- C:\Documents and Settings\user\Pulpit\ftth.pdf
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-11-20 00:24:36 | 000,000,052 | ---- | C] () -- C:\Documents and Settings\user\defogger_reenable
[2012-11-19 18:34:30 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
[2012-11-19 17:35:54 | 000,000,898 | ---- | C] () -- C:\WINDOWS asks\Ad-Aware Antivirus Scheduled Scan.job
[2012-11-19 16:41:42 | 000,001,663 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\FileZilla Client.lnk
[2012-11-17 22:00:04 | 000,306,491 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\iptv.pdf
[2012-11-14 00:54:57 | 000,000,638 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\PYXIS.lnk
[2012-11-05 15:22:19 | 000,357,873 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\zmiana domena.pdf
[2012-10-30 15:03:18 | 000,001,520 | ---- | C] () -- C:\Documents and Settings\user\Menu Start\Programy\Autostart\The Dude.lnk
[2012-10-28 22:32:36 | 012,365,782 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\routeros-mipsle-4.17.npk
[2012-10-23 19:51:11 | 000,170,889 | ---- | C] () -- C:\Documents and Settings\user\Pulpit\ftth.pdf
[2012-10-12 20:21:56 | 000,001,171 | ---- | C] () -- C:\WINDOWS\bestplayer.ini
[2012-07-12 20:25:13 | 000,002,174 | ---- | C] () -- C:\Documents and Settings\user\.recently-used.xbel
[2012-07-10 13:16:41 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2012-03-09 19:37:09 | 000,000,052 | ---- | C] () -- C:\WINDOWS\SW_Win9423X24.DLL
[2012-03-09 19:37:01 | 001,220,608 | ---- | C] () -- C:\WINDOWS\System32\pdf2bmp.dll
[2012-03-09 19:37:00 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\DVM.dll
[2012-03-09 19:37:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\RegisterExe.exe
[2012-02-15 08:00:27 | 000,140,160 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat
[2011-11-23 15:02:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\KA.ini
[2011-10-21 12:38:55 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2011-09-18 10:25:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2011-09-17 22:34:42 | 000,996,433 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-448539723-1677128483-839522115-1003-0.dat
[2011-09-17 22:34:41 | 000,235,422 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2011-09-14 22:07:38 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft.SqlServer.Compact.351.32.bc
[2011-09-11 19:34:53 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\user\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-09-11 09:36:41 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\acdbres.dll
[2011-09-11 09:27:29 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2011-09-11 09:27:29 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[2011-09-11 09:12:07 | 000,302,080 | ---- | C] () -- C:\WINDOWS\unin0415.exe
[2011-09-02 13:02:10 | 000,011,232 | ---- | C] () -- C:\Documents and Settings\user\.avcln
[2011-09-01 20:26:48 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2011-09-01 06:36:33 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011-08-31 22:40:32 | 000,000,050 | ---- | C] () -- C:\WINDOWS\PdvrServer.INI
[2011-08-31 21:50:55 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011-08-31 21:34:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-08-31 21:27:51 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011-08-31 20:58:00 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2011-08-31 20:46:27 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.dll
[2011-08-31 20:46:27 | 000,001,191 | ---- | C] () -- C:\WINDOWS\System32\W32N55.INI
[2011-08-31 20:46:27 | 000,000,480 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.ini
[2011-08-31 20:42:36 | 000,233,472 | R--- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2011-08-31 20:42:36 | 000,028,672 | R--- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2011-08-31 20:42:28 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2011-08-31 20:42:28 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2011-08-31 20:42:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2011-08-31 20:42:18 | 000,266,240 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe
[2011-08-31 20:42:18 | 000,225,280 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe
[2011-08-31 20:42:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2011-09-06 07:40:57 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010-04-16 16:37:03 | 001,506,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 11:22:07 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2007-10-29 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2012-11-19 17:31:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ad-Aware Browsing Protection
[2012-11-19 16:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Anvisoft
[2011-09-18 07:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2012-08-26 08:14:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ask
[2011-10-08 18:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk
[2011-11-27 17:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Barbie Fashion Show
[2012-11-19 17:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\blekko toolbars
[2011-08-31 21:57:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2012-09-18 12:04:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG
[2012-11-08 08:07:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LogMeIn
[2011-09-17 08:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nitro PDF
[2011-09-18 07:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\page
[2011-08-31 20:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ralink Driver
[2012-11-19 17:31:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Ad-Aware Antivirus
[2011-09-17 08:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\facemoods.com
[2012-11-19 19:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Ad-Aware Antivirus
[2012-11-19 17:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\adawaretb
[2012-11-17 21:22:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Afut
[2012-11-19 17:03:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Anvisoft
[2012-01-12 21:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Artisteer
[2011-09-18 07:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Ashampoo
[2011-10-08 17:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Autodesk
[2012-10-12 20:23:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\BESTplayer
[2011-09-09 19:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\CGIS
[2011-09-17 08:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Downloaded Installations
[2011-09-09 20:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\facemoods.com
[2012-11-19 18:59:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\FileHunter
[2012-11-19 22:52:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\FileZilla
[2012-01-23 19:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Gadu-Gadu 10
[2012-11-20 00:30:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\GG
[2011-08-31 22:53:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\GHISLER
[2012-07-12 20:24:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\gtk-2.0
[2011-08-31 21:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Mikrotik
[2011-09-17 08:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Nitro PDF
[2012-05-04 23:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\pdfforge
[2011-09-13 13:28:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\PTP LINKPlanner
[2012-11-17 21:22:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Qeyzep
[2012-11-19 19:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Roiz
[2011-09-20 17:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Rovio
[2011-09-11 09:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Thinstall
[2011-08-31 20:51:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Thunderbird
[2012-04-24 15:57:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Dane aplikacji\Unity

[color=#E56717]========== Purity Check ==========[/color]

< End of report >

Na forum mamy zasady - nie podpinamy się pod cudze tematy i nie prowadzimy wykopalisk. - MD

Udostępnij ten post


Link to postu
Udostępnij na innych stronach

Bądź aktywny! Zaloguj się lub utwórz konto

Tylko zarejestrowani użytkownicy mogą komentować zawartość tej strony

Utwórz konto

Zarejestruj nowe konto, to proste!

Zarejestruj nowe konto

Zaloguj się

Posiadasz własne konto? Użyj go!

Zaloguj się
Zaloguj się, aby obserwować  

  • Kto przegląda   0 użytkowników

    Brak zalogowanych użytkowników przeglądających tę stronę.

×