OTL logfile created on: 2014-04-25 11:15:48 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Administrator\Pulpit
Windows Server 2003 Standard Edition Dodatek Service Pack 2 (Version = 5.2.3790) - Type = NTDomainController
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,00 Gb Total Physical Memory | 0,65 Gb Available Physical Memory | 21,60% Memory free
4,85 Gb Paging File | 2,10 Gb Available in Paging File | 43,21% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 292,97 Gb Total Space | 199,17 Gb Free Space | 67,98% Space Free | Partition Type: NTFS
Drive D: | 29,30 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: NTFS
Drive G: | 1,90 Gb Total Space | 1,75 Gb Free Space | 91,91% Space Free | Partition Type: FAT32
Drive I: | 29,30 Gb Total Space | 24,33 Gb Free Space | 83,02% Space Free | Partition Type: NTFS
Drive J: | 288,09 Gb Total Space | 287,85 Gb Free Space | 99,91% Space Free | Partition Type: NTFS
Drive K: | 613,98 Gb Total Space | 299,57 Gb Free Space | 48,79% Space Free | Partition Type: NTFS
Drive L: | 609,11 Gb Total Space | 566,18 Gb Free Space | 92,95% Space Free | Partition Type: NTFS
Drive T: | 5,45 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: SERWER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014-04-25 11:14:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
PRC - [2014-04-14 20:08:53 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013-09-05 19:45:58 | 004,666,688 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Remote Administrator\Server\era.exe
PRC - [2013-09-05 19:45:00 | 000,098,584 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Remote Administrator\Server\EHttpSrv.exe
PRC - [2013-06-07 13:08:38 | 000,307,200 | ---- | M] (Oki Data Corporation) -- C:\Program Files\Okidata\Print Job Accounting\oklogsvc.exe
PRC - [2013-05-31 16:02:16 | 000,099,328 | ---- | M] () -- C:\Program Files\Brother\BRAdmin Professional 3\bratimer.exe
PRC - [2013-05-21 01:56:40 | 000,141,312 | ---- | M] (Oki Data Corporation) -- C:\Program Files\Okidata\Print Job Accounting\opja0004.exe
PRC - [2013-04-18 13:56:24 | 000,946,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET File Security\ekrn.exe
PRC - [2013-04-18 13:56:10 | 002,169,784 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET File Security\egui.exe
PRC - [2012-05-18 14:24:52 | 000,024,464 | ---- | M] (Apache Software Foundation) -- C:\Program Files\VisualSVN Server\bin\VisualSVNServer.exe
PRC - [2012-03-28 23:50:10 | 000,147,456 | ---- | M] (Oki Data Corporation) -- C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe
PRC - [2012-01-30 22:12:04 | 000,458,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dns.exe
PRC - [2011-08-10 15:09:07 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wins.exe
PRC - [2011-06-29 10:51:24 | 000,112,800 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\IPROSetMonitor.exe
PRC - [2010-09-01 20:50:34 | 000,049,152 | ---- | M] (Oki Data Corporation) -- C:\Program Files\Okidata\Print Job Accounting\okwchsvc.exe
PRC - [2010-08-24 10:29:18 | 000,206,240 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009-12-20 00:00:00 | 006,095,504 | ---- | M] (MySQL AB) -- C:\xampp\mysql\bin\mysqld.exe
PRC - [2009-12-20 00:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\httpd.exe
PRC - [2009-11-17 11:45:24 | 000,036,640 | ---- | M] (Pervasive Software Inc.) -- C:\Program Files\Pervasive Software\PSQL\bin\w3sqlmgr.exe
PRC - [2009-11-17 11:25:14 | 000,111,904 | ---- | M] (Pervasive Software Inc.) -- C:\Program Files\Pervasive Software\PSQL\bin\ntbtrv.exe
PRC - [2009-11-17 11:24:56 | 000,111,904 | ---- | M] (Pervasive Software Inc.) -- C:\Program Files\Pervasive Software\PSQL\bin\ntdbsmgr.exe
PRC - [2007-07-24 18:59:00 | 000,024,576 | ---- | M] (Oki Data Corporation) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\OPHJLDCS.EXE
PRC - [2007-02-18 00:24:50 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\llssrv.exe
PRC - [2007-02-17 09:07:16 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-02-17 08:58:38 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\logon.scr
PRC - [2007-02-17 08:53:50 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rdpclip.exe
PRC - [2007-02-17 08:51:24 | 000,792,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntfrs.exe
PRC - [2007-02-17 08:02:10 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ismserv.exe
PRC - [2007-02-17 08:00:54 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dfssvc.exe
PRC - [2005-12-12 16:03:54 | 000,417,855 | ---- | M] (American Power Conversion Corporation) -- C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
PRC - [2005-12-12 16:02:24 | 000,176,193 | ---- | M] (American Power Conversion Corporation) -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2014-03-24 13:21:24 | 000,220,672 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\96e5ea548f6fe270c1c6a5c470ec95e9\CustomMarshalers.ni.dll
MOD - [2014-03-24 13:12:58 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MsDtsSrvr\beefe4cdb5ceb3096a3f8a85731bb7c7\MsDtsSrvr.ni.exe
MOD - [2014-03-24 13:12:47 | 000,023,040 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\3b52ec338fac6e9493f5f9e626220f7e\Microsoft.SqlServer.DtsServer.Interop.ni.dll
MOD - [2014-03-24 12:56:43 | 002,052,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2014-03-24 12:56:39 | 000,069,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2014-03-24 12:51:14 | 000,139,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\4f800ca20b2ef7e39518b860feee1ebe\Microsoft.SqlServer.PipelineHost.ni.dll
MOD - [2014-03-24 12:51:11 | 000,041,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\4c267c43d8fb801505857f47eaf445ad\Microsoft.SqlServer.SqlTDiagM.ni.dll
MOD - [2014-03-24 12:50:56 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8cd995f00848816e3ec49dc326e3d49b\System.ServiceProcess.ni.dll
MOD - [2014-03-24 12:50:04 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll
MOD - [2014-03-24 12:49:55 | 000,419,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\b01c1de1ef9fe1a77f6497cf33c0cdee\Microsoft.SqlServer.DTSRuntimeWrap.ni.dll
MOD - [2014-03-24 12:47:03 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb722edf9e1e738\System.Xml.ni.dll
MOD - [2014-03-24 12:44:18 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll
MOD - [2014-03-24 12:44:06 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll
MOD - [2013-05-31 16:02:16 | 000,099,328 | ---- | M] () -- C:\Program Files\Brother\BRAdmin Professional 3\bratimer.exe
MOD - [2012-05-31 21:44:12 | 000,477,696 | ---- | M] () -- C:\Program Files\Okidata\Print Job Accounting\sqlite3.dll
MOD - [2012-05-31 21:36:16 | 000,157,696 | ---- | M] () -- C:\Program Files\Okidata\Print Job Accounting\snmp_pp.dll
MOD - [2011-10-31 15:11:15 | 000,182,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\Microsoft.SqlServer.DTSRuntimeWrap\10.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.DTSRuntimeWrap.dll
MOD - [2011-07-18 23:04:08 | 000,296,448 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_04.dll
MOD - [2003-12-05 14:00:00 | 000,016,896 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2003-12-03 06:02:28 | 000,212,992 | ---- | M] () -- C:\WINDOWS\system32\SamMonNT.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2014-04-14 20:08:53 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013-09-05 19:45:58 | 004,666,688 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Remote Administrator\Server\era.exe -- (ERA_SERVER)
SRV - [2013-09-05 19:45:00 | 000,098,584 | ---- | M] (ESET) [On_Demand | Running] -- C:\Program Files\ESET\ESET Remote Administrator\Server\EHttpSrv.exe -- (ERA_HTTP_SERVER)
SRV - [2013-06-07 13:08:38 | 000,307,200 | ---- | M] (Oki Data Corporation) [Auto | Running] -- C:\Program Files\Okidata\Print Job Accounting\oklogsvc.exe -- (OkiJaSvc)
SRV - [2013-05-31 16:02:16 | 000,099,328 | ---- | M] () [Auto | Running] -- C:\Program Files\Brother\BRAdmin Professional 3\bratimer.exe -- (BRA_Scheduler)
SRV - [2013-05-21 01:56:40 | 000,141,312 | ---- | M] (Oki Data Corporation) [Auto | Running] -- C:\Program Files\Okidata\Print Job Accounting\opja0004.exe -- (opja0004)
SRV - [2013-04-18 13:57:54 | 000,033,616 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET File Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2013-04-18 13:56:24 | 000,946,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET File Security\ekrn.exe -- (ekrn)
SRV - [2013-03-01 03:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2012-05-18 14:24:52 | 000,024,464 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\VisualSVN Server\bin\VisualSVNServer.exe -- (VisualSVNServer)
SRV - [2012-03-28 23:50:10 | 000,147,456 | ---- | M] (Oki Data Corporation) [Auto | Running] -- C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe -- (OpLclSrv)
SRV - [2012-01-30 22:12:04 | 000,458,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dns.exe -- (DNS)
SRV - [2011-10-23 22:07:34 | 000,630,784 | ---- | M] (FileZilla Project) [Auto | Stopped] -- C:\Program Files\FileZilla Server\FileZilla server.exe -- (FileZilla Server)
SRV - [2011-08-10 15:09:07 | 000,158,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wins.exe -- (WINS)
SRV - [2011-06-29 10:51:24 | 000,112,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\WINDOWS\system32\IPROSetMonitor.exe -- (Intel(R)
SRV - [2010-09-01 20:50:34 | 000,049,152 | ---- | M] (Oki Data Corporation) [Auto | Running] -- C:\Program Files\Okidata\Print Job Accounting\okwchsvc.exe -- (OkiWchSvc)
SRV - [2009-12-20 00:00:00 | 006,095,504 | ---- | M] (MySQL AB) [Auto | Running] -- C:\xampp\mysql\bin\mysqld.exe -- (MySQL)
SRV - [2009-12-20 00:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\xampp\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2009-11-17 11:45:24 | 000,036,640 | ---- | M] (Pervasive Software Inc.) [Auto | Running] -- C:\Program Files\Pervasive Software\PSQL\bin\w3sqlmgr.exe -- (Pervasive.SQL (relational)
SRV - [2009-11-17 11:25:14 | 000,111,904 | ---- | M] (Pervasive Software Inc.) [Auto | Running] -- C:\Program Files\Pervasive Software\PSQL\bin\ntbtrv.exe -- (Pervasive.SQL (transactional)
SRV - [2007-07-24 18:59:00 | 000,024,576 | ---- | M] (Oki Data Corporation) [Auto | Running] -- C:\WINDOWS\system32\spool\drivers\w32x86\3\OPHJLDCS.EXE -- (OKI OPHJ DCS Loader)
SRV - [2007-06-24 04:55:12 | 000,094,208 | ---- | M] (Adaptec Incorporated) [Auto | Stopped] -- C:\Program Files\Adaptec\Adaptec Storage Manager\StorServ.exe -- (AdaptecStorageManagerAgent)
SRV - [2007-02-18 00:24:50 | 000,094,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\llssrv.exe -- (LicenseService)
SRV - [2007-02-17 08:54:18 | 000,067,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsopprov.exe -- (RSoPProv)
SRV - [2007-02-17 08:51:24 | 000,792,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ntfrs.exe -- (NtFrs)
SRV - [2007-02-17 08:47:14 | 000,071,168 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tssdis.exe -- (Tssdis)
SRV - [2007-02-17 08:02:10 | 000,040,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ismserv.exe -- (IsmServ)
SRV - [2007-02-17 08:00:54 | 000,164,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dfssvc.exe -- (Dfs)
SRV - [2005-12-12 16:02:24 | 000,176,193 | ---- | M] (American Power Conversion Corporation) [Auto | Running] -- C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe -- (APC UPS Service)
SRV - [2003-12-05 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\trksvr.dll -- (TrkSvr)
SRV - [2003-12-05 14:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sacsvr.dll -- (sacsvr)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Adapter | On_Demand | Unknown] --  -- (LicenseInfo)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2013-03-01 03:48:42 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2013-01-29 15:06:34 | 000,115,560 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2013-01-29 15:06:34 | 000,095,960 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2013-01-29 15:06:32 | 000,142,328 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2011-10-20 12:55:53 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2011-09-09 11:08:02 | 000,332,888 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\aar81xx.sys -- (aar81xx)
DRV - [2011-08-19 01:46:06 | 000,026,112 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tapoas.sys -- (tapoas)
DRV - [2011-07-01 11:46:40 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2010-12-01 13:44:16 | 000,100,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2010-04-03 12:02:54 | 000,240,608 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0150.sys -- (RsFx0150)
DRV - [2007-02-17 11:02:46 | 000,343,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mpad.sys -- (ati2mpad)
DRV - [2007-02-17 10:05:24 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2007-02-17 08:54:32 | 000,074,240 | ---- | M] (Microsoft Corporation) [Kernel | Unavailable | Unknown] -- C:\WINDOWS\System32\drivers\sacdrv.sys -- (sacdrv)
DRV - [2007-02-17 08:49:16 | 000,179,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wlbs.sys -- (WLBS)
DRV - [2007-02-17 08:00:52 | 000,034,816 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\dfs.sys -- (DfsDriver)
DRV - [2007-02-17 08:00:28 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\ClusDisk.sys -- (ClusDisk)
DRV - [2004-05-17 08:04:16 | 000,041,984 | ---- | M] (DeviceGuys, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2000-07-24 01:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BRPAR.SYS -- (BrPar)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = res://shdoclc.dll/hardAdmin.htm
IE - HKCU\..\SearchScopes,DefaultScope = {F4A3C28E-039F-466A-B738-409B3CCDE648}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{F4A3C28E-039F-466A-B738-409B3CCDE648}: "URL" = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
 
[2014-04-01 09:15:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-12-27 19:53:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013-12-27 19:53:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
 
O1 HOSTS File: ([2011-10-18 14:56:35 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET File Security\egui.exe (ESET)
O4 - HKLM..\Run: [FileZilla Server Interface] C:\Program Files\FileZilla Server\FileZilla Server Interface.exe (FileZilla Project)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\APC UPS Status.lnk = C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe (American Power Conversion Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ShowSuperHidden = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1315724876810 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1315725026857 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Komot.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{532DD92E-A3E1-4CE7-8A0E-122370506FB2}: NameServer = 192.168.100.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O29 - HKLM SecurityProviders - (pwdssp.dll) - C:\WINDOWS\System32\pwdssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-09-11 08:52:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006-12-11 22:03:59 | 000,000,277 | R--- | M] () - T:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014-04-25 11:15:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
[2014-04-24 12:30:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Windows Support Tools
[2014-04-24 12:30:45 | 000,000,000 | ---D | C] -- C:\Program Files\Support Tools
[2014-04-24 10:48:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2014-04-24 10:47:59 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014-04-24 10:47:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner
[2014-04-24 10:25:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Oracle
[2014-04-24 10:24:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Java
[2014-04-23 11:07:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Doctor Web
[2014-04-17 09:15:35 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot
[2014-04-10 15:57:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Wireshark
[2014-04-10 15:49:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\WinPcap
[2014-04-10 15:49:35 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2014-04-10 15:46:47 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014-04-25 11:14:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
[2014-04-25 10:29:32 | 000,017,796 | ---- | M] () -- C:\WINDOWS\System32\OP5650.cah
[2014-04-25 06:00:03 | 000,000,246 | ---- | M] () -- C:\WINDOWS\tasks\KOPIA_D.job
[2014-04-24 10:48:50 | 000,039,040 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\cc_20140424_104847.reg
[2014-04-23 17:24:54 | 000,708,834 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2014-04-23 17:24:54 | 000,638,576 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014-04-23 17:24:54 | 000,156,978 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2014-04-23 17:24:54 | 000,130,800 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014-04-23 17:20:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014-04-23 17:20:02 | 3220,533,248 | -HS- | M] () -- C:\hiberfil.sys
[2014-04-23 11:03:25 | 147,131,440 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\tx6v279d.exe
[2014-04-22 13:36:50 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014-04-19 16:00:20 | 000,000,246 | ---- | M] () -- C:\WINDOWS\tasks\KOPIA_W.job
[2014-04-17 12:25:49 | 000,000,058 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2014-04-10 16:05:44 | 000,000,912 | ---- | M] () -- C:\Documents and Settings\Administrator\Moje dokumenty\udp.pcapng
[2014-04-10 15:49:36 | 000,000,065 | ---- | M] () -- C:\WINDOWS\System32\-1
[2014-04-08 08:05:04 | 000,130,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014-04-24 10:48:49 | 000,039,040 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\cc_20140424_104847.reg
[2014-04-23 11:07:06 | 147,131,440 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\tx6v279d.exe
[2014-04-17 12:25:47 | 000,000,058 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2014-04-10 16:05:44 | 000,000,912 | ---- | C] () -- C:\Documents and Settings\Administrator\Moje dokumenty\udp.pcapng
[2014-04-10 15:49:36 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\-1
[2014-04-10 15:46:56 | 000,001,497 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Wireshark.lnk
[2013-11-21 20:47:31 | 000,000,018 | ---- | C] () -- C:\WINDOWS\Winzip32.ini
[2013-10-15 12:46:15 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-03-01 03:47:36 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2011-09-11 12:04:51 | 000,002,412 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2011-09-11 08:48:23 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011-06-28 08:18:20 | 001,519,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 13:05:52 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2007-02-17 08:08:02 | 000,278,016 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013-05-27 19:52:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\FileZilla
[2011-10-31 23:57:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Foxit Software
[2014-04-24 11:15:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Notepad++
[2011-10-09 20:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\OpenOffice.org
[2014-04-24 10:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Oracle
[2011-11-17 16:32:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\SoftVig
[2011-10-26 17:42:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\TightVNC
[2014-04-10 16:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Wireshark
[2011-12-28 16:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canon IJ Network Tool
[2011-12-28 16:15:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ
[2013-12-16 15:26:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2011-09-11 13:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pervasive Software
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >