OTL logfile created on: 2013-01-10 13:23:45 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Administrator\Pulpit
Windows Server 2003 Standard Edition Dodatek Service Pack 2 (Version = 5.2.3790) - Type = NTDomainController
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,00 Gb Total Physical Memory | 0,20 Gb Available Physical Memory | 6,76% Memory free
4,85 Gb Paging File | 2,15 Gb Available in Paging File | 44,31% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 68,36 Gb Total Space | 1,27 Gb Free Space | 1,86% Space Free | Partition Type: NTFS
Drive D: | 68,36 Gb Total Space | 6,78 Gb Free Space | 9,92% Space Free | Partition Type: NTFS
Drive F: | 232,62 Gb Total Space | 58,53 Gb Free Space | 25,16% Space Free | Partition Type: NTFS
Drive G: | 1862,75 Gb Total Space | 1371,10 Gb Free Space | 73,61% Space Free | Partition Type: NTFS
Drive H: | 1862,75 Gb Total Space | 1662,47 Gb Free Space | 89,25% Space Free | Partition Type: NTFS
 
Computer Name: GDD92MBTC-SERW | User Name: administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013-01-10 12:50:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
PRC - [2012-11-29 09:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-06-15 11:28:02 | 000,709,432 | ---- | M] (Comarch S.A.) -- C:\WINDOWS\system32\haspsrv.exe
PRC - [2012-06-15 11:28:02 | 000,103,224 | ---- | M] (Comarch S.A.) -- C:\WINDOWS\system32\HASPSrvN.exe
PRC - [2012-01-30 21:12:04 | 000,458,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dns.exe
PRC - [2011-08-10 14:09:07 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wins.exe
PRC - [2011-01-27 17:12:32 | 002,258,296 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010-10-22 20:07:00 | 000,147,984 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
PRC - [2010-10-22 20:07:00 | 000,124,224 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
PRC - [2010-10-22 20:07:00 | 000,069,192 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2010-10-22 20:07:00 | 000,066,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
PRC - [2010-10-22 20:07:00 | 000,027,960 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
PRC - [2010-10-22 20:07:00 | 000,022,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
PRC - [2010-09-30 14:26:02 | 000,054,728 | ---- | M] (APC) -- C:\Program Files\APC\PowerChute Business Edition\server\pbeserver.exe
PRC - [2010-09-30 14:24:38 | 000,034,168 | ---- | M] (APC) -- C:\Program Files\APC\PowerChute Business Edition\agent\pbeagent.exe
PRC - [2010-04-03 19:56:07 | 042,884,448 | ---- | M] (Microsoft Corporation) -- D:\Microsoft SQL Server\MSSQL10_50.CDN\MSSQL\Binn\sqlservr.exe
PRC - [2010-04-03 19:56:07 | 000,367,456 | ---- | M] (Microsoft Corporation) -- D:\Microsoft SQL Server\MSSQL10_50.CDN\MSSQL\Binn\SQLAGENT.EXE
PRC - [2010-04-03 10:56:18 | 025,768,800 | ---- | M] (Microsoft Corporation) -- D:\Microsoft SQL Server\MSAS10_50.CDN\OLAP\bin\msmdsrv.exe
PRC - [2010-04-03 10:56:16 | 000,066,400 | ---- | M] (Microsoft Corporation) -- D:\Microsoft SQL Server\MSSQL10_50.CDN\MSSQL\Binn\fdhost.exe
PRC - [2010-04-03 10:56:16 | 000,028,512 | ---- | M] (Microsoft Corporation) -- D:\Microsoft SQL Server\MSSQL10_50.CDN\MSSQL\Binn\fdlauncher.exe
PRC - [2010-04-03 10:56:14 | 001,177,952 | ---- | M] (Microsoft Corporation) -- D:\Microsoft SQL Server\MSRS10_50.CDN\Reporting Services\ReportServer\bin\ReportingServicesService.exe
PRC - [2009-08-25 16:00:00 | 000,226,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
PRC - [2009-08-25 16:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe
PRC - [2007-11-30 13:59:25 | 000,061,440 | ---- | M] (Alexandria Software Consulting) -- C:\Program Files\Infortrend Inc\RAID GUI Tools\bin\JavaService.exe
PRC - [2007-02-17 19:13:52 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\logon.scr
PRC - [2007-02-17 19:12:48 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rdpclip.exe
PRC - [2007-02-17 19:12:41 | 000,792,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntfrs.exe
PRC - [2007-02-17 19:11:57 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ismserv.exe
PRC - [2007-02-17 19:11:45 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-02-17 19:11:31 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dfssvc.exe
PRC - [2005-05-26 09:26:38 | 000,131,072 | ---- | M] (Computer Associates) -- C:\Program Files\CA\SharedComponents\BrightStor\CADS\casdscsvc.exe
PRC - [2005-05-26 09:24:04 | 000,126,976 | ---- | M] (Computer Associates) -- C:\Program Files\CA\BrightStor ARCserve Backup\CASMRTBK.EXE
PRC - [2005-05-26 07:09:12 | 000,024,576 | ---- | M] (Computer Associates) -- C:\Program Files\CA\BrightStor ARCserve Backup\tapeeng.exe
PRC - [2005-05-26 06:42:20 | 000,127,051 | ---- | M] (Computer Associates) -- C:\Program Files\CA\BrightStor ARCserve Backup\caserved.exe
PRC - [2005-05-26 06:42:18 | 000,114,688 | ---- | M] (Computer Associates) -- C:\Program Files\CA\BrightStor ARCserve Backup\cadiscovd.exe
PRC - [2005-05-26 06:42:16 | 000,069,695 | ---- | M] (Computer Associates) -- C:\Program Files\CA\BrightStor ARCserve Backup\jobeng.exe
PRC - [2005-05-26 06:42:14 | 000,041,023 | ---- | M] (Computer Associates) -- C:\Program Files\CA\BrightStor ARCserve Backup\msgeng.exe
PRC - [2005-05-26 06:42:14 | 000,028,672 | ---- | M] (Computer Associates) -- C:\Program Files\CA\BrightStor ARCserve Backup\DBENG.exe
PRC - [2005-05-26 06:42:08 | 000,049,152 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\ASAlert.exe
PRC - [2005-05-26 06:41:22 | 000,127,052 | ---- | M] (Computer Associates) -- C:\Program Files\CA\BrightStor ARCserve Backup\caauthd.exe
PRC - [2005-05-26 06:41:20 | 000,286,720 | ---- | M] (Computer Associates) -- C:\Program Files\CA\BrightStor ARCserve Backup\caloggerd.exe
PRC - [2005-05-26 06:41:18 | 000,098,304 | ---- | M] (Computer Associates) -- C:\Program Files\CA\BrightStor ARCserve Backup\Mediasvr.exe
PRC - [2005-05-26 06:41:16 | 000,020,480 | ---- | M] (Computer Associates) -- C:\Program Files\CA\BrightStor ARCserve Backup\LDBserver.exe
PRC - [2005-05-26 06:41:10 | 000,016,384 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\LQserver.exe
PRC - [2005-05-26 05:41:36 | 000,024,576 | ---- | M] (Computer Associates) -- C:\Program Files\CA\BrightStor ARCserve Backup\Catirpc.exe
PRC - [2005-05-25 22:22:08 | 000,020,480 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\rds.exe
PRC - [2005-05-10 18:46:14 | 000,204,884 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\SharedComponents\Alert\alert.exe
PRC - [2005-02-23 15:56:12 | 000,053,248 | ---- | M] (Computer Associates) -- C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
PRC - [2004-12-20 16:24:14 | 000,036,864 | ---- | M] (Computer Associates International, Inc. ) -- C:\Program Files\CA\BrightStor ARCserve Backup for Laptops & Desktops\Server\RwSrvc.exe
PRC - [2004-12-20 16:24:12 | 000,024,576 | ---- | M] (Computer Associates International, Inc. ) -- C:\Program Files\CA\BrightStor ARCserve Backup for Laptops & Desktops\Server\LGServer.exe
PRC - [2002-12-04 11:52:36 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013-01-10 03:37:04 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013-01-10 03:36:52 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2013-01-10 03:35:21 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2013-01-10 03:35:20 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2013-01-10 03:35:19 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2013-01-10 03:35:17 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2013-01-10 03:35:04 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
MOD - [2013-01-10 03:35:02 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MOD - [2013-01-10 03:34:57 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2013-01-10 03:34:45 | 005,246,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2012-11-29 09:26:21 | 002,397,152 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-01-16 17:51:25 | 000,208,896 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_pl_b77a5c561934e089\System.resources.dll
MOD - [2012-01-16 17:51:20 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_pl_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2012-01-16 17:51:17 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011-07-07 11:41:02 | 000,182,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\Microsoft.SqlServer.DTSRuntimeWrap\10.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.DTSRuntimeWrap.dll
MOD - [2011-06-06 12:55:36 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL
MOD - [2010-10-22 20:07:00 | 000,148,800 | ---- | M] () -- C:\Program Files\McAfee\VirusScan Enterprise\VsEvntUI.DLL
MOD - [2009-08-25 16:00:00 | 000,057,344 | ---- | M] () -- C:\Program Files\McAfee\Common Framework\boost_thread-vc71-mt-1_32.dll
MOD - [2007-11-30 13:59:20 | 000,208,949 | ---- | M] () -- C:\Program Files\Infortrend Inc\RAID GUI Tools\bin\IFTHBAAPI.dll
MOD - [2007-11-30 13:59:20 | 000,049,152 | ---- | M] () -- C:\Program Files\Infortrend Inc\RAID GUI Tools\bin\IFTNRC.dll
MOD - [2007-11-30 13:59:20 | 000,049,152 | ---- | M] () -- C:\Program Files\Infortrend Inc\RAID GUI Tools\bin\HBAAPI.dll
MOD - [2007-10-20 13:42:42 | 000,110,592 | ---- | M] () -- C:\WINDOWS\system32\HASPXPx32.dll
MOD - [2006-05-14 05:23:40 | 000,138,752 | ---- | M] () -- C:\Program Files\7-Zip\7-zip.dll
MOD - [2005-08-22 16:38:16 | 003,264,512 | ---- | M] () -- C:\Program Files\McAfee\Common Framework\cryptocme2.dll
MOD - [2005-05-26 07:09:20 | 000,225,354 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\MUXDEV.dll
MOD - [2005-05-26 06:42:08 | 000,049,152 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\ASAlert.exe
MOD - [2005-05-26 06:41:10 | 000,016,384 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\LQserver.exe
MOD - [2005-05-25 23:34:34 | 000,135,248 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\MUXTAPE.dll
MOD - [2005-05-25 22:22:08 | 000,556,664 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\_sql32.dll
MOD - [2005-05-25 22:22:08 | 000,352,012 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\_rdm32.dll
MOD - [2005-05-25 22:22:08 | 000,134,144 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\Crdbc32.dll
MOD - [2005-05-25 22:22:08 | 000,083,456 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\_adm32.dll
MOD - [2005-05-25 22:22:08 | 000,062,464 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\_rm32.dll
MOD - [2005-05-25 22:22:08 | 000,061,791 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\Crdm32.dll
MOD - [2005-05-25 22:22:08 | 000,039,424 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\_rpc32.dll
MOD - [2005-05-25 22:22:08 | 000,036,864 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\Crpc32.dll
MOD - [2005-05-25 22:22:08 | 000,035,840 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\Cadm32.dll
MOD - [2005-05-25 22:22:08 | 000,034,304 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\_ncp32.dll
MOD - [2005-05-25 22:22:08 | 000,033,792 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\Cncp32.dll
MOD - [2005-05-25 22:22:08 | 000,033,792 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\_eadm32.dll
MOD - [2005-05-25 22:22:08 | 000,028,672 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\pthread.dll
MOD - [2005-05-25 22:22:08 | 000,025,600 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\_erdm32.dll
MOD - [2005-05-25 22:22:08 | 000,020,480 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\rds.exe
MOD - [2005-05-25 22:22:08 | 000,018,432 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\Crm32.dll
MOD - [2005-05-25 22:22:08 | 000,016,896 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\_dict32.dll
MOD - [2005-05-25 22:22:08 | 000,016,384 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\_sched32.dll
MOD - [2005-05-25 22:22:08 | 000,011,776 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\_exif32.dll
MOD - [2005-05-25 22:22:08 | 000,006,656 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\_smem32.dll
MOD - [2005-05-25 22:22:08 | 000,005,120 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\_enc32.dll
MOD - [2005-05-25 22:22:08 | 000,004,608 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\Cenc32.dll
MOD - [2005-05-25 22:22:08 | 000,003,584 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\_cmp32.dll
MOD - [2005-05-25 22:21:34 | 000,397,312 | ---- | M] () -- C:\Program Files\CA\BrightStor ARCserve Backup\ca70mt.dll
MOD - [2005-03-25 13:00:00 | 000,016,896 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2005-01-05 17:13:24 | 000,027,648 | ---- | M] () -- C:\Program Files\APC\PowerChute Business Edition\agent\lib\win32\win32com.dll
MOD - [2004-06-03 21:15:30 | 000,057,455 | ---- | M] () -- C:\Program Files\Java\j2re1.4.2_05\bin\net.dll
MOD - [2004-06-03 21:09:32 | 000,053,364 | ---- | M] () -- C:\Program Files\Java\j2re1.4.2_05\bin\zip.dll
MOD - [2004-06-03 21:08:42 | 000,102,515 | ---- | M] () -- C:\Program Files\Java\j2re1.4.2_05\bin\java.dll
MOD - [2004-06-03 21:05:30 | 000,057,453 | ---- | M] () -- C:\Program Files\Java\j2re1.4.2_05\bin\verify.dll
MOD - [2004-06-03 21:05:04 | 000,028,791 | ---- | M] () -- C:\Program Files\Java\j2re1.4.2_05\bin\hpi.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - File not found [Disabled | Stopped] --  -- (UPS)
SRV - [2012-06-15 11:28:02 | 000,709,432 | ---- | M] (Comarch S.A.) [Auto | Running] -- C:\WINDOWS\system32\haspsrv.exe -- (HASPSrv)
SRV - [2012-01-30 21:12:04 | 000,458,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dns.exe -- (DNS)
SRV - [2011-08-10 14:09:07 | 000,158,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wins.exe -- (WINS)
SRV - [2011-01-27 17:12:32 | 002,258,296 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010-10-22 20:07:00 | 000,147,984 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe -- (McShield)
SRV - [2010-10-22 20:07:00 | 000,069,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2010-10-22 20:07:00 | 000,066,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager)
SRV - [2010-10-22 20:07:00 | 000,022,816 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe -- (McAfeeEngineService)
SRV - [2010-09-30 14:26:02 | 000,054,728 | ---- | M] (APC) [Auto | Running] -- C:\Program Files\APC\PowerChute Business Edition\server\pbeserver.exe -- (APCPBEServer)
SRV - [2010-09-30 14:24:38 | 000,034,168 | ---- | M] (APC) [Auto | Running] -- C:\Program Files\APC\PowerChute Business Edition\agent\pbeagent.exe -- (APCPBEAgent)
SRV - [2010-04-03 19:56:07 | 042,884,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Microsoft SQL Server\MSSQL10_50.CDN\MSSQL\Binn\sqlservr.exe -- (MSSQL$CDN)
SRV - [2010-04-03 19:56:07 | 000,367,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Microsoft SQL Server\MSSQL10_50.CDN\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$CDN)
SRV - [2010-04-03 10:56:18 | 025,768,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Microsoft SQL Server\MSAS10_50.CDN\OLAP\bin\msmdsrv.exe -- (MSOLAP$CDN)
SRV - [2010-04-03 10:56:16 | 000,028,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- D:\Microsoft SQL Server\MSSQL10_50.CDN\MSSQL\Binn\fdlauncher.exe -- (MSSQLFDLauncher$CDN)
SRV - [2010-04-03 10:56:14 | 001,177,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Microsoft SQL Server\MSRS10_50.CDN\Reporting Services\ReportServer\bin\ReportingServicesService.exe -- (ReportServer$CDN)
SRV - [2009-08-25 16:00:00 | 000,103,744 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2008-07-29 12:10:46 | 003,201,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon90)
SRV - [2007-11-30 13:59:25 | 000,061,440 | ---- | M] (Alexandria Software Consulting) [Auto | Running] -- C:\Program Files\Infortrend Inc\RAID GUI Tools\bin\JavaService.exe -- (Root-Agent)
SRV - [2007-11-30 13:59:25 | 000,061,440 | ---- | M] (Alexandria Software Consulting) [Auto | Running] -- C:\Program Files\Infortrend Inc\RAID GUI Tools\bin\JavaService.exe -- (RAID-Agent)
SRV - [2007-02-17 19:13:21 | 000,071,168 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tssdis.exe -- (Tssdis)
SRV - [2007-02-17 19:12:54 | 000,067,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsopprov.exe -- (RSoPProv)
SRV - [2007-02-17 19:12:41 | 000,792,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ntfrs.exe -- (NtFrs)
SRV - [2007-02-17 19:11:58 | 000,094,720 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\llssrv.exe -- (LicenseService)
SRV - [2007-02-17 19:11:57 | 000,040,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ismserv.exe -- (IsmServ)
SRV - [2007-02-17 19:11:31 | 000,164,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dfssvc.exe -- (Dfs)
SRV - [2007-02-05 06:57:24 | 000,106,496 | ---- | M] (CA, Inc.) [Auto | Stopped] -- C:\Program Files\CA\SharedComponents\iTechnology\igateway.exe -- (iGateway)
SRV - [2005-05-26 09:26:38 | 000,131,072 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\SharedComponents\BrightStor\CADS\casdscsvc.exe -- (CASDiscoverySvc)
SRV - [2005-05-26 07:09:12 | 000,024,576 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\BrightStor ARCserve Backup\tapeeng.exe -- (CASTapeEngine)
SRV - [2005-05-26 06:42:20 | 000,127,051 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\BrightStor ARCserve Backup\caserved.exe -- (CASSvcControlSvr)
SRV - [2005-05-26 06:42:18 | 000,114,688 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\BrightStor ARCserve Backup\cadiscovd.exe -- (CASUnivDomainSvr)
SRV - [2005-05-26 06:42:16 | 000,069,695 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\BrightStor ARCserve Backup\jobeng.exe -- (CASJobEngine)
SRV - [2005-05-26 06:42:14 | 000,041,023 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\BrightStor ARCserve Backup\msgeng.exe -- (CASMsgEngine)
SRV - [2005-05-26 06:42:14 | 000,028,672 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\BrightStor ARCserve Backup\DBENG.exe -- (CASDBEngine)
SRV - [2005-05-26 05:41:36 | 000,024,576 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\BrightStor ARCserve Backup\Catirpc.exe -- (CATIRPC)
SRV - [2005-05-10 18:46:14 | 000,204,884 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\SharedComponents\Alert\alert.exe -- (Alert Notification Server)
SRV - [2005-03-25 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\trksvr.dll -- (TrkSvr)
SRV - [2005-03-25 13:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sacsvr.dll -- (sacsvr)
SRV - [2005-03-23 14:17:00 | 000,126,976 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\CA\SharedComponents\CA_LIC\\lic98rmt.exe -- (CA_LIC_CLNT)
SRV - [2005-02-23 15:56:12 | 000,053,248 | ---- | M] (Computer Associates) [Auto | Running] -- C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe -- (LogWatch)
SRV - [2004-12-20 16:24:14 | 000,036,864 | ---- | M] (Computer Associates International, Inc. ) [Auto | Running] -- C:\Program Files\CA\BrightStor ARCserve Backup for Laptops & Desktops\Server\RwSrvc.exe -- (Mobile Backup Service)
SRV - [2004-08-20 04:05:46 | 000,049,152 | ---- | M] (IBM Corporation) [Auto | Stopped] -- C:\Program Files\IBM\ServeRAID Manager\RaidServ.exe -- (ServeRAIDManagerAgent)
SRV - [2002-12-04 11:52:36 | 000,069,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe -- (MSSEARCH)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Adapter | On_Demand | Unknown] --  -- (LicenseInfo)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2010-12-07 13:22:22 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2010-10-22 20:07:00 | 000,344,712 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010-10-22 20:07:00 | 000,091,896 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010-10-22 20:07:00 | 000,076,024 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010-10-22 20:07:00 | 000,066,536 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010-10-22 20:07:00 | 000,064,208 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2010-10-22 20:07:00 | 000,043,192 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010-04-03 10:02:54 | 000,240,608 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0150.sys -- (RsFx0150)
DRV - [2009-02-08 12:12:50 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2007-02-17 17:54:31 | 000,074,240 | ---- | M] (Microsoft Corporation) [Kernel | Unavailable | Unknown] -- C:\WINDOWS\System32\drivers\sacdrv.sys -- (sacdrv)
DRV - [2007-02-17 17:49:15 | 000,179,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wlbs.sys -- (WLBS)
DRV - [2007-02-17 08:15:00 | 000,049,664 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\symmpi.sys -- (symmpi)
DRV - [2007-02-17 07:08:12 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ltotape.sys -- (ltotape)
DRV - [2007-02-17 07:02:56 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\clusdisk.sys -- (ClusDisk)
DRV - [2007-02-17 06:51:18 | 000,034,816 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\dfs.sys -- (DfsDriver)
DRV - [2007-01-20 14:22:08 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2006-11-22 09:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2006-11-22 09:01:48 | 000,100,096 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aksusb.sys -- (aksusb)
DRV - [2006-11-22 09:01:46 | 000,327,168 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\akshasp.sys -- (akshasp)
DRV - [2006-03-06 02:16:36 | 000,010,240 | ---- | M] (Quantum Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qdatwin.sys -- (qdatwin)
DRV - [2004-06-19 21:30:28 | 000,190,336 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004-06-10 04:45:14 | 000,092,475 | R--- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aacmgt.sys -- (AACMgt)
DRV - [2003-06-12 01:01:00 | 000,008,960 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ibmdat5.sys -- (ibmdat5)
DRV - [2003-05-12 16:49:56 | 000,450,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = res://shdoclc.dll/hardAdmin.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = res://shdoclc.dll/hardAdmin.htm
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = res://shdoclc.dll/hardAdmin.htm
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = res://shdoclc.dll/hardAdmin.htm
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1378407900-2885270459-749296445-1147\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
IE - HKU\S-1-5-21-1378407900-2885270459-749296445-1147\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = res://shdoclc.dll/hardAdmin.htm
IE - HKU\S-1-5-21-1378407900-2885270459-749296445-1147\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1378407900-2885270459-749296445-1147\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1378407900-2885270459-749296445-1147\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1378407900-2885270459-749296445-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
IE - HKU\S-1-5-21-1378407900-2885270459-749296445-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-1378407900-2885270459-749296445-500\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1378407900-2885270459-749296445-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1378407900-2885270459-749296445-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-12-10 21:03:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012-12-10 21:04:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions
[2012-12-10 21:03:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-11-29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-11-29 11:00:09 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-11-29 11:00:09 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-11-29 11:00:09 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-11-29 11:00:09 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-11-29 11:00:09 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-11-29 11:00:09 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2005-03-25 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [bacstray] C:\Program Files\Broadcom\BACS\\BacsTray.exe ()
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Monitor Serwisu klucza HASP] C:\WINDOWS\system32\HASPSrvN.exe (Comarch S.A.)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\4contact\Menu Start\Programy\Autostart\OpenOffice.org 2.2.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ShowSuperHidden = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1378407900-2885270459-749296445-1147\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1378407900-2885270459-749296445-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1169299457402 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.4.2/jinstall-1_4_2_05-windows-i586.cab (Java Plug-in 1.4.2_05)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = emsur.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F8BA67A-0036-4182-8B7D-4DA9B1A24A68}: NameServer = 192.168.10.2,192.168.10.10
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (pwdssp.dll) - C:\WINDOWS\System32\pwdssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-01-20 14:04:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013-01-10 12:50:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
[2013-01-10 12:50:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie
[2013-01-10 03:06:59 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-12-21 06:29:01 | 000,287,232 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2012-12-21 06:29:01 | 000,287,232 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2012-12-13 10:13:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Comarch ERP Optima
[2012-12-13 10:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\Comarch OPT!MA
[2012-12-13 10:13:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{3010269D-6079-4CA4-A2EB-1A8869CCAB00}
[2012-12-13 09:54:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\{989111E9-B9C6-469B-8C78-036F2CAB55AD}
[2012-12-12 03:19:56 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\volsnap.sys
[2012-12-12 03:19:54 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2012-12-12 03:19:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2012-12-12 03:19:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2012-12-12 03:19:52 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2012-12-12 03:19:52 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2012-12-12 03:19:52 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2012-12-12 03:19:50 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2012-12-12 03:19:50 | 000,916,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013-01-10 12:50:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe
[2013-01-10 09:18:39 | 000,002,717 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2013-01-10 07:00:00 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\Place.job
[2013-01-10 03:48:20 | 000,809,482 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2013-01-10 03:48:20 | 000,716,410 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013-01-10 03:48:20 | 000,198,410 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2013-01-10 03:48:20 | 000,162,780 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013-01-10 03:44:21 | 000,065,536 | ---- | M] () -- C:\WINDOWS\NETLOGON.CHG
[2013-01-10 03:43:40 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-01-10 03:41:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-01-03 12:45:11 | 000,002,553 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Menedżer.lnk
[2013-01-02 12:33:59 | 000,000,461 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012-12-29 10:57:31 | 000,005,572 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\BrightStorMgr.dat
[2012-12-22 03:06:12 | 000,106,216 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-12-22 03:00:42 | 000,003,470 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012-12-16 13:24:37 | 000,287,232 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2012-12-16 13:24:37 | 000,287,232 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2012-12-13 10:16:22 | 000,000,810 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Comarch ERP Optima.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-12-13 10:16:22 | 000,000,810 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Comarch ERP Optima.lnk
[2012-08-02 10:15:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-06-12 08:48:04 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\APCSnmp.dll
[2012-05-18 07:19:15 | 000,004,855 | ---- | C] () -- C:\WINDOWS\System32\dhcpctrs.ini
[2012-02-21 08:56:36 | 000,000,623 | R--- | C] () -- C:\WINDOWS\System32\hppapr10.dat
[2007-11-30 12:42:00 | 000,000,094 | ---- | C] () -- C:\Documents and Settings\Administrator\.java.policy
[2007-11-30 12:42:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\.keystore
[2007-05-23 10:26:52 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2007-01-21 01:36:29 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
[2007-01-20 15:42:26 | 000,005,572 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\BrightStorMgr.dat
[2007-01-20 14:59:27 | 000,002,412 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2007-01-20 14:02:13 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011-11-07 09:08:49 | 001,519,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 12:05:52 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2007-02-17 19:10:32 | 000,278,016 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012-06-12 08:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\APC
[2012-07-10 11:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Overlook
[2012-01-17 12:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Windows Desktop Search
[2012-02-21 10:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Windows Search
[2011-07-19 21:04:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\WoLEX
[2012-06-25 10:40:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\XLControlling
[2012-07-10 11:38:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Overlook
[2012-12-13 10:13:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{3010269D-6079-4CA4-A2EB-1A8869CCAB00}
[2012-09-27 11:44:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{95660EAB-D37E-4975-8CED-A6105BAD3CBF}
[2012-12-13 10:16:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{989111E9-B9C6-469B-8C78-036F2CAB55AD}
[2012-03-15 08:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lukaszeka\Dane aplikacji\APC
[2012-02-03 15:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\lukaszeka\Dane aplikacji\Windows Desktop Search
[2012-01-16 18:54:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\t2s\Dane aplikacji\Comarch
[2012-12-13 10:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\t2s\Dane aplikacji\Comarch OPT!MA
[2012-09-17 15:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\t2s\Dane aplikacji\FileZilla
[2011-07-07 11:14:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\t2s\Dane aplikacji\TeamViewer
[2012-01-16 17:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\t2s\Dane aplikacji\Windows Desktop Search
[2012-09-14 11:27:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\t2s\Dane aplikacji\Windows Search
[2012-06-13 08:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\t2s\Dane aplikacji\XLControlling
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >