OTL logfile created on: 2012-11-12 16:29:19 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Helus\Downloads
 Professional  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1,99 Gb Total Physical Memory | 1,19 Gb Available Physical Memory | 59,88% Memory free
3,99 Gb Paging File | 3,17 Gb Available in Paging File | 79,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 30,79 Gb Total Space | 7,37 Gb Free Space | 23,94% Space Free | Partition Type: NTFS
Drive D: | 71,00 Gb Total Space | 19,14 Gb Free Space | 26,95% Space Free | Partition Type: NTFS
Drive F: | 4,22 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: HELUS-KOMPUTER | User Name: Helus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-11-12 15:36:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Helus\Downloads\OTL.exe
PRC - [2012-11-06 19:30:34 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
PRC - [2012-10-29 17:50:31 | 000,676,864 | ---- | M] (PTC) -- D:\Creo\PTC Portmapper\i486_nt\obj\portmap.exe
PRC - [2012-10-28 20:58:56 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-10-01 10:12:13 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012-10-01 10:12:11 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012-10-01 10:12:11 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-09-05 16:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2012-08-18 12:18:47 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011-02-26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011-02-02 13:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2010-12-08 01:28:06 | 000,579,384 | ---- | M] (Autodesk, Inc.) -- D:\CAD\Inventor 2012\Moldflow\bin\mitsijm.exe
PRC - [2010-01-14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009-11-10 12:09:50 | 000,414,000 | ---- | M] (MKS Software Inc.) -- C:\Windows\System32\nutsrv4.exe
PRC - [2009-09-26 01:44:56 | 000,036,864 | ---- | M] (Dassault Systemes) -- D:\CAtia\intel_a\code\bin\CATSysDemon.exe
PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2008-03-20 11:04:46 | 002,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-11-06 19:30:33 | 014,586,808 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_110.dll
MOD - [2012-10-28 20:58:56 | 002,295,264 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011-03-16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2008-03-20 10:17:48 | 000,106,496 | ---- | M] () -- C:\Program Files\Gadu-Gadu\libiax2.dll
MOD - [2008-03-20 10:17:44 | 000,061,440 | ---- | M] () -- C:\Program Files\Gadu-Gadu\libjb.dll
MOD - [2007-10-25 12:51:16 | 000,198,656 | ---- | M] () -- C:\Program Files\Gadu-Gadu\libcurl.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2012-11-06 19:30:34 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-11-04 21:18:38 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012-10-29 17:50:31 | 000,676,864 | ---- | M] () [Auto | Running] -- D:\Creo/PTC Portmapper/i486_nt/obj/portmap.exe -- (PortmapperService)
SRV - [2012-10-28 20:58:56 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-10-02 08:05:47 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012-10-01 10:12:13 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012-10-01 10:12:11 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-09-05 16:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2011-06-12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011-02-02 13:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2010-12-08 01:28:06 | 000,579,384 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- D:\CAD\Inventor 2012\Moldflow\bin\mitsijm.exe -- (mitsijm2012)
SRV - [2009-11-10 12:09:50 | 000,414,000 | ---- | M] (MKS Software Inc.) [Auto | Running] -- C:\Windows\System32\nutsrv4.exe -- (NuTCRACKERService)
SRV - [2009-09-26 01:44:56 | 000,036,864 | ---- | M] (Dassault Systemes) [Auto | Running] -- D:\CAtia\intel_a\code\bin\CATSysDemon.exe -- (BBDemon)
SRV - [2009-07-14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2012-10-15 10:33:38 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-10-01 10:12:13 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012-10-01 10:12:13 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009-08-10 15:21:00 | 009,824,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009-07-14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009-07-13 23:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009-07-13 23:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009-07-13 23:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009-06-27 05:55:12 | 000,066,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009-05-11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007-04-24 17:52:10 | 000,016,688 | ---- | M] (IBM) [Kernel | System | Running] -- C:\Windows\System32\drivers\LUMDriver.sys -- (LUMDriver)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = 
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&r=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-10-28 20:58:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-10-28 20:58:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012-09-24 09:27:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Helus\AppData\Roaming\mozilla\Extensions
[2012-11-12 16:14:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Helus\AppData\Roaming\mozilla\Firefox\Profiles\uqrks3tt.default\extensions
[2012-10-09 16:20:45 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Helus\AppData\Roaming\mozilla\Firefox\Profiles\uqrks3tt.default\extensions\OneClickDownload@OneClickDownload.com
[2012-10-04 16:57:36 | 000,214,514 | ---- | M] () (No name found) -- C:\Users\Helus\AppData\Roaming\mozilla\firefox\profiles\uqrks3tt.default\extensions\TorrentHandler@TorrentHandler.com.xpi
[2012-10-28 20:58:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-10-28 20:58:56 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-09-06 03:57:09 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-09-06 03:57:10 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-09-06 03:57:10 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-09-06 03:57:10 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-10-15 10:33:51 | 000,000,402 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml
[2012-09-06 03:57:10 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-09-06 03:57:09 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NuTCSetupEnviron] D:\Creo\MKS Toolkit\bin\ncoeenv.exe (MKS Software Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ROC_ROC_NT] "C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\nutafun4.dll (MKS Software Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\nutafun4.dll (MKS Software Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 150.254.5.4 150.254.5.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C99E486-FB4D-4FA5-B047-B53AC8112FA1}: DhcpNameServer = 150.254.5.4 150.254.5.11 150.254.5.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB75B502-D318-4F21-A711-4128220B16D2}: DhcpNameServer = 150.254.5.4 150.254.5.11
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-10-17 18:26:43 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-11-12 16:14:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-11-08 19:54:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2012-11-06 23:04:05 | 000,000,000 | ---D | C] -- C:\Users\Helus\Desktop\cam1
[2012-11-06 23:03:35 | 000,000,000 | ---D | C] -- C:\Users\Helus\Desktop\Cam
[2012-11-06 20:36:01 | 000,000,000 | ---D | C] -- C:\Users\Helus\Desktop\Pilot
[2012-11-06 20:35:48 | 000,000,000 | ---D | C] -- C:\Users\Helus\Desktop\Pilot 1
[2012-11-06 19:37:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012-11-06 19:37:13 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012-11-06 19:36:52 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-11-06 19:30:42 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2012-11-06 19:30:39 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012-11-06 19:30:38 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2012-11-05 19:45:57 | 000,000,000 | ---D | C] -- C:\Users\Helus\Documents\Euro Truck Simulator 2
[2012-11-05 19:45:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
[2012-11-05 19:24:46 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012-11-04 22:19:21 | 000,000,000 | ---D | C] -- C:\Users\Helus\AppData\Local\Autodesk,_Inc
[2012-11-04 21:40:16 | 000,000,000 | ---D | C] -- C:\Users\Helus\AppData\Local\GrantaGateway
[2012-11-04 21:19:25 | 000,000,000 | ---D | C] -- C:\Users\Helus\Documents\Autodesk
[2012-11-04 21:18:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2012-11-04 21:18:19 | 000,000,000 | ---D | C] -- C:\Users\Helus\Documents\Inventor
[2012-11-04 21:18:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[2012-11-04 21:12:29 | 000,000,000 | ---D | C] -- C:\MITSI 2012 Temporary Files
[2012-11-04 21:12:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Autodesk
[2012-11-04 21:11:49 | 000,000,000 | ---D | C] -- C:\Users\Helus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
[2012-11-04 21:11:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Chart Controls
[2012-11-04 21:10:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE
[2012-11-04 21:09:54 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2012-11-04 21:09:54 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2012-11-04 21:09:53 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2012-11-04 21:09:51 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012-11-04 21:09:50 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2012-10-29 18:01:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PTC
[2012-10-29 17:59:46 | 000,000,000 | ---D | C] -- C:\Users\Helus\AppData\Local\PTC
[2012-10-29 17:59:24 | 000,000,000 | ---D | C] -- C:\Users\Helus\AppData\Roaming\PTC
[2012-10-29 17:46:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC Creo
[2012-10-29 17:46:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC
[2012-10-29 17:40:22 | 000,000,000 | ---D | C] -- C:\ProgramData\PTC
[2012-10-29 17:06:13 | 000,000,000 | ---D | C] -- C:\Users\Helus\AppData\Roaming\pim
[2012-10-29 16:54:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catia Pro
[2012-10-28 20:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012-10-24 20:06:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CATIA
[2012-10-23 17:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Play + Smile
[2012-10-17 19:31:59 | 000,000,000 | ---D | C] -- C:\Users\Helus\AppData\Local\CutePDF Writer
[2012-10-17 19:30:52 | 000,000,000 | ---D | C] -- C:\Program Files\GPLGS
[2012-10-17 19:29:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
[2012-10-17 19:29:37 | 000,000,000 | ---D | C] -- C:\Program Files\Acro Software
[2012-10-17 18:26:43 | 000,000,000 | ---D | C] -- C:\Autodesk
[2012-10-17 18:14:00 | 000,000,000 | ---D | C] -- C:\Users\Helus\AppData\Local\cache
[2012-10-15 21:57:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2012-10-15 21:57:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012-10-15 21:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2012-10-15 21:53:55 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012-10-15 21:53:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2012-10-15 21:53:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2012-10-15 21:52:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2012-10-15 21:49:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2012-10-15 21:49:01 | 000,000,000 | ---D | C] -- C:\Users\Helus\AppData\Local\Microsoft Help
[2012-10-15 21:48:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012-10-15 21:48:14 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012-10-15 12:03:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012-10-15 10:46:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2012-10-15 10:46:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012-10-15 10:45:51 | 000,000,000 | ---D | C] -- C:\Users\Helus\AppData\Roaming\DassaultSystemes
[2012-10-15 10:45:51 | 000,000,000 | ---D | C] -- C:\Users\Helus\AppData\Local\DassaultSystemes
[2012-10-15 10:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\DassaultSystemes
[2012-10-15 10:35:42 | 000,000,000 | ---D | C] -- C:\Users\Helus\AppData\Roaming\TuneUp Software
[2012-10-15 10:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012-10-15 10:35:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012-10-15 10:34:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-10-15 10:33:38 | 000,242,240 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-10-15 10:33:28 | 000,000,000 | ---D | C] -- C:\Users\Helus\AppData\Roaming\DAEMON Tools Lite
[2012-10-15 10:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2012-10-15 10:32:47 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-11-12 16:27:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-11-12 16:27:37 | 1606,373,376 | -HS- | M] () -- C:\hiberfil.sys
[2012-11-12 16:27:00 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-11-12 16:26:59 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-11-12 15:36:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-11-08 19:54:40 | 000,002,004 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012-11-08 19:54:39 | 000,002,004 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012-11-07 19:57:08 | 000,737,980 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-11-07 19:57:08 | 000,652,148 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-11-07 19:57:08 | 000,154,636 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-11-07 19:57:08 | 000,121,080 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-11-06 23:54:58 | 000,037,846 | ---- | M] () -- C:\Users\Helus\Desktop\rozsiewacz Motyl n031m.jpg
[2012-11-06 23:14:25 | 000,001,838 | ---- | M] () -- C:\Users\Public\Documents\std.out
[2012-11-06 23:14:25 | 000,000,112 | ---- | M] () -- C:\Users\Public\Documents\std.err
[2012-11-06 22:59:42 | 000,037,338 | ---- | M] () -- C:\Users\Public\Documents\mfg0001.inf.1
[2012-11-06 20:30:31 | 006,381,834 | ---- | M] () -- C:\Users\Helus\Desktop\rozsiewacz_N031M.pdf
[2012-11-06 19:37:18 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012-11-06 19:30:34 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-11-06 19:30:34 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-11-06 00:18:44 | 000,066,940 | ---- | M] () -- C:\Users\Helus\Desktop\Napędy Maszyn Technologicznych.pdf
[2012-11-05 19:45:57 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
[2012-11-05 12:21:45 | 000,545,200 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-11-04 21:57:31 | 000,007,605 | ---- | M] () -- C:\Users\Helus\AppData\Local\Resmon.ResmonCfg
[2012-11-04 21:18:20 | 000,001,821 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk Inventor Professional 2012.lnk
[2012-10-29 17:54:00 | 000,000,962 | ---- | M] () -- C:\Users\Public\Desktop\Structure.lnk
[2012-10-29 17:54:00 | 000,000,954 | ---- | M] () -- C:\Users\Public\Desktop\Thermal.lnk
[2012-10-29 17:54:00 | 000,000,816 | ---- | M] () -- C:\Users\Public\Desktop\Creo Simulate 2.0.lnk
[2012-10-29 17:52:21 | 000,000,840 | ---- | M] () -- C:\Users\Public\Desktop\Creo Parametric 2.0.lnk
[2012-10-29 17:52:21 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\ModelCHECK.lnk
[2012-10-29 17:50:58 | 000,000,880 | ---- | M] () -- C:\Users\Public\Desktop\Creo Distributed Services Manager 2.0.lnk
[2012-10-29 17:46:52 | 000,000,896 | ---- | M] () -- C:\Users\Public\Desktop\Creo Options Modeler 2.0.lnk
[2012-10-29 17:46:40 | 000,000,792 | ---- | M] () -- C:\Users\Public\Desktop\Creo Layout 2.0.lnk
[2012-10-29 17:46:31 | 000,000,792 | ---- | M] () -- C:\Users\Public\Desktop\Creo Direct 2.0.lnk
[2012-10-29 16:58:54 | 000,000,705 | ---- | M] () -- C:\Users\Public\Desktop\MCE-Realistic Rendering.lnk
[2012-10-29 16:55:03 | 000,000,680 | ---- | M] () -- C:\Users\Public\Desktop\MCE-Creating Parts.lnk
[2012-10-29 16:54:01 | 000,000,750 | ---- | M] () -- C:\Users\Public\Desktop\MCE-Products and Assembly Design.lnk
[2012-10-24 20:06:54 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\CATIA V5R20.lnk
[2012-10-23 17:07:36 | 000,001,082 | ---- | M] () -- C:\Users\Helus\Desktop\Play Texas Hold'em Poker 3D - Deluxe Edition.lnk
[2012-10-15 10:34:51 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012-10-15 10:33:38 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-11-06 23:54:56 | 000,037,846 | ---- | C] () -- C:\Users\Helus\Desktop\rozsiewacz Motyl n031m.jpg
[2012-11-06 22:59:41 | 000,037,338 | ---- | C] () -- C:\Users\Public\Documents\mfg0001.inf.1
[2012-11-06 20:30:31 | 006,381,834 | ---- | C] () -- C:\Users\Helus\Desktop\rozsiewacz_N031M.pdf
[2012-11-06 19:37:18 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012-11-06 19:37:18 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012-11-06 19:30:39 | 000,002,004 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2012-11-06 19:30:39 | 000,002,004 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012-11-06 00:18:48 | 000,066,940 | ---- | C] () -- C:\Users\Helus\Desktop\Napędy Maszyn Technologicznych.pdf
[2012-11-05 19:45:57 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
[2012-11-04 21:57:31 | 000,007,605 | ---- | C] () -- C:\Users\Helus\AppData\Local\Resmon.ResmonCfg
[2012-11-04 21:18:20 | 000,001,821 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk Inventor Professional 2012.lnk
[2012-10-29 17:59:22 | 000,001,838 | ---- | C] () -- C:\Users\Public\Documents\std.out
[2012-10-29 17:59:22 | 000,000,112 | ---- | C] () -- C:\Users\Public\Documents\std.err
[2012-10-29 17:54:00 | 000,000,962 | ---- | C] () -- C:\Users\Public\Desktop\Structure.lnk
[2012-10-29 17:54:00 | 000,000,954 | ---- | C] () -- C:\Users\Public\Desktop\Thermal.lnk
[2012-10-29 17:54:00 | 000,000,816 | ---- | C] () -- C:\Users\Public\Desktop\Creo Simulate 2.0.lnk
[2012-10-29 17:52:21 | 000,000,840 | ---- | C] () -- C:\Users\Public\Desktop\Creo Parametric 2.0.lnk
[2012-10-29 17:52:21 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\ModelCHECK.lnk
[2012-10-29 17:50:58 | 000,000,880 | ---- | C] () -- C:\Users\Public\Desktop\Creo Distributed Services Manager 2.0.lnk
[2012-10-29 17:46:52 | 000,000,896 | ---- | C] () -- C:\Users\Public\Desktop\Creo Options Modeler 2.0.lnk
[2012-10-29 17:46:40 | 000,000,792 | ---- | C] () -- C:\Users\Public\Desktop\Creo Layout 2.0.lnk
[2012-10-29 17:46:31 | 000,000,792 | ---- | C] () -- C:\Users\Public\Desktop\Creo Direct 2.0.lnk
[2012-10-29 16:58:54 | 000,000,705 | ---- | C] () -- C:\Users\Public\Desktop\MCE-Realistic Rendering.lnk
[2012-10-29 16:55:03 | 000,000,680 | ---- | C] () -- C:\Users\Public\Desktop\MCE-Creating Parts.lnk
[2012-10-29 16:54:01 | 000,000,750 | ---- | C] () -- C:\Users\Public\Desktop\MCE-Products and Assembly Design.lnk
[2012-10-24 20:06:54 | 000,000,960 | ---- | C] () -- C:\Users\Public\Desktop\CATIA V5R20.lnk
[2012-10-23 17:07:36 | 000,001,082 | ---- | C] () -- C:\Users\Helus\Desktop\Play Texas Hold'em Poker 3D - Deluxe Edition.lnk
[2012-10-17 19:29:39 | 000,088,688 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2012-10-15 10:34:51 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012-10-09 20:19:07 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012-09-23 19:39:36 | 000,000,147 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >