OTL logfile created on: 2012-04-10 12:22:39 - Run 1 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\User1\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,48 Mb Total Physical Memory | 591,00 Mb Available Physical Memory | 57,74% Memory free 2,40 Gb Paging File | 2,06 Gb Available in Paging File | 85,69% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 20,00 Gb Total Space | 6,84 Gb Free Space | 34,19% Space Free | Partition Type: NTFS Drive D: | 54,52 Gb Total Space | 54,39 Gb Free Space | 99,76% Space Free | Partition Type: NTFS Computer Name: PIWOWARS | User Name: User1 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-04-10 12:21:15 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User1\Moje dokumenty\Pobieranie\OTL(1).exe PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012-02-28 19:32:29 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-02-10 08:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe PRC - [2005-06-03 08:16:00 | 000,081,920 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe PRC - [2005-06-03 06:21:00 | 000,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe PRC - [2003-08-15 16:34:50 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-04-10 11:17:57 | 001,755,136 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12041001\algo.dll MOD - [2012-04-10 09:16:18 | 001,755,136 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12041000\algo.dll MOD - [2012-02-28 19:32:29 | 001,911,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-02-16 20:21:52 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll MOD - [2012-02-15 17:59:49 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_384ff5ea\mscorlib.dll MOD - [2012-02-15 17:59:45 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_90c5d7cd\system.drawing.dll MOD - [2012-02-15 17:59:36 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_e89752c6\system.xml.dll MOD - [2012-02-12 16:10:39 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_49ae8f76\system.windows.forms.dll MOD - [2012-02-09 19:35:06 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_06b99899\system.dll MOD - [2012-02-09 19:34:52 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll MOD - [2012-02-09 19:34:48 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll MOD - [2012-02-05 13:45:58 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll MOD - [2012-02-05 13:45:56 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll MOD - [2012-01-18 19:54:58 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll MOD - [2012-01-18 19:54:58 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_pl_a53cf5803f4c3827\hpqisrtb.resources.dll MOD - [2012-01-18 19:54:53 | 001,163,264 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll MOD - [2012-01-18 19:54:53 | 000,790,528 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll MOD - [2012-01-18 19:54:53 | 000,376,832 | ---- | M] () -- c:\windows\assembly\gac\hpqedit.resources\3.0.0.0_pl_a53cf5803f4c3827\hpqedit.resources.dll MOD - [2012-01-18 19:54:53 | 000,258,048 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup.resources\3.0.0.0_pl_a53cf5803f4c3827\hpqbakup.resources.dll MOD - [2012-01-18 19:54:51 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll MOD - [2012-01-18 19:54:50 | 000,016,384 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc.resources\4.0.0.0_pl_a53cf5803f4c3827\hpqprrsc.resources.dll MOD - [2012-01-18 19:54:49 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll MOD - [2012-01-18 19:54:49 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll MOD - [2012-01-18 19:54:49 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll MOD - [2012-01-18 19:54:49 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.codecs\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.codecs.dll MOD - [2012-01-18 19:54:49 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll MOD - [2012-01-18 19:54:49 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll MOD - [2012-01-18 19:54:49 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll MOD - [2012-01-18 19:54:49 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll MOD - [2012-01-18 19:54:49 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll MOD - [2012-01-18 19:54:49 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll MOD - [2012-01-18 19:54:49 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll MOD - [2012-01-18 19:54:49 | 000,014,848 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll MOD - [2012-01-18 19:54:49 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll MOD - [2012-01-18 19:54:49 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll MOD - [2012-01-18 19:54:48 | 000,593,920 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll MOD - [2012-01-18 19:54:48 | 000,516,096 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll MOD - [2012-01-18 19:54:48 | 000,425,984 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll MOD - [2012-01-18 19:54:48 | 000,385,024 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll MOD - [2012-01-18 19:54:48 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll MOD - [2012-01-18 19:54:48 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll MOD - [2012-01-18 19:54:48 | 000,135,168 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2.resources\3.0.0.0_pl_a53cf5803f4c3827\hpqcc2.resources.dll MOD - [2012-01-18 19:54:48 | 000,126,976 | ---- | M] () -- c:\windows\assembly\gac\hpqtray.resources\4.0.0.0_pl_a53cf5803f4c3827\hpqtray.resources.dll MOD - [2012-01-18 19:54:48 | 000,094,208 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_pl_a53cf5803f4c3827\hpqcprsc.resources.dll MOD - [2012-01-18 19:54:48 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll MOD - [2012-01-18 19:54:48 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll MOD - [2012-01-18 19:54:48 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll MOD - [2012-01-18 19:54:48 | 000,061,440 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll MOD - [2012-01-18 19:54:48 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll MOD - [2012-01-18 19:54:48 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc.resources\4.0.0.0_pl_a53cf5803f4c3827\hpqfmrsc.resources.dll MOD - [2012-01-18 19:54:48 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll MOD - [2012-01-18 19:54:48 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll MOD - [2012-01-18 19:54:18 | 000,237,568 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2012-01-18 19:54:18 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\system.resources\1.0.5000.0_pl_b77a5c561934e089\system.resources.dll MOD - [2012-01-18 19:53:05 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll MOD - [2006-10-22 13:22:00 | 000,212,992 | ---- | M] () -- C:\WINDOWS\system32\nvapi.dll MOD - [2005-10-20 11:36:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll MOD - [2005-10-20 11:36:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll MOD - [2005-06-03 08:16:00 | 000,081,920 | ---- | M] () -- C:\Program Files\Sony\SonicStage\SSAAD.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2006-03-03 22:03:10 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2005-06-07 02:32:54 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV) SRV - [2005-06-07 02:28:04 | 000,053,337 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR) SRV - [2005-06-07 02:22:34 | 000,069,718 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV) SRV - [2005-06-03 06:21:00 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012-03-07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012-03-07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012-03-07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2012-03-07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012-03-07 01:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2012-03-07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2012-03-07 00:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2008-04-14 02:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2003-08-15 16:53:12 | 000,462,684 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2003-08-15 00:16:38 | 000,404,736 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS) DRV - [2002-12-05 13:01:00 | 000,241,664 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM) DRV - [2002-12-05 13:01:00 | 000,013,056 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM) DRV - [2002-11-13 16:10:00 | 000,020,224 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvidesm.sys -- (nvidesm) DRV - [2002-09-23 11:37:00 | 000,080,896 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET) DRV - [2002-09-06 12:24:00 | 000,013,568 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp) DRV - [2001-08-18 00:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) DRV - [2001-08-17 23:28:12 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124) DRV - [2001-08-17 23:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones) DRV - [2001-08-17 23:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft) DRV - [2001-08-17 23:28:10 | 000,073,279 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_SPKP.sys -- (SpeakerPhone) DRV - [2001-08-17 23:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample) DRV - [2001-08-17 23:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56) DRV - [2001-08-17 23:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback) DRV - [2001-08-17 23:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax) DRV - [2001-08-17 23:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks) DRV - [2001-08-17 23:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-26 08:18:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-02-28 19:32:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-02-16 20:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User1\Dane aplikacji\Mozilla\Extensions [2012-02-28 19:48:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-02-28 19:48:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012-02-28 19:32:30 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-02-08 19:54:35 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-02-08 19:54:35 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-08 19:54:35 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-08 19:54:35 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-08 19:54:35 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-08 19:54:35 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.83\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.83\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.83\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: Gmail = C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ O1 HOSTS File: ([2008-04-15 14:00:00 | 000,000,783 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SsAAD.exe] C:\Program Files\Sony\SonicStage\SSAAD.exe () O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Photosmart Premier - Szybkie uruchomienie.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.128.107.242 213.134.134.134 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{778BEEC7-554D-426A-B0BF-834A8CFFB0A2}: DhcpNameServer = 85.128.107.242 213.134.134.134 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Idylla.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-01-18 18:57:03 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{a5f948c2-41fb-11e1-b38c-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{a5f948c2-41fb-11e1-b38c-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-03-30 15:22:37 | 000,000,000 | ---D | C] -- C:\spoolerlogs [2012-03-26 10:39:14 | 000,000,000 | ---D | C] -- C:\Program Files\Google [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-04-10 12:20:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-04-10 12:19:40 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012-04-10 12:19:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-04-10 11:59:52 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys [2012-04-02 20:18:10 | 001,212,481 | ---- | M] () -- C:\Documents and Settings\User1\Pulpit\Piwowarska_Hanna.pdf [2012-03-26 08:18:15 | 000,002,644 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2012-03-26 08:14:20 | 000,435,978 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-03-26 08:14:20 | 000,380,350 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-03-26 08:14:20 | 000,067,078 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-03-26 08:14:20 | 000,052,764 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-03-19 10:03:02 | 000,275,760 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-03-18 21:37:23 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-04-02 20:20:05 | 001,212,481 | ---- | C] () -- C:\Documents and Settings\User1\Pulpit\Piwowarska_Hanna.pdf [2012-02-16 19:58:56 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-01-20 12:10:35 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\User1\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2012-01-18 19:48:56 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2012-01-18 19:44:08 | 000,119,069 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp [2012-01-18 19:44:08 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp [2012-01-18 19:43:09 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012-01-18 19:41:44 | 000,275,760 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-01-18 19:32:19 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\drivers\jedih2rx.bin [2012-01-18 19:32:19 | 000,000,122 | R--- | C] () -- C:\WINDOWS\System32\drivers\ramsed.bin [2012-01-18 19:10:04 | 000,119,729 | ---- | C] () -- C:\WINDOWS\hpoins11.dat [2012-01-18 19:02:49 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-01-18 18:52:44 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [color=#E56717]========== LOP Check ==========[/color] [2012-01-18 19:58:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2012-02-01 19:04:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WinZip [2012-02-15 17:55:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User1\Dane aplikacji\.minecraft [color=#E56717]========== Purity Check ==========[/color] < End of report >