OTL logfile created on: 2011-01-17 16:46:33 - Run 4 OTL by OldTimer - Version 3.2.20.2 Folder = C:\Documents and Settings\Victor\My Documents\Downloads Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1 022,00 Mb Total Physical Memory | 185,00 Mb Available Physical Memory | 18,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 59,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 102,28 Gb Total Space | 78,31 Gb Free Space | 76,56% Space Free | Partition Type: NTFS Drive D: | 8,48 Gb Total Space | 0,16 Gb Free Space | 1,83% Space Free | Partition Type: FAT32 Computer Name: PC145233194931 | User Name: Victor | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-01-17 16:44:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Victor\My Documents\Downloads\OTL.exe PRC - [2011-01-08 04:35:52 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Victor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe PRC - [2010-12-16 11:37:30 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010-12-16 06:19:28 | 012,984,928 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-12-09 20:28:24 | 001,226,608 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2010-08-02 16:10:00 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2010-08-02 16:09:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009-03-05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008-04-14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-07-06 08:40:38 | 000,405,504 | ---- | M] (Fine Point Technologies, Inc.) -- C:\Program Files\DialNet\WinPPPoverEthernet.exe PRC - [2007-07-04 16:27:24 | 000,135,168 | ---- | M] (Fine Point Technologies, Inc.) -- C:\Program Files\DialNet\WrOS.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-01-17 16:44:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Victor\My Documents\Downloads\OTL.exe MOD - [2010-08-23 17:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - [2010-12-16 11:37:30 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010-08-02 16:10:00 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2007-07-04 16:27:24 | 000,135,168 | ---- | M] (Fine Point Technologies, Inc.) [Auto | Running] -- C:\Program Files\DialNet\WrOS.exe -- (WinPPPoverEthernet) SRV - [2006-06-12 12:27:28 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr) SRV - [2005-10-06 17:46:38 | 000,856,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-12-21 18:59:40 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2010-11-27 18:07:18 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010-06-17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010-06-17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009-06-22 12:48:44 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC) DRV - [2008-05-08 15:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST) DRV - [2008-04-13 19:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp) DRV - [2008-04-13 19:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp) DRV - [2008-04-13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2007-07-04 16:27:24 | 000,065,604 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WrKPoETNic2000.sys -- (WRSWanDD) DRV - [2007-07-04 16:27:24 | 000,052,214 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\DialNet\WrKPoET2000.sys -- (WrKPoET2000) DRV - [2007-07-04 16:27:24 | 000,052,214 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WrKPoET2000.sys -- (TopWinPoETDriver) DRV - [2007-07-04 16:27:22 | 000,030,336 | ---- | M] (Politecnico di Torino) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fpd.sys -- (FPD) DRV - [2007-06-18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2006-09-28 20:23:34 | 001,709,696 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw3x32.sys -- (NETw3x32) Sterownik karty Intel(R) DRV - [2006-09-27 17:10:00 | 003,694,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2006-07-26 22:44:42 | 000,581,632 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService) DRV - [2006-07-06 10:28:58 | 000,047,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2006-06-28 09:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey) DRV - [2006-06-17 05:40:56 | 000,193,120 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2006-05-12 13:21:22 | 000,401,664 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio) DRV - [2006-05-12 13:19:04 | 001,342,602 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL) DRV - [2006-05-12 13:17:18 | 000,030,363 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver) DRV - [2006-05-12 13:17:10 | 000,030,189 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem) DRV - [2006-05-12 13:16:44 | 000,057,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB) DRV - [2006-05-12 13:13:46 | 000,148,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS) DRV - [2006-04-20 17:03:20 | 000,995,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV) DRV - [2006-04-20 17:02:40 | 000,208,000 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL) DRV - [2006-04-20 17:02:36 | 000,727,296 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2006-04-11 12:07:48 | 000,179,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R) DRV - [2005-12-22 17:02:22 | 000,051,840 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2005-11-16 20:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2005-11-01 18:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2005-10-13 10:07:12 | 000,874,240 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor) DRV - [2005-09-19 13:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb) DRV - [2004-08-04 07:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C) DRV - [2001-08-17 21:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow) DRV - [2001-08-17 21:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3) DRV - [2001-08-17 21:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi) DRV - [2001-08-17 21:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx) DRV - [2001-08-17 21:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810) DRV - [2001-08-17 20:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra) DRV - [2001-08-17 20:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160) DRV - [2001-08-17 20:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080) DRV - [2001-08-17 20:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280) DRV - [2001-08-17 20:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k) DRV - [2001-08-17 20:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x) DRV - [2001-08-17 20:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc) DRV - [2001-08-17 20:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550) DRV - [2001-08-17 20:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde) DRV - [2001-08-17 20:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2892962287-3909793390-2519683295-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com IE - HKU\S-1-5-21-2892962287-3909793390-2519683295-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {e2fda1a4-762b-4020-b5ad-a41df1933103}:1.0b2 FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1 FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2 FF - prefs.js..extensions.enabledItems: dictionary-switcher-tb@design-noir.de:1.1.5 FF - prefs.js..extensions.enabledItems: quickfolders@curious.be:2.2 FF - prefs.js..extensions.enabledItems: {a300a000-5e21-4ee0-a115-9ec8f4eaa92b}:0.3.5 FF - prefs.js..extensions.enabledItems: ru@dictionaries.addons.mozilla.org:0.4.4 FF - prefs.js..extensions.enabledItems: mintrayr@tn123.ath.cx:0.8.1 FF - prefs.js..extensions.enabledItems: LeopardMailDefaultAqua@reo-2007:3.2.6 FF - HKLM\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010-12-09 22:51:23 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010-12-09 22:51:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011-01-17 12:58:20 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010-12-09 22:51:23 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-11-23 22:40:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Victor\Application Data\mozilla\Extensions [2010-11-23 22:40:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Victor\Application Data\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010-11-23 22:53:31 | 000,000,000 | ---D | M] (Remove Duplicate Messages (Alternate)) -- C:\DOCUMENTS AND SETTINGS\VICTOR\APPLICATION DATA\THUNDERBIRD\PROFILES\RXRKFKXU.DEFAULT\EXTENSIONS\{A300A000-5E21-4EE0-A115-9EC8F4EAA92B} [2010-11-23 22:53:32 | 000,000,000 | ---D | M] (Lightning) -- C:\DOCUMENTS AND SETTINGS\VICTOR\APPLICATION DATA\THUNDERBIRD\PROFILES\RXRKFKXU.DEFAULT\EXTENSIONS\{E2FDA1A4-762B-4020-B5AD-A41DF1933103} [2010-11-23 22:53:32 | 000,000,000 | ---D | M] (German Dictionary) -- C:\DOCUMENTS AND SETTINGS\VICTOR\APPLICATION DATA\THUNDERBIRD\PROFILES\RXRKFKXU.DEFAULT\EXTENSIONS\DE-DE@DICTIONARIES.ADDONS.MOZILLA.ORG [2010-11-23 22:53:32 | 000,000,000 | ---D | M] (Dictionary Switcher) -- C:\DOCUMENTS AND SETTINGS\VICTOR\APPLICATION DATA\THUNDERBIRD\PROFILES\RXRKFKXU.DEFAULT\EXTENSIONS\DICTIONARY-SWITCHER-TB@DESIGN-NOIR.DE [2010-12-10 09:26:45 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\DOCUMENTS AND SETTINGS\VICTOR\APPLICATION DATA\THUNDERBIRD\PROFILES\RXRKFKXU.DEFAULT\EXTENSIONS\EN-GB@DICTIONARIES.ADDONS.MOZILLA.ORG [2010-12-23 13:47:45 | 000,000,000 | ---D | M] (MinimizeToTray revived (MinTrayR)) -- C:\DOCUMENTS AND SETTINGS\VICTOR\APPLICATION DATA\THUNDERBIRD\PROFILES\RXRKFKXU.DEFAULT\EXTENSIONS\MINTRAYR@TN123.ATH.CX [2010-12-23 13:47:45 | 000,000,000 | ---D | M] ("QuickFolders") -- C:\DOCUMENTS AND SETTINGS\VICTOR\APPLICATION DATA\THUNDERBIRD\PROFILES\RXRKFKXU.DEFAULT\EXTENSIONS\QUICKFOLDERS@CURIOUS.BE [2010-11-23 22:53:31 | 000,000,000 | ---D | M] (Russian spellchecking dictionary) -- C:\DOCUMENTS AND SETTINGS\VICTOR\APPLICATION DATA\THUNDERBIRD\PROFILES\RXRKFKXU.DEFAULT\EXTENSIONS\RU@DICTIONARIES.ADDONS.MOZILLA.ORG O1 HOSTS File: ([2010-12-17 18:51:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (DivX Plus Web Player HTML5