OTL logfile created on: 2010-08-26 01:15:04 - Run 2 OTL by OldTimer - Version 3.2.10.0 Folder = Z:\laptop waldiego Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 383,00 Mb Total Physical Memory | 110,00 Mb Available Physical Memory | 29,00% Memory free 920,00 Mb Paging File | 698,00 Mb Available in Paging File | 76,00% Paging File free Paging file location(s): C:\pagefile.sys 576 1152 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 9,77 Gb Total Space | 0,62 Gb Free Space | 6,32% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive Z: | 27,49 Gb Total Space | 2,99 Gb Free Space | 10,86% Space Free | Partition Type: NTFS Computer Name: KOMPUTER2 Current User Name: uzytkownik Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-08-27 00:25:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- Z:\laptop waldiego\OTL.exe PRC - [2007-11-13 19:48:50 | 002,510,848 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.bin PRC - [2007-11-13 19:48:44 | 002,359,296 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 2.3\program\soffice.exe PRC - [2007-10-27 19:13:15 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2007-09-25 02:11:35 | 000,132,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe PRC - [2007-06-13 15:23:49 | 001,034,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-05-04 02:32:52 | 000,961,024 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe PRC - [2007-02-13 16:20:50 | 001,205,840 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe PRC - [2006-10-24 05:07:00 | 000,040,960 | R-S- | M] (Microsoft Corporation) -- C:\Documents and Settings\uzytkownik\Menu Start\Programy\Autostart\ctfmon.exe PRC - [2005-07-03 09:20:48 | 000,372,736 | ---- | M] (Samsung Electronics.) -- C:\WINDOWS\Samsung\ComSMMgr\SSMMgr.exe PRC - [2005-05-12 09:15:14 | 000,102,400 | R--- | M] () -- C:\WINDOWS\ATK0100\HControl.exe PRC - [2005-05-10 04:12:22 | 001,953,792 | R--- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe PRC - [2005-04-15 05:01:00 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE PRC - [2005-01-04 17:52:52 | 000,331,776 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\sistray.exe PRC - [2004-12-22 08:23:00 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe PRC - [2004-08-04 00:44:30 | 000,196,608 | ---- | M] () -- \\?\C:\WINDOWS\System32\WBEM\WMIADAP.EXE PRC - [2004-01-28 10:36:56 | 000,167,936 | R--- | M] (Conexant Systems , Inc.) -- C:\WINDOWS\Hsfpwcfg.exe PRC - [2003-03-01 23:31:06 | 000,032,489 | -HS- | M] () -- C:\Program Files\Common Files\System\yyjnldu.exe PRC - [2003-03-01 23:31:06 | 000,032,489 | -HS- | M] () -- C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-08-27 00:25:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- Z:\laptop waldiego\OTL.exe MOD - [2010-08-26 01:11:02 | 000,085,504 | RHS- | M] () -- C:\WINDOWS\system32\gasretyw0.dll MOD - [2006-10-13 14:41:11 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nwprovau.dll MOD - [2006-08-25 17:51:13 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2004-12-22 08:23:00 | 000,069,722 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll MOD - [2004-08-04 00:44:08 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll MOD - [2004-08-04 00:44:08 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll MOD - [2004-08-04 00:44:08 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll MOD - [2004-08-04 00:44:08 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll MOD - [2004-08-04 00:43:56 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll MOD - [2004-08-04 00:43:56 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll MOD - [2004-08-03 23:01:18 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - [2008-08-07 01:47:29 | 000,037,888 | RHS- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\ADADIX16w.exe -- (SCardSvrwinmgmt) SRV - [2007-03-20 03:19:14 | 000,263,168 | ---- | M] (Ares Development Group) [On_Demand | Stopped] -- C:\Program Files\Ares\chatServer.exe -- (AresChatServer) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2010-05-11 12:00:34 | 000,020,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz133_x32.sys -- (cpuz133) DRV - [2007-01-04 13:48:04 | 000,104,344 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e4usbaw.sys -- (e4usbaw) DRV - [2007-01-04 13:47:48 | 000,069,656 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e4ldr.sys -- (E4LOADER) General Purpose USB Driver (e4ldr.sys) DRV - [2006-08-16 11:37:30 | 000,225,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2005-04-19 04:40:00 | 002,317,504 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2005-03-14 07:01:38 | 000,041,984 | ---- | M] (DeviceGuys, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp) DRV - [2005-02-17 17:07:48 | 000,005,632 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2005-02-17 13:03:48 | 000,638,720 | R--- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Bs350u2.sys -- (Cam5603C) DRV - [2005-02-17 10:29:06 | 000,013,312 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp) DRV - [2005-02-17 04:59:26 | 000,240,640 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315) DRV - [2005-02-11 22:46:22 | 000,371,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2004-12-22 08:23:00 | 000,186,240 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP) DRV - [2004-08-09 08:27:18 | 000,070,144 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp) DRV - [2004-08-04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2004-08-03 23:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2004-06-17 08:57:16 | 000,193,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWSIS.sys -- (HSFHWSIS) DRV - [2004-05-17 17:11:42 | 000,067,456 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\rmedia.sys -- (rmedia) DRV - [2004-05-12 11:11:16 | 000,685,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2004-05-12 11:09:42 | 001,037,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP) DRV - [2002-09-09 20:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5) DRV - [2001-08-18 01:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2001-08-18 01:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2001-08-17 23:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir) DRV - [2000-10-30 01:00:00 | 000,003,608 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\port_nt.sys -- (port_nt) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1644491937-1958367476-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1644491937-1958367476-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/ IE - HKU\S-1-5-21-1644491937-1958367476-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1644491937-1958367476-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] [2007-12-26 17:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uzytkownik\Dane aplikacji\Mozilla\Firefox\Profiles\vouo5rzz.default\extensions [2007-11-20 17:52:00 | 002,884,992 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll O1 HOSTS File: ([2001-10-26 19:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx () O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKU\S-1-5-21-1644491937-1958367476-725345543-1003\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.) O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe () O4 - HKLM..\Run: [Hsfpwcfg.exe] C:\WINDOWS\Hsfpwcfg.exe (Conexant Systems , Inc.) O4 - HKLM..\Run: [mhlclyg] C:\Program Files\Common Files\System\yyjnldu.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [nhbivui] C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia) O4 - HKLM..\Run: [Samsung Common SM] C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe (Samsung Electronics.) O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKU\S-1-5-21-1644491937-1958367476-725345543-1003..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group) O4 - HKU\S-1-5-21-1644491937-1958367476-725345543-1003..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.) O4 - HKU\S-1-5-21-1644491937-1958367476-725345543-1003..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe () O4 - HKU\S-1-5-21-1644491937-1958367476-725345543-1003..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG) O4 - HKU\S-1-5-21-1644491937-1958367476-725345543-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe (Silicon Integrated Systems Corporation) O4 - Startup: C:\Documents and Settings\uzytkownik\Menu Start\Programy\Autostart\ctfmon.exe (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\uzytkownik\Menu Start\Programy\Autostart\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1644491937-1958367476-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\sdra64.exe) - C:\WINDOWS\system32\sdra64.exe () O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\uzytkownik\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\uzytkownik\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O27 - HKLM IFEO\360rpt.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\360Safe.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\360tray.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\adam.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\AgentSvr.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\AppSvc32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\ArSwp.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\AST.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\autoruns.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\AvastU3.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\avconsol.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\avgrssvc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\AvMonitor.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\avp.com: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\avp.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\CCenter.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\ccSvcHst.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\EGHOST.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\FileDsty.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\FTCleanerShell.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\FYFireWall.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\ghost.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\HijackThis.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\IceSword.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\iparmo.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\Iparmor.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\irsetup.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\isPwdSvc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\kabaload.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KaScrScn.SCR: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KASMain.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KASTask.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KAV32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KAVDX.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KAVPF.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KAVPFW.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KAVSetup.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KAVStart.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KISLnchr.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KMailMon.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KMFilter.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KPFW32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KPFW32X.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KPfwSvc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KRegEx.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KRepair.com: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KsLoader.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KVCenter.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KvDetect.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KvfwMcl.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KVMonXP.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KVMonXP_1.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\kvol.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\kvolself.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KvReport.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KVScan.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KVSrvXP.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KVStub.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\kvupload.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\kvwsc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KvXP.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KvXP_1.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KWatch.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KWatch9x.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\KWatchX.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\loaddll.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\MagicSet.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\mcconsol.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\mmqczj.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\mmsk.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\Navapsvc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\Navapw32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\nod32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\nod32krn.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\nod32kui.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\NPFMntor.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\PFW.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\PFWLiveUpdate.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\QHSET.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\QQDoctor.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\QQKav.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\QQSC.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\Ras.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\Rav.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\RavMon.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\RavMonD.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\RavStub.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\RavTask.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\RegClean.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\rfwcfg.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\rfwmain.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\rfwsrv.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\RsAgent.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\Rsaupd.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\rstrui.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\runiep.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\safelive.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\scan32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\shcfg32.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\SmartUp.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\SREng.EXE: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\symlcsvc.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\SysSafe.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\TrojanDetector.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\Trojanwall.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\TrojDie.kxp: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\UIHost.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\UmxAgent.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\UmxAttachment.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\UmxCfg.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\UmxFwHlp.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\UmxPol.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\upiea.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\UpLive.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\USBCleaner.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\vsstat.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\webscanx.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\WoptiClean.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O27 - HKLM IFEO\zjb.exe: Debugger - C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe () O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005-12-22 22:24:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-08-26 01:14:59 | 000,000,563 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2008-04-03 16:25:31 | 000,000,105 | RHS- | M] () - Z:\AUTORUN.FCB -- [ NTFS ] O32 - AutoRun File - [2009-07-19 12:45:19 | 000,000,169 | -HS- | M] () - Z:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{0b52ddc8-160b-11de-bd1c-0015f21da249}\Shell\AutoRun\command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{0b52ddc8-160b-11de-bd1c-0015f21da249}\Shell\explore\Command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{0b52ddc8-160b-11de-bd1c-0015f21da249}\Shell\open\Command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{0f1f9f07-aa95-11dd-bc82-0015f21da249}\Shell\AutoRun\command - "" = D:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\lin32.exe -- File not found O33 - MountPoints2\{0f1f9f07-aa95-11dd-bc82-0015f21da249}\Shell\open\command - "" = D:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\lin32.exe -- File not found O33 - MountPoints2\{12dd4a88-683f-11df-be3c-0015f21da249}\Shell\Open(&0)\command - "" = D:\Recycled\ctfmon.exe -- File not found O33 - MountPoints2\{217b3fee-24ff-11dd-ba6f-4d6564696130}\Shell\AutoRun\command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{217b3fee-24ff-11dd-ba6f-4d6564696130}\Shell\explore\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{217b3fee-24ff-11dd-ba6f-4d6564696130}\Shell\open\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{241b62fa-74c2-11df-be3f-0015f21da249}\Shell\AutoRun\command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{241b62fa-74c2-11df-be3f-0015f21da249}\Shell\explore\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{241b62fa-74c2-11df-be3f-0015f21da249}\Shell\open\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{2bbe1dcf-c1a1-11de-bde7-0015f21da249}\Shell\AutoRun\command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{2bbe1dcf-c1a1-11de-bde7-0015f21da249}\Shell\explore\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{2bbe1dcf-c1a1-11de-bde7-0015f21da249}\Shell\open\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{3320bd5e-560e-11df-be35-0015f21da249}\Shell\Open(&0)\command - "" = D:\Recycled\ctfmon.exe -- File not found O33 - MountPoints2\{3a81426e-838a-11de-bd9a-0015f21da249}\Shell\AutoRun\command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{3a81426e-838a-11de-bd9a-0015f21da249}\Shell\explore\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{3a81426e-838a-11de-bd9a-0015f21da249}\Shell\open\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{47eff7ac-f470-11dd-bd12-0015f21da249}\Shell\Open(&0)\command - "" = D:\Recycled\ctfmon.exe -- File not found O33 - MountPoints2\{4817f062-dc6f-11dc-b8f3-0015f21da249}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe -- File not found O33 - MountPoints2\{4f85ec42-dce5-11dd-bcf1-0015f21da249}\Shell\AutoRun\command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{4f85ec42-dce5-11dd-bcf1-0015f21da249}\Shell\explore\Command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{4f85ec42-dce5-11dd-bcf1-0015f21da249}\Shell\open\Command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{559c461a-4227-11de-bd56-0015f21da249}\Shell\AutoRun\command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{559c461a-4227-11de-bd56-0015f21da249}\Shell\explore\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{559c461a-4227-11de-bd56-0015f21da249}\Shell\open\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{5d931848-091a-11df-be12-0015f21da249}\Shell\AutoRun\command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{5d931848-091a-11df-be12-0015f21da249}\Shell\explore\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{5d931848-091a-11df-be12-0015f21da249}\Shell\open\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{5ffde4c7-e1a4-11dd-bcf6-0015f21da249}\Shell\AutoRun\command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{5ffde4c7-e1a4-11dd-bcf6-0015f21da249}\Shell\explore\Command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{5ffde4c7-e1a4-11dd-bcf6-0015f21da249}\Shell\open\Command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{616819f7-bad2-11dd-bcd5-0015f21da249}\Shell\AutoRun\command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{616819f7-bad2-11dd-bcd5-0015f21da249}\Shell\explore\Command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{616819f7-bad2-11dd-bcd5-0015f21da249}\Shell\open\Command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{7000aca4-f1fe-11dd-bd0e-0015f21da249}\Shell\AutoRun\command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{7000aca4-f1fe-11dd-bd0e-0015f21da249}\Shell\explore\Command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{7000aca4-f1fe-11dd-bd0e-0015f21da249}\Shell\open\Command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{722e6090-6d8a-11de-bd7f-0015f21da249}\Shell\AutoRun\command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{722e6090-6d8a-11de-bd7f-0015f21da249}\Shell\explore\Command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{722e6090-6d8a-11de-bd7f-0015f21da249}\Shell\open\Command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{819b874c-1282-11df-be1a-0015f21da249}\Shell\AutoRun\command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{819b874c-1282-11df-be1a-0015f21da249}\Shell\explore\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{819b874c-1282-11df-be1a-0015f21da249}\Shell\open\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{97a2ba7b-3c7d-11dc-b75d-0015f21da249}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe -- File not found O33 - MountPoints2\{a71ffa12-8a80-11de-bdba-0015f21da249}\Shell\AutoRun\command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{a71ffa12-8a80-11de-bdba-0015f21da249}\Shell\explore\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{a71ffa12-8a80-11de-bdba-0015f21da249}\Shell\open\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{a91a68c6-61ef-11df-be38-0015f21da249}\Shell\AutoRun\command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{a91a68c6-61ef-11df-be38-0015f21da249}\Shell\explore\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{a91a68c6-61ef-11df-be38-0015f21da249}\Shell\open\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{ab939c57-4069-11dc-b763-0015f21da249}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe -- File not found O33 - MountPoints2\{b0929b44-c7e4-11de-bdee-0015f21da249}\Shell\AutoRun\command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{b0929b44-c7e4-11de-bdee-0015f21da249}\Shell\explore\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{b0929b44-c7e4-11de-bdee-0015f21da249}\Shell\open\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{b872b15a-7879-11de-bd8c-0015f21da249}\Shell\AutoRun\command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{b872b15a-7879-11de-bd8c-0015f21da249}\Shell\explore\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{b872b15a-7879-11de-bd8c-0015f21da249}\Shell\open\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{c8b4d810-d9d5-11de-bdf5-0015f21da249}\Shell\AutoRun\command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{c8b4d810-d9d5-11de-bdf5-0015f21da249}\Shell\explore\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{c8b4d810-d9d5-11de-bdf5-0015f21da249}\Shell\open\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{ccafbe9e-7324-11da-8533-806d6172696f}\Shell\AutoRun\command - "" = C:\abk.bat -- [2008-11-24 22:10:12 | 000,110,417 | RHS- | M] () O33 - MountPoints2\{ccafbe9e-7324-11da-8533-806d6172696f}\Shell\explore\Command - "" = C:\abk.bat -- [2008-11-24 22:10:12 | 000,110,417 | RHS- | M] () O33 - MountPoints2\{ccafbe9e-7324-11da-8533-806d6172696f}\Shell\open\Command - "" = C:\abk.bat -- [2008-11-24 22:10:12 | 000,110,417 | RHS- | M] () O33 - MountPoints2\{d29f14ba-732a-11da-b549-0015f2508a8c}\Shell\AutoRun\command - "" = Z:\abk.bat -- [2008-11-24 22:10:12 | 000,110,417 | RHS- | M] () O33 - MountPoints2\{d29f14ba-732a-11da-b549-0015f2508a8c}\Shell\explore\Command - "" = Z:\abk.bat -- [2008-11-24 22:10:12 | 000,110,417 | RHS- | M] () O33 - MountPoints2\{d29f14ba-732a-11da-b549-0015f2508a8c}\Shell\open\Command - "" = Z:\abk.bat -- [2008-11-24 22:10:12 | 000,110,417 | RHS- | M] () O33 - MountPoints2\{eb4268a4-e6fe-11dd-bcfe-0015f21da249}\Shell\AutoRun\command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{eb4268a4-e6fe-11dd-bcfe-0015f21da249}\Shell\explore\Command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{eb4268a4-e6fe-11dd-bcfe-0015f21da249}\Shell\open\Command - "" = D:\abk.bat -- File not found O33 - MountPoints2\{f19eabe0-42f6-11df-be29-0015f21da249}\Shell\AutoRun\command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{f19eabe0-42f6-11df-be29-0015f21da249}\Shell\explore\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{f19eabe0-42f6-11df-be29-0015f21da249}\Shell\open\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{f2194ae4-3c5d-11de-bd53-0015f21da249}\Shell\Open(&0)\command - "" = D:\Recycled\ctfmon.exe -- File not found O33 - MountPoints2\{f21e8f93-7448-11de-bd86-0015f21da249}\Shell\AutoRun\command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{f21e8f93-7448-11de-bd86-0015f21da249}\Shell\explore\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{f21e8f93-7448-11de-bd86-0015f21da249}\Shell\open\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{f773026a-983b-11df-be4e-0015f21da249}\Shell\AutoRun\command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{f773026a-983b-11df-be4e-0015f21da249}\Shell\explore\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{f773026a-983b-11df-be4e-0015f21da249}\Shell\open\Command - "" = D:\nhbivui.exe -- File not found O33 - MountPoints2\{f869b03c-0cfa-11df-be15-0015f21da249}\Shell - "" = AutoRun O33 - MountPoints2\{f869b03c-0cfa-11df-be15-0015f21da249}\Shell\AutoRun\command - "" = D:\WD SmartWare.exe -- File not found O33 - MountPoints2\{f869b03d-0cfa-11df-be15-0015f21da249}\Shell\AutoRun\command - "" = F:\nhbivui.exe -- File not found O33 - MountPoints2\{f869b03d-0cfa-11df-be15-0015f21da249}\Shell\explore\Command - "" = F:\nhbivui.exe -- File not found O33 - MountPoints2\{f869b03d-0cfa-11df-be15-0015f21da249}\Shell\open\Command - "" = F:\nhbivui.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2002-03-01 07:08:12 | 000,189,200 | ---- | C] (Hewlett-Packard Company) -- C:\Program Files\hpbf201j.dll [2002-03-01 07:08:04 | 000,350,480 | ---- | C] (Hewlett-Packard Company) -- C:\Program Files\hpbf201i.dll [2002-03-01 07:07:50 | 000,109,840 | ---- | C] (Hewlett-Packard Company) -- C:\Program Files\hpbf201f.dll [2002-03-01 07:07:46 | 001,096,464 | ---- | C] (Hewlett-Packard Company) -- C:\Program Files\hpbf201h.dll [2002-03-01 07:07:26 | 000,008,464 | ---- | C] (Hewlett-Packard Company) -- C:\Program Files\hpbf201e.dll [2002-03-01 07:07:10 | 001,417,488 | ---- | C] (Hewlett-Packard Company) -- C:\Program Files\hpbf201g.dll [2002-03-01 04:09:50 | 000,460,800 | ---- | C] (Rogue Wave Software, Inc. & Hewlett-Packard Company) -- C:\Program Files\hpbf201k.dll [2001-05-04 05:31:16 | 000,045,056 | ---- | C] (Hewlett-Packard Company) -- C:\Program Files\hpbafd32.dll [2001-03-14 10:08:32 | 000,058,880 | ---- | C] (Hewlett-Packard) -- C:\Program Files\hpdcmon.dll [2000-03-13 03:58:36 | 000,099,840 | ---- | C] (MicroWorks, Inc.) -- C:\Program Files\hpbftm32.dll [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-08-26 01:17:29 | 000,000,563 | RHS- | M] () -- C:\autorun.inf [2010-08-26 01:15:01 | 001,062,548 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2010-08-26 01:15:01 | 000,780,348 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010-08-26 01:15:01 | 000,407,842 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2010-08-26 01:15:01 | 000,335,834 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010-08-26 01:15:01 | 000,002,660 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-08-26 01:11:02 | 000,085,504 | RHS- | M] () -- C:\WINDOWS\System32\gasretyw0.dll [2010-08-26 01:10:16 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-08-26 01:10:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-08-26 01:02:57 | 004,456,448 | -H-- | M] () -- C:\Documents and Settings\uzytkownik\NTUSER.DAT [2010-08-26 01:02:57 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\uzytkownik\ntuser.ini [2010-08-26 01:02:45 | 000,000,821 | ---- | M] () -- C:\WINDOWS\wincmd.ini [2010-08-26 00:56:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009-07-19 12:45:00 | 000,032,489 | -HS- | C] () -- C:\Program Files\meex.exe [2009-02-07 20:29:54 | 000,000,090 | ---- | C] () -- C:\WINDOWS\System32\2052g.sys [2009-02-02 12:32:49 | 000,085,504 | RHS- | C] () -- C:\WINDOWS\System32\gasretyw0.dll [2009-01-28 10:27:57 | 000,085,504 | RHS- | C] () -- C:\WINDOWS\System32\gasretyw1.dll [2008-08-10 22:42:05 | 000,018,944 | -HS- | C] () -- C:\WINDOWS\System32\ADADIX16wa.dll [2008-07-10 22:25:49 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\uzytkownik\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2007-10-17 21:29:25 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini [2007-10-17 18:12:52 | 000,000,168 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2007-10-17 18:12:52 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2007-10-17 18:12:43 | 000,000,990 | ---- | C] () -- C:\WINDOWS\adiras.ini [2007-10-17 18:12:39 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2007-10-17 18:12:37 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL [2007-10-15 22:31:25 | 000,000,736 | ---- | C] () -- C:\WINDOWS\DigimaxMaster.INI [2007-07-14 19:22:46 | 000,000,234 | ---- | C] () -- C:\WINDOWS\Fakturka.ini [2007-06-27 21:20:01 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006-11-18 18:54:12 | 000,000,062 | ---- | C] () -- C:\WINDOWS\emsoft.ini [2006-11-18 18:53:52 | 000,000,065 | ---- | C] () -- C:\WINDOWS\SYMGAMES.INI [2006-09-18 20:33:29 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini [2006-05-25 18:35:07 | 000,000,042 | ---- | C] () -- C:\WINDOWS\boxworld.ini [2006-03-01 10:21:35 | 000,003,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\port_nt.sys [2006-02-11 20:10:35 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006-01-20 22:28:34 | 000,000,056 | ---- | C] () -- C:\WINDOWS\Kulki.ini [2006-01-06 22:07:49 | 000,058,880 | ---- | C] () -- C:\Documents and Settings\uzytkownik\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006-01-06 22:07:16 | 000,000,663 | ---- | C] () -- C:\WINDOWS\VPlayer.INI [2006-01-06 22:04:15 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll [2006-01-06 22:04:15 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2006-01-06 22:04:11 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2005-12-26 12:30:51 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini [2005-12-23 21:07:41 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2005-12-23 21:01:12 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini [2005-12-23 19:59:36 | 000,000,821 | ---- | C] () -- C:\WINDOWS\wincmd.ini [2005-12-23 02:31:08 | 000,015,190 | R--- | C] () -- C:\WINDOWS\M1000Twn.ini [2005-12-23 01:08:41 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2005-12-23 01:08:34 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2005-12-23 00:53:02 | 000,083,483 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini [2005-12-23 00:52:01 | 000,098,517 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini [2005-12-22 23:25:58 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys [2005-12-22 23:24:31 | 000,007,424 | R--- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS [2005-12-07 12:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2004-10-11 12:19:00 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\ASUSASV2.DLL [2004-08-04 00:44:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2002-03-18 09:18:42 | 000,012,073 | ---- | C] () -- C:\Program Files\hp201ip5.cat [2002-03-01 07:06:24 | 000,046,914 | ---- | C] () -- C:\Program Files\hpbf201i.pmd [2002-02-28 03:46:34 | 000,001,658 | ---- | C] () -- C:\Program Files\hp201ip5.inf [2000-11-13 07:03:42 | 000,051,554 | ---- | C] () -- C:\Program Files\hpbf201i.hlp [1996-10-07 16:53:58 | 000,006,020 | ---- | C] () -- C:\Program Files\HPLicpi.txt [color=#E56717]========== LOP Check ==========[/color] [2007-04-09 19:32:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Downloaded Installations [2007-04-09 19:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2008-05-15 13:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2007-04-09 19:41:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uzytkownik\Dane aplikacji\Datalayer [2007-10-21 18:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uzytkownik\Dane aplikacji\Gadu-Gadu [2008-06-12 20:09:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uzytkownik\Dane aplikacji\GanymedeNet [2006-09-18 00:29:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uzytkownik\Dane aplikacji\InterTrust [2007-04-09 19:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uzytkownik\Dane aplikacji\Nokia [2007-04-16 18:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uzytkownik\Dane aplikacji\Nokia Multimedia Player [2007-04-09 19:35:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\uzytkownik\Dane aplikacji\PC Suite [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:7E95B6FD < End of report >