Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-08-2013 04 Ran by Administrator (administrator) on PROFILAKTYKA2 on 05-09-2013 19:40:38 Running from C:\Documents and Settings\Administrator\Desktop\diagnoza Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: English(US) Internet Explorer Version 6 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (HP) C:\WINDOWS\system32\HPZipm12.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2029640 2009-03-19] (ESET) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.) HKLM\...\Run: [NeroFilterCheck] - C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) Winlogon\Notify\igfxcui: igfxsrvc.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [28278] - C:\DOCUME~1\ALLUSE~1.WIN\LOCALS~1\Temp\ccewyazso.exe [104648 2004-08-04] ( (House)) MountPoints2: {118c65d9-82d1-11df-9062-001a92cd67a9} - F:\AutoRun.exe MountPoints2: {4c893868-f19d-11df-90ce-001a92cd67a9} - F:\AutoRun.exe MountPoints2: {4c893869-f19d-11df-90ce-001a92cd67a9} - F:\AutoRun.exe MountPoints2: {dd56acdf-3b09-11df-9012-001a92cd67a9} - F:\DOBRERIBE/ziza.exe MountPoints2: {fd1032d8-a452-11df-9085-001a92cd67a9} - F:\AutoRun.exe MountPoints2: {fd1032d9-a452-11df-9085-001a92cd67a9} - F:\AutoRun.exe Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home SearchScopes: HKLM - DefaultScope value is missing. BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2210608 2006-10-27] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\2mztheub.default FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF HKLM\...\Firefox\Extensions: [jqs@sun.com] C:\Program Files\Java\jre6\lib\deploy\jqs\ff FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: Eset Plugin - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird ========================== Services (Whitelisted) ================= S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [20680 2009-03-19] (ESET) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [731840 2009-03-19] (ESET) S4 HidServ; %SystemRoot%\System32\hidserv.dll [x] R2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" [x] ==================== Drivers (Whitelisted) ==================== S3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [371712 2005-02-12] (Broadcom Corporation) R3 E1000; C:\Windows\System32\DRIVERS\e1000325.sys [99840 2002-11-12] (Intel Corporation) R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [113960 2009-03-19] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [107256 2009-03-19] (ESET) R1 epfwtdir; C:\Windows\System32\DRIVERS\epfwtdir.sys [93848 2009-03-19] (ESET) S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2006-04-13] (HP) S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2006-04-13] (HP) S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2006-04-13] (HP) R3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [681469 2004-02-10] (Intel Corporation) S3 Secdrv; C:\Windows\System32\DRIVERS\secdrv.sys [27440 2004-08-04] () S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x] U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-05 19:38 - 2013-09-05 19:38 - 00000000 _____ C:\Documents and Settings\Administrator\defogger_reenable 2013-09-05 19:24 - 2013-09-05 19:38 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\diagnoza 2013-08-27 13:10 - 2013-08-27 13:10 - 00000000 ____D C:\Program Files\Samsung 2013-08-27 13:07 - 2013-08-27 13:07 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Samsung ==================== One Month Modified Files and Folders ======= 2013-09-05 19:40 - 2013-09-05 19:40 - 00000000 ____D C:\FRST 2013-09-05 19:38 - 2013-09-05 19:38 - 00000000 _____ C:\Documents and Settings\Administrator\defogger_reenable 2013-09-05 19:38 - 2013-09-05 19:24 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\diagnoza 2013-09-05 19:38 - 2010-03-29 10:05 - 00000000 ____D C:\Documents and Settings\Administrator 2013-09-05 19:35 - 2010-03-28 12:48 - 00489670 _____ C:\WINDOWS\setupapi.log 2013-09-05 19:29 - 2010-03-28 12:51 - 00000159 _____ C:\WINDOWS\wiadebug.log 2013-09-05 19:28 - 2010-03-28 12:51 - 00000050 _____ C:\WINDOWS\wiaservc.log 2013-09-05 19:28 - 2004-08-04 12:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2013-09-05 19:23 - 2010-03-28 12:47 - 00170945 _____ C:\WINDOWS\setupact.log 2013-09-02 13:22 - 2010-03-29 10:05 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini 2013-09-02 13:22 - 2010-03-29 09:59 - 00054658 _____ C:\WINDOWS\WindowsUpdate.log 2013-08-28 13:07 - 2013-06-19 10:38 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\Umowy (E) 2013-08-28 13:04 - 2011-02-09 12:35 - 00000000 ____D D:\My Documents\PROFILAKTYKA 2013-08-28 12:48 - 2011-02-09 12:34 - 00000000 ____D D:\My Documents\SŁAWEK 2013-08-28 12:37 - 2013-06-20 08:01 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\P. poż 2013-08-27 13:10 - 2013-08-27 13:10 - 00000000 ____D C:\Program Files\Samsung 2013-08-27 13:07 - 2013-08-27 13:07 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Samsung 2013-08-08 13:48 - 2011-01-30 18:16 - 00000116 _____ C:\WINDOWS\NeroDigital.ini Files to move or delete: ==================== C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DataCard_Setup.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hpzmsi01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hpzscr01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nowegg.upgr.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ResetDevice.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\SkypeSetup.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\uninstall.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\UTPSDLL\GdiPlus.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\UTPSDLL\mfc71.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\UTPSDLL\MFC71u.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\UTPSDLL\msvcp71.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\UTPSDLL\msvcr71.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\gdiplus.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\hpzc3212.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\hpzglu14.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\HPZidi01.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\HPZIDS01.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\hpzjlog.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\hpzjpp01.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\hpzjut01.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\hpzjvp01.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\hpzpnp14.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\hpzscr14.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\hpzsetup.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\hpzuci12.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\msvcirt.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\msvcrt.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\Setup.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\tls704d.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\unicows.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\xmlparse.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\xmltok.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\cfgmgr32.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\setupapi.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\support_tools\msi_install_cleanup\win9x\msicu.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\support_tools\msi_install_cleanup\win2000\msicuu.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\common\hpfpdi14.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\common\hpqisc09.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\common\hpzghl14.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\common\hpzpin14.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\240075.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\270615USAM.EXE C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\AccessDeniedUtility.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\afsinst.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\FixErr1714.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\HPZlgc01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\HPZprs01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\MediaSizeSettings.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\Q256858_W2K_SP1_x86.EXE C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\Q283787_W2K_SP3_x86_en.EXE C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\ptb\Q283787_W2K_SP3_x86.EXE C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\ptb\WindowsXP-KB822603-x86-ptb.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\fra\Q283787_W2K_SP3_x86.EXE C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\fra\WindowsXP-KB822603-x86-fra.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\esn\Q283787_W2K_SP3_x86.EXE C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\esn\WindowsXP-KB822603-x86-esn.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\enu\Q283787_W2K_SP3_x86.EXE C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\ccc\enu\WindowsXP-KB822603-x86-enu.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\aio\hpopdi05.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\util\aio\hpopin05.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\tur\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\tur\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\svc\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\svc\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\cfgtoip.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpbntkrs.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpbskutl.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPCommunication.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPeDiag.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPeSupport.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpgeneric.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpjnds50.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpjsiadp.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpjsira.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpntwkexe.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpntwkwiz.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpntwkwiz_ar.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpntwkwiz_en.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpntwkwiz_es.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpntwkwiz_fr.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpntwkwiz_pt.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpntwkwiz_zhcn.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpntwkwiz_zhtw.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpoapd01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hponac01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hponicifs01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hponiprint01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hponiscan01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\Hponiscp01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hporfd01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpowfs01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPScripting.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZarp01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZcdl01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZchk01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZddv01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpzdui01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpzfwx01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZgat01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpzjfw01.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpzjpp01.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpzjut02.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpzmsi01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZnet01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZnfx01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZnop01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZopt01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpzpnp01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpzprl01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZpsc01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZpsl01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZrcn01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZrcv01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZrein01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpzscr01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\hpzshl01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZsui01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZtim01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZwis01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZwrp01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\HPZwup01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\InstallMetrics.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\InternetUtil.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\mdfix01.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\mfc42.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\MFC71.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\msvcirt.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\msvcp60.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\msvcp71.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\msvcr71.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\msxml3.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\msxml3a.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\msxml3r.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\openssldll.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\rapiddiscovery.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\RulesEngine.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\sdicommunications.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\sdiencryption.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\sdifirewall.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\sdifirewallnet.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\sdiingredients.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\sdiingredientsagents.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\sdilog.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\sdinetware.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\sdisdk.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\snmpnet_pp.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\snmp_pp.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\tls704d.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\tls7712d.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\usbready.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\wsnmp32.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\wis\win9x\instmsi.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\wis\win2k_xp\instmsi.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\redisco\hpzjfw01.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\redisco\hpzjrd01.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\redisco\hpzjsn01.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\redisco\wsnmp32.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\setup\imagezoneexpress\PhotobackPluginSetup.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\rus\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\rus\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\ptb\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\ptb\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\plk\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\plk\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\non\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\non\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\nld\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\nld\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\kor\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\kor\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\jpn\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\jpn\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\ita\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\ita\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\hun\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\hun\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\hbr\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\hbr\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\grk\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\grk\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\fra\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\fra\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\fin\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\fin\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\esm\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\esm\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\enu\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\enu\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\drivers\scanner\x32\hpotiop2.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\drivers\scanner\x32\hpotpusd.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\drivers\scanner\x32\hpotscl2.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\drivers\scanner\x32\hpovst09.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\drivers\scanner\x32\hpowiax1.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\drivers\scanner\x32\hpowiax2.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\drivers\fax\hpaiofax.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\drivers\fax\hpzuifax.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\drivers\dot4\wrapper\setup.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\drivers\dot4\wrapper\wrapper.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\drivers\dot4\wrapper\_isdel.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\drivers\dot4\wrapper\_setup.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\drivers\dot4\win98\hpzc3212.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\drivers\dot4\win98\hpzimn12.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\drivers\dot4\win98\hpzuci12.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\drivers\dot4\win2000\hpzc3212.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\deu\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\deu\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\dan\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\dan\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\csy\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\csy\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\common\drivers\win9x_me\atl.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\common\drivers\com_os\hpbmiapi.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\common\drivers\com_os\HPBOID.EXE C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\common\drivers\com_os\hpboidps.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\common\drivers\com_os\HPBPRO.EXE C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\common\drivers\com_os\hpbprops.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\common\drivers\com_os\HPJCMN2U.DLL C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\common\drivers\com_os\HPJIPX1U.DLL C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\common\drivers\com_os\hpoism01.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\common\drivers\com_os\hppapml0.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\common\drivers\com_os\hpqip09.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\common\drivers\com_os\hpqish09.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\cht\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\cht\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\chs\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\chs\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\arb\drivers\win9x_me\usbmon.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\hp_webrelease\arb\drivers\com_lang\hpofax08.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\setup.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\AccessibleMarshal.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\crashreporter.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\freebl3.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\js3250.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\MapiProxy.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\mozcrt19.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\mozMapi32.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\nsldap32v60.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\nsldappr32v60.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\nsldif32v60.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\nspr4.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\nss3.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\nssckbi.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\nssdbm3.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\nssutil3.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\plc4.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\plds4.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\smime3.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\softokn3.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\sqlite3.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\ssl3.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\thunderbird.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\updater.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\WSEnable.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\xpcom.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\xpcom_core.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\components\jar50.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\components\jsd3250.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\nonlocalized\components\xpinstal.dll C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\7zS34E1.tmp\localized\uninstall\helper.exe C:\Documents and Settings\All Users.WINDOWS\Local Settings\Temp\ccewyazso.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2004-08-04 12:00] - [2004-08-04 12:00] - 1032192 ____A (Microsoft Corporation) a0732187050030ae399b241436565e64 C:\Windows\System32\winlogon.exe [2004-08-04 12:00] - [2004-08-04 12:00] - 0502272 ____A (Microsoft Corporation) 01c3346c241652f43aed8e2149881bfe C:\Windows\System32\svchost.exe [2004-08-04 12:00] - [2004-08-04 12:00] - 0014336 ____A (Microsoft Corporation) 8f078ae4ed187aaabc0a305146de6716 C:\Windows\System32\services.exe [2004-08-04 12:00] - [2004-08-04 12:00] - 0108032 ____A (Microsoft Corporation) c6ce6eec82f187615d1002bb3bb50ed4 C:\Windows\System32\User32.dll [2004-08-04 12:00] - [2004-08-04 12:00] - 0577024 ____A (Microsoft Corporation) c72661f8552ace7c5c85e16a3cf505c4 C:\Windows\System32\userinit.exe [2004-08-04 12:00] - [2004-08-04 12:00] - 0024576 ____A (Microsoft Corporation) 39b1ffb03c2296323832acbae50d2aff C:\Windows\System32\Drivers\volsnap.sys [2004-08-04 12:00] - [2004-08-04 12:00] - 0052352 ____A (Microsoft Corporation) ee4660083deba849ff6c485d944b379b ==================== End Of Log ============================