Nagłe spowolnienie pracy systemu


(Darek972) #1

Coś musiałem złapać bo nagle system wolno zaczął pracować, spowalnia i długo startuje.

Prosze o zerknięcie w log HijackThis.

http://www.wklej.org/id/263751/


(deFco247) #2

HijackThis to starożytne narzędzie i nie używamy już go w celu usuwania infekcji.

Pokaż logi z narzędzi:

:arrow: OTL

Przestawiasz w nim Processes i Modules na All oraz wklejasz w dolne białe okienko Custom Scans/Fixes :

Klikasz Run Scan.

:arrow: System Repair Engineer


(Serwis Komputery) #3

C:\DOCUME~1\Darek\Ustawienia lokalne\Temp\Qhn.exe

C:\WINDOWS\msb.exe

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O3 - Toolbar: QT Breadcrumbs Address Bar - {af83e43c-dd2b-4787-826b-31b17dee52ed} - mscoree.dll (file missing)

O3 - Toolbar: QT TabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dll (file missing)

O3 - Toolbar: QT Tab Standard Buttons - {D2BF470E-ED1C-487F-A666-2BD8835EB6CE} - mscoree.dll (file missing)

O3 - Toolbar: (no name) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - (no file)

O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O4 - HKLM..\Run: [Resume copy] copyfstq.exe /startup

O4 - HKCU..\Run: [bMIMZMHMFM] C:\DOCUME~1\Darek\Ustawienia lokalne\Temp\Qhn.exe

O4 - S-1-5-18 Startup: z.cmd (User 'SYSTEM')

O4 - .DEFAULT Startup: z.cmd (User 'Default user')

O4 - .DEFAULT User Startup: z.cmd (User 'Default user'

O17 - HKLM\System\CCS\Services\Tcpip..{9F3217D5-665C-4C9C-A70B-2457B4F3892C}: NameServer = 194.204.152.34,194.204.159.1

O17 - HKLM\System\CCS\Services\Tcpip..{E819F55A-4006-4E27-B786-B866F413A728}: NameServer = 194.204.152.34,194.204.159.1

to do usunięcia,radzę też odinstalować toolbary (google) a jak instalujesz np. Foxit Reader to odznaczać instalowanie toolbarów typu Ask (są w różnych aplikacjach),po usunięciu tych wpisów,zainstaluj Trojan Remover,uaktualnij,przejdź w tryb awaryjny i przeskanuj (fast scan)


(Darek972) #4
2010-01-17,18:08:52


System Repair Engineer 2.8.2.1321

Smallfrogs (http://www.KZTechs.com)


Windows XP Professional Dodatek Service Pack 3 (Build 2600) - Administrative User - Completed Functions Allowed


Follow item(s) have been selected:

    All Boot Items (Including Registry, Startup Folders, Services and so on)

    Browser Add-ons

    Running Processes (Including process model information)

    File Associations

    Winsock Provider

    Autorun.Inf

    HOSTS File

    Process Privileges Scan

    Scheduled Tasks

    Windows Security Update Check

    API HOOK

    Hidden Process



Boot Items

Registry

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<"C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"> [(Verified)Google Inc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<> [N/A]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"> [(Verified)Kaspersky Lab]
  [(Verified)Hewlett-Packard Company]
<; rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent> [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  [Microsoft Corporation]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  [File is missing]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  [Microsoft Corporation]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
  [Microsoft Corporation]
  [Microsoft Corporation]
<%SystemRoot%\system32\SHELL32.dll> [Microsoft Corporation]
<%SystemRoot%\system32\SHELL32.dll> [Microsoft Corporation]
  [Microsoft Corporation]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
  [(Verified)Kaspersky Lab]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
  [(Verified)Microsoft Corporation]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
  [(Verified)Microsoft Windows]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
  [Microsoft Corporation]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{99820200-ECBD-11cf-8B85-00AA005B4340}]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
  [(Verified)Microsoft Windows Component Publisher]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
  [(Verified)Microsoft Corporation]

[HKEY_CURRENT_USER\Control Panel\Desktop]
  []


==================================

Startup Folders

[HP Digital Imaging Monitor]
 C:\PROGRA~1\HP\Digital Imaging\bin\hpqtra08.exe [Hewlett-Packard Co.]>

[Ralink Wireless Utility]
 C:\WINDOWS\RaUI.exe [Ralink Technology, Corp.]>

[Transparent fx - lite]
 C:\PROGRA~1\Fadebar\Fadebar.exe [Nookian Apps]>


==================================

Services

[Kaspersky Internet Security / AVP][Running/Auto Start]

  <"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" -r>

[Folder Size / FolderSize][Stopped/Disabled]

  <"C:\Program Files\FolderSize\FolderSizeSvc.exe">

[Google Software Updater / gusvc][Stopped/Manual Start]

  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe">

[Dostęp do urządzeń interfejsu HID / HidServ][Stopped/Manual Start]
%SystemRoot%\System32\hidserv.dll>

[hpqcxs08 / hpqcxs08][Running/Manual Start]
C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll>

[Usługa HP CUE DeviceDiscovery / hpqddsvc][Running/Auto Start]
C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll>

[Java Quick Starter / JavaQuickStarterService][Stopped/Disabled]

  <"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf">

[Instalator Windows / MSIServer][Stopped/Manual Start]


[Net Driver HPZ12 / Net Driver HPZ12][Running/Auto Start]
C:\WINDOWS\system32\HPZinw12.dll>

[NMSAccessU / NMSAccessU][Stopped/Manual Start]


[Pml Driver HPZ12 / Pml Driver HPZ12][Running/Auto Start]
C:\WINDOWS\system32\HPZipm12.dll>

[Prio Service / prio_svc][Stopped/Disabled]


[SSHNAS / SSHNAS][Running/Auto Start]
C:\WINDOWS\system32\sshnas21.dll>

[Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start]
C:\WINDOWS\system32\mspmsnsv.dll>

[Usługa udostępniania w sieci programu Windows Media Player / WMPNetworkSvc][Stopped/Manual Start]

  <"C:\Program Files\Windows Media Player\WMPNetwk.exe">

[Windows Driver Foundation - User-mode Driver Framework / WudfSvc][Stopped/Manual Start]
%SystemRoot%\System32\WUDFSvc.dll>


==================================

Drivers

[AEGIS Protocol (IEEE 802.1x) v3.4.3.0 / AegisP][Running/Auto Start]


[ati2mtag / ati2mtag][Running/Manual Start]


[IEEE-1284.4 Driver HPZid412 / HPZid412][Stopped/Manual Start]


[Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12][Stopped/Manual Start]


[USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12][Stopped/Manual Start]


[kl1 / kl1][Running/Boot Start]

  <\SystemRoot\system32\drivers\kl1.sys>

[Kaspersky Lab Boot Guard Driver / klbg][Running/Boot Start]

  <\SystemRoot\system32\drivers\klbg.sys>

[Kaspersky Lab KLFltDev / KLFLTDEV][Running/Manual Start]


[Kaspersky Lab Driver / KLIF][Running/System Start]


[Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start]


[Service for NVIDIA(R) nForce(TM) Audio Enumerator / nvax][Running/Manual Start]


[NVIDIA nForce MCP Networking Controller Driver / NVENET][Stopped/Manual Start]


[Service for NVIDIA(R) nForce(TM) Audio / nvnforce][Running/Manual Start]


[NVIDIA nForce AGP Bus Filter / nv_agp][Running/Boot Start]

  <\SystemRoot\system32\DRIVERS\nv_agp.sys>

[Sterownik bezpośredniego połączenia kablowego / Ptilink][Running/Manual Start]


[PxHelp20 / PxHelp20][Running/Boot Start]

  <\SystemRoot\System32\Drivers\PxHelp20.sys>

[Ralink Wireless Driver / RT61][Running/Manual Start]


[Secdrv / Secdrv][Stopped/Manual Start]


[Sterownik protokołu TCP/IP / Tcpip][Running/System Start]


[USB Data Cable / usb2vcom][Stopped/Manual Start]
<>

[Virtual CD-ROM Device Driver / vcdrom][Running/System Start]

  <\??\C:\Program Files\System\CPL Bonus\Vcdrom.sys>

[Windows Driver Foundation - User-mode Driver Framework Platform Driver / WudfPf][Stopped/Manual Start]


[Windows Driver Foundation - User-mode Driver Framework Reflector / WudfRd][Stopped/Manual Start]



==================================

Browser Add-ons

[HP Print Enhancer]

  {0347C33E-8762-4905-BF09-768834316C61} 

[CommandBar.CtrlMHook]

  {3f1ab67e-12aa-352e-b4e0-a5f1810b60dd} 

[IEVkbdBHO Class]

  {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} 

[Google Toolbar Helper]

  {AA58ED58-01DD-4d91-8333-CF10577473F7} 

[Google Toolbar Notifier BHO]

  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} 

[Java(tm) Plug-In 2 SSV Helper]

  {DBC80044-A445-435b-BC74-9C25C1C588A9} 

[JQSIEStartDetectorImpl Class]

  {E7E6F031-17CE-4C07-BC86-EABFE594F69C} 

[Loader Class]

  {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} 

[HP Smart BHO Class]

  {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} 

[Statystyki ochrony WWW]

  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} 

[&Research]

  {92780B25-18CC-41C8-B9BE-3C9C571A8263} 

[ClipBookBtn Class]

  {DDE87865-83C5-48c4-8357-2F5B1AA84522} 

[]

  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>

[Google Toolbar]

  {2318C2B1-4965-11d4-9B18-009027A5CD4F} 

[asusTek_sysctrl Class]

  {0D41B8C5-2599-4893-8183-00195EC8D5F9} 

[Java Plug-in 1.6.0_13]

  {8AD9C840-044E-11D1-B3E9-00805F499D93} 

[Java Plug-in 1.6.0_13]

  {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} 

[Java Plug-in 1.6.0_13]

  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} 

[]

  {E2883E8F-472F-4FB0-9522-AC9BF37916A7} <, >

[HP Print Enhancer]

  {0347C33E-8762-4905-BF09-768834316C61} 

[]

  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >

[asusTek_sysctrl Class]

  {0D41B8C5-2599-4893-8183-00195EC8D5F9} 

[]

  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <, >

[]

  {201F27D4-3704-41D6-89C1-AA35E39143ED} <, >

[Google Toolbar]

  {2318C2B1-4965-11D4-9B18-009027A5CD4F} 

[HTML Document]

  {25336920-03F9-11CF-8FD0-00AA00686F13} 

[XML DOM Document]

  {2933BF90-7B36-11D2-B20E-00C04F983E60} 

[]

  {3041D03E-FD4B-44E0-B742-2D9B88305F98} <, >

[Google Side Bar]

  {32004B8A-44A9-43E7-84E9-808838809519} 

[CommandBar.CtrlMHook]

  {3F1AB67E-12AA-352E-B4E0-A5F1810B60DD} 

[QuickTime Object]

  {4063BE15-3B08-470D-A0D5-B37161CFFD69} 

[Shell Name Space]

  {55136805-B2DE-11D1-B9F2-00A0C98BC547} 

[HP Smart Web Printing]

  {555D4D79-4BD2-4094-A395-CFC534424A05} 

[IEVkbdBHO Class]

  {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} 

[Windows Media Player]

  {6BF52A52-394A-11D3-B153-00C04F79FAA6} 

[MUWebControl Class]

  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} 

[XML DOM Document 4.0]

  {88D969C0-F192-11D4-A65F-0040963251E5} 

[XML HTTP 4.0]

  {88D969C5-F192-11D4-A65F-0040963251E5} 

[XML HTTP 5.0]

  {88D969EA-F192-11D4-A65F-0040963251E5} 

[XML DOM Document 6.0]

  {88D96A05-F192-11D4-A65F-0040963251E5} 

[XML HTTP 6.0]

  {88D96A0A-F192-11D4-A65F-0040963251E5} 

[]

  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >

[Google Toolbar Helper]

  {AA58ED58-01DD-4D91-8333-CF10577473F7} 

[Google Toolbar Notifier BHO]

  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} 

[QT Breadcrumbs Address Bar]

  {AF83E43C-DD2B-4787-826B-31B17DEE52ED} 

[]

  {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} <, >

[Microsoft Url Search Hook]

  {CFBFAE00-17A6-11D0-99CB-00C04FD64497} 

[RealPlayer G2 Control]

  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} 

[Shockwave Flash Object]

  {D27CDB6E-AE6D-11CF-96B8-444553540000} 

[QT TabBar]

  {D2BF470E-ED1C-487F-A333-2BD8835EB6CE} 

[QT Tab Standard Buttons]

  {D2BF470E-ED1C-487F-A666-2BD8835EB6CE} 

[Java(tm) Plug-In 2 SSV Helper]

  {DBC80044-A445-435B-BC74-9C25C1C588A9} 

[ClipBookBtn Class]

  {DDE87865-83C5-48C4-8357-2F5B1AA84522} 

[]

  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >

[JQSIEStartDetectorImpl Class]

  {E7E6F031-17CE-4C07-BC86-EABFE594F69C} 

[XML HTTP Request]

  {ED8C108E-4349-11D2-91A4-00C04F7969E8} 

[XML HTTP 3.0]

  {F5078F35-C551-11D3-89B9-0000F81FE221} 

[XML DOM Document]

  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} 

[XML HTTP]

  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} 

[Loader Class]

  {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} 

[HP Smart BHO Class]

  {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} 

[Dodaj do listy blokowanych banerów]


[E&xport to Microsoft Excel]


[Funkcja Google Sidewiki]



==================================

Running Processes

[PID][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

[PID][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

[PID][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Kaspersky Lab, 8.0.0.357]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

[PID][C] [Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

[PID][C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

[PID][C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C] [Microsoft Corporation, 3.1.4001.5512]

[PID][C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 3.1.4001.5512]

[PID][C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [c] [N/A,]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C] [Microsoft Corporation, 3.1.4001.5512]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]

[PID][C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C] [Hewlett-Packard Company, 70.091.312.00]

    [C] [Hewlett-Packard Corporation, 70.091.312.00]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

[PID][C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 3.1.4001.5512]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]

    [C] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C] [Brio, 1, 4, 0, 0]

    [C] [Microsoft Corporation, 2.0.50727.3603 (GDR.050727-3600)]

    [C] [, 1.1.0.0]

    [C] [, 1.1.0.0]

    [C] [, 1.1.0.0]

    [C] [, 1.1.0.0]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [A Part of the LessCliX Suite by Alianyn, 1.1.0.4]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID][C] [Hewlett-Packard, 80, 1, 0, 0]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID][C] [Google Inc., 4, 1, 509, 1944]

    [C] [Google Inc., 5, 4, 4525, 1752]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Google Inc., 5, 4, 4525, 1752]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C] [Microsoft Corporation, 3.1.4001.5512]

[PID][C] [Hewlett-Packard Co., 130.0.376.000]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C] [Microsoft Corporation, 3.1.4001.5512]

    [C] [Hewlett-Packard Co., 130.0.80.000]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Hewlett-Packard Co., 000.0.000.000]

    [C] [Hewlett-Packard Co., 130.0.376.000]

    [C] [Hewlett-Packard Co., 130.0.376.000]

    [C] [Hewlett-Packard Co., 130.0.376.000]

    [C] [Hewlett-Packard Co., 000.0.000.000]

    [C] [Hewlett-Packard Co., 130.0.362.000]

    [C] [Hewlett-Packard Co., 130.0.374.000]

    [C] [Hewlett-Packard Co., 130.0.80.000]

    [C] [Hewlett-Packard Co., 130.0.80.000]

    [C] [Hewlett-Packard Co., 130.0.372.000]

    [C] [Hewlett-Packard Co., 130.0.372.000]

    [C] [Hewlett-Packard Co., 130.0.374.000]

[PID][C] [Ralink Technology, Corp., 1, 0, 6, 0]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Meetinghouse Data Communications, 3, 3, 3, 0]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID][C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

[PID][C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

[PID][C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [c] [Hewlett-Packard Co., 130.0.372.000]

    [c] [Hewlett-Packard Co., 130.0.372.000]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [c] [Hewlett-Packard Co., 130.0.80.000]

    [C] [Microsoft Corporation, 3.1.4001.5512]

    [C] [Hewlett-Packard Co., 130.0.80.000]

    [C] [Hewlett-Packard Co., 130.0.80.000]

[PID][C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [c] [Hewlett-Packard, 12,1,3,21]

[PID][C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [c] [Hewlett-Packard, 12,1,3,21]

[PID][C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

[PID][C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

[PID][C] [Hewlett-Packard Co., 130.0.373.000]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 3.1.4001.5512]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C] [Hewlett-Packard Co., 130.0.80.000]

    [C] [Hewlett-Packard Co., 130.0.80.000]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [C] [Hewlett-Packard, 12,1,3,21]

    [C] [Hewlett-Packard Co., 130.0.373.000]

    [C] [Hewlett-Packard, 130.0.14.016]

    [C] [Hewlett-Packard Co., 130.0.373.000]

    [C] [Hewlett-Packard Co., 130.0.373.000]

    [C] [Hewlett-Packard Co., 130.0.373.000]

    [C] [Hewlett-Packard Co., 130.0.80.000]

    [C] [Hewlett-Packard Co., 130.0.373.000]

    [C] [Hewlett-Packard Co., 130.0.373.000]

[PID][C] [Hewlett-Packard Co., 130.0.80.000]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 3.1.4001.5512]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID][C] [Hewlett-Packard, 130.0.14.016]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C] [Microsoft Corporation, 3.1.4001.5512]

    [C] [Hewlett Packard, 130.0.16.011]

    [C] [Hewlett-Packard, 130.0.14.016]

[PID][C] [Piriform Ltd, 1, 11, 0, 148]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [N/A,]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]

[PID][C] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [c] [N/A,]

    [C] [Microsoft Corporation, 3.1.4001.5512]

[PID][C] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C] [Microsoft Corporation, 3.1.4001.5512]

    [C] [Hewlett-Packard Co., 130.1.027107]

    [C] [Hewlett-Packard Co., 130.1.027107]

    [C] [Hewlett-Packard Co., 130.1.027107]

    [C] [Microsoft Corporation, 8.00.50727.4053]

    [C] [Hewlett-Packard Co., 130.1.027107]

    [C] [Hewlett-Packard Co., 130.1.027107]

    [C] [Mozilla Foundation, 8.00.0000]

    [C] [Mozilla Foundation, 1.9.0.8]

    [C] [sqlite.org, 3.5.9]

    [C] [Netscape Communications Corporation, 4.0]

    [C] [Mozilla Foundation, 4.7.3]

    [C] [Mozilla Foundation, 3.12.2.0 Basic ECC]

    [C] [Mozilla Foundation, 3.12.2.0 Basic ECC]

    [C] [Mozilla Foundation, 3.12.2.0 Basic ECC]

    [C] [Mozilla Foundation, 4.7.3]

    [C] [Mozilla Foundation, 4.7.3]

    [C] [Mozilla Foundation, 3.12.2.0 Basic ECC]

    [c] [N/A,]

    [C] [Mozilla Foundation, 1.9.0.8]

    [C] [Hewlett-Packard Co., 130.1.027107]

    [C] [Hewlett-Packard Co., 130.1.027107]

    [C] [Hewlett-Packard Co., 130.1.027107]

    [C] [Hewlett-Packard Co., 130.1.027107]

    [C] [Hewlett-Packard Co., 130.1.027107]

    [C] [Hewlett-Packard Co., 130.1.027107]

    [C] [Hewlett-Packard Co., 130.1.027107]

    [C] [Hewlett-Packard Co., 130.1.027107]

    [C] [Hewlett-Packard Co., 130.1.027107]

    [C] [Microsoft Corporation, 2.0.50727.3603 (GDR.050727-3600)]

    [C] [, 1.1.0.0]

    [C] [, 1.1.0.0]

    [C] [, 1.1.0.0]

    [C] [, 1.1.0.0]

    [C] [Kaspersky Lab, 8.0.0.369]

    [C] [Google Inc., 5, 4, 4525, 1752]

    [C] [Sun Microsystems, Inc., 6.0.130.3]

    [C] [Microsoft Corporation, 7.10.3052.4]

    [C] [Sun Microsystems, Inc., 6.0.130.3]

    [C] [A Part of the LessCliX Suite by Alianyn, 1.1.0.4]

    [C] [Hewlett-Packard Co., 130.1.027107]

    [C] [Kaspersky Lab, 8.0.0.357]

    [C] [Kaspersky Lab, 8.0.0.357]

    [C] [Kaspersky Lab, 8.0.0.357]

    [C] [Kaspersky Lab, 8.0.0.357]

    [C] [Kaspersky Lab, 8.0.0.357]

    [c] [Kaspersky Lab, 8.0.0.357]

    [c] [Kaspersky Lab, 8.0.0.357]

    [c] [Kaspersky Lab, 8.0.0.369]

[PID][C] [Hewlett-Packard Co., 130.1.027107]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [O&K Software, 1.9.9.1732]

    [C] [Microsoft Corporation, 5.82 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C] [Microsoft Corporation, 3.1.4001.5512]

[PID][C] [Smallfrogs Studio, 2.8.2.1321]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

[PID][C] [Smallfrogs Studio, 2.8.2.1321]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C] [Smallfrogs Studio, 2, 1, 0, 15]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]


==================================

File Associations

.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]

.EXE OK. ["%1" %*]

.COM OK. ["%1" %*]

.PIF OK. ["%1" %*]

.REG OK. [regedit.exe "%1"]

.BAT OK. ["%1" %*]

.SCR OK. ["%1" /S]

.CHM OK. ["C:\WINDOWS\hh.exe" %1]

.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]

.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]

.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]

.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]

.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]

.LNK OK. [{00021401-0000-0000-C000-000000000046}]


==================================

Winsock Provider

N/A


==================================

Autorun.Inf

N/A


==================================

HOSTS File

127.0.0.1 localhost


==================================

Process Privileges Scan

Special Privileges Enabled: SeLoadDriverPrivilege [PID = 340, C:\WINDOWS\EXPLORER.EXE]

Special Privileges Enabled: SeLoadDriverPrivilege [PID = 872, C:\WINDOWS\RAUI.EXE]

Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3184, C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQSTE08.EXE]

Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3324, C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQBAM08.EXE]

Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3520, C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQGPC01.EXE]


==================================

Scheduled Tasks

[Enabled] {66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

        C:\DOCUME~1\Darek\Ustawienia lokalne\Temp\Qhn.exe 

[Enabled] {35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

        C:\WINDOWS\msb.exe 

[Enabled] Defraggler Volume C Task.job

        C:\Program Files\Defraggler\df.exe 


==================================

Windows Security Update Check

 Polski pakiet językowy dla platformy Microsoft .NET Framework w wersji 1.1 

KB829019, Pakiet językowy dla platformy Microsoft .NET Framework 2.0: x86 (KB829019) 

KB940157, Usługa wyszukiwania systemu Windows 4.0 dla systemu Windows XP (KB940157) 

KB928416, Microsoft .NET Framework 3.0: pakiet językowy dla komputerów z procesorem x86 (KB928416) 

KB909520, Pakiet Podstawowy dostawca usług kryptograficznych dla kart inteligentnych firmy Microsoft: x86 (KB909520) 

KB963663, Aktualizacja Pomocy programu Microsoft Office Access 2007 (KB963663) 

KB963673, Aktualizacja Pomocy dla najczęściej używanych funkcji pakietu Microsoft Office 2007 (KB963673) 

KB963667, Aktualizacja Pomocy programu Microsoft Office Publisher 2007 (KB963667) 

KB963671, Aktualizacja Pomocy programu Microsoft Script Editor (KB963671) 

KB963678, Aktualizacja Pomocy programu Microsoft Office Excel 2007 (KB963678) 

KB963677, Aktualizacja Pomocy programu Microsoft Office Outlook 2007 (KB963677) 

KB963669, Aktualizacja Pomocy programu Microsoft Office PowerPoint 2007 (KB963669) 

KB963665, Aktualizacja Pomocy programu Microsoft Office Word 2007 (KB963665) 

KB951847, Pakiet językowy dla programu Microsoft .NET Framework 3.5 z dodatkiem Service Pack 1 (KB951847): procesory x86 

KB951847, Dodatek Office Live 1.4 

KB974331, Microsoft Silverlight (KB974331) 

KB974331, Podstawowe programy Windows Live 

KB953297, Aktualizacja zabezpieczeń programu Microsoft .NET Framework 1.1 z dodatkiem SP1 w systemach Windows 2000, Windows XP, Windows Vista, Windows Server 2008, Windows 7 i Windows Server 2008 R2 (KB953297) MS09-061

KB975364, Aktualizacja listy widoku zgodności programu Internet Explorer 8 dla systemu Windows XP (KB975364) 

KB931125, Aktualizacja certyfikatów głównych (KB931125) [listopad 2009] 

KB974561, Aktualizacja programu Microsoft Office Word 2007 (KB974561) 

KB971513, Aktualizacja dla systemu Windows XP (KB971513) 


==================================

API HOOK

N/A


==================================

Hidden Process

N/A


==================================

(Gutek) #5

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=253052

Uruchom System Repair Engineer zakładka System Repair >> Browser Add-ons >> odszukaj i usuń

Gdzie log z OTL?


(Darek972) #6

Log OTL >

http://wklejto.pl/54637