Wojtek01 Opublikowano 24 Stycznia 2011 Zgłoś Udostępnij Opublikowano 24 Stycznia 2011 Witam! Mam problem z laptopem, a mianowicie nie mogę dostać się na stronę wykorzystującą protokół SSL. Kiedy wejdę na stronę o przedrostku https to wyświetla się komunikat Połączenie zostało przerwane lub Połączenie zostało zresetowane. Ponadto w chili kliknięcia "Sprawdź aktualizacje" systemu Windows wyskakuje komunikat z błędem Kod 80072EFE. A w Windows Defender po sprawdzeniu czy są aktualizacje wyskakuje błąd kod: 0x80072efe. Dodam, że korzystam z antywirusa ESET NOD32 Antivirus 3.0.667.0. Raporty: W chili skanowania GMER'em wyskoczył komunikat: Program g0ooqevl.exe przestał działać. Program przestał działać poprawnie z powodu wystąpienia problemu. System Windows zamknie program i powiadomi Cię, jeśli istnieje dostępne rozwiązanie. A tutaj logi Z OTL: Extras OTL Extras logfile created on: 2011-01-24 14:08:46 - Run 1 OTL by OldTimer - Version 3.2.20.5 Folder = C:\Users\Właściciel\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18882) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 253,00 Gb Total Space | 155,61 Gb Free Space | 61,51% Space Free | Partition Type: NTFS Drive D: | 30,08 Gb Total Space | 29,99 Gb Free Space | 99,70% Space Free | Partition Type: NTFS Computer Name: WŁAŚCICIEL-PC | User Name: Właściciel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3032905125-3497321486-1086572533-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "TCP Query User{3E389789-EC86-43D3-899F-C57A54ED8CBD}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{4DE1E077-DF27-46DC-91FC-CB5D28819806}C:\program files\nowe gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe | "UDP Query User{6C256067-A12C-4CDB-9D9B-C7E69AFA2A24}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{7F323C8C-765C-40EE-86D2-8129B12666B4}C:\program files\nowe gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\program files\nowe gadu-gadu\gg.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = Lenovo Bluetooth with Enhanced Data Rate Software 6.1.0.5100 "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 21 "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 4.0 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom WLAN "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{9E325417-AE9C-4EE1-A158-13DF451A5987}" = Broadcom Gigabit Integrated Controller "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2 "{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management "{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}" = SpeedTouch USB Software "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{EC9E8EAA-2F25-4265-A77B-DA3AE3FF8EC3}" = ESET NOD32 Antivirus "{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}" = Lenovo EasyCamera "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V3.X "CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program "CanonMyPrinter" = Canon Utilities My Printer "CanonSolutionMenu" = Canon Utilities Solution Menu "CNXT_AUDIO_HDA" = Conexant HD Audio "EasyCapture3.5" = EasyCapture "Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX "Easy-WebPrint EX" = Canon Easy-WebPrint EX "Eset NOD32 v3.0.642 FiX1.2 by TemDono_is1" = NOD32 v3.0.642 FiX1.2 by TemDono (31 days remaining forever up "Gadu-Gadu 10" = Gadu-Gadu 10 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "HDMI" = Intel® Graphics Media Accelerator Driver "InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery "ipla" = ipla 2.1.2 "KLiteCodecPack_is1" = K-Lite Codec Pack 3.8.5 Full "Mario_Forever Toolbar" = Mario_Forever Toolbar "Mozilla Firefox (3.6)" = Mozilla Firefox (3.6) "MP Navigator EX 3.0" = Canon MP Navigator EX 3.0 "PhotoScape" = PhotoScape "PLAY ONLINE" = PLAY ONLINE "RealAlt_is1" = Real Alternative 1.9.0 "Rejestracja użytkownika drukarki Canon MP250 series" = Rejestracja użytkownika drukarki Canon MP250 series "Super Mario 3 : Mario Forever" = Super Mario 3 : Mario Forever "VeriFace" = VeriFace "WinRAR archiver" = Archiwizator WinRAR ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 2011-01-17 08:42:36 | Computer Name = Właściciel-PC | Source = RasClient | ID = 20227 Description = Error - 2011-01-18 16:27:20 | Computer Name = Właściciel-PC | Source = RasClient | ID = 20227 Description = Error - 2011-01-18 16:27:23 | Computer Name = Właściciel-PC | Source = RasClient | ID = 20227 Description = Error - 2011-01-18 16:27:26 | Computer Name = Właściciel-PC | Source = RasClient | ID = 20227 Description = Error - 2011-01-18 16:27:29 | Computer Name = Właściciel-PC | Source = RasClient | ID = 20227 Description = Error - 2011-01-18 16:27:34 | Computer Name = Właściciel-PC | Source = RasClient | ID = 20227 Description = Error - 2011-01-20 09:56:49 | Computer Name = Właściciel-PC | Source = RasClient | ID = 20227 Description = Error - 2011-01-20 16:54:46 | Computer Name = Właściciel-PC | Source = WinMgmt | ID = 10 Description = Error - 2011-01-21 02:13:15 | Computer Name = Właściciel-PC | Source = RasClient | ID = 20227 Description = Error - 2011-01-21 09:02:08 | Computer Name = Właściciel-PC | Source = RasClient | ID = 20227 Description = [ System Events ] Error - 2010-04-26 09:13:52 | Computer Name = Właściciel-PC | Source = HTTP | ID = 15016 Description = Error - 2010-04-26 09:14:00 | Computer Name = Właściciel-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2010-04-26 09:14:00 | Computer Name = Właściciel-PC | Source = Service Control Manager | ID = 7009 Description = Error - 2010-04-26 09:14:00 | Computer Name = Właściciel-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2010-04-26 09:14:17 | Computer Name = Właściciel-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2010-04-27 03:15:23 | Computer Name = Właściciel-PC | Source = HTTP | ID = 15016 Description = Error - 2010-04-27 03:15:31 | Computer Name = Właściciel-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2010-04-27 03:15:31 | Computer Name = Właściciel-PC | Source = Service Control Manager | ID = 7009 Description = Error - 2010-04-27 03:15:31 | Computer Name = Właściciel-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2010-04-27 03:15:50 | Computer Name = Właściciel-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = < End of report > OTL OTL logfile created on: 2011-01-24 14:08:46 - Run 1 OTL by OldTimer - Version 3.2.20.5 Folder = C:\Users\Właściciel\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18882) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 253,00 Gb Total Space | 155,61 Gb Free Space | 61,51% Space Free | Partition Type: NTFS Drive D: | 30,08 Gb Total Space | 29,99 Gb Free Space | 99,70% Space Free | Partition Type: NTFS Computer Name: WŁAŚCICIEL-PC | User Name: Właściciel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011-01-24 14:07:34 | 000,603,136 | ---- | M] (OldTimer Tools) -- C:\Users\Właściciel\Downloads\OTL.exe PRC - [2010-03-11 23:14:00 | 011,792,992 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-02-02 22:45:50 | 014,252,952 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files\ipla\ipla.exe PRC - [2010-01-16 04:18:19 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-10-19 13:55:11 | 003,112,960 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\VeriFace\PManage.exe PRC - [2009-09-17 17:13:41 | 000,670,264 | ---- | M] (Conexant Systems, Inc) -- C:\Program Files\CONEXANT\SAII\SmartAudio.exe PRC - [2009-05-04 13:17:56 | 005,064,520 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe PRC - [2009-04-23 15:49:38 | 004,097,864 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe PRC - [2009-03-23 18:00:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE PRC - [2009-02-10 08:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe PRC - [2008-12-17 14:52:40 | 000,036,480 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe PRC - [2008-12-17 12:56:34 | 000,429,696 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe PRC - [2008-12-09 16:44:24 | 002,532,648 | ---- | M] (Cyberlink) -- C:\Program Files\Lenovo\Power2Go\Power2GoExpress.exe PRC - [2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008-08-26 11:55:32 | 000,752,168 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe PRC - [2008-08-26 11:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe PRC - [2008-06-10 18:53:54 | 000,468,224 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2008-06-10 18:52:30 | 001,447,168 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2008-01-21 03:24:02 | 000,498,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IgrsSvcs.exe PRC - [2008-01-21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2004-01-26 11:38:38 | 000,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe ========== Modules (SafeList) ========== MOD - [2011-01-24 14:07:34 | 000,603,136 | ---- | M] (OldTimer Tools) -- C:\Users\Właściciel\Downloads\OTL.exe MOD - [2008-08-26 11:54:44 | 000,208,896 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\BtMmHook.dll MOD - [2008-01-21 03:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2009-02-10 08:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC) SRV - [2008-12-17 14:52:40 | 000,036,480 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS) SRV - [2008-12-06 05:42:11 | 000,376,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc) SRV - [2008-08-26 11:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins) SRV - [2008-06-10 18:59:18 | 000,019,200 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2008-06-10 18:53:54 | 000,468,224 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IgrsSvcs.exe -- (ReadyComm.DirectRouter) SRV - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IgrsSvcs.exe -- (PS_MDP) SRV - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\IgrsSvcs.exe -- (IncSvc) SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2006-11-02 10:45:35 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\regedt32.exe -- (NOD32FiXTemDono) ========== Driver Services (SafeList) ========== DRV - [2009-10-19 13:44:19 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2009-10-19 13:36:40 | 000,048,192 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\funfrm.sys -- (funfrm) DRV - [2009-09-17 19:51:31 | 000,169,008 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2009-09-17 18:15:13 | 000,017,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid) DRV - [2009-09-17 18:10:26 | 000,029,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap) DRV - [2009-09-17 18:10:16 | 000,100,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt) DRV - [2009-09-17 18:10:03 | 000,081,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio) DRV - [2009-09-17 17:16:17 | 000,460,800 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService) DRV - [2009-09-17 15:50:04 | 000,112,128 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel® DRV - [2009-09-17 15:25:17 | 002,476,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx) DRV - [2009-09-16 18:00:46 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM) DRV - [2009-09-10 13:55:58 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009-07-24 14:51:38 | 000,101,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev) DRV - [2009-04-13 20:34:36 | 000,164,608 | ---- | M] (SMI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SMIksdrv.sys -- (usbsmi) DRV - [2009-02-19 11:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV) DRV - [2009-02-19 11:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI) DRV - [2009-02-19 11:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW) DRV - [2009-02-19 11:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV) DRV - [2009-02-19 11:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS) DRV - [2009-02-14 07:23:00 | 000,016,200 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\LenovoVCD.sys -- (LenovoVCD) DRV - [2009-01-06 04:50:42 | 000,014,848 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC) DRV - [2008-12-17 14:50:56 | 000,008,832 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Wdkbdmou.sys -- (Wdkbdmou) DRV - [2008-12-17 12:58:38 | 000,008,832 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror) DRV - [2008-10-22 19:41:00 | 000,223,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2008-09-10 18:18:40 | 001,326,584 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX) DRV - [2008-06-10 18:56:10 | 000,034,312 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2008-06-10 18:48:38 | 000,053,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\easdrv.sys -- (easdrv) DRV - [2008-06-10 18:47:42 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon) DRV - [2008-01-21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008-01-21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008-01-21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008-01-21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008-01-21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008-01-21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008-01-21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008-01-21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008-01-21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008-01-21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2008-01-21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008-01-21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008-01-21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008-01-21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008-01-21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008-01-21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008-01-21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008-01-21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008-01-21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008-01-21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008-01-21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008-01-21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008-01-21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2008-01-10 09:59:08 | 000,081,192 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD) DRV - [2007-05-23 15:33:58 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr) DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2003-12-08 11:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN) DRV - [2003-12-08 11:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\alcaudsl.sys -- (alcaudsl) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com IE - HKLM\..\URLSearchHook: {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files\Mario_Forever\tbMari.dll (Conduit Ltd.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3032905125-3497321486-1086572533-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com IE - HKU\S-1-5-21-3032905125-3497321486-1086572533-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2247187 IE - HKU\S-1-5-21-3032905125-3497321486-1086572533-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-3032905125-3497321486-1086572533-1001\..\URLSearchHook: {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files\Mario_Forever\tbMari.dll (Conduit Ltd.) IE - HKU\S-1-5-21-3032905125-3497321486-1086572533-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..network.proxy.type: 5 FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-03-12 20:35:48 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-08-10 23:17:23 | 000,000,000 | ---D | M] [2010-02-06 12:55:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Właściciel\AppData\Roaming\mozilla\Extensions [2011-01-24 13:46:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Właściciel\AppData\Roaming\mozilla\Firefox\Profiles\fxo8s2db.default\extensions [2010-06-26 13:16:01 | 000,000,000 | ---D | M] (Mario Forever Toolbar) -- C:\Users\Właściciel\AppData\Roaming\mozilla\Firefox\Profiles\fxo8s2db.default\extensions\{707db484-2428-402d-afb5-d85b387544c7} [2010-08-10 23:17:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-08-10 23:17:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-07-17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2009-11-16 16:23:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npganymedenet.dll [2010-01-16 02:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-01-16 02:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-01-16 02:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-01-16 02:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-01-16 02:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-01-16 02:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (Mario Forever Toolbar) - {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files\Mario_Forever\tbMari.dll (Conduit Ltd.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (Mario Forever Toolbar) - {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files\Mario_Forever\tbMari.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKU\S-1-5-21-3032905125-3497321486-1086572533-1001\..\Toolbar\WebBrowser: (Mario Forever Toolbar) - {707DB484-2428-402D-AFB5-D85B387544C7} - C:\Program Files\Mario_Forever\tbMari.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3032905125-3497321486-1086572533-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4 - HKLM..\Run: [speedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium) O4 - HKLM..\Run: [unattend0000000001{70EB91E7-FAAB-44A4-BA19-C0A45B228BC0}] File not found O4 - HKLM..\Run: [updateP2GShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFace\PManage.exe (Lenovo) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-3032905125-3497321486-1086572533-1001..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-3032905125-3497321486-1086572533-1001..\Run: [iPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) O4 - HKU\S-1-5-21-3032905125-3497321486-1086572533-1001..\Run: [Power2GoExpress] C:\Program Files\Lenovo\Power2Go\Power2GoExpress.exe (Cyberlink) O4 - HKU\S-1-5-21-3032905125-3497321486-1086572533-1001..\Run: [ReadyComm] C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe (Lenovo Group Limited) O4 - HKU\S-1-5-21-3032905125-3497321486-1086572533-1001..\Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.159.1 194.204.152.34 O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img20.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img20.jpg O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{2fe6a32e-c107-11df-b148-9a3f7db59528}\Shell - "" = AutoRun O33 - MountPoints2\{2fe6a32e-c107-11df-b148-9a3f7db59528}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{2fe6a33b-c107-11df-b148-8af3a1336ad9}\Shell - "" = AutoRun O33 - MountPoints2\{2fe6a33b-c107-11df-b148-8af3a1336ad9}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-12-27 20:41:35 | 000,000,000 | ---D | C] -- C:\Plugins ========== Files - Modified Within 30 Days ========== [2011-01-24 14:04:13 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-01-24 14:04:13 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-01-24 13:57:22 | 000,662,056 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-01-24 13:57:22 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-01-24 13:57:22 | 000,126,908 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-01-24 13:57:22 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-01-24 13:54:06 | 000,002,089 | ---- | M] () -- C:\Users\Właściciel\AppData\Local\TempNG3568.html [2011-01-24 13:54:05 | 000,002,432 | ---- | M] () -- C:\Users\Właściciel\AppData\Local\TempXz3568.html [2011-01-24 13:53:43 | 000,000,915 | ---- | M] () -- C:\Users\Właściciel\Desktop\Cyberlink Power2Go.lnk [2011-01-24 13:53:02 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat [2011-01-24 13:53:00 | 3179,913,216 | -HS- | M] () -- C:\hiberfil.sys [2011-01-24 13:52:05 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011-01-09 00:22:04 | 000,024,576 | ---- | M] () -- C:\Users\Właściciel\Documents\bezsens.doc [2011-01-08 14:21:41 | 000,036,352 | ---- | M] () -- C:\Users\Właściciel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-01-02 12:57:35 | 212,531,577 | ---- | M] () -- C:\Windows\MEMORY.DMP ========== Files Created - No Company Name ========== [2011-01-24 13:54:06 | 000,002,089 | ---- | C] () -- C:\Users\Właściciel\AppData\Local\TempNG3568.html [2011-01-24 13:54:05 | 000,002,432 | ---- | C] () -- C:\Users\Właściciel\AppData\Local\TempXz3568.html [2011-01-08 20:19:36 | 000,024,576 | ---- | C] () -- C:\Users\Właściciel\Documents\bezsens.doc [2010-06-06 08:35:48 | 000,002,432 | ---- | C] () -- C:\Users\Właściciel\AppData\Local\Tempdi3516.html [2010-06-06 08:35:48 | 000,002,089 | ---- | C] () -- C:\Users\Właściciel\AppData\Local\TempMI3516.html [2010-03-24 20:02:50 | 000,000,952 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys [2010-02-18 11:32:17 | 000,002,432 | ---- | C] () -- C:\Users\Właściciel\AppData\Local\TempoH3356.html [2010-02-18 11:32:17 | 000,002,089 | ---- | C] () -- C:\Users\Właściciel\AppData\Local\TempeM3356.html [2010-02-17 19:17:22 | 000,002,432 | ---- | C] () -- C:\Users\Właściciel\AppData\Local\Tempog5788.html [2010-02-17 19:17:22 | 000,002,089 | ---- | C] () -- C:\Users\Właściciel\AppData\Local\TempPP5788.html [2010-02-07 16:53:42 | 000,002,432 | ---- | C] () -- C:\Users\Właściciel\AppData\Local\TempbG3656.html [2010-02-07 16:53:42 | 000,002,089 | ---- | C] () -- C:\Users\Właściciel\AppData\Local\TempCG3656.html [2010-02-06 16:43:33 | 000,005,606 | ---- | C] () -- C:\Windows\System32\stci.dll [2010-02-06 13:20:10 | 000,036,352 | ---- | C] () -- C:\Users\Właściciel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-10-19 13:55:25 | 001,404,928 | ---- | C] () -- C:\Windows\System32\IcnOvrly.dll [2009-10-19 13:55:25 | 000,655,360 | ---- | C] () -- C:\Windows\System32\EncIcons.dll [2009-10-19 13:55:25 | 000,507,904 | ---- | C] () -- C:\Windows\System32\SimpleExt.dll [2009-10-19 13:55:23 | 002,101,248 | ---- | C] () -- C:\Windows\System32\Apblend.dll [2009-10-19 13:36:40 | 000,057,344 | ---- | C] () -- C:\Windows\AsfHelper.dll [2009-10-19 13:36:40 | 000,048,192 | ---- | C] () -- C:\Windows\System32\drivers\funfrm.sys [2009-10-19 13:36:28 | 000,241,664 | ---- | C] () -- C:\Windows\System32\3DImageRenderer.dll [2009-10-19 13:03:12 | 000,016,200 | ---- | C] () -- C:\Windows\System32\drivers\LenovoVCD.sys [2009-10-19 12:52:36 | 000,172,032 | ---- | C] () -- C:\Windows\System32\SM37XCoInst.dll [2009-10-19 12:37:05 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll [2009-10-19 12:36:27 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1591.dll [2009-10-19 12:28:39 | 000,000,680 | ---- | C] () -- C:\Users\Właściciel\AppData\Local\d3d9caps.dat [2009-07-31 16:02:51 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2009-07-31 15:53:34 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009-07-31 15:53:31 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009-07-31 15:53:31 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009-07-31 15:53:30 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2009-07-31 15:53:29 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2008-12-17 14:50:56 | 000,008,832 | ---- | C] () -- C:\Windows\System32\drivers\Wdkbdmou.sys [2008-08-26 11:54:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll [2008-06-10 18:56:10 | 000,034,312 | ---- | C] () -- C:\Windows\System32\drivers\epfwtdir.sys [2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2003-04-08 10:40:22 | 000,005,679 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI [2001-11-14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll ========== LOP Check ========== [2010-02-15 13:12:57 | 000,000,000 | ---D | M] -- C:\Users\Właściciel\AppData\Roaming\Canon [2009-10-19 14:07:01 | 000,000,000 | ---D | M] -- C:\Users\Właściciel\AppData\Roaming\EasyCapture [2010-02-18 11:47:10 | 000,000,000 | ---D | M] -- C:\Users\Właściciel\AppData\Roaming\Gadu-Gadu 10 [2010-02-10 19:14:22 | 000,000,000 | ---D | M] -- C:\Users\Właściciel\AppData\Roaming\GanymedeNet [2011-01-24 13:53:40 | 000,000,000 | ---D | M] -- C:\Users\Właściciel\AppData\Roaming\ipla [2009-10-19 13:49:53 | 000,000,000 | ---D | M] -- C:\Users\Właściciel\AppData\Roaming\Lenovo [2010-02-06 22:09:56 | 000,000,000 | ---D | M] -- C:\Users\Właściciel\AppData\Roaming\Nowe Gadu-Gadu [2010-02-17 19:22:02 | 000,000,000 | ---D | M] -- C:\Users\Właściciel\AppData\Roaming\Tlen.pl [2011-01-24 13:52:05 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Odnośnik do komentarza
picasso Opublikowano 24 Stycznia 2011 Zgłoś Udostępnij Opublikowano 24 Stycznia 2011 W raportach z OTL nie widać znaków infekcji. Jednakże nie została tu wykonana weryfikacja na okoliczność rootkitów. Podsumowując co widzę w OTL: do deinstalacji szczątki Symantec i zbędnik Mario Forever Toolbar, oraz zastrzeżenia do zabezpieczeń, czyli stary NOD i brak SP2: Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstationInternet Explorer (Version = 8.0.6001.18882) Spróbuj pobrać SP2 z ominięciem metody Windows Update i zainstalować z dysku: KB935791 (Metoda 3). Mam problem z laptopem, a mianowicie nie mogę dostać się na stronę wykorzystującą protokół SSL. Kiedy wejdę na stronę o przedrostku https to wyświetla się komunikat Połączenie zostało przerwane lub Połączenie zostało zresetowane. Ponadto w chili kliknięcia "Sprawdź aktualizacje" systemu Windows wyskakuje komunikat z błędem Kod 80072EFE. A w Windows Defender po sprawdzeniu czy są aktualizacje wyskakuje błąd kod: 0x80072efe. Owszem, taki błąd Windows Update może produkować rootkit TDL (KLIK), choć nie tylko infekcja prowadzi do tego (właśnie na odwrót: oprogramowanie zabezpieczające). 1. Wstępnie uruchom Kaspersky TDSSKiller i wytwórz raport w trybie nienaprawczym, czyli jeśli coś zostanie znalezione, dobierz akcję Skip i tylko zaprezentuj raport. 2. Sprawdź wpływ oprogramowania zabezpieczającego: Obecne liczne sterowniki Symantec, sugerujące nieprawidłową deinstalację zintegrowanego oprogramowania OEM. Wyczyść po tym programie za pomocą narzędzia Norton Removal Tool. Nie jest wykluczony NOD jako przyczyna. 3. Dołączam i artykuł Microsoftu: KB836941. Zastanowiła mnie jedna rzecz, w OTL ustawionym w stanie filtrowania jest widoczna usługa Windows, która nie powinna być widziana, a ścieżka jest prezentowana w obcięty sposób: SRV - [2008-12-06 05:42:11 | 000,376,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc) Powinna się pokazać pełna: SRV - [2009-08-24 12:36:45 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\winhttp.dll -- (WinHttpAutoProxySvc) Na razie to zostawiam. Wykonaj: odczyt z TDSSKiller, sprzątanie po Symantec i weryfikację NOD oraz przerób artykuł MS. . Odnośnik do komentarza
Wojtek01 Opublikowano 24 Stycznia 2011 Autor Zgłoś Udostępnij Opublikowano 24 Stycznia 2011 Ale jak odinstalowałem NODa i zainstalowałem avasta to internet nie działał (brak połączenia z siecią). Odnośnik do komentarza
picasso Opublikowano 24 Stycznia 2011 Zgłoś Udostępnij Opublikowano 24 Stycznia 2011 Przypominam, że są tu sterowniki Symantec w stanie czynnym (i powinny być filtry na urządzeniach sieciowych). Mogłeś doprowadzić do konfliktu urządzeń. DRV - [2009-10-19 13:44:19 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)DRV - [2009-09-16 18:00:46 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)DRV - [2009-02-19 11:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)DRV - [2009-02-19 11:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)DRV - [2009-02-19 11:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)DRV - [2009-02-19 11:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)DRV - [2009-02-19 11:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS) Na początek wysprzątaj system według opisywanych kroków i nie kombinuj na razie z instalacjami innych antywirusów. . Odnośnik do komentarza
Wojtek01 Opublikowano 27 Stycznia 2011 Autor Zgłoś Udostępnij Opublikowano 27 Stycznia 2011 (edytowane) Bardzo Ci dziękuję picasso po zastosowaniu programu Norton Removal Tool wszystkie opisane problemy ustąpiły A oto raport z Kaspersky TDSSKiller - nic nie znaleziono 2011/01/27 16:18:13.0612 TDSS rootkit removing tool 2.4.15.0 Jan 22 2011 19:37:53 2011/01/27 16:18:13.0612 ================================================================================ 2011/01/27 16:18:13.0612 SystemInfo: 2011/01/27 16:18:13.0612 2011/01/27 16:18:13.0612 OS Version: 6.0.6001 ServicePack: 1.0 2011/01/27 16:18:13.0612 Product type: Workstation 2011/01/27 16:18:13.0612 ComputerName: WŁAŚCICIEL-PC 2011/01/27 16:18:13.0612 UserName: Właściciel 2011/01/27 16:18:13.0612 Windows directory: C:\Windows 2011/01/27 16:18:13.0612 System windows directory: C:\Windows 2011/01/27 16:18:13.0612 Processor architecture: Intel x86 2011/01/27 16:18:13.0612 Number of processors: 2 2011/01/27 16:18:13.0612 Page size: 0x1000 2011/01/27 16:18:13.0612 Boot type: Normal boot 2011/01/27 16:18:13.0612 ================================================================================ 2011/01/27 16:18:14.0517 Initialize success 2011/01/27 16:18:26.0310 ================================================================================ 2011/01/27 16:18:26.0310 Scan started 2011/01/27 16:18:26.0310 Mode: Manual; 2011/01/27 16:18:26.0310 ================================================================================ 2011/01/27 16:18:28.0760 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys 2011/01/27 16:18:28.0994 ACPIVPC (96215da5d8b131eb87c1077f52a8d10b) C:\Windows\system32\DRIVERS\AcpiVpc.sys 2011/01/27 16:18:29.0228 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 2011/01/27 16:18:29.0306 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 2011/01/27 16:18:29.0352 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 2011/01/27 16:18:29.0384 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 2011/01/27 16:18:29.0462 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys 2011/01/27 16:18:29.0508 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 2011/01/27 16:18:29.0696 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/01/27 16:18:29.0758 alcan5wn (0940030d5a5869067ccc03e3b0b8dec7) C:\Windows\system32\DRIVERS\alcan5wn.sys 2011/01/27 16:18:29.0805 alcaudsl (4c9577888c53243e2991456f510488a1) C:\Windows\system32\DRIVERS\alcaudsl.sys 2011/01/27 16:18:30.0008 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 2011/01/27 16:18:30.0070 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 2011/01/27 16:18:30.0101 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 2011/01/27 16:18:30.0132 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 2011/01/27 16:18:30.0164 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 2011/01/27 16:18:30.0210 ApfiltrService (0f83cb9bcb247869bcad28026b8f134b) C:\Windows\system32\DRIVERS\Apfiltr.sys 2011/01/27 16:18:30.0257 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 2011/01/27 16:18:30.0304 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 2011/01/27 16:18:30.0382 aswFsBlk (cba53c5e29ae0a0ce76f9a2be3a40d9e) C:\Windows\system32\drivers\aswFsBlk.sys 2011/01/27 16:18:30.0491 aswMonFlt (317f85fb68a3be507e9ccede5e6d9ee0) C:\Windows\system32\drivers\aswMonFlt.sys 2011/01/27 16:18:30.0585 aswRdr (b6e8c5874377a42756c282fac2e20836) C:\Windows\system32\drivers\aswRdr.sys 2011/01/27 16:18:30.0756 aswSP (b93a553c9b0f14263c8f016a44c3258c) C:\Windows\system32\drivers\aswSP.sys 2011/01/27 16:18:30.0944 aswTdi (1408421505257846eb336feeef33352d) C:\Windows\system32\drivers\aswTdi.sys 2011/01/27 16:18:30.0990 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/01/27 16:18:31.0022 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys 2011/01/27 16:18:31.0115 b57nd60x (32130fa152cf12ee17eb0673d411b801) C:\Windows\system32\DRIVERS\b57nd60x.sys 2011/01/27 16:18:31.0209 BCM43XX (142f6d053da0d7a53a3b70d25907335e) C:\Windows\system32\DRIVERS\bcmwl6.sys 2011/01/27 16:18:31.0334 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/01/27 16:18:31.0412 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 2011/01/27 16:18:31.0443 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 2011/01/27 16:18:31.0490 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/01/27 16:18:31.0521 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/01/27 16:18:31.0583 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/01/27 16:18:31.0614 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/01/27 16:18:31.0646 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/01/27 16:18:31.0677 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/01/27 16:18:31.0739 BthEnum (cce53afc28347cc18ea139972e5b5e5a) C:\Windows\system32\DRIVERS\BthEnum.sys 2011/01/27 16:18:31.0817 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/01/27 16:18:31.0880 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 2011/01/27 16:18:32.0145 BTHPORT (ac8a1689d5efc4d214201155a78d8f4b) C:\Windows\system32\Drivers\BTHport.sys 2011/01/27 16:18:32.0394 BTHUSB (288c1f74e3e2eed6c7b54eb3aac70856) C:\Windows\system32\Drivers\BTHUSB.sys 2011/01/27 16:18:32.0472 btwaudio (463483285b2d2d345443aaee7b9391e7) C:\Windows\system32\drivers\btwaudio.sys 2011/01/27 16:18:32.0550 btwavdt (4f82b6173ef8637cb26cf4e73b90f172) C:\Windows\system32\drivers\btwavdt.sys 2011/01/27 16:18:33.0174 btwl2cap (ecb98391c756a7b9cfbae89d9d1235e1) C:\Windows\system32\DRIVERS\btwl2cap.sys 2011/01/27 16:18:33.0440 btwrchid (f771034f5b59a4a5054a2fa6f4e9f28b) C:\Windows\system32\DRIVERS\btwrchid.sys 2011/01/27 16:18:33.0549 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/01/27 16:18:33.0627 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys 2011/01/27 16:18:33.0658 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 2011/01/27 16:18:33.0705 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys 2011/01/27 16:18:33.0798 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/01/27 16:18:33.0845 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 2011/01/27 16:18:33.0954 CnxtHdAudService (cf93d97fb04bde224e05cb5cc87a4204) C:\Windows\system32\drivers\CHDRT32.sys 2011/01/27 16:18:34.0001 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2011/01/27 16:18:34.0032 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 2011/01/27 16:18:34.0079 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 2011/01/27 16:18:34.0142 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys 2011/01/27 16:18:34.0251 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys 2011/01/27 16:18:34.0329 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/01/27 16:18:34.0391 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys 2011/01/27 16:18:34.0454 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/01/27 16:18:34.0500 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys 2011/01/27 16:18:34.0547 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 2011/01/27 16:18:34.0641 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 2011/01/27 16:18:34.0688 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys 2011/01/27 16:18:34.0734 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys 2011/01/27 16:18:34.0766 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 2011/01/27 16:18:34.0812 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/01/27 16:18:34.0859 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/01/27 16:18:34.0922 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/01/27 16:18:34.0984 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys 2011/01/27 16:18:35.0031 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/01/27 16:18:35.0093 funfrm (f923fdea75675f5c2cc55d01e0fd2891) C:\Windows\system32\drivers\funfrm.sys 2011/01/27 16:18:35.0124 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 2011/01/27 16:18:35.0171 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 2011/01/27 16:18:35.0202 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/01/27 16:18:35.0234 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/01/27 16:18:35.0280 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/01/27 16:18:35.0374 HidUsb (e2b5bd48afcc0f0974fb44641b223250) C:\Windows\system32\DRIVERS\hidusb.sys 2011/01/27 16:18:35.0405 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 2011/01/27 16:18:35.0468 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys 2011/01/27 16:18:35.0561 hwdatacard (0515065a3c7e8869dd01253e987c5bd1) C:\Windows\system32\DRIVERS\ewusbmdm.sys 2011/01/27 16:18:35.0670 hwusbdev (ac6b4aabf92867584445d0c435b9248f) C:\Windows\system32\DRIVERS\ewusbdev.sys 2011/01/27 16:18:35.0780 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 2011/01/27 16:18:35.0842 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/01/27 16:18:35.0982 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 2011/01/27 16:18:36.0216 igfx (0391268713612372e4e0eceaadad41d5) C:\Windows\system32\DRIVERS\igdkmd32.sys 2011/01/27 16:18:36.0372 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/01/27 16:18:36.0482 IntcHdmiAddService (092a78e9c6f71bf0e22379503b90e800) C:\Windows\system32\drivers\IntcHdmi.sys 2011/01/27 16:18:36.0544 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2011/01/27 16:18:36.0591 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/01/27 16:18:36.0669 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/01/27 16:18:36.0716 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 2011/01/27 16:18:36.0762 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/01/27 16:18:36.0825 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/01/27 16:18:36.0918 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 2011/01/27 16:18:36.0981 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/01/27 16:18:37.0137 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/01/27 16:18:37.0152 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/01/27 16:18:37.0199 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/01/27 16:18:37.0246 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/01/27 16:18:37.0293 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys 2011/01/27 16:18:37.0371 LenovoVCD (c8f065ac4ff4a246119c06b73b4a1da9) C:\Windows\system32\drivers\LenovoVCD.sys 2011/01/27 16:18:37.0402 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/01/27 16:18:37.0464 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 2011/01/27 16:18:37.0511 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 2011/01/27 16:18:37.0542 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 2011/01/27 16:18:37.0574 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/01/27 16:18:37.0620 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 2011/01/27 16:18:37.0683 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 2011/01/27 16:18:37.0745 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/01/27 16:18:37.0854 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/01/27 16:18:37.0917 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/01/27 16:18:37.0964 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/01/27 16:18:38.0057 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/01/27 16:18:38.0104 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 2011/01/27 16:18:38.0151 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/01/27 16:18:38.0198 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/01/27 16:18:38.0229 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys 2011/01/27 16:18:38.0276 mrxsmb (7afc42e60432fd1014f5342f2b1b1f74) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/01/27 16:18:38.0385 mrxsmb10 (8a75752ae17924f65452746674b14b78) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/01/27 16:18:38.0416 mrxsmb20 (f4d0f3252e651f02be64984ffa738394) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/01/27 16:18:38.0478 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys 2011/01/27 16:18:38.0510 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 2011/01/27 16:18:38.0556 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/01/27 16:18:38.0634 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/01/27 16:18:38.0712 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/01/27 16:18:38.0775 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/01/27 16:18:38.0853 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/01/27 16:18:38.0884 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys 2011/01/27 16:18:38.0931 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/01/27 16:18:39.0009 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/01/27 16:18:39.0040 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys 2011/01/27 16:18:39.0102 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys 2011/01/27 16:18:39.0180 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys 2011/01/27 16:18:39.0212 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/01/27 16:18:39.0243 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/01/27 16:18:39.0290 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/01/27 16:18:39.0321 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/01/27 16:18:39.0352 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/01/27 16:18:39.0383 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys 2011/01/27 16:18:39.0446 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/01/27 16:18:39.0492 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys 2011/01/27 16:18:39.0524 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/01/27 16:18:39.0586 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys 2011/01/27 16:18:39.0664 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/01/27 16:18:39.0711 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/01/27 16:18:39.0758 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 2011/01/27 16:18:39.0789 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 2011/01/27 16:18:39.0898 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 2011/01/27 16:18:40.0132 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/01/27 16:18:40.0350 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/01/27 16:18:40.0538 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys 2011/01/27 16:18:40.0725 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/01/27 16:18:40.0818 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys 2011/01/27 16:18:40.0850 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 2011/01/27 16:18:40.0896 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/01/27 16:18:41.0021 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/01/27 16:18:41.0411 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/01/27 16:18:41.0458 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 2011/01/27 16:18:41.0536 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys 2011/01/27 16:18:41.0692 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 2011/01/27 16:18:41.0786 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/01/27 16:18:41.0817 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/01/27 16:18:41.0864 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/01/27 16:18:41.0895 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/01/27 16:18:41.0926 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/01/27 16:18:41.0957 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys 2011/01/27 16:18:41.0988 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys 2011/01/27 16:18:42.0020 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/01/27 16:18:42.0051 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 2011/01/27 16:18:42.0098 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/01/27 16:18:42.0191 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys 2011/01/27 16:18:42.0566 RFCOMM (23f486726da7a9b2f3ec7326421a9c36) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/01/27 16:18:42.0800 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/01/27 16:18:42.0893 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/01/27 16:18:43.0034 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys 2011/01/27 16:18:43.0112 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/01/27 16:18:43.0143 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2011/01/27 16:18:43.0174 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/01/27 16:18:43.0221 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/01/27 16:18:43.0268 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 2011/01/27 16:18:43.0455 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 2011/01/27 16:18:43.0642 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 2011/01/27 16:18:43.0751 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/01/27 16:18:43.0798 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 2011/01/27 16:18:43.0829 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 2011/01/27 16:18:43.0876 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 2011/01/27 16:18:43.0970 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys 2011/01/27 16:18:44.0048 smserial (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys 2011/01/27 16:18:44.0126 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/01/27 16:18:44.0172 srv (5754e8bae40943871d0ab9becbf335e8) C:\Windows\system32\DRIVERS\srv.sys 2011/01/27 16:18:44.0313 srv2 (d47b09ff7d28ee44d728f57c2d1fab86) C:\Windows\system32\DRIVERS\srv2.sys 2011/01/27 16:18:44.0375 srvnet (32d52290341a740881521e118106acd6) C:\Windows\system32\DRIVERS\srvnet.sys 2011/01/27 16:18:44.0469 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/01/27 16:18:44.0516 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/01/27 16:18:44.0547 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/01/27 16:18:44.0578 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/01/27 16:18:44.0750 Tcpip (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\drivers\tcpip.sys 2011/01/27 16:18:44.0859 Tcpip6 (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\DRIVERS\tcpip.sys 2011/01/27 16:18:45.0202 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys 2011/01/27 16:18:45.0342 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/01/27 16:18:45.0452 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/01/27 16:18:45.0561 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys 2011/01/27 16:18:45.0608 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys 2011/01/27 16:18:45.0810 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/01/27 16:18:45.0935 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/01/27 16:18:46.0029 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys 2011/01/27 16:18:46.0091 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 2011/01/27 16:18:46.0154 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys 2011/01/27 16:18:46.0356 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 2011/01/27 16:18:46.0450 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 2011/01/27 16:18:46.0497 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/01/27 16:18:46.0575 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/01/27 16:18:46.0590 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/01/27 16:18:46.0668 usbccgp (a7cd5b4adea26765cab06bdab7b07b13) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/01/27 16:18:46.0684 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/01/27 16:18:46.0731 usbehci (686d4188ae36254c3008b71fedacadf3) C:\Windows\system32\DRIVERS\usbehci.sys 2011/01/27 16:18:46.0824 usbhub (4e42f665a658f08d153f7fffe7c83806) C:\Windows\system32\DRIVERS\usbhub.sys 2011/01/27 16:18:46.0918 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/01/27 16:18:46.0980 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 2011/01/27 16:18:47.0121 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 2011/01/27 16:18:47.0620 usbsmi (78331626aebfd381bfc45966fb33cdf2) C:\Windows\system32\DRIVERS\SMIksdrv.sys 2011/01/27 16:18:47.0870 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/01/27 16:18:48.0353 usbuhci (40f95a3d6d50d82f947f1d167c2ec39d) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/01/27 16:18:48.0884 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2011/01/27 16:18:49.0414 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/01/27 16:18:50.0272 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/01/27 16:18:51.0239 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 2011/01/27 16:18:51.0645 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 2011/01/27 16:18:51.0738 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 2011/01/27 16:18:51.0785 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/01/27 16:18:51.0863 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys 2011/01/27 16:18:51.0894 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys 2011/01/27 16:18:51.0941 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 2011/01/27 16:18:52.0191 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/01/27 16:18:52.0362 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/27 16:18:52.0425 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/27 16:18:52.0862 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2011/01/27 16:18:53.0470 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2011/01/27 16:18:53.0829 Wdkbdmou (36f2beda08b629cd3a1f7805d1f90378) C:\Windows\system32\DRIVERS\Wdkbdmou.sys 2011/01/27 16:18:54.0344 wdmirror (c1043a2336625dff9f48b9953a2f7291) C:\Windows\system32\DRIVERS\WDMirror.sys 2011/01/27 16:18:54.0780 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys 2011/01/27 16:18:55.0124 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys 2011/01/27 16:18:55.0373 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/01/27 16:18:56.0247 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/01/27 16:18:57.0011 WSVD (5d0a08ebf9660e07865907fb1ab022b5) C:\Windows\system32\drivers\WSVD.sys 2011/01/27 16:18:57.0105 ================================================================================ 2011/01/27 16:18:57.0105 Scan finished 2011/01/27 16:18:57.0105 ================================================================================ Edytowane 27 Stycznia 2011 przez picasso Brak wykrytej infekcji, temat przenoszę do działu Vista. //picasso Odnośnik do komentarza
Rekomendowane odpowiedzi