Skocz do zawartości

"Błąd podczas komunikacji z jądrem", gdy próbuję włączyć Eset Smart Security 5


Rekomendowane odpowiedzi

Problemów czy symptomów jest kilka: gdy próbuję włączyć Eset Smart Security 5 wyskakuje "Błąd podczas komunikacji z jądrem", ponadto gdy usiłowałem zaktualizować ten antywirus nagle wyskoczyło, że komputer nie jest chroniony, i od tego zaczęły się problemy, generalnie jest podejrzenie zainfekowania kompa jakimś głębiej siedzącym trojanem upośledzającym działanie antywirusa.

Bardzo proszę o pomoc. Z góry pięknie dziękuję.

 

 

OTL logfile created on: 11/22/2011 5:21:00 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Adam\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

2.93 Gb Total Physical Memory | 1.62 Gb Available Physical Memory | 55.33% Memory free

5.86 Gb Paging File | 4.40 Gb Available in Paging File | 75.08% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 144.04 Gb Total Space | 107.26 Gb Free Space | 74.46% Space Free | Partition Type: NTFS

Drive E: | 140.95 Gb Total Space | 140.69 Gb Free Space | 99.82% Space Free | Partition Type: NTFS

Drive F: | 36.39 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: LONDONER | User Name: Adam | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/11/22 17:07:35 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Adam\Downloads\OTL.exe

PRC - [2011/09/13 15:54:13 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe

PRC - [2011/09/13 15:53:58 | 000,246,112 | ---- | M] () -- C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe

PRC - [2011/03/14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe

PRC - [2011/01/17 18:50:30 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

PRC - [2011/01/17 18:50:30 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

PRC - [2010/06/28 23:23:12 | 000,265,984 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

PRC - [2010/06/28 23:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

PRC - [2010/06/22 07:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe

PRC - [2010/06/22 07:34:48 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe

PRC - [2010/06/22 07:34:46 | 000,968,272 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe

PRC - [2010/05/27 03:41:24 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe

PRC - [2010/04/24 00:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2010/04/24 00:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2010/04/13 17:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2010/04/13 17:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

PRC - [2010/03/18 05:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

PRC - [2010/03/18 05:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2010/03/11 06:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

PRC - [2010/03/11 06:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

PRC - [2010/02/28 01:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe

PRC - [2010/01/29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe

PRC - [2010/01/08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2011/10/24 17:51:50 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\4c06d1921304530c04615a2edd127484\IAStorUtil.ni.dll

MOD - [2011/10/20 16:26:20 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll

MOD - [2011/10/20 16:25:54 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll

MOD - [2011/10/20 16:25:47 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll

MOD - [2011/10/20 16:25:34 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll

MOD - [2011/10/20 16:25:29 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll

MOD - [2011/10/20 16:25:25 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll

MOD - [2011/10/20 16:25:25 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll

MOD - [2011/10/20 16:25:16 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll

MOD - [2011/09/13 15:54:13 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe

MOD - [2011/09/13 15:53:59 | 009,515,520 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\QtGui4.dll

MOD - [2011/09/13 15:53:59 | 002,415,104 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\QtCore4.dll

MOD - [2011/09/13 15:53:59 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\QtNetwork4.dll

MOD - [2011/09/13 15:53:59 | 001,101,824 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NDISAPI.dll

MOD - [2011/09/13 15:53:59 | 000,808,960 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\SMSUIPlugin.dll

MOD - [2011/09/13 15:53:59 | 000,670,720 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\SmsAppPlugin.dll

MOD - [2011/09/13 15:53:59 | 000,545,280 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\PluginContainer.dll

MOD - [2011/09/13 15:53:59 | 000,483,328 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetInfoUIExPlugin.dll

MOD - [2011/09/13 15:53:59 | 000,384,512 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\USSDUIPlugin.dll

MOD - [2011/09/13 15:53:59 | 000,381,952 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Proxy.DLL

MOD - [2011/09/13 15:53:59 | 000,370,176 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qtiff4.dll

MOD - [2011/09/13 15:53:59 | 000,350,720 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qmng4.dll

MOD - [2011/09/13 15:53:59 | 000,334,848 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\MainpagePlugin.dll

MOD - [2011/09/13 15:53:59 | 000,333,312 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetConnectPlugin.dll

MOD - [2011/09/13 15:53:59 | 000,308,224 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\StatusBarMgrPlugin.dll

MOD - [2011/09/13 15:53:59 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetInfoSrvPlugin.dll

MOD - [2011/09/13 15:53:59 | 000,261,632 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\sdk.dll

MOD - [2011/09/13 15:53:59 | 000,249,344 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\MenuMgrPlugin.dll

MOD - [2011/09/13 15:53:59 | 000,240,128 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\ToolBarMgrPlugin.dll

MOD - [2011/09/13 15:53:59 | 000,235,008 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetSrvPlugin.dll

MOD - [2011/09/13 15:53:59 | 000,217,600 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\SmsSrvPlugin.dll

MOD - [2011/09/13 15:53:59 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qjpeg4.dll

MOD - [2011/09/13 15:53:59 | 000,190,464 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\XFramePlugin.dll

MOD - [2011/09/13 15:53:59 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NDISPlugin.dll

MOD - [2011/09/13 15:53:59 | 000,159,232 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\XCodec.dll

MOD - [2011/09/13 15:53:59 | 000,158,720 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetConnectSrvPlugin.dll

MOD - [2011/09/13 15:53:59 | 000,156,672 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\STKSrvPlugin.dll

MOD - [2011/09/13 15:53:59 | 000,142,336 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\USSDSrvPlugin.dll

MOD - [2011/09/13 15:53:59 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Trace.dll

MOD - [2011/09/13 15:53:59 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSDialup.dll

MOD - [2011/09/13 15:53:59 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSNDIS.dll

MOD - [2011/09/13 15:53:59 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Win7Support.dll

MOD - [2011/09/13 15:53:59 | 000,101,376 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSAdapt.dll

MOD - [2011/09/13 15:53:59 | 000,093,184 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NotifyServicePlugin.dll

MOD - [2011/09/13 15:53:59 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qgif4.dll

MOD - [2011/09/13 15:53:59 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qico4.dll

MOD - [2011/09/13 15:53:59 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSPowerMgr.dll

MOD - [2011/09/13 15:53:59 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSCall.dll

MOD - [2011/09/13 15:53:59 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\mingwm10.dll

MOD - [2011/09/13 15:53:58 | 001,077,248 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AddrBookPlugin.dll

MOD - [2011/09/13 15:53:58 | 000,739,328 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AddrBookUIPlugin.dll

MOD - [2011/09/13 15:53:58 | 000,550,400 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\CallAppPlugin.dll

MOD - [2011/09/13 15:53:58 | 000,547,840 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\CallLogSrvPlugin.dll

MOD - [2011/09/13 15:53:58 | 000,495,104 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceMgrUIPlugin.dll

MOD - [2011/09/13 15:53:58 | 000,428,032 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\core.dll

MOD - [2011/09/13 15:53:58 | 000,427,008 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DialupUIPlugin.dll

MOD - [2011/09/13 15:53:58 | 000,338,432 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceAppPlugin.dll

MOD - [2011/09/13 15:53:58 | 000,301,056 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceSrvPlugin.dll

MOD - [2011/09/13 15:53:58 | 000,269,824 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\LiveUpdateInterface.DLL

MOD - [2011/09/13 15:53:58 | 000,264,704 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AddrBookSrvPlugin.dll

MOD - [2011/09/13 15:53:58 | 000,238,080 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AtCodec.dll

MOD - [2011/09/13 15:53:58 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Common.dll

MOD - [2011/09/13 15:53:58 | 000,211,968 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DialUpPlugin.dll

MOD - [2011/09/13 15:53:58 | 000,176,128 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\CallSrvPlugin.dll

MOD - [2011/09/13 15:53:58 | 000,157,184 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DataServicePlugin.dll

MOD - [2011/09/13 15:53:58 | 000,123,392 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\ATR2SMgr.dll

MOD - [2011/09/13 15:53:58 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\LayoutPlugin.dll

MOD - [2011/09/13 15:53:58 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\libgcc_s_dw2-1.dll

MOD - [2011/08/31 20:05:38 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll

MOD - [2010/11/13 03:37:37 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll

MOD - [2010/09/30 18:42:08 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pl_b77a5c561934e089\System.Runtime.Remoting.resources.dll

MOD - [2010/06/28 23:20:54 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll

MOD - [2010/02/28 01:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe

MOD - [2009/05/20 07:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2010/06/11 22:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)

SRV:64bit: - [2010/05/27 05:59:42 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2010/01/29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)

SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2011/09/13 15:53:58 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc)

SRV - [2010/07/13 12:59:30 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2010/06/28 23:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)

SRV - [2010/06/22 07:34:48 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)

SRV - [2010/06/01 23:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)

SRV - [2010/05/27 03:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)

SRV - [2010/04/24 00:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2010/04/24 00:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2010/04/13 17:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/18 05:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®

SRV - [2010/03/18 05:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®

SRV - [2010/01/08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)

SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2011/09/13 15:53:59 | 000,421,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)

DRV:64bit: - [2011/09/13 15:53:59 | 000,222,464 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)

DRV:64bit: - [2011/09/13 15:53:59 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)

DRV:64bit: - [2011/09/13 15:53:59 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)

DRV:64bit: - [2011/08/24 16:59:36 | 000,062,496 | ---- | M] (ESET) [Kernel | Disabled | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)

DRV:64bit: - [2011/08/24 16:59:34 | 000,187,632 | ---- | M] (ESET) [Kernel | Disabled | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)

DRV:64bit: - [2011/08/24 16:59:34 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Stop_Pending] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)

DRV:64bit: - [2011/08/24 16:58:58 | 000,146,432 | ---- | M] (ESET) [Kernel | Disabled | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)

DRV:64bit: - [2011/08/24 16:58:12 | 000,202,576 | ---- | M] (ESET) [File_System | Disabled | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)

DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/07/09 04:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)

DRV:64bit: - [2010/06/17 10:18:28 | 000,246,376 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV:64bit: - [2010/05/27 06:39:14 | 006,856,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2010/05/27 05:25:38 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010/05/15 13:48:28 | 000,384,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink ™

DRV:64bit: - [2010/05/11 11:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2010/04/24 00:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2010/04/24 00:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2010/04/24 00:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2010/04/24 00:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2010/04/20 03:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)

DRV:64bit: - [2010/04/13 17:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010/01/27 04:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)

DRV:64bit: - [2009/12/10 12:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2009/09/17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®

DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/06/03 03:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)

DRV:64bit: - [2009/06/03 03:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)

DRV:64bit: - [2009/06/03 03:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)

DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...64z115v47k22714

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...64z115v47k22714

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...64z115v47k22714

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...64z115v47k22714

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-4240737671-2471314715-70744792-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...64z115v47k22714

IE - HKU\S-1-5-21-4240737671-2471314715-70744792-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com

IE - HKU\S-1-5-21-4240737671-2471314715-70744792-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found

IE - HKU\S-1-5-21-4240737671-2471314715-70744792-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

 

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Adam\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Adam\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/08/29 17:36:09 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/08/29 17:36:13 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/29 18:24:22 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011/11/17 17:15:01 | 000,000,000 | ---D | M]

 

[2011/09/13 16:10:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adam\AppData\Roaming\mozilla\Extensions

[2011/10/11 16:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adam\AppData\Roaming\mozilla\Firefox\Profiles\jzmfhdjq.default\extensions

[2011/10/20 16:31:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2011/09/16 15:34:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

[2011/10/20 16:31:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

() (No name found) -- C:\USERS\ADAM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JZMFHDJQ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

[2011/09/03 07:37:46 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011/04/14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll

[2011/09/03 00:51:04 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml

[2011/09/03 00:51:04 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml

[2011/09/03 00:51:04 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml

[2011/09/03 00:51:04 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml

[2011/09/03 00:51:04 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml

[2011/09/03 00:51:04 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

 

========== Chrome ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Adam\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Adam\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Adam\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll

CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll

CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: Adblock Plus for Google Chrome\u2122 (Beta) = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.1.4_0\

 

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)

O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)

O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.

O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3:64bit: - HKU\S-1-5-21-4240737671-2471314715-70744792-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)

O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)

O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [backupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)

O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)

O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [suiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)

O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0500476E-EC22-42B5-908F-F7AD817DFC5A}: NameServer = 89.108.195.20 217.17.34.10

O18:64bit: - Protocol\Handler\dssrequest - No CLSID value found

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\sacore - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18 - Protocol\Handler\dssrequest - No CLSID value found

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\sacore - No CLSID value found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/03/15 00:27:21 | 000,148,320 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]

O32 - AutoRun File - [2008/10/07 18:12:34 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]

O33 - MountPoints2\{83908939-de12-11e0-ab48-5cac4c32abb0}\Shell - "" = AutoRun

O33 - MountPoints2\{83908939-de12-11e0-ab48-5cac4c32abb0}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/15 00:27:21 | 000,148,320 | R--- | M] ()

O33 - MountPoints2\{83908949-de12-11e0-ab48-5cac4c32abb0}\Shell - "" = AutoRun

O33 - MountPoints2\{83908949-de12-11e0-ab48-5cac4c32abb0}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/15 00:27:21 | 000,148,320 | R--- | M] ()

O33 - MountPoints2\F\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/15 00:27:21 | 000,148,320 | R--- | M] ()

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/11/22 17:20:05 | 000,000,000 | R--D | C] -- C:\Users\Adam\Documents\Notes

[2011/11/17 17:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET

[2011/11/17 17:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET

[2011/11/17 17:06:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2011/11/17 17:06:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011/11/15 22:45:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2011/11/15 22:10:21 | 000,000,000 | ---D | C] -- C:\Users\Adam\Documents\Simply Super Software

[2011/11/15 22:10:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover

[2011/11/15 22:10:16 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ztvcabinet.dll

[2011/11/15 22:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover

[2011/11/15 22:10:15 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\Simply Super Software

[2011/11/15 22:10:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software

[2011/11/15 21:36:48 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\ESET

[2011/11/15 21:36:48 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\ESET

[2011/11/15 21:34:20 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2011/11/15 17:29:58 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\Liteon

[2011/11/15 17:15:09 | 000,000,000 | ---D | C] -- C:\Users\Adam\Application Data

[2011/11/15 17:12:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONICA MINOLTA 164 Scanner

[2011/11/15 17:11:57 | 000,060,416 | ---- | C] (Monotype Imaging Inc.) -- C:\Windows\SysNative\PSKMON.DLL

[2011/11/15 17:11:54 | 000,047,104 | ---- | C] (KONICA MINOLTA) -- C:\Windows\SysNative\K164W2.dll

[2011/11/15 17:11:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\DRVSRC

[2011/11/10 17:15:37 | 000,000,000 | ---D | C] -- C:\Users\Adam\Desktop\DOKUMENTY

[2011/11/05 12:42:13 | 001,066,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX

[2011/11/05 12:42:13 | 000,368,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbar332.dll

[2011/11/05 12:42:13 | 000,326,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.005

[2011/11/05 12:42:13 | 000,163,840 | ---- | C] (CLARITY LANGUAGE CONSULTANTS LTD) -- C:\Windows\SysWow64\egusound.ocx

[2011/11/05 12:42:13 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX

[2011/11/05 12:42:13 | 000,127,488 | ---- | C] (Common Controls Replacement Project) -- C:\Windows\SysWow64\Ccrpsld.ocx

[2011/11/05 12:42:12 | 001,388,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.004

[2011/11/05 12:42:12 | 000,147,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.002

[2011/11/05 12:42:12 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.003

[2011/11/05 12:42:11 | 000,598,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.000

[2011/11/05 12:42:11 | 000,164,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.001

[2011/11/05 12:42:11 | 000,000,000 | ---D | C] -- C:\Clarity

[2011/11/05 12:41:55 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache

[2011/11/03 23:39:08 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\ElevatedDiagnostics

 

========== Files - Modified Within 30 Days ==========

 

[2011/11/22 17:10:25 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/11/22 17:10:25 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/11/22 16:32:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/11/22 16:27:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4240737671-2471314715-70744792-1000UA.job

[2011/11/22 16:20:56 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/11/22 16:19:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/11/22 16:19:18 | 2358,280,192 | -HS- | M] () -- C:\hiberfil.sys

[2011/11/19 12:27:56 | 000,002,358 | ---- | M] () -- C:\Users\Adam\Desktop\Google Chrome.lnk

[2011/11/17 17:06:29 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011/11/15 15:18:19 | 001,551,208 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011/11/15 15:18:19 | 000,698,356 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat

[2011/11/15 15:18:19 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011/11/15 15:18:19 | 000,135,176 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat

[2011/11/15 15:18:19 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011/11/14 17:50:16 | 000,292,528 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011/11/05 12:08:25 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4240737671-2471314715-70744792-1000Core.job

 

========== Files Created - No Company Name ==========

 

[2011/11/17 17:06:29 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011/11/15 22:10:16 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll

[2011/11/15 22:10:16 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll

[2011/11/15 22:10:16 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll

[2011/11/15 22:10:16 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll

[2011/11/15 17:11:58 | 000,007,680 | ---- | C] () -- C:\Windows\SysNative\ScanCoInstall.dll

[2011/09/12 17:54:54 | 000,000,000 | ---- | C] () -- C:\Windows\JCMKR32.INI

[2011/08/28 22:56:00 | 001,549,394 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011/08/28 22:23:31 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat

[2010/09/30 17:56:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2010/09/30 17:50:49 | 000,002,137 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat

[2010/07/13 13:07:42 | 000,002,137 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2010/07/13 12:45:37 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe

[2010/07/13 12:16:01 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll

[2010/07/13 12:15:32 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.exe

[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

 

========== LOP Check ==========

 

[2011/11/15 21:36:48 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\ESET

[2011/11/15 17:33:41 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Liteon

[2011/08/31 20:07:30 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\OpenOffice.org

[2011/09/04 11:39:28 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\PlayFirst

[2011/11/15 22:10:15 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Simply Super Software

[2011/11/15 18:04:40 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\SoftGrid Client

[2011/08/28 22:56:42 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\TP

[2011/11/17 17:05:36 | 000,030,758 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 

========== Purity Check ==========

 

 

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:CB0AACC9

@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F

@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:CDFF58FE

@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:93EB7685

@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:4D066AD2

@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:E36F5B57

@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:E1F04E8D

@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:1A60DE96

@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B9176C0

@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885

 

< End of report >

 

 

OTL Extras logfile created on: 11/22/2011 5:21:00 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Adam\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

2.93 Gb Total Physical Memory | 1.62 Gb Available Physical Memory | 55.33% Memory free

5.86 Gb Paging File | 4.40 Gb Available in Paging File | 75.08% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 144.04 Gb Total Space | 107.26 Gb Free Space | 74.46% Space Free | Partition Type: NTFS

Drive E: | 140.95 Gb Total Space | 140.69 Gb Free Space | 99.82% Space Free | Partition Type: NTFS

Drive F: | 36.39 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: LONDONER | User Name: Adam | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

========== Authorized Applications List ==========

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{11947265-738E-42D1-A9C6-CFD2D7FAE5BE}" = HP Deskjet Ink Adv 2060 K110 Badanie ulepszeń produktu

"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{55198058-B9BD-4574-8CD0-1E4EC1240B90}" = HP Deskjet Ink Adv 2060 K110 Podstawowe oprogramowanie urządzenia

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{90140000-006D-0415-1000-0000000FF1CE}" = Moduł Szybka instalacja pakietu Microsoft Office 2010

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9D4B130D-5285-4C6B-9773-42B9EDF507F0}" = ESET Smart Security

"{9EA64B79-30A1-F52E-D801-B07CF05FFFAF}" = ccc-utility64

"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack

"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller

"{D8DACA27-C2D9-9E8E-A8A5-A10E0C670D01}" = ATI Catalyst Install Manager

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"CCleaner" = CCleaner

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile

"SynTPDeinstKey" = Synaptics Pointing Device Driver

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{016095EE-5BB3-791C-A558-06412FF78691}" = CCC Help Russian

"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar

"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker

"{10F4A085-EA81-594B-C0B8-ADF013D26B8E}" = CCC Help Turkish

"{14EC371D-145C-9AC3-B3A8-EA90C6B0325E}" = PX Profile Update

"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1942E836-414C-4414-672B-93FCC8CC18AB}" = CCC Help Danish

"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{261A4762-744B-4C71-81D2-57FA5038DC7B}" = HP Deskjet Ink Adv 2060 K110 Pomoc

"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 29

"{284AE43C-30E4-B57E-A234-05496D05AB68}" = Catalyst Control Center Graphics Previews Vista

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4}" = Windows Live Sync

"{32354BAB-8BAE-7189-6E3F-922D47292D3D}" = CCC Help Czech

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4E242AB2-86A7-4231-82A9-1E4226D23CA8}" = Catalyst Control Center - Branding

"{51958BA7-21E4-4A8B-9098-CD8375BD17B2}" = Asystent rejestracji usługi Windows Live

"{51F026FA-5146-4232-A8BA-1364740BD053}" = Acer Crystal Eye webcam

"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI

"{5735A865-CD31-5788-DA38-AAB06EAED9F4}" = CCC Help Hungarian

"{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1" = Acer GameZone Console

"{5901E428-EC91-71EE-BA56-9417E40BE182}" = ccc-core-static

"{6053FE9B-5473-41D6-AEBF-AD6F98138191}" = Windows Live Movie Maker

"{60AA5155-39C7-14AA-FB4B-489B1C8DE9A1}" = CCC Help Chinese Traditional

"{623B8278-8CAD-45C1-B844-58B687C07805}" = Bing Bar Platform

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{72449E65-4852-2FD9-F603-D77E39DD3CF6}" = CCC Help Finnish

"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic

"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite

"{7703542C-3842-C5EE-2452-B006F441A162}" = CCC Help Polish

"{7F529418-344D-3792-F7B6-04EB805F5931}" = CCC Help English

"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}" = Poker Pop

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90140011-0066-0415-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Polski

"{91F29ED6-6C82-F83D-BF8D-3E67D18E7249}" = Catalyst Control Center Localization All

"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{9862473C-E063-4C68-A161-2CDE0E8048A5}" = Podstawowe programy Windows Live

"{990EEE1A-4D64-16AF-A944-AD97AE080D26}" = CCC Help German

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9A98031B-0A1A-AFDC-87F4-AAFDC1E97B7D}" = CCC Help Portuguese

"{9AB614A6-719C-4A6E-A63E-831E0A35F62A}" = Windows Live Writer

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9CDEAEC9-2F14-4D39-8541-C1EEC4B5D1CB}" = Galeria fotografii usługi Windows Live

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI

"{AEAA9D8A-A347-0FC4-5CAF-D9F2236FCF49}" = CCC Help French

"{AEB43F42-8F9D-DBD8-0B11-941CC27C174A}" = CCC Help Norwegian

"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update

"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder

"{C2EE73BE-CD73-6EC9-A5A0-0E080A60A00E}" = CCC Help Chinese Standard

"{C35FE07E-24B5-410F-85B7-122087A0C7DD}" = Poczta usługi Windows Live

"{CFCF4223-BC7B-110C-4E19-5FF025721C4B}" = CCC Help Spanish

"{D1803CD4-0CE7-4484-98E3-88D7A2D629A4}" = Windows Live Messenger

"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9

"{E17D581A-6949-6A53-7A18-E80C6BDCC800}" = CCC Help Italian

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E96D1A04-B0B4-0788-D70F-0A9BB9C503BD}" = CCC Help Korean

"{EB5E21BC-AC56-A45D-5593-A1C55A380677}" = CCC Help Swedish

"{EB87675F-5281-4767-A54B-31931794C23D}" = OpenOffice.org 3.3

"{ECEDC447-3EED-6F90-CB39-0A49BD2D63DE}" = CCC Help Thai

"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater

"{EF45FBBD-3CE8-698B-AC44-C693468F53D3}" = CCC Help Greek

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F47BEA79-07F3-5602-76B4-B9B9042269A1}" = Catalyst Control Center InstallProxy

"{F73D3B6A-4E5F-E93D-C7C3-65DE80BEE0E7}" = CCC Help Dutch

"{F9D7691A-E3CD-EF15-DE38-EDF0BB1E345F}" = CCC Help Japanese

"Acer Registration" = Acer Registration

"Acer Screensaver" = Acer ScreenSaver

"Acer Welcome Center" = Welcome Center

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Clarity recorder" = Clarity recorder

"HP Photo Creations" = HP Photo Creations

"Identity Card" = Identity Card

"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager

"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite

"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9

"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9

"LManager" = Launch Manager

"Mozilla Firefox 6.0.2 (x86 pl)" = Mozilla Firefox 6.0.2 (x86 pl)

"Office14.Click2Run" = Moduł Szybka instalacja pakietu Microsoft Office 2010

"PLAY ONLINE" = PLAY ONLINE

"Trojan Remover_is1" = Trojan Remover 6.8.2

"WinLiveSuite_Wave3" = Podstawowe programy Windows Live

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-4240737671-2471314715-70744792-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

 

========== Last 10 Event Log Errors ==========

 

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

 

< End of report >

Odnośnik do komentarza
Pomoc jest darmowa, ale proszę rozważ przekazanie dotacji na utrzymanie serwisu: klik.

Pożądana prezentacja raportów: Załączniki forum. W raportach brak oznak infekcji.

 

 

Problemów czy symptomów jest kilka: gdy próbuję włączyć Eset Smart Security 5 wyskakuje "Błąd podczas komunikacji z jądrem", ponadto gdy usiłowałem zaktualizować ten antywirus nagle wyskoczyło, że komputer nie jest chroniony, i od tego zaczęły się problemy

 

Rozpocznij od klasycznego postępowania w takich przypadkach: reinstalacja ESET. Odinstaluj go tradycyjnie przez Panel sterowania, następnie użyj narzędzie firmowe ESET Uninstaller z poziomu Trybu awaryjnego Windows, przed instalacją wyrzuć z systemu Trojan Remover (zbędny w widzianym tu układzie) i zainstaluj ponownie ESET.

 

 

 

.

Odnośnik do komentarza

Rozpocznij od klasycznego postępowania w takich przypadkach: reinstalacja ESET. Odinstaluj go tradycyjnie przez Panel sterowania, następnie użyj narzędzie firmowe ESET Uninstaller z poziomu Trybu awaryjnego Windows, przed instalacją wyrzuć z systemu Trojan Remover (zbędny w widzianym tu układzie) i zainstaluj ponownie ESET.

 

"Klasyczne postępowanie" jak najbardziej pomogło. Antywirus działa jak należy. Dziękuję pięknie za pomoc.

Odnośnik do komentarza
Gość
Ten temat został zamknięty. Brak możliwości dodania odpowiedzi.
  • Ostatnio przeglądający   0 użytkowników

    • Brak zarejestrowanych użytkowników przeglądających tę stronę.
×
×
  • Dodaj nową pozycję...