myš a wmplayer

[bustech]

Dobrý den,
poslední dobou se mi seká myš cca na 2 vteřiny. Zrovna, když se sekne tak ve správci úloh, právě na tyto 2 vteřiny objeví
wmplayer.exe s vytížením cpu 17% a zase zmizí. A takto stále dokola---myš se sekne a wmplayer.exe má vytížení cpu17%. U myši se zobrazí, že systém pracuje (kolečko)Přitom ho ani moc nepoužívám.A když se to stává tak ho mám vypnutý.
Je jedno jestli jsem online nebo offline. Scanoval jsem dr.web, mbam, online virus total-pouze složku s wmplayerem a nic.
Přikládám log na kontrolu pro jistotu,protože se mi nezdá, že by toto způsoboval hardware.

děkuji za vaše rady


Logfile of random's system information tool 1.09 (written by random/random)
Run by Acer at 2011-08-19 20:13:06
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 189 GB (81%) free of 232 GB
Total RAM: 3070 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:13:10, on 19.8.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19120)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\Pixart\PAP7501\GUCI_AVS.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe
C:\Users\Acer\Downloads\rsit\RSIT.exe
C:\Program Files\trend micro\Acer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [GUCI_AVS] C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe

--
End of file - 4086 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3442739163-710471463-1364123136-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3442739163-710471463-1364123136-1000UA.job
C:\Windows\tasks\User_Feed_Synchronization-{C04A1368-1957-4A45-B7C8-7AD964FFAC49}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\hbxa4y9j.default

prefs.js - "browser.startup.homepage" - "www.google.com"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0]
"Description"=DivX OVS Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll [2011-07-13 419768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\IPSBHO.DLL [2010-05-14 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll [2011-07-13 419768]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Empowering Technology Monitor"=C:\Program Files\Acer\Empowering Technology\SysMonitor.exe [2008-02-14 319488]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-03-26 5369856]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]
"GUCI_AVS"=C:\Windows\PixArt\PAP7501\GUCI_AVS.exe [2008-04-25 327328]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMISR]
C:\Program Files\KYE\WebMate\BM.exe [2008-05-06 233472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-01-11 1230704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-01-27 523312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmpoweringTechnology]
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe [2008-02-14 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-07-06 449584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2008-01-21 131584]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"msacm.divxa32"=msaud32_divx.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"vidc.iv50"=ir50_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iv32"=ir32_32.dll
"vidc.iv31"=ir32_32.dll
"msacm.iac2"=C:\Windows\system32\iac25_32.ax

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-08-19 20:02:40 ----D---- C:\Program Files\trend micro
2011-08-19 20:02:37 ----D---- C:\rsit
2011-08-19 13:50:04 ----D---- C:\Windows\temp
2011-08-19 13:47:54 ----A---- C:\ComboFix.txt
2011-08-19 13:47:04 ----SHD---- C:\$RECYCLE.BIN
2011-08-19 13:39:10 ----D---- C:\ComboFix
2011-08-19 12:30:56 ----A---- C:\Windows\zip.exe
2011-08-19 12:30:56 ----A---- C:\Windows\SWSC.exe
2011-08-19 12:30:56 ----A---- C:\Windows\SWREG.exe
2011-08-19 12:30:56 ----A---- C:\Windows\sed.exe
2011-08-19 12:30:56 ----A---- C:\Windows\PEV.exe
2011-08-19 12:30:56 ----A---- C:\Windows\NIRCMD.exe
2011-08-19 12:30:56 ----A---- C:\Windows\MBR.exe
2011-08-19 12:30:56 ----A---- C:\Windows\grep.exe
2011-08-19 12:30:42 ----D---- C:\Windows\ERDNT
2011-08-19 12:30:36 ----D---- C:\Qoobox
2011-08-19 11:45:48 ----D---- C:\Users\Acer\AppData\Roaming\QuickScan
2011-08-10 13:39:28 ----A---- C:\Windows\system32\urlmon.dll
2011-08-10 13:39:27 ----A---- C:\Windows\system32\wininet.dll
2011-08-10 13:39:27 ----A---- C:\Windows\system32\iertutil.dll
2011-08-10 13:39:26 ----A---- C:\Windows\system32\mshtml.dll
2011-08-10 13:39:26 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-10 13:39:24 ----A---- C:\Windows\system32\ieframe.dll
2011-08-10 13:39:24 ----A---- C:\Windows\system32\ie4uinit.exe
2011-08-10 13:39:23 ----A---- C:\Windows\system32\url.dll
2011-08-10 13:39:23 ----A---- C:\Windows\system32\occache.dll
2011-08-10 13:39:23 ----A---- C:\Windows\system32\mstime.dll
2011-08-10 13:39:23 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-10 13:39:23 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-08-10 13:39:23 ----A---- C:\Windows\system32\msfeeds.dll
2011-08-10 13:39:23 ----A---- C:\Windows\system32\licmgr10.dll
2011-08-10 13:39:23 ----A---- C:\Windows\system32\ieUnatt.exe
2011-08-10 13:39:23 ----A---- C:\Windows\system32\ieui.dll
2011-08-10 13:39:23 ----A---- C:\Windows\system32\iesysprep.dll
2011-08-10 13:39:23 ----A---- C:\Windows\system32\iesetup.dll
2011-08-10 13:39:23 ----A---- C:\Windows\system32\iernonce.dll
2011-08-10 13:39:23 ----A---- C:\Windows\system32\iepeers.dll
2011-08-10 13:39:23 ----A---- C:\Windows\system32\iedkcs32.dll
2011-08-10 13:39:22 ----A---- C:\Windows\system32\msfeedssync.exe
2011-08-10 13:39:14 ----A---- C:\Windows\system32\xmllite.dll
2011-08-10 13:39:11 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-10 13:38:22 ----A---- C:\Windows\system32\winsrv.dll
2011-08-10 13:38:20 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-10 13:38:20 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-08-10 13:37:06 ----A---- C:\Windows\system32\drivers\tcpip.sys

======List of files/folders modified in the last 1 month======

2011-08-19 20:02:40 ----RD---- C:\Program Files
2011-08-19 19:55:01 ----SHD---- C:\System Volume Information
2011-08-19 19:20:27 ----D---- C:\Windows\system32\catroot2
2011-08-19 13:50:04 ----D---- C:\Windows
2011-08-19 13:46:06 ----A---- C:\Windows\system.ini
2011-08-19 13:42:43 ----D---- C:\Windows\system32\drivers
2011-08-19 13:42:43 ----D---- C:\Windows\System32
2011-08-19 13:42:43 ----D---- C:\Windows\AppPatch
2011-08-19 13:42:41 ----D---- C:\Program Files\Common Files
2011-08-19 13:30:53 ----SHD---- C:\Windows\Installer
2011-08-19 00:47:20 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-08-18 23:47:24 ----D---- C:\ProgramData\Kaspersky Lab
2011-08-17 21:49:23 ----D---- C:\Windows\Microsoft.NET
2011-08-17 21:49:22 ----RSD---- C:\Windows\assembly
2011-08-17 21:17:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-17 21:17:06 ----D---- C:\Windows\inf
2011-08-10 21:42:14 ----D---- C:\Users\Acer\AppData\Roaming\Media Player Classic
2011-08-10 20:16:27 ----D---- C:\Windows\winsxs
2011-08-10 14:19:05 ----D---- C:\Windows\system32\catroot
2011-08-10 14:15:43 ----D---- C:\Windows\system32\migration
2011-08-10 14:15:43 ----D---- C:\Program Files\Windows Mail
2011-08-10 14:15:43 ----D---- C:\Program Files\Internet Explorer
2011-08-10 13:47:21 ----D---- C:\Windows\Debug
2011-08-10 13:47:17 ----A---- C:\Windows\system32\mrt.exe
2011-08-07 15:42:20 ----D---- C:\Program Files\Wise Disk Cleaner
2011-08-07 15:39:38 ----D---- C:\Program Files\Mozilla Firefox
2011-07-24 00:44:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-21 14:43:37 ----SD---- C:\Users\Acer\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ahcix86s;ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [2007-12-19 170000]
R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 7680]
R0 CLFS;Common Log (CLFS); C:\Windows\System32\CLFS.sys [2009-04-10 245736]
R0 crcdisk;Crcdisk Filter Driver; C:\Windows\system32\drivers\crcdisk.sys [2008-01-21 24632]
R0 Ecache;ReadyBoost Caching Driver; C:\Windows\System32\drivers\ecache.sys [2009-04-10 141288]
R0 FileInfo;File Information FS MiniFilter; C:\Windows\system32\drivers\fileinfo.sys [2008-01-21 58936]
R0 msisadrv;Ovladač třídy ISA/EISA; C:\Windows\system32\drivers\msisadrv.sys [2008-01-21 16440]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-01-27 18480]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2011-02-23 16184]
R0 spldr;Security Processor Loader Driver; C:\Windows\system32\drivers\spldr.sys [2008-01-21 21048]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NIS\1108000.005\SYMDS.SYS [2009-08-30 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NIS\1108000.005\SYMEFA.SYS [2010-04-22 173104]
R0 volmgr;Ovladač správce svazků; C:\Windows\system32\drivers\volmgr.sys [2008-01-21 52792]
R0 volmgrx;Dynamic Volume Manager; C:\Windows\System32\drivers\volmgrx.sys [2009-04-10 292840]
R0 Wdf01000;Kernel Mode Driver Frameworks service; C:\Windows\system32\drivers\Wdf01000.sys [2008-01-21 503864]
R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20110812.001\BHDrvx86.sys [2011-07-23 815736]
R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\NIS\1108000.005\ccHPx86.sys [2010-02-26 501888]
R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\Windows\System32\Drivers\dfsc.sys [2011-04-14 75264]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2011-07-28 374392]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20110818.030\IDSvix86.sys [2011-08-02 367736]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\Windows\system32\DRIVERS\kbdhid.sys [2009-04-10 17408]
R1 nsiproxy;NSI proxy service; C:\Windows\system32\drivers\nsiproxy.sys [2008-01-21 16384]
R1 RDPENCDD;RDP Encoder Mirror Driver; C:\Windows\system32\drivers\rdpencdd.sys [2008-01-21 6144]
R1 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\Windows\system32\DRIVERS\smb.sys [2009-04-10 66560]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NIS\1108000.005\SRTSPX.SYS [2010-04-22 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2010-05-06 44080]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NIS\1108000.005\Ironx86.SYS [2010-04-29 116784]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NIS\1108000.005\SYMTDIV.SYS [2010-05-06 339504]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2009-04-10 72192]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2011-05-16 162544]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2011-05-16 44720]
R1 Wanarpv6;Remote Access IPv6 ARP Driver; C:\Windows\system32\DRIVERS\wanarp.sys [2008-01-21 62464]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-02-14 15392]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\Windows\system32\DRIVERS\lltdio.sys [2008-01-21 47104]
R2 luafv;UAC File Virtualization; C:\Windows\system32\drivers\luafv.sys [2008-01-21 84480]
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2006-11-02 878080]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-01-27 16432]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-01-27 59952]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\Windows\system32\DRIVERS\rspndr.sys [2008-01-21 60416]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2009-12-08 30720]
R2 tvicport;tvicport; \??\C:\Windows\system32\drivers\tvicport.sys [2007-09-28 14544]
R2 zntport;zntport; \??\C:\Windows\system32\drivers\zntport.sys [2007-09-28 6080]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-09 3533824]
R3 bowser;Bowser; C:\Windows\system32\DRIVERS\bowser.sys [2011-02-22 69632]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2011-01-20 638336]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-07-28 105592]
R3 GUCI_AVS; iSlim 330 ; C:\Windows\system32\DRIVERS\GUCI_AVS.sys [2008-03-31 533888]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 HDAudBus;Ovladač sběrnice Microsoft UAA pro zvuk High Definition Audio; C:\Windows\system32\DRIVERS\HDAudBus.sys [2009-04-10 561152]
R3 HidUsb;Ovladač třídy standardu HID Microsoft; C:\Windows\system32\DRIVERS\hidusb.sys [2009-04-10 12800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-03-26 2103512]
R3 iScsiPrt;Ovladač iScsiPort; C:\Windows\system32\DRIVERS\msiscsi.sys [2009-04-10 180712]
R3 monitor;Služba ovladače funkce třídy monitorů Microsoft; C:\Windows\system32\DRIVERS\monitor.sys [2008-01-21 41984]
R3 mouhid;Ovladač HID myši; C:\Windows\system32\DRIVERS\mouhid.sys [2008-01-21 15872]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2008-01-21 64000]
R3 mrxsmb10;SMB 1.x MiniRedirector; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2011-07-06 214016]
R3 mrxsmb20;SMB 2.0 MiniRedirector; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2011-04-29 79872]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110818.021\NAVENG.SYS [2011-08-04 86136]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110818.021\NAVEX15.SYS [2011-08-04 1576312]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 ohci1394;Hostitelský řadič IEEE 1394 standardu OHCI; C:\Windows\system32\DRIVERS\ohci1394.sys [2009-04-10 62208]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2009-04-10 69120]
R3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1108000.005\SRTSP.SYS [2010-04-22 325680]
R3 srv2;srv2; C:\Windows\System32\DRIVERS\srv2.sys [2011-04-29 146432]
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2011-04-29 102400]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-10-14 124976]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunmp.sys [2008-01-21 15360]
R3 tunnel;Microsoft IPv6 Tunnel Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunnel.sys [2008-01-21 23040]
R3 umbus;Ovladač sběrnice UMBus Enumerator; C:\Windows\system32\DRIVERS\umbus.sys [2008-01-21 34816]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-10 73216]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\Windows\system32\DRIVERS\usbccgp.sys [2008-01-21 73216]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\Windows\system32\DRIVERS\USBSTOR.SYS [2009-04-10 65536]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-05-16 111280]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2011-05-16 122224]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-28 298496]
S1 SASDIFSV;SASDIFSV; \??\C:\Users\Acer\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS []
S1 SASKUTIL;SASKUTIL; \??\C:\Users\Acer\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.SYS []
S3 agp440;Intel AGP Bus Filter; C:\Windows\system32\drivers\agp440.sys [2008-01-21 56376]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2008-01-21 57400]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\Windows\system32\drivers\brfiltlo.sys [2006-11-02 13568]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\Windows\system32\drivers\brfiltup.sys [2006-11-02 5248]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\Windows\system32\drivers\brusbser.sys [2006-11-02 11904]
S3 catchme;catchme; \??\C:\Users\Acer\AppData\Local\Temp\catchme.sys []
S3 cpuz135;cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys []
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:\Windows\system32\DRIVERS\E1G60I32.sys [2008-01-21 118784]
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2009-04-10 136704]
S3 Filetrace;FileTrace; C:\Windows\system32\drivers\filetrace.sys [2008-01-21 27648]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\system32\drivers\gagp30kx.sys [2008-01-21 61496]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-07-06 22712]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-21 18432]
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2009-04-10 161752]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NativeWifiP;Filtr NativeWiFi; C:\Windows\system32\DRIVERS\nwifi.sys [2009-04-10 148480]
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\Windows\system32\drivers\nv_agp.sys [2008-01-21 109112]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2008-01-21 31232]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:\Windows\system32\drivers\sffp_mmc.sys [2008-01-21 12288]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\Windows\system32\drivers\sffp_sd.sys [2008-01-21 11776]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2008-01-21 55864]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys []
S3 Tcpip6;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2011-06-17 905104]
S3 tssecsrv;Terminal Services Security Filter Driver; C:\Windows\System32\DRIVERS\tssecsrv.sys [2008-01-21 23552]
S3 uagp35;Microsoft AGPv3.5 Filter; C:\Windows\system32\drivers\uagp35.sys [2008-01-21 59448]
S3 uliagpkx;Uli AGP Bus Filter; C:\Windows\system32\drivers\uliagpkx.sys [2008-01-21 60984]
S3 usbprint;Třída USB Printer; C:\Windows\system32\DRIVERS\usbprint.sys [2008-01-21 18944]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2011-02-17 33712]
S3 vga;vga; C:\Windows\system32\DRIVERS\vgapnp.sys [2008-01-21 26112]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2008-01-21 56888]
S4 adp94xx;adp94xx; C:\Windows\system32\drivers\adp94xx.sys [2008-01-21 422968]
S4 adpahci;adpahci; C:\Windows\system32\drivers\adpahci.sys [2008-01-21 300600]
S4 adpu320;adpu320; C:\Windows\system32\drivers\adpu320.sys [2008-01-21 149560]
S4 amdide;amdide; C:\Windows\system32\drivers\amdide.sys [2008-01-21 17976]
S4 AmdK7;AMD K7 Processor Driver; C:\Windows\system32\drivers\amdk7.sys [2008-01-21 41472]
S4 AmdK8;Ovladač procesoru AMD K8; C:\Windows\system32\DRIVERS\amdk8.sys [2008-01-21 44032]
S4 arc;arc; C:\Windows\system32\drivers\arc.sys [2008-01-21 79416]
S4 arcsas;arcsas; C:\Windows\system32\drivers\arcsas.sys [2008-01-21 79928]
S4 blbdrive;blbdrive; C:\Windows\system32\drivers\blbdrive.sys [2008-01-21 45568]
S4 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\Windows\system32\drivers\brserid.sys [2006-11-02 71808]
S4 BrSerWdm;Brother WDM Serial driver; C:\Windows\system32\drivers\brserwdm.sys [2006-11-02 62336]
S4 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\Windows\system32\drivers\brusbmdm.sys [2006-11-02 12160]
S4 BTHMODEM;Bluetooth Serial Communications Driver; C:\Windows\system32\drivers\bthmodem.sys [2006-11-02 39936]
S4 circlass;Consumer IR Devices; C:\Windows\system32\drivers\circlass.sys [2008-01-21 35328]
S4 Crusoe;Transmeta Crusoe Processor Driver; C:\Windows\system32\drivers\crusoe.sys [2008-01-21 40960]
S4 elxstor;elxstor; C:\Windows\system32\drivers\elxstor.sys [2008-01-21 342584]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 HidBth;Microsoft Bluetooth HID Miniport; C:\Windows\system32\drivers\hidbth.sys [2006-11-02 29184]
S4 HidIr;Microsoft Infrared HID Driver; C:\Windows\system32\drivers\hidir.sys [2006-11-02 21504]
S4 HpCISSs;HpCISSs; C:\Windows\system32\drivers\hpcisss.sys [2008-01-21 40504]
S4 iaStorV;Intel RAID Controller Vista; C:\Windows\system32\drivers\iastorv.sys [2008-01-21 235064]
S4 iirsp;iirsp; C:\Windows\system32\drivers\iirsp.sys [2006-11-02 41576]
S4 intelppm;Intel Processor Driver; C:\Windows\system32\DRIVERS\intelppm.sys [2008-01-21 41472]
S4 IPMIDRV;IPMIDRV; C:\Windows\system32\drivers\ipmidrv.sys [2008-01-21 64512]
S4 iteatapi;ITEATAPI_Service_Install; C:\Windows\system32\drivers\iteatapi.sys [2006-11-02 35944]
S4 iteraid;ITERAID_Service_Install; C:\Windows\system32\drivers\iteraid.sys [2006-11-02 35944]
S4 LSI_FC;LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [2008-01-21 96312]
S4 LSI_SAS;LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [2008-01-21 89656]
S4 LSI_SCSI;LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [2008-01-21 96312]
S4 megasas;megasas; C:\Windows\system32\drivers\megasas.sys [2008-01-21 31288]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 mpio;Microsoft Multi-Path Bus Driver; C:\Windows\system32\drivers\mpio.sys [2008-01-21 105016]
S4 msahci;msahci; C:\Windows\system32\drivers\msahci.sys [2008-01-21 28728]
S4 msdsm;Microsoft Multi-Path Device Specific Module; C:\Windows\system32\drivers\msdsm.sys [2008-01-21 94776]
S4 nfrd960;nfrd960; C:\Windows\system32\drivers\nfrd960.sys [2006-11-02 45160]
S4 ntrigdigi;N-trig HID Tablet Driver; C:\Windows\system32\drivers\ntrigdigi.sys [2006-11-02 20608]
S4 nvraid;NVIDIA nForce RAID Driver ; C:\Windows\system32\drivers\nvraid.sys [2008-01-21 102968]
S4 nvstor;nvstor; C:\Windows\system32\drivers\nvstor.sys [2008-01-21 45112]
S4 ql2300;QLogic Fibre Channel Miniport Driver; C:\Windows\system32\drivers\ql2300.sys [2008-01-21 1122360]
S4 ql40xx;QLogic iSCSI Miniport Driver; C:\Windows\system32\drivers\ql40xx.sys [2006-11-02 106088]
S4 sbp2port;SBP-2 Transport/Protocol Bus Driver; C:\Windows\system32\drivers\sbp2port.sys [2006-11-02 76392]
S4 sermouse;Serial Mouse Driver; C:\Windows\system32\drivers\sermouse.sys [2008-01-21 19968]
S4 sffdisk;SFF Storage Class Driver; C:\Windows\system32\drivers\sffdisk.sys [2008-01-21 13312]
S4 SiSRaid2;SiSRaid2; C:\Windows\system32\drivers\sisraid2.sys [2008-01-21 41016]
S4 SiSRaid4;SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [2008-01-21 74808]
S4 uliahci;uliahci; C:\Windows\system32\drivers\uliahci.sys [2008-01-21 238648]
S4 UlSata;UlSata; C:\Windows\system32\drivers\ulsata.sys [2006-11-02 98408]
S4 ulsata2;ulsata2; C:\Windows\system32\drivers\ulsata2.sys [2008-01-21 115816]
S4 usbcir;eHome Infrared Receiver (USBCIR); C:\Windows\system32\drivers\usbcir.sys [2006-11-02 68608]
S4 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbuhci.sys [2008-01-21 23552]
S4 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2008-01-21 41472]
S4 vsmraid;vsmraid; C:\Windows\system32\drivers\vsmraid.sys [2008-01-21 130616]
S4 WacomPen;Wacom Serial Pen HID Driver; C:\Windows\system32\drivers\wacompen.sys [2006-11-02 20608]
S4 Wd;Microsoft Watchdog Timer Driver; C:\Windows\system32\drivers\wd.sys [2008-01-21 22072]
S4 ws2ifsl;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\Windows\system32\drivers\ws2ifsl.sys [2008-01-21 15872]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-03-09 655360]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 EMDMgmt;@%SystemRoot%\system32\emdmgmt.dll,-1000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 netprofm;@%SystemRoot%\system32\netprof.dll,-246; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe [2010-02-26 126392]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 slsvc;@%SystemRoot%\system32\SLsvc.exe,-101; C:\Windows\system32\SLsvc.exe [2009-04-10 3408896]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; C:\Windows\system32\SearchIndexer.exe [2009-04-10 441344]
R2 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R3 WMPNetworkSvc;@%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2008-01-21 896512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 ehstart;@%SystemRoot%\ehome\ehstart.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-11 136176]
S2 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 DFSR;@dfsrres.dll,-101; C:\Windows\system32\DFSR.exe [2009-04-10 2092544]
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\Windows\ehome\ehRecvr.exe [2008-01-21 292352]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\Windows\ehome\ehsched.exe [2006-11-02 131072]
S3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2009-02-18 43904]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-11 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 idsvc;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2009-02-18 879448]
S3 IPBusEnum;Rozpoznávací modul sběrnice PnP-X IP; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2009-06-15 9728]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 p2pimsvc;@%SystemRoot%\system32\p2psvc.dll,-8004; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 PNRPAutoReg;@%SystemRoot%\system32\p2psvc.dll,-8002; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 PNRPsvc;@%SystemRoot%\system32\p2psvc.dll,-8000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 SDRSVC;Zálohování systému Windows; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 SLUINotify;@%SystemRoot%\system32\SLUINotify.dll,-103; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 TabletInputService;Služba Vstupní panel počítače Tablet PC; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2009-04-10 39424]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2008-01-21 35840]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2009-04-10 385536]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S4 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
S4 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S4 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-03-29 66368]
S4 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-01-27 509488]
S4 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-02-14 24576]
S4 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-02-18 129880]
S4 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S4 SNMPTRAP;Zachytávání pro službu SNMP; C:\Windows\System32\snmptrap.exe [2006-11-02 12800]
S4 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

-----------------EOF-----------------

[Rudy]

Pokude provedete sken RSIT po skenu ComboFix, bude vždy jeho log k ničemu. CF zahladí všechny stopy. Otevřte soubor C:\combofix.txt a jeho obsah sem zkopírujte.

[bustech]

Díky moc, já právě tyhle věci neznám.

takže tu je


ComboFix 11-08-18.03 - Acer 19.08.2011 13:40:05.2.3 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3070.1840 [GMT 2:00]
Spuštěný z: c:\users\Acer\Desktop\ComboFix.exe
AV: Norton Internet Security *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
FW: Norton Internet Security *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-19 do 2011-08-19 )))))))))))))))))))))))))))))))
.
.
2011-08-19 11:45 . 2011-08-19 11:46 -------- d-----w- c:\users\Acer\AppData\Local\temp
2011-08-19 11:45 . 2011-08-19 11:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-19 09:45 . 2011-08-19 09:45 -------- d-----w- c:\users\Acer\AppData\Roaming\QuickScan
2011-08-17 19:00 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{32CC6431-AB76-4F66-9D7A-2A94E296397D}\mpengine.dll
2011-08-10 11:38 . 2011-06-17 16:03 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-08-10 11:38 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-10 11:38 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-10 11:37 . 2011-06-17 20:13 905104 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-08 12:39 . 2011-08-08 12:39 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-06 17:52 . 2010-10-27 15:23 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 17:52 . 2010-10-27 15:23 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-02 13:34 . 2011-07-13 15:21 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-05-24 17:14 . 2010-10-14 14:38 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-06-25 22:49 . 2011-04-12 17:11 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-01-26 23:26 39472 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer Empowering Technology Monitor"="c:\program files\Acer\Empowering Technology\SysMonitor.exe" [2008-02-14 319488]
"RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 5369856]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"GUCI_AVS"="c:\windows\PixArt\PAP7501\GUCI_AVS.exe" [2008-04-25 327328]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMISR]
2008-05-06 15:09 233472 ----a-w- c:\program files\KYE\WebMate\BM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-01-10 23:25 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2008-01-26 23:27 523312 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmpoweringTechnology]
2008-02-14 13:19 319488 ----a-w- c:\program files\Acer\Empowering Technology\Framework.Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2011-07-06 17:52 449584 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-01-21 10:17 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
R1 SASDIFSV;SASDIFSV;c:\users\Acer\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\users\Acer\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.SYS [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-11 136176]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x32.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-11 136176]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-06 22712]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2011-02-17 33712]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R4 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
R4 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-02-14 24576]
R4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2011-02-23 16184]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1108000.005\SYMDS.SYS [2009-08-30 328752]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1108000.005\SYMEFA.SYS [2010-04-22 173104]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20110812.001\BHDrvx86.sys [2011-07-23 815736]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1108000.005\ccHPx86.sys [2010-02-26 501888]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20110818.030\IDSvix86.sys [2011-08-01 367736]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1108000.005\Ironx86.SYS [2010-04-29 116784]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NIS\1108000.005\SYMTDIV.SYS [2010-05-06 339504]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-05-16 162544]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-05-16 44720]
S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe [2010-02-26 126392]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-07-28 105592]
S3 GUCI_AVS; iSlim 330 ;c:\windows\system32\DRIVERS\GUCI_AVS.sys [2008-03-31 533888]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-05-16 111280]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-05-16 122224]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-11 15:10]
.
2011-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-11 15:10]
.
2011-08-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3442739163-710471463-1364123136-1000Core.job
- c:\users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-14 15:10]
.
2011-08-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3442739163-710471463-1364123136-1000UA.job
- c:\users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-14 15:10]
.
2011-08-19 c:\windows\Tasks\User_Feed_Synchronization-{C04A1368-1957-4A45-B7C8-7AD964FFAC49}.job
- c:\windows\system32\msfeedssync.exe [2011-08-10 09:26]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://cs.intl.acer.yahoo.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\hbxa4y9j.default\
FF - prefs.js: browser.startup.homepage - www.google.com
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-19 13:46
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.8.0.5\diMaster.dll\" /prefetch:1"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3200)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
.
Celkový čas: 2011-08-19 13:47:53
ComboFix-quarantined-files.txt 2011-08-19 11:47
ComboFix2.txt 2011-08-19 10:40
.
Před spuštěním: Volných bajtů: 199 155 019 776
Po spuštění: Volných bajtů: 199 134 818 304
.
- - End Of File - - 02B196AC2272A0D5F0DE35FD72DD5BF9

[Rudy]

OK. V logu není po virové stránce nic nebezpečného vidět. Pouze odinstalujte WindowsDefender, může být v kolizi s NIS. Pak se ozvěte, zda byl problém vyřešen.

[bustech]

Defender jsem vypnul, protože odinstalovat asi půjde, ale bude to něco dramatickýho.
Jinak to vypadá OK.
děkuji moc za pomoc a radu

[Rudy]

Nemáte zač!

[bustech]

Tak opravdu úplně na konec to byla umřelá myš.
Chvíly to fungovalo a pak znova. Tak jsem si pučil myšku a bylo jasno.
Vyřešeno

[Rudy]

Děkujeme za info.