prosim o preventivkuk

[RANKO]

zdravim, bocik je poslednu dobu neaky spomaleny, aj napriek defragmentacii a precisteni cclenerom, dalej sa mi stava ze po zapnuti sa mi nezobrazia ikony na ploche ani panel uloh, vtedy mi nepomoze ani restart cez ctrl alt del, len natvrdo cez gombik.okna sa pomaly vykresluju. avast ani SaS nic nehlasia
prikladam log z rsit
Logfile of random's system information tool 1.08 (written by random/random)
Run by andrejka at 2011-02-12 11:31:39
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 6 GB (41%) free of 15 GB
Total RAM: 2719 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:32:02, on 12.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
D:\comodo\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\RTHDCPL.EXE
D:\atheros\ACU.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\vsnp2std.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Apoint2K\HidFind.exe
D:\comodo\COMODO Internet Security\cfp.exe
C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
D:\RocketDock\RocketDock.exe
D:\SaS\c3ff882e-508a-49b6-81a5-08170648cb1e.exe
D:\Advanced SystemCare 3\AWC.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Apoint2K\Apvfb.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\ASWLSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ASWL2K.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Documents and Settings\andrejka\Desktop\RSIT.exe
C:\Program Files\trend micro\andrejka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: HiGames Toolbar - {64d23501-5195-4224-9446-e2b0fb64e859} - C:\Program Files\HiGames\tbHiG0.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: HiGames Toolbar - {64d23501-5195-4224-9446-e2b0fb64e859} - C:\Program Files\HiGames\tbHiG0.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: HiGames Toolbar - {64d23501-5195-4224-9446-e2b0fb64e859} - C:\Program Files\HiGames\tbHiG0.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ACU] D:\atheros\ACU.exe -nogui
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\adobe reader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "D:\comodo\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "D:\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\SaS\c3ff882e-508a-49b6-81a5-08170648cb1e.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "D:\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - D:\SaS\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\comodo\COMODO Internet Security\cmdagent.exe
O23 - Service: Google Update Service (gupdate1ca181127a152b8) (gupdate1ca181127a152b8) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

--
End of file - 9330 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AWC Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64d23501-5195-4224-9446-e2b0fb64e859}]
HiGames Toolbar - C:\Program Files\HiGames\tbHiG0.dll [2010-10-30 2735200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar BHO - C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16 506720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-05 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-01-05 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{64d23501-5195-4224-9446-e2b0fb64e859} - HiGames Toolbar - C:\Program Files\HiGames\tbHiG0.dll [2010-10-30 2735200]
{8dcb7100-df86-4384-8842-8fa844297b3f} - MSN Toolbar - C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16 506720]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-05-30 98304]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2007-07-05 1040384]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-11-22 630784]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600]
"ACU"=D:\atheros\ACU.exe [2006-11-17 348249]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2006-06-02 176128]
"snp2std"=C:\WINDOWS\vsnp2std.exe [2006-09-15 675840]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-29 61440]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-01-13 3396624]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Adobe Reader Speed Launcher"=D:\adobe reader\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"COMODO Internet Security"=D:\comodo\COMODO Internet Security\cfp.exe [2010-02-10 1800464]
"MSN Toolbar"=C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe [2009-11-16 240992]
"Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2009-07-17 288080]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RocketDock"=D:\RocketDock\RocketDock.exe [2007-09-02 495616]
"SUPERAntiSpyware"=D:\SaS\c3ff882e-508a-49b6-81a5-08170648cb1e.exe [2009-11-13 2001648]
"Advanced SystemCare 3"=D:\Advanced SystemCare 3\AWC.exe [2010-02-08 2343632]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-01-26 15026056]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
D:\SaS\SASWINLO.DLL [2009-09-07 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-09-30 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=D:\SaS\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\strong dc\StrongDC.exe"="D:\strong dc\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"F:\setup\hpznui01.exe"="F:\setup\hpznui01.exe:*:Enabled:hpznui01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"F:\setup\hpznui01.exe"="F:\setup\hpznui01.exe:*:Enabled:hpznui01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"

======List of files/folders created in the last 1 months======

2011-02-14 13:05:36 ----A---- C:\WINDOWS\system32\javaws.exe
2011-02-14 13:05:36 ----A---- C:\WINDOWS\system32\javaw.exe
2011-02-14 13:05:36 ----A---- C:\WINDOWS\system32\java.exe
2011-02-12 11:31:39 ----D---- C:\rsit
2011-02-12 08:51:01 ----D---- C:\Program Files\Common Files\Skype
2011-02-11 20:01:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-02-09 20:47:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-02-09 20:47:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-02-09 20:47:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-02-09 20:47:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-02-09 20:45:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-02-09 20:44:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2482017$
2011-02-09 20:44:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-02-09 20:44:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-02-01 09:13:36 ----A---- C:\WINDOWS\system32\muweb.dll
2011-02-01 09:13:35 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2011-02-01 09:13:35 ----A---- C:\WINDOWS\system32\mucltui.dll
2011-01-28 09:43:21 ----RA---- C:\WINDOWS\system32\difxapi.dll
2011-01-28 09:43:20 ----RA---- C:\WINDOWS\system32\hppldcoi.dll
2011-01-28 09:43:20 ----RA---- C:\WINDOWS\system32\hposwia_p04b.dll
2011-01-28 09:43:20 ----RA---- C:\WINDOWS\system32\hpost_p04b.dll
2011-01-28 09:43:20 ----RA---- C:\WINDOWS\system32\hposc_p04a.dll
2011-01-28 09:41:35 ----D---- C:\Program Files\HP Photo Creations
2011-01-28 09:41:35 ----D---- C:\Documents and Settings\All Users\Application Data\HP Photo Creations
2011-01-28 09:38:28 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2011-01-28 09:34:50 ----D---- C:\Program Files\Common Files\HP
2011-01-23 18:22:32 ----D---- C:\Documents and Settings\All Users\Application Data\WEBREG
2011-01-23 18:20:32 ----D---- C:\Documents and Settings\andrejka\Application Data\HP
2011-01-23 18:18:00 ----A---- C:\WINDOWS\system32\hpf3l101.dll
2011-01-23 18:17:56 ----RA---- C:\WINDOWS\system32\hpzids01.dll
2011-01-23 18:16:52 ----A---- C:\WINDOWS\system32\drivers\serscan.sys
2011-01-23 18:12:15 ----D---- C:\Program Files\Microsoft
2011-01-23 18:12:10 ----D---- C:\Program Files\MSN Toolbar
2011-01-23 18:12:00 ----D---- C:\Program Files\Microsoft Silverlight
2011-01-23 18:11:31 ----D---- C:\Program Files\MSN Toolbar Installer
2011-01-23 18:11:24 ----D---- C:\WINDOWS\Cache
2011-01-23 18:11:23 ----D---- C:\Program Files\Coupons
2011-01-23 18:10:42 ----D---- C:\Documents and Settings\andrejka\Application Data\HpUpdate
2011-01-23 18:06:41 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2011-01-23 18:06:14 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2011-01-23 18:04:37 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-01-23 18:04:07 ----D---- C:\Program Files\HP
2011-01-23 18:03:55 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2011-01-23 18:03:52 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2011-01-23 18:03:49 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2011-01-23 18:03:23 ----HD---- C:\Config.Msi
2011-01-15 09:10:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2011-01-15 09:10:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-01-15 09:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-01-15 09:10:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2011-01-15 09:10:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2011-01-15 09:10:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2011-01-15 09:09:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2416400$
2011-01-15 09:08:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$

======List of files/folders modified in the last 1 months======

2011-02-18 11:21:09 ----A---- C:\WINDOWS\NeroDigital.ini
2011-02-14 13:05:32 ----D---- C:\Program Files\Java
2011-02-12 11:32:02 ----D---- C:\Program Files\Trend Micro
2011-02-12 11:31:47 ----D---- C:\WINDOWS\Prefetch
2011-02-12 11:29:07 ----D---- C:\Documents and Settings\andrejka\Application Data\Skype
2011-02-12 11:16:14 ----D---- C:\WINDOWS\Temp
2011-02-12 11:02:46 ----SHD---- C:\System Volume Information
2011-02-12 11:02:46 ----D---- C:\WINDOWS\system32\Restore
2011-02-12 11:01:43 ----D---- C:\WINDOWS
2011-02-12 11:01:21 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-12 11:00:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-12 10:56:21 ----D---- C:\WINDOWS\Debug
2011-02-12 08:51:11 ----SHD---- C:\WINDOWS\Installer
2011-02-12 08:51:01 ----D---- C:\Program Files\Common Files
2011-02-12 08:41:48 ----D---- C:\WINDOWS\system32
2011-02-12 08:39:33 ----D---- C:\Documents and Settings\andrejka\Application Data\skypePM
2011-02-10 08:16:35 ----D---- C:\Documents and Settings\andrejka\Application Data\vlc
2011-02-09 20:47:53 ----HD---- C:\WINDOWS\inf
2011-02-09 20:47:52 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-09 20:45:24 ----A---- C:\WINDOWS\system32\MRT.exe
2011-02-09 20:44:05 ----HD---- C:\WINDOWS\$hf_mig$
2011-02-04 20:10:33 ----D---- C:\WINDOWS\system32\CatRoot
2011-02-02 20:27:35 ----D---- C:\WINDOWS\security
2011-02-01 20:16:01 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2011-01-28 09:46:00 ----A---- C:\WINDOWS\win.ini
2011-01-28 09:43:55 ----D---- C:\WINDOWS\twain_32
2011-01-28 09:41:35 ----RD---- C:\Program Files
2011-01-28 09:40:39 ----D---- C:\WINDOWS\WinSxS
2011-01-28 09:39:20 ----RSD---- C:\WINDOWS\Fonts
2011-01-23 18:16:56 ----D---- C:\WINDOWS\system32\drivers
2011-01-23 18:11:46 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-23 17:53:45 ----A---- C:\WINDOWS\WirelessFTP.INI
2011-01-22 19:39:45 ----D---- C:\WINDOWS\system32\config
2011-01-21 15:44:37 ----A---- C:\WINDOWS\system32\shimgvw.dll
2011-01-21 15:44:37 ----A---- C:\WINDOWS\system32\shell32.dll
2011-01-19 07:17:42 ----RD---- C:\Program Files\Skype
2011-01-19 07:17:11 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2011-01-15 09:08:16 ----D---- C:\Program Files\Outlook Express
2011-01-13 09:47:32 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2010-02-10 87104]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 RapportKELL;RapportKELL; C:\WINDOWS\System32\Drivers\RapportKELL.sys [2010-10-03 59240]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2010-02-10 134344]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2010-02-10 25160]
R1 RapportCerberus_19917;RapportCerberus_19917; \??\C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\19917\RapportCerberus_19917.sys []
R1 RapportPG;RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys []
R1 SASDIFSV;SASDIFSV; \??\D:\SaS\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\D:\SaS\SASKUTIL.sys []
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-08-07 20747]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2006-05-26 111104]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-12-05 529344]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-30 3565056]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-06-02 5085184]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 SASENUM;SASENUM; \??\D:\SaS\SASENUM.SYS []
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-03-30 12033024]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-04-19 47488]
R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-05-18 110976]
R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-03-16 37632]
R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-05-09 62848]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-05-09 40192]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2006-07-20 54432]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 RapportIaso;RapportIaso; \??\C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\21923\RapportIaso.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-02-28 5888]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-10-03 102656]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2006-03-15 52864]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2006-11-17 360533]
R2 ASWLSVC;ASWLSVC; C:\WINDOWS\system32\ASWLSVC.exe [2004-05-06 496640]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-09-30 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\comodo\COMODO Internet Security\cmdagent.exe [2010-02-10 723632]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 RapportMgmtService;Rapport Management Service; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2010-10-03 767208]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-09-29 593920]
S2 gupdate1ca181127a152b8;Google Update Service (gupdate1ca181127a152b8); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-08 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Roli]

Zdravím, tohle fixni v HJT :

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\adobe reader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

HJT najdeš zde :

C:\Program Files\trend micro\andrejka.exe

Fix znamená že spustíš HJT

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

NBService - Nero AG

NMIndexingService - Nero AG

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.


Přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj Advanced SystemCare 3


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[RANKO]

tu je log z combofix, advanced system care som omylom odinstaloval az po combofixe dufam ze to nieje problem
ComboFix 11-02-12.02 - andrejka 13.02.2011 16:19:30.1.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2719.1870 [GMT 1:00]
Running from: c:\documents and settings\andrejka\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\andrejka\Application Data\EurekaLog

.
((((((((((((((((((((((((( Files Created from 2011-01-13 to 2011-02-13 )))))))))))))))))))))))))))))))
.

2011-02-13 15:07 . 2011-02-13 15:07 388096 ----a-r- c:\documents and settings\andrejka\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-02-12 13:21 . 2011-02-12 13:21 -------- d-----w- c:\windows\1848
2011-02-12 13:17 . 2011-02-12 13:17 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-02-12 13:17 . 2011-02-12 13:17 -------- d-----w- c:\program files\Novel Games
2011-02-12 12:35 . 2011-02-12 14:27 -------- d-----w- c:\program files\Astroburn Toolbar
2011-02-12 12:35 . 2011-02-12 12:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Astroburn Lite
2011-02-12 11:26 . 2011-02-12 11:29 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-02-12 11:25 . 2011-02-12 12:08 -------- d-----w- c:\documents and settings\andrejka\Application Data\DAEMON Tools Lite
2011-02-12 11:25 . 2011-02-12 11:25 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2011-02-12 10:31 . 2011-02-12 10:32 -------- d-----w- C:\rsit
2011-02-12 07:51 . 2011-02-12 07:51 -------- d-----w- c:\program files\Common Files\Skype
2011-02-01 08:13 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll
2011-02-01 08:13 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-01-28 08:43 . 2009-08-05 15:22 309760 ----a-r- c:\windows\system32\difxapi.dll
2011-01-28 08:43 . 2009-10-30 04:15 372736 ----a-r- c:\windows\system32\hppldcoi.dll
2011-01-28 08:43 . 2009-09-10 17:44 966656 ----a-r- c:\windows\system32\hpost_p04b.dll
2011-01-28 08:43 . 2009-09-10 17:44 887296 ----a-r- c:\windows\system32\hposwia_p04b.dll
2011-01-28 08:43 . 2009-09-10 17:44 315392 ----a-r- c:\windows\system32\hposc_p04a.dll
2011-01-28 08:41 . 2011-01-28 08:41 -------- d-----w- c:\program files\HP Photo Creations
2011-01-28 08:41 . 2011-01-28 08:41 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Photo Creations
2011-01-28 08:38 . 2011-01-28 08:38 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2011-01-28 08:34 . 2011-01-28 08:34 -------- d-----w- c:\program files\Common Files\HP
2011-01-23 17:22 . 2011-01-23 17:22 -------- d-----w- c:\documents and settings\All Users\Application Data\WEBREG
2011-01-23 17:21 . 2011-01-23 17:21 -------- d-----w- c:\documents and settings\andrejka\Local Settings\Application Data\HP
2011-01-23 17:20 . 2011-01-23 17:24 -------- d-----w- c:\documents and settings\andrejka\Application Data\HP
2011-01-23 17:18 . 2009-10-21 14:29 320512 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpfpp101.dll
2011-01-23 17:18 . 2009-10-21 14:29 125440 ----a-w- c:\windows\system32\hpf3l101.dll
2011-01-23 17:17 . 2009-10-22 00:55 452736 ----a-r- c:\windows\system32\hpzids01.dll
2011-01-23 17:16 . 2001-08-17 12:53 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2011-01-23 17:16 . 2001-08-17 12:53 6784 ----a-w- c:\windows\system32\drivers\serscan.sys
2011-01-23 17:12 . 2011-02-12 11:18 -------- d-----w- c:\program files\Microsoft
2011-01-23 17:12 . 2011-02-06 05:27 -------- d-----w- c:\program files\Microsoft Silverlight
2011-01-23 17:11 . 2011-01-23 17:11 -------- d-----w- c:\windows\Cache
2011-01-23 17:11 . 2011-01-23 17:11 -------- d-----w- c:\program files\Coupons
2011-01-23 17:10 . 2011-01-28 08:41 -------- d-----w- c:\documents and settings\andrejka\Application Data\HpUpdate
2011-01-23 17:06 . 2011-01-28 08:39 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2011-01-23 17:06 . 2011-01-23 17:06 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2011-01-23 17:04 . 2011-02-12 11:29 -------- dc----w- c:\windows\system32\DRVSTORE
2011-01-23 17:04 . 2011-01-28 08:41 -------- d-----w- c:\program files\HP
2011-01-23 17:03 . 2008-04-13 19:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2011-01-23 17:03 . 2008-04-13 19:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-01-23 17:03 . 2008-04-13 19:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2011-01-23 17:03 . 2008-04-13 19:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2011-01-23 17:03 . 2008-04-13 19:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2011-01-23 17:03 . 2008-04-13 19:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2011-01-21 14:44 . 2011-01-21 14:44 439296 -c----w- c:\windows\system32\dllcache\shimgvw.dll
2011-01-15 06:08 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-01-15 06:08 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-21 14:44 . 2006-02-28 12:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-13 08:47 . 2010-07-18 17:27 38848 ----a-w- c:\windows\avastSS.scr
2011-01-13 08:47 . 2009-08-07 12:26 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2009-08-07 12:27 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2009-08-07 12:27 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2009-08-07 12:27 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2009-08-07 12:27 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2009-08-07 12:27 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2009-08-07 12:27 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2009-08-07 12:27 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-07 14:09 . 2006-02-28 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10 . 2006-02-28 12:00 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34 . 2006-02-28 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 22:15 . 2006-02-28 12:00 667136 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 22:15 . 2006-02-28 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2010-12-20 22:15 . 2006-02-28 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-12-20 17:26 . 2006-02-28 12:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 15:30 . 2006-02-28 12:00 369664 ----a-w- c:\windows\system32\html.iec
2010-12-09 15:15 . 2006-02-28 12:00 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30 . 2006-02-28 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:42 . 2006-02-28 12:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07 . 2004-08-03 22:59 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-11-18 18:12 . 2009-08-07 07:44 81920 ----a-w- c:\windows\system32\isign32.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="d:\rocketdock\RocketDock.exe" [2007-09-02 495616]
"SUPERAntiSpyware"="d:\sas\c3ff882e-508a-49b6-81a5-08170648cb1e.exe" [2009-11-13 2001648]
"Advanced SystemCare 3"="d:\advanced systemcare 3\AWC.exe" [2010-02-08 2343632]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
"DAEMON Tools Lite"="d:\daemon tools lite\DTLite.exe" [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-05-30 98304]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"RTHDCPL"="RTHDCPL.EXE" [2009-05-21 17881600]
"ACU"="d:\atheros\ACU.exe" [2006-11-17 348249]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-06-02 176128]
"snp2std"="c:\windows\vsnp2std.exe" [2006-09-15 675840]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2011-01-13 3396624]
"COMODO Internet Security"="d:\comodo\COMODO Internet Security\cfp.exe" [2010-02-10 1800464]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2006-5-24 49152]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\sas\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-07 16:12 548352 ----a-w- d:\sas\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\strong dc\\StrongDC.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [3.10.2010 22:43 59240]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7.8.2009 13:27 294608]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [10.2.2010 19:23 134344]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [10.2.2010 19:23 25160]
R1 RapportCerberus_19917;RapportCerberus_19917;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\19917\RapportCerberus_19917.sys [3.10.2010 22:54 34792]
R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [3.10.2010 22:43 169320]
R1 SASDIFSV;SASDIFSV;d:\sas\SASDIFSV.SYS [28.7.2009 9:53 12872]
R1 SASKUTIL;SASKUTIL;d:\sas\SASKUTIL.SYS [28.7.2009 9:53 67656]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.8.2009 13:27 17744]
R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [3.10.2010 22:43 767208]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [12.2.2011 12:26 218688]
R3 SASENUM;SASENUM;d:\sas\SASENUM.SYS [28.7.2009 9:53 12872]
S2 gupdate1ca181127a152b8;Google Update Service (gupdate1ca181127a152b8);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2009 11:15 133104]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [7.8.2009 12:37 1684736]
S3 RapportIaso;RapportIaso;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\21923\RapportIaso.sys [2.2.2011 6:57 12928]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - NBSERVICE

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-06-20 10:47 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-08-15 c:\windows\Tasks\AWC Update.job
- d:\advanced systemcare 3\IObitUpdate.exe [2009-08-12 12:38]

2011-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-08 10:15]

2011-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-08 10:15]
.
.
------- Supplementary Scan -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
FF - ProfilePath - c:\documents and settings\andrejka\Application Data\Mozilla\Firefox\Profiles\lg6vuqsm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.azet.sk
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Gmail Manager: {582195F5-92E7-40a0-A127-DB71295901D7} - %profile%\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: MouseZoom: {28FAD68E-4001-48d5-B994-68069F7CFB1D} - %profile%\extensions\{28FAD68E-4001-48d5-B994-68069F7CFB1D}
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-13 16:23
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(892)
c:\windows\system32\guard32.dll
d:\sas\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(948)
c:\windows\system32\guard32.dll

- - - - - - - > 'explorer.exe'(5812)
c:\program files\Trusteer\Rapport\bin\rooksbas.dll
.
Completion time: 2011-02-13 16:25:56
ComboFix-quarantined-files.txt 2011-02-13 15:25

Pre-Run: 6 182 699 008 bytes free
Post-Run: 6 229 716 992 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 850F08B2017791A2D6DD784ED24ED787

[Roli]

Ne není v tom problém že si Iobit odinstaloval až pak.

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Pak pužij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!

[RANKO]

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verzia databázy: 5754

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

13.2.2011 19:48:55
mbam-log-2011-02-13 (19-48-50).txt

Typ kontroly: Rýchla kontrola
Objektov kontrolovaných: 136869
Uplynutý čas: 3 min, 29 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 3
Infikované položky registračných dát: 3
Infikované priečinky: 0
Infikované súbory: 1

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_XMLLookup (Hijacker.XMLLookup) -> Value: bak_XMLLookup -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_Application (Hijacker.Application) -> Value: bak_Application -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_intl (Hijacker.intl) -> Value: bak_intl -> No action taken.

Infikované položky registračných dát:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\XMLLookup (Hijacker.XMLLookup) -> Bad: (http://www.helpmeopen.com/?n=app&l=%04x&ext=%s) Good: (http://shell.windows.com/fileassoc/file ... 04x&Ext=%s) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (http://www.helpmeopen.com/?n=app&l=%04x&ext=%s) Good: (http://shell.windows.com/fileassoc/%04x ... asp?Ext=%s) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\intl (Hijacker.intl) -> Bad: (http://www.helpmeopen.com/?n=app&l=%04x&ext=%s) Good: (http://shell.windows.com/fileassoc/file ... 04x&Ext=%s) -> No action taken.

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
c:\WINDOWS\lezaliz+ýtor windows xp.exe (RiskWare.Tool.CK) -> No action taken.

[Roli]

To co Mbam našel nech smazat a dej vědět jaký je stav PC.

[RANKO]

hm aj s tym legalizatorom?

[Roli]

No měl bys

A jak je na tom PC ?

[RANKO]

tak som to zmazal vsetko ako si radil, program si vypytal restart, PC je zda sa lepsie, uz sa mi nezobrazuje baterka pri otvarani beznych okien ako napr. ovladaci panel, ale problem s ovladanim hlasu ostal, stale ho musim rucne davat na panel uloh aj napriek tomu ze ho mam zaskrtnuty na automat pri starte

[Roli]

V Bios Setup do kterého se dostaneš při restartu mačkáním klávesy :

* DEL
* F2
* F1
* F10

záleží na PC, ale vždy je to na monitoru napsáno,

otevři nabídku ADVANCED BIOS FEATURES a vyhledej Boot Devices 0 až 4 nebo Boot Sequence.

Na první místo nastav CD-ROM,

na druhé pevný disk HDD, u obou položek bývá napsán i výrobce.

Stisknutím Save většinou je to F10 a potvrzením Entrem uložíš nastavení,

pak ještě stisknutím Save and Exit se dostaneš z Biosu.

Vlož instalační CD do mechaniky, nech nabootovat, stiskem klávesy R vyber Konzolu pro zotavení.

Vyskočí na tebe černé okno kde za C:\WINDOWS zadáš příkaz FIXMBR

Dále zadáš příkaz EXIT tím dojde k restartu PC.


Pak dej vědět jaký je stav.

[RANKO]

a nevadi ze na instalacke mam sp2 a v bociku sp3? bo raz som uz recovery skusal a tusim koli tomu mi to nezobralo. ale skusim a uvidim.

edit: zmesti sa mi tam len jedno pismeno a potom kurzor stoji, neviem tam napisat FIXMBR
edit2: tak som sa v tom este raz povrtal a tentokrat som si aj precital co odomna chcu a urcil windows ktory chcem reparovat, niezeby som tam mal dva.
zvysok prebehol ako si popisal. na liste mi pribudli ikony skypu,comoda, a zvukovej karty alebo audio manager ci ako to nazvat, ale ovladac hlasu stale nikde ale aj tak diky zatim

[Roli]

A nemáš náhodou zrušené zatržítko u Umístit ikonu na hlavní panel ?

Dostaneš se tam přes Ovládací panely > Zvuky a zvuková zařízení, karta Hlasitost.

[RANKO]

nie nemam zakazdym ked tu ikonu chcem dostat na panel uloh tak ju musim odskrtnut, potvrdit zase zaskrtnut a zas potvrdit a potom mi tam nabehne, ach jo

[Roli]

Máš CD s windows ?

Pokud ano postupuj podle TOHOTO návodu, konkrétně metoda 2.

Pokud ne, stáhni TENHLE zip soubor a extrahuj do :

c:\windows\system32\

Pak dej vědět zda to zabralo.

[RANKO]

mam CD s windows, dokonca orginal popisany postup mi zial nepomohol