Ani po odvireni NB nejde Facebook

[Januska25]

Zdravim Vas, prosim mozte mi niekto pomoct, dostala som sa k virusu z facebooku, uz tolko znameho...NB bol u jedneho pana, ktory ho odviril, ale stale nejde spustit Facebook. Mam tu log z RSIT. POradi mi niekto?
Logfile of random's system information tool 1.09 (written by random/random)
Run by Janka at 2011-11-16 10:17:47
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 92 GB (61%) free of 153 GB
Total RAM: 2039 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:18:14, on 16.11.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Notes\LOTUSI~1\nDOLMgr.exe
C:\WINDOWS\twain_32\Dell\DELL1133\Scan2Pc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Janka\Desktop\RSIT.exe
C:\Program Files\trend micro\Janka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
O4 - HKLM\..\Run: [Lotus iNotes Sync Manager] C:\Notes\LOTUSI~1\nDOLMgr.exe -minimize
O4 - HKLM\..\Run: [1133 Scan2PC] "C:\WINDOWS\twain_32\Dell\DELL1133\Scan2Pc.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files\SmarThru 4\WebCapture.dll2.htm
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htm
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files\SmarThru 4\WebCapture.dll.htm
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files\SmarThru 4\WebCapture.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: Nastavenia rozšírenia &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra button: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra button: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra button: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9844419765
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9844491625
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - (no file)
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn, Inc. - (no file)
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - (no file)
O23 - Service: ICQ Service - Intel Corporation - (no file)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - (no file)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

--
End of file - 10454 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\ASC4_AutoCare.job
C:\WINDOWS\tasks\ASC4_AutoConverter.job
C:\WINDOWS\tasks\ASC4_AutoSweep.job
C:\WINDOWS\tasks\ASC4_AutoUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Janka\Application Data\Mozilla\Firefox\Profiles\6lk4fek8.default

prefs.js - "browser.startup.homepage" - "http://www.gmail.com"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{000a9d1c-beef-4f90-9363-039d445309b8}"=C:\Program Files\Google\Google Gears\Firefox\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
xmlfiller@software602.cz
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{B13721C7-F507-4982-B2E5-502A71474FED}

C:\Program Files\Mozilla Firefox\components\
AskHPRFF.js
binary.manifest
browsercomps.dll
nsIFillerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeploytk.dll
npfiller.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
iMeshWebSearch.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Documents and Settings\Janka\Application Data\Mozilla\Firefox\Profiles\6lk4fek8.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Documents and Settings\Janka\Application Data\Mozilla\Firefox\Profiles\6lk4fek8.default\searchplugins\
askcom.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
iMeshWebSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
MediaBar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-23 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll [2010-02-23 2121728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-08-23 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{28387537-e3f9-4ed7-860c-11e69af4a8a0} -

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Lotus iNotes Sync Manager"=C:\Notes\LOTUSI~1\nDOLMgr.exe [2008-08-08 409600]
"1133 Scan2PC"=C:\WINDOWS\twain_32\Dell\DELL1133\Scan2Pc.exe [2009-12-24 1978880]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-09-23 258512]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-09-18 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"EnableSecureUIAPaths"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Deutscher Ring\Calculator SK\Deutscher Ring Calculator SK.exe"="C:\Program Files\Deutscher Ring\Calculator SK\Deutscher Ring Calculator SK.exe:*:Enabled:Deutscher Ring Calculator SK"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\Deutscher Ring\Accident Calculator SK\Deutscher Ring Accident Calculator SK.exe"="C:\Program Files\Deutscher Ring\Accident Calculator SK\Deutscher Ring Accident Calculator SK.exe:*:Enabled:Deutscher Ring Accident Calculator SK"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Disabled:Google Earth"
"C:\WINDOWS\twain_32\Dell\DELL1133\Scan2Pc.exe"="C:\WINDOWS\twain_32\Dell\DELL1133\Scan2Pc.exe:*:Enabled:Scan2PC.exe"
"C:\WINDOWS\twain_32\Dell\DELL1133\Sscan2io.exe"="C:\WINDOWS\twain_32\Dell\DELL1133\Sscan2io.exe:*:Enabled:Sscan2io.exe"
"C:\WINDOWS\twain_32\Dell\ScanMgr.exe"="C:\WINDOWS\twain_32\Dell\ScanMgr.exe:*:Enabled:ScanMgr.exe"
"C:\Program Files\Google\Update\GoogleUpdate.exe"="C:\Program Files\Google\Update\GoogleUpdate.exe:*:Enabled:Inštalačný program Google"
"C:\Program Files\Ask.com\UpdateTask.exe"="C:\Program Files\Ask.com\UpdateTask.exe:*:Enabled:UpdateTask"
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe:*:Enabled:Adobe Reader and Acrobat Manager"
"C:\Documents and Settings\Janka\Desktop\KALKULACKY OVB\run.exe"="C:\Documents and Settings\Janka\Desktop\KALKULACKY OVB\run.exe:*:Enabled:Einstein"
"C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"="C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE:*:Enabled:Office Source Engine"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=yv12vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"vidc.dvsd"=pdvcodec.dll
"msacm.l3fhg"=mp3fhg.acm
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 1 month======

2011-11-15 20:45:18 ----A---- C:\WINDOWS\resetlog.txt
2011-11-15 15:55:14 ----D---- C:\Documents and Settings\Janka\Application Data\Malwarebytes
2011-11-15 15:55:08 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2011-11-15 15:55:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-11-15 15:55:04 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-11-14 20:55:09 ----D---- C:\Program Files\trend micro
2011-11-14 20:55:08 ----D---- C:\rsit
2011-11-14 20:08:10 ----D---- C:\Documents and Settings\All Users\Application Data\IObit
2011-11-13 11:57:06 ----SHD---- C:\Config.Msi
2011-11-13 11:16:53 ----D---- C:\Program Files\Yamicsoft
2011-11-13 11:15:03 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2011-11-13 11:14:55 ----D---- C:\Program Files\SpywareBlaster
2011-11-12 22:47:21 ----D---- C:\Documents and Settings\Janka\Application Data\IObit
2011-11-12 22:47:12 ----D---- C:\Program Files\IObit
2011-11-12 22:36:40 ----D---- C:\Program Files\EMCO
2011-11-12 22:32:41 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-11-12 22:32:41 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2011-11-12 22:16:53 ----D---- C:\Documents and Settings\Janka\Application Data\Avira
2011-11-12 22:15:03 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2011-11-12 22:15:01 ----A---- C:\WINDOWS\system32\drivers\avkmgr.sys
2011-11-12 22:15:01 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2011-11-12 22:15:01 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2011-11-12 22:14:54 ----D---- C:\Program Files\Avira
2011-11-12 22:14:54 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2011-11-03 11:15:36 ----A---- C:\WINDOWS\Dell1133.txt
2011-11-03 11:12:18 ----A---- C:\WINDOWS\system32\msxml2a.dll
2011-11-03 11:12:18 ----A---- C:\WINDOWS\SSndii.exe
2011-11-03 11:12:16 ----D---- C:\WINDOWS\Dell
2011-11-03 11:11:36 ----D---- C:\Documents and Settings\Janka\Application Data\SmarThru4
2011-11-03 11:11:20 ----N---- C:\WINDOWS\system32\drivers\DgivEcp.sys
2011-11-03 11:11:06 ----N---- C:\WINDOWS\system32\SecSNMP.dll
2011-11-03 11:11:05 ----A---- C:\WINDOWS\system32\LTRPR13n.DLL
2011-11-03 11:11:05 ----A---- C:\WINDOWS\system32\LTRIO13N.DLL
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lttwn13n.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\LTR13N.DLL
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lftif13s.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lfpsd13s.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\LFPNM13s.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\Lfpng13s.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lfpcx13s.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lfpcd13s.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lfmsp13s.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lfjbg13s.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\LFJ2K13s.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lfitg13s.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lfitg13n.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lfimg13s.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lfimg13n.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lfiff13s.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lfiff13n.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lffax13s.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lffax13n.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lfeps13s.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\LFCMP13s.DLL
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lfclp13s.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lfbmp13s.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lfavi13s.dll
2011-11-03 11:11:04 ----A---- C:\WINDOWS\system32\lfani13s.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\PCDLIB32.DLL
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\lttmb13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\LTTLB13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\Ltpnt13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\ltpdg13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\LTOCR13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\ltkrn13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\ltimg13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\ltefx13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\LTDIS13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\LTCLR13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\ltbar13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\lftif13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\lfpsd13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\LFPNM13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\Lfpng13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\lfpcx13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\lfpcd13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\lfmsp13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\lfjbg13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\LFJ2K13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\lfeps13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\LFCMP13n.DLL
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\lfclp13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\lfbmp13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\lfavi13n.dll
2011-11-03 11:11:03 ----A---- C:\WINDOWS\system32\lfani13n.dll
2011-11-03 11:11:02 ----A---- C:\WINDOWS\system32\Mfcoleui.dll
2011-11-03 11:11:02 ----A---- C:\WINDOWS\system32\Ltwvc13n.dll
2011-11-03 11:11:02 ----A---- C:\WINDOWS\system32\ltlst13n.dll
2011-11-03 11:11:02 ----A---- C:\WINDOWS\system32\ltfil13n.DLL
2011-11-03 11:11:02 ----A---- C:\WINDOWS\system32\ltdlg13n.dll
2011-11-03 11:11:01 ----D---- C:\Program Files\Common Files\SRC Shared
2011-11-03 11:10:59 ----A---- C:\WINDOWS\Readiris.ini
2011-11-03 11:10:50 ----A---- C:\WINDOWS\system32\irisco32.dll
2011-11-03 11:09:38 ----D---- C:\Program Files\Readiris10
2011-11-03 11:09:26 ----D---- C:\Program Files\SmarThru 4
2011-11-03 11:08:37 ----RA---- C:\WINDOWS\Wiainst.exe
2011-11-03 11:06:34 ----A---- C:\WINDOWS\system32\sdo1ml3.dll
2011-11-03 11:06:23 ----A---- C:\WINDOWS\system32\sdo1mci.exe
2011-11-03 11:06:23 ----A---- C:\WINDOWS\system32\sdo1mci.dll
2011-11-03 11:05:42 ----D---- C:\Program Files\Dell
2011-10-31 14:40:13 ----D---- C:\reports
2011-10-31 14:40:13 ----D---- C:\ProductDB
2011-10-31 14:40:13 ----D---- C:\lib
2011-10-31 14:40:13 ----A---- C:\Projekcie.lnk
2011-10-31 14:40:13 ----A---- C:\Projekcie.cmd
2011-10-31 14:40:13 ----A---- C:\MetLife Amslico.lnk
2011-10-31 14:40:13 ----A---- C:\jr.cmd
2011-10-31 10:58:47 ----D---- C:\WINDOWS\ufa
2011-10-31 10:58:47 ----D---- C:\WINDOWS\phoenix
2011-10-31 10:56:59 ----A---- C:\WINDOWS\btc_client_iplist.txt
2011-10-31 10:55:40 ----HD---- C:\WINDOWS\update.5.0
2011-10-28 09:05:20 ----A---- C:\WINDOWS\unrar.exe
2011-10-28 08:59:38 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-10-28 08:58:53 ----HD---- C:\WINDOWS\update.2
2011-10-28 08:55:17 ----A---- C:\WINDOWS\iplist.txt
2011-10-28 08:53:56 ----A---- C:\WINDOWS\front_ip_list.txt
2011-10-28 08:51:23 ----HD---- C:\WINDOWS\update.tray-9-0-lnk
2011-10-28 08:51:23 ----HD---- C:\WINDOWS\update.tray-9-0
2011-10-28 08:39:57 ----D---- C:\WINDOWS\av_ico
2011-10-28 08:37:06 ----HD---- C:\WINDOWS\update.1
2011-10-28 08:37:02 ----HD---- C:\WINDOWS\update.tray-8-0-lnk
2011-10-28 08:37:02 ----HD---- C:\WINDOWS\update.tray-8-0
2011-10-28 08:26:35 ----A---- C:\WINDOWS\winlog-ids.txt
2011-10-28 08:26:35 ----A---- C:\WINDOWS\winlog-dirs.txt

======List of files/folders modified in the last 1 month======

2011-11-16 10:17:56 ----D---- C:\WINDOWS\Temp
2011-11-16 10:17:55 ----D---- C:\WINDOWS\Prefetch
2011-11-16 09:13:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-11-16 08:16:29 ----D---- C:\WINDOWS\system32\drivers
2011-11-16 08:15:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$
2011-11-16 08:15:12 ----D---- C:\Documents and Settings\Janka\Application Data\Desktopicon
2011-11-15 22:04:21 ----SHD---- C:\System Volume Information
2011-11-15 22:02:49 ----D---- C:\WINDOWS\system32\NtmsData
2011-11-15 21:29:47 ----D---- C:\WINDOWS\system32\CatRoot2
2011-11-15 21:29:47 ----D---- C:\Program Files\Mozilla Thunderbird
2011-11-15 21:29:47 ----D---- C:\Program Files\Mozilla Firefox
2011-11-15 21:19:37 ----D---- C:\WINDOWS\Registration
2011-11-15 20:45:18 ----D---- C:\WINDOWS
2011-11-15 16:55:12 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2011-11-15 15:55:04 ----RD---- C:\Program Files
2011-11-14 20:47:19 ----AC---- C:\WINDOWS\WINCMD.INI
2011-11-14 19:43:27 ----D---- C:\WINDOWS\network diagnostic
2011-11-14 19:42:38 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-11-13 17:20:50 ----SD---- C:\WINDOWS\Tasks
2011-11-13 16:25:05 ----A---- C:\WINDOWS\system.ini
2011-11-13 12:05:20 ----SHD---- C:\WINDOWS\Installer
2011-11-13 12:04:18 ----D---- C:\WINDOWS\system32
2011-11-13 12:01:44 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2011-11-13 12:00:49 ----SD---- C:\Documents and Settings\Janka\Application Data\Microsoft
2011-11-13 12:00:49 ----D---- C:\Documents and Settings\Janka\Application Data\Adobe
2011-11-13 11:58:22 ----D---- C:\Program Files\Common Files\Adobe
2011-11-13 11:57:55 ----D---- C:\Program Files\Adobe
2011-11-13 11:45:13 ----D---- C:\Documents and Settings\Janka\Application Data\Thunderbird
2011-11-13 11:40:31 ----D---- C:\ALFA
2011-11-13 11:35:39 ----A---- C:\WINDOWS\system32\pgdfgsvc.exe
2011-11-13 11:23:15 ----D---- C:\Program Files\WinRAR
2011-11-13 11:23:15 ----D---- C:\Program Files\Winmail Opener
2011-11-12 23:25:31 ----D---- C:\WINDOWS\Debug
2011-11-12 23:25:00 ----D---- C:\Documents and Settings\Janka\Application Data\Media Player Classic
2011-11-12 22:49:11 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2011-11-12 22:42:17 ----D---- C:\WINDOWS\system32\drivers\etc
2011-11-12 22:01:06 ----D---- C:\Program Files\Ask.com
2011-11-12 16:48:00 ----D---- C:\Program Files\Mobility Manager
2011-11-12 16:46:55 ----D---- C:\Program Files\LogMeIn Hamachi
2011-11-12 16:44:13 ----D---- C:\Program Files\ICQ6Toolbar
2011-11-12 16:38:31 ----D---- C:\Program Files\Common Files\LightScribe
2011-11-12 15:56:57 ----D---- C:\Temp
2011-11-12 15:23:16 ----SHD---- C:\RECYCLER
2011-11-08 21:41:15 ----D---- C:\Program Files\Lx_cats
2011-11-07 13:52:19 ----HD---- C:\WINDOWS\inf
2011-11-06 20:58:33 ----D---- C:\logs
2011-11-06 20:32:10 ----D---- C:\Projection
2011-11-03 11:15:44 ----HD---- C:\Program Files\InstallShield Installation Information
2011-11-03 11:13:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-11-03 11:11:01 ----D---- C:\Program Files\Common Files
2011-11-03 11:08:35 ----D---- C:\WINDOWS\twain_32
2011-11-01 20:35:45 ----A---- C:\WINDOWS\NeroDigital.ini
2011-10-31 14:42:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-28 09:01:31 ----D---- C:\WINDOWS\system32\Restore
2011-10-28 08:51:33 ----A---- C:\boot.ini
2011-10-28 08:49:16 ----D---- C:\WINDOWS\Minidump
2011-10-25 09:45:40 ----D---- C:\Program Files\Whitestein Technologies
2011-10-24 09:55:41 ----D---- C:\Program Files\ERGO

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\drivers\iaStor.sys [2007-09-29 308248]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2011-09-18 134344]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2011-09-15 36000]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2010-03-19 51072]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2011-09-15 74640]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2007-07-27 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2007-07-27 55936]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-02-05 281600]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2008-11-21 1204128]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-02-14 530861]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-02-14 30459]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-02-14 868298]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-02-14 149123]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-02-14 67960]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2008-12-05 241296]
R3 FlrnUSB;Leadtek USB Network Interface; C:\WINDOWS\system32\DRIVERS\LtkUSB.sys [2008-05-14 41907]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2008-04-28 9344]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-09-18 5779296]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 NETw5x32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-11-17 3636864]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-03-28 224672]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
S2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2009-08-26 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2009-08-26 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2009-08-26 21568]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-02 20864]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [2011-08-09 328536]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-09-23 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-09-23 86224]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 NWCWorkstation;Client Service for NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-28 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-08-10 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-28 133104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[vyosek]

Zdravim a pekne dopoledne preji

Jen takovy dotaz ze zvedavosti, platila jste mu neco

Nechal tam spousty haveti

Odinstalujte Advanced SystemCare 4 a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ukoncete vsechny programy
• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Zvolte moznost 2 a potvrte enterem
• Utilita provede svou cinnost a da log - ten sem vlozte
• Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte

[Januska25]

Noooo platila
Dakujem, vsetko skusim urobit, dufam sa mi to podari lebo ja som total laik
Len musim aj pracovat tak asi az poobede. Urcite sa ozvem.

[vyosek]

v tom pripade bych zadne kroky zatim nepodnikal a vratil bych mu jej, at jej spravi a nebo at vraci penize - na to mate narok dle obchodniho zakonu - nemyslim ze ten SK je nyni nez nas...

[vyosek]

Samozrejme ze to tu muzem odvirovat uplne a FB zprovoznit, ale pak at pan vrati penize, jelikoz odvedl nekvalitni praci

[vyosek]

A jen tak pro zajimavost, pokud nechte tak samozrejme nemusite odpovidat, kolik si za to "odvirovani" vzal?

Muzeme mi kdyztak poslat kontakt na pana - nejlepe mail

[Januska25]

No on to je otec mojej kamaratky, len uz starsi panko, uz som sa parkrat stretla s tym, ze nerobi veci ako by mal, len som myslela, ze hadam...Bolo to len 20 eur, ale tak pre niekoho aj to je dost...

[vyosek]

JEN 20 euro za nic No zalezi na vas, samozrejme pokud to chcete dat do kupy a s panem se nehadat, tak pokracujte dle meho navodu...

No a u nas se neplati

[Januska25]

Zdravim, tak tu je Log po zadani moznosti 2

RogueKiller V6.1.9 [11/16/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: Janka [Admin rights]
Mode: Remove -- Date : 11/17/2011 11:28:33

¤¤¤ Bad processes: 1 ¤¤¤
[SERVICE] wxpdrivers -- Path not found -> STOPPED

¤¤¤ Registry Entries: 7 ¤¤¤
[BLACKLIST] HKLM\[...]\services : wxpdrivers (wxpdrivers.sys) -> DELETED
[BLACKLIST] HKLM\[...]\services : wxpdrivers (wxpdrivers.sys) -> DELETED
[BLACKLIST] HKLM\[...]\Root : LEGACY_SRVBTCCLIENT () -> DELETED
[BLACKLIST] HKLM\[...]\Root : LEGACY_SRVIECHECK () -> DELETED
[BLACKLIST] HKLM\[...]\Root : LEGACY_WXPDRIVERS () -> DELETED
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 et-ee.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 eo-eo.facebook.com
127.0.0.1 eu-es.facebook.com
127.0.0.1 tl-ph.facebook.com
127.0.0.1 fo-fo.facebook.com
[...]


Finished : << RKreport[1].txt >>
RKreport[1].txt

[Januska25]

Po zadani 3:

RogueKiller V6.1.9 [11/16/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: Janka [Admin rights]
Mode: HOSTSFix -- Date : 11/17/2011 11:29:32

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 et-ee.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 eo-eo.facebook.com
127.0.0.1 eu-es.facebook.com
127.0.0.1 tl-ph.facebook.com
127.0.0.1 fo-fo.facebook.com
[...]


¤¤¤ Resetted HOSTS: ¤¤¤


Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

[Januska25]

A po zadani 4:

RogueKiller V6.1.9 [11/16/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: Janka [Admin rights]
Mode: ProxyFix -- Date : 11/17/2011 11:29:55

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Registry Entries: 0 ¤¤¤

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

[vyosek]

Sjupr, jdeme dale

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[Januska25]

Neviem to spustit ako administrator, lebo to chce po mne heslo a ja ho neviem

[vyosek]

Aha

Tak jej zkuste spustit normalne dvojklikem...

[Januska25]

OK, idem na to