Spyware - nedajú sa pustiť žiadne spustitelné súbory

[Rob1NNk0]

RKill:

Rkill 2.0.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/02/2012 05:37:17 PM in x86 mode.
Windows Version: Windows 7

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* D:\Windows\system32\FsUsbExService.Exe (PID: 1728) [WD-HEUR]
* D:\Users\Stando\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe (PID: 2304) [UP-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* No issues found.

Restarting Explorer.exe in order to apply changes.

Program finished at: 08/02/2012 05:38:02 PM
Execution time: 0 hours(s), 0 minute(s), and 44 seconds(s)

[Rob1NNk0]

RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Stando at 2012-08-02 18:20:26
Microsoft Windows 7 Ultimate
System drive D: has 32 GB (41%) free of 77 GB
Total RAM: 3326 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:20:32, on 2. 8. 2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
D:\Windows\system32\taskhost.exe
D:\Windows\system32\Dwm.exe
D:\Program Files\Winamp\winampa.exe
D:\Program Files\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\SweetIM\Messenger\SweetIM.exe
D:\Program Files\Samsung\AllShare\AllShareAgent.exe
D:\Program Files\Ask.com\Updater\Updater.exe
D:\Program Files\Freecorder\FLVSrvc.exe
D:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Program Files\Samsung\Kies\KiesTrayAgent.exe
D:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
D:\Windows\system32\taskeng.exe
D:\Windows\Explorer.exe
D:\Program Files\Opera\opera.exe
D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
D:\Program Files\Microsoft Security Client\msseces.exe
D:\Users\Stando\Desktop\RSIT.exe
D:\Program Files\trend micro\Stando.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.zoznam.sk
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystart.com/?pr=vmn&id=photo ... 3_1&ent=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.myplaycity.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss ... ffID=17981
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Program Windows Internet Explorer poskytuje: Zoznam.sk
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - D:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - D:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - D:\Program Files\BrotherSoft_Extreme\prxtbBro0.dll
R3 - URLSearchHook: Freez Online TV Toolbar - {a4d09ede-8a9c-4090-a54d-5ada4f7fff35} - D:\Program Files\Freez_Online_TV\tbFree.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - D:\Program Files\uTorrentBar\tbuTor.dll
R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - D:\Program Files\Freecorder\prxtbFree.dll
O2 - BHO: dymanet - {01cb89df-5e24-0d70-99c9-c76b2497bb99} - D:\Windows\system32\77929cae-89cb-a782-5d51-9b2932f018d3.dll
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - D:\Users\Stando\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: Freecorder - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - D:\Program Files\Freecorder\prxtbFree.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - D:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - D:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: FlpLauncher Class - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - D:\Program Files\E-Book Systems\FlipAlbum 6 Suite Eval\fplaunch.dll
O2 - BHO: BrotherSoft Extreme - {51a86bb3-6602-4c85-92a5-130ee4864f13} - D:\Program Files\BrotherSoft_Extreme\prxtbBro0.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - D:\Program Files\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll
O2 - BHO: proTek browser enhancer - {9CD8890A-4AA2-487E-A247-1AB1E49C2172} - (no file)
O2 - BHO: Freez Online TV Toolbar - {a4d09ede-8a9c-4090-a54d-5ada4f7fff35} - D:\Program Files\Freez_Online_TV\tbFree.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - D:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Context-Ads Browser Enhancer - {E0E6D4A6-4158-4034-9924-E6540AA3E735} - (no file)
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: Z-opti Browser Enhancer - {FA68D5F9-8E5A-4D30-A543-EB6F1F0A2F58} - (no file)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - D:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - D:\Program Files\BrotherSoft_Extreme\prxtbBro0.dll
O3 - Toolbar: Freez Online TV Toolbar - {a4d09ede-8a9c-4090-a54d-5ada4f7fff35} - D:\Program Files\Freez_Online_TV\tbFree.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - D:\Program Files\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - D:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - D:\Program Files\Freecorder\prxtbFree.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - D:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll

[Rob1NNk0]

O4 - HKLM\..\Run: [WinampAgent] "D:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [facemoods] "D:\Program Files\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe" /md I
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SweetIM] D:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AllShareAgent] D:\Program Files\Samsung\AllShare\AllShareAgent.exe
O4 - HKLM\..\Run: [ApnUpdater] "D:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Freecorder FLV Service] "D:\Program Files\Freecorder\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [MSC] "D:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "D:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [ares] "D:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Badoo Desktop] D:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe
O4 - HKCU\..\Run: [KiesHelper] D:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesTrayAgent] D:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [KiesPDLR] D:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: CNET TechTracker.lnk = Stando\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
O4 - Startup: OpenOffice.org 2.3.lnk = D:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: &Winamp Search - D:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://D:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Search the Web - D:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///D:/Program%20Files/Burger%20Shop/Images/stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///D:/Program%20Files/Burger%20Shop/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - D:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SAMSUNG KiesAllShare Service (KiesAllShare) - Unknown owner - D:\Program Files\Samsung\Kies\WiselinkPro\WiselinkPro.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - D:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: ServiceLayer - Nokia. - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - D:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe

--
End of file - 11261 bytes

======Scheduled tasks folder======

D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
D:\Windows\tasks\Norton Security Scan for Stando.job

=========Mozilla firefox=========

ProfilePath - D:\Users\Stando\AppData\Roaming\Mozilla\Firefox\Profiles\2rkbebn1.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.mystart.com/?pr=vmn&id=photo ... 3_1&ent=hp"
prefs.js - "extensions.enabledItems" - "{0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {51a86bb3-6602-4c85-92a5-130ee4864f13}:3.10.0.1, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, toolbar@ask.com:3.15.1.22229, ffxtlbr@Facemoods.com:1.3.0, {5bcba711-ba1a-4819-bf4f-33a3a0db8c50}:4.6.8.5, engine@conduit.com:3.3.3.2, {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.13.0.6, ffxtlbr@babylon.com:1.2.0, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {EEE6C361-6118-11DC-9C72-001320C79847}:1.3.0.1, {1392b8d2-5c05-419f-a8f6-b9f15a596612}:3.13.0.6, {33e0daa6-3af3-d8b5-6752-10e949c61516}:1.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.26"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... ource=2&q="

[Rob1NNk0]

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=D:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=D:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=D:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=D:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=D:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=D:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=D:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

D:\Program Files\Mozilla Firefox\extensions\
{5bcba711-ba1a-4819-bf4f-33a3a0db8c50}
{5bcba711-ba1a-4819-bf4f-33a3a0db8c50}-
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

D:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

D:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npdivx32.dll
npdivx32.xpt
npDivxPlayerPlugin.dll
npnul32.dll
NPOFF12.DLL
nppdf32.dll
npwachk.dll
nsIDivxPlayerPlugin.xpt
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

D:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
babylon.xml
dunaj-sk.xml
eBay.xml
fcmdSrchvsl.xml
google.xml
photopostb.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

D:\Users\Stando\AppData\Roaming\Mozilla\Firefox\Profiles\2rkbebn1.default\extensions\
engine@conduit.com
ffxtlbr@babylon.com
ffxtlbr@Facemoods.com
toolbar@ask.com
{0b38152b-1b20-484d-a11f-5e04a9b0661f}
{1392b8d2-5c05-419f-a8f6-b9f15a596612}
{33e0daa6-3af3-d8b5-6752-10e949c61516}
{51a86bb3-6602-4c85-92a5-130ee4864f13}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
{EEE6C361-6118-11DC-9C72-001320C79847}

D:\Users\Stando\AppData\Roaming\Mozilla\Firefox\Profiles\2rkbebn1.default\searchplugins\
askcom.xml
conduit.xml
daemon-search.xml
sweetim.xml
winamp-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01cb89df-5e24-0d70-99c9-c76b2497bb99}]
dymanet - D:\Windows\system32\77929cae-89cb-a782-5d51-9b2932f018d3.dll [2011-08-26 2739712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - D:\Users\Stando\AppData\Roaming\Complitly\Complitly.dll [2011-10-16 139768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
Freecorder Toolbar - D:\Program Files\Freecorder\prxtbFree.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - D:\Program Files\Winamp Toolbar\winamptb.dll [2010-07-28 1267024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - D:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14 270960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4401FDC3-7996-4774-8D2B-C1AE9CD6CC25}]
FlpLauncher Class - D:\Program Files\E-Book Systems\FlipAlbum 6 Suite Eval\fplaunch.dll [2000-08-21 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
BrotherSoft Extreme Toolbar - D:\Program Files\BrotherSoft_Extreme\prxtbBro0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - D:\Program Files\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll [2011-04-14 265944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CD8890A-4AA2-487E-A247-1AB1E49C2172}]
joukeh Object

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4d09ede-8a9c-4090-a54d-5ada4f7fff35}]
Freez Online TV Toolbar - D:\Program Files\Freez_Online_TV\tbFree.dll [2009-10-27 2325528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - D:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - D:\Program Files\Ask.com\GenericAskToolbar.dll [2012-04-09 1519272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0E6D4A6-4158-4034-9924-E6540AA3E735}]
brumasrgdgrm Object

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2011-08-24 1299248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FA68D5F9-8E5A-4D30-A543-EB6F1F0A2F58}]
adfasrgdpr Object

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - D:\Program Files\Winamp Toolbar\winamptb.dll [2010-07-28 1267024]
{51a86bb3-6602-4c85-92a5-130ee4864f13} - BrotherSoft Extreme Toolbar - D:\Program Files\BrotherSoft_Extreme\prxtbBro0.dll [2011-05-09 176936]
{a4d09ede-8a9c-4090-a54d-5ada4f7fff35} - Freez Online TV Toolbar - D:\Program Files\Freez_Online_TV\tbFree.dll [2009-10-27 2325528]
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - facemoods Toolbar - D:\Program Files\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll [2011-04-14 220888]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - D:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2011-08-24 1299248]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - D:\Program Files\Ask.com\GenericAskToolbar.dll [2012-04-09 1519272]
{1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - D:\Program Files\Freecorder\prxtbFree.dll [2011-05-09 176936]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - D:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14 237680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"=D:\Program Files\Winamp\winampa.exe [2010-06-28 74752]
"facemoods"=D:\Program Files\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe [2011-04-14 329432]
"SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"SweetIM"=D:\Program Files\SweetIM\Messenger\SweetIM.exe [2011-08-01 114992]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
"Adobe ARM"=D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"AllShareAgent"=D:\Program Files\Samsung\AllShare\AllShareAgent.exe [2011-12-16 284560]
""= []
"ApnUpdater"=D:\Program Files\Ask.com\Updater\Updater.exe [2012-04-09 1557160]
"Freecorder FLV Service"=D:\Program Files\Freecorder\FLVSrvc.exe [2011-03-24 167936]
"MSC"=D:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]

[Rob1NNk0]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=D:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"DAEMON Tools Pro Agent"=D:\Program Files\DAEMON Tools Pro\DTAgent.exe [2010-11-11 570688]
"ares"=D:\Program Files\Ares\Ares.exe -h []
"Badoo Desktop"=D:\ProgramData\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe []
"KiesHelper"=D:\Program Files\Samsung\Kies\KiesHelper.exe [2012-01-04 937872]
"KiesTrayAgent"=D:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-01-04 3508624]
"KiesPDLR"=D:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-01-04 21392]

D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

D:\Users\Stando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CNET TechTracker.lnk - D:\Users\Stando\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
OpenOffice.org 2.3.lnk - D:\Program Files\OpenOffice.org 2.3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
"DisableCMD"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"HideSCAHealth"=1
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=D:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - D:\Windows\System32\Notepad.exe %1
.js - open - D:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-08-02 17:46:21 ----D---- D:\rsit
2012-08-02 17:46:21 ----D---- D:\Program Files\trend micro
2012-07-29 22:50:03 ----D---- D:\ProgramData\Spybot - Search & Destroy
2012-07-29 22:50:03 ----D---- D:\Program Files\Spybot - Search & Destroy
2012-07-29 22:37:04 ----A---- D:\Windows\system32\dtsoftbus01.sys
2012-07-29 22:37:04 ----A---- D:\Windows\system32\drivers\dtsoftbus01.sys
2012-07-29 20:51:26 ----A---- D:\Windows\ntbtlog.txt
2012-07-29 10:43:07 ----D---- D:\ProgramData\036E19320314A681000003134F147C45
2012-07-11 15:21:38 ----A---- D:\Windows\system32\mshtmled.dll
2012-07-11 15:21:37 ----A---- D:\Windows\system32\ieUnatt.exe
2012-07-11 15:21:37 ----A---- D:\Windows\system32\ieui.dll
2012-07-11 15:21:37 ----A---- D:\Windows\system32\iertutil.dll
2012-07-11 15:21:36 ----A---- D:\Windows\system32\wininet.dll
2012-07-11 15:21:36 ----A---- D:\Windows\system32\jsproxy.dll
2012-07-11 15:21:36 ----A---- D:\Windows\system32\jscript9.dll
2012-07-11 15:21:36 ----A---- D:\Windows\system32\jscript.dll
2012-07-11 15:21:35 ----A---- D:\Windows\system32\urlmon.dll
2012-07-11 15:21:35 ----A---- D:\Windows\system32\url.dll
2012-07-11 15:21:34 ----A---- D:\Windows\system32\mshtml.dll
2012-07-11 15:21:33 ----A---- D:\Windows\system32\ieframe.dll
2012-07-11 15:19:41 ----A---- D:\Windows\system32\win32k.sys
2012-07-11 15:03:41 ----A---- D:\Windows\system32\drivers\cng.sys
2012-07-11 15:03:40 ----A---- D:\Windows\system32\schannel.dll
2012-07-11 15:03:40 ----A---- D:\Windows\system32\ncrypt.dll
2012-07-11 15:03:40 ----A---- D:\Windows\system32\drivers\ksecpkg.sys
2012-07-11 15:03:40 ----A---- D:\Windows\system32\drivers\ksecdd.sys
2012-07-11 15:03:38 ----A---- D:\Windows\system32\msxml6.dll
2012-07-11 15:03:37 ----A---- D:\Windows\system32\msxml3.dll
2012-07-11 15:03:35 ----A---- D:\Windows\system32\shell32.dll
2012-07-11 15:03:25 ----A---- D:\Windows\system32\cryptsvc.dll
2012-07-11 15:03:25 ----A---- D:\Windows\system32\cryptnet.dll
2012-07-11 15:03:25 ----A---- D:\Windows\system32\crypt32.dll
2012-07-04 19:10:10 ----D---- D:\ProgramData\FLEXnet
2012-07-04 18:58:56 ----D---- D:\Program Files\Bonjour
2012-07-04 18:51:11 ----D---- D:\Program Files\Common Files\Macrovision Shared
2012-07-04 18:05:39 ----D---- D:\Users\Stando\AppData\Roaming\Zoner
2012-07-04 18:05:39 ----D---- D:\ProgramData\Zoner
2012-07-03 18:20:54 ----D---- D:\Program Files\Photo Pos Pro

======List of files/folders modified in the last 1 month======

2012-08-02 18:18:10 ----D---- D:\Windows\Temp
2012-08-02 18:00:26 ----D---- D:\Windows\System32
2012-08-02 17:55:45 ----D---- D:\Windows\Prefetch
2012-08-02 17:53:21 ----SHD---- D:\System Volume Information
2012-08-02 17:46:21 ----RD---- D:\Program Files
2012-08-02 17:42:19 ----D---- D:\Windows\system32\drivers
2012-08-02 17:37:10 ----D---- D:\Windows\inf
2012-08-02 17:37:10 ----A---- D:\Windows\system32\PerfStringBackup.INI
2012-08-02 17:33:55 ----D---- D:\Windows\system32\catroot
2012-08-02 17:33:45 ----D---- D:\Windows\system32\DriverStore
2012-08-02 17:32:48 ----D---- D:\Users\Stando\AppData\Roaming\OpenOffice.org2
2012-07-29 22:50:03 ----HD---- D:\ProgramData
2012-07-29 22:35:54 ----D---- D:\Windows\system32\catroot2
2012-07-29 20:51:26 ----D---- D:\Windows
2012-07-29 10:41:58 ----D---- D:\Windows\system32\config
2012-07-27 17:35:08 ----D---- D:\Windows\system32\NDF
2012-07-27 14:40:07 ----D---- D:\Program Files\Common Files\Symantec Shared
2012-07-18 23:01:02 ----SHD---- D:\Windows\Installer
2012-07-18 23:01:02 ----SHD---- D:\Config.Msi
2012-07-12 17:36:47 ----D---- D:\Windows\rescache
2012-07-12 09:01:49 ----D---- D:\Windows\winsxs
2012-07-12 08:59:48 ----D---- D:\Windows\system32\migration
2012-07-12 08:59:47 ----D---- D:\Program Files\Internet Explorer
2012-07-12 08:59:46 ----D---- D:\Windows\system32\sk-SK
2012-07-12 08:59:46 ----D---- D:\Windows\system32\en-US
2012-07-11 15:21:31 ----D---- D:\ProgramData\Microsoft Help
2012-07-11 15:21:03 ----A---- D:\Windows\win.ini
2012-07-08 18:02:48 ----D---- D:\Program Files\SpeedFan
2012-07-06 17:23:59 ----D---- D:\Users\Stando\AppData\Roaming\Adobe
2012-07-04 19:20:39 ----D---- D:\ProgramData\Adobe
2012-07-04 19:00:17 ----D---- D:\Program Files\Adobe
2012-07-04 18:58:55 ----D---- D:\Program Files\Common Files\Adobe
2012-07-04 18:56:36 ----RSD---- D:\Windows\Fonts
2012-07-04 18:51:11 ----D---- D:\Program Files\Common Files
2012-07-03 18:21:30 ----D---- D:\Users\Stando\AppData\Roaming\Mozilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidEnum;Bluetooth HID Enumerator; D:\Windows\System32\Drivers\vbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; D:\Windows\System32\Drivers\BTHidMgr.sys [2007-03-05 35600]
R0 giveio;giveio; D:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 MpFilter;Microsoft Malware Protection Driver; D:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
R0 pciide;pciide; D:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; D:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); D:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 speedfan;speedfan; D:\Windows\system32\speedfan.sys [2011-03-18 25240]
R0 sptd;sptd; D:\Windows\System32\Drivers\sptd.sys [2010-11-16 420920]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; D:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; D:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-02 219200]
R1 MpKslb106109b;MpKslb106109b; \??\D:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{21389D6B-59C3-4EAC-9E01-35907D67522C}\MpKslb106109b.sys [2012-08-02 29904]
R2 npf;NetGroup Packet Filter Driver; D:\Windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 Parvdm;Parvdm; D:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 atikmdag;atikmdag; D:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-14 4194816]
R3 BlueletAudio;Bluetooth Audio Service; D:\Windows\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; D:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 FsUsbExDisk;FsUsbExDisk; \??\D:\Windows\system32\FsUsbExDisk.SYS [2010-05-13 36640]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; D:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
R3 RTL8167;Realtek 8167 NT Driver; D:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
R3 VComm;Virtual Serial port driver; D:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; D:\Windows\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); D:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S3 a5a0mi7g;a5a0mi7g; D:\Windows\system32\drivers\a5a0mi7g.sys []
S3 aic78xx;aic78xx; D:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; D:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; D:\Windows\System32\Drivers\ssadadb.sys [2010-05-06 30240]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; D:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BT;Bluetooth PAN Network Adapter; D:\Windows\system32\DRIVERS\btnetdrv.sys [2007-05-23 16272]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; D:\Windows\System32\Drivers\btcusb.sys [2007-05-23 36496]
S3 BthEnum;Bluetooth Request Block Driver; D:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); D:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; D:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393216]
S3 BTHUSB;Bluetooth Radio USB Driver; D:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 dgderdrv;dgderdrv; D:\Windows\System32\drivers\dgderdrv.sys []
S3 NisDrv;Microsoft Network Inspection System; D:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 74112]
S3 pccsmcfd;PCCS Mode Change Filter Driver; D:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RDPDR;Terminal Server Device Redirector Driver; D:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); D:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; D:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; D:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); D:\Windows\system32\DRIVERS\ss_bus.sys [2010-04-27 98560]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; D:\Windows\system32\DRIVERS\ss_mdfl.sys [2010-04-27 14848]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; D:\Windows\system32\DRIVERS\ss_mdm.sys [2010-04-27 123776]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); D:\Windows\system32\DRIVERS\ssadbus.sys [2010-05-06 96416]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); D:\Windows\system32\DRIVERS\ssadmdfl.sys [2010-05-06 12704]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; D:\Windows\system32\DRIVERS\ssadmdm.sys [2010-05-06 121504]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); D:\Windows\system32\DRIVERS\ssm_bus.sys [2010-04-27 104448]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; D:\Windows\system32\DRIVERS\ssm_mdfl.sys [2010-04-27 14848]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; D:\Windows\system32\DRIVERS\ssm_mdm.sys [2010-04-27 132608]
S3 storvsc;storvsc; D:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;USB Scanner Driver; D:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; D:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; D:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; D:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; D:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; D:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; D:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MsMpSvc;Microsoft Antimalware Service; D:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-30 935208]
R3 ServiceLayer;ServiceLayer; D:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S2 FsUsbExService;FsUsbExService; D:\Windows\system32\FsUsbExService.Exe [2010-05-13 217088]
S2 gupdate;Služba Google Update (gupdate); D:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-31 135664]
S2 SamsungAllShareV2.0;Samsung AllShare PC; D:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2011-12-16 25504]
S3 AppMgmt;@appmgmts.dll,-3250; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-07-04 654848]
S3 gupdatem;Služba Google Update (gupdatem); D:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-31 135664]
S3 gusvc;Google Updater Service; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 KiesAllShare;SAMSUNG KiesAllShare Service; D:\Program Files\Samsung\Kies\WiselinkPro\WiselinkPro.exe []
S3 McComponentHostService;McAfee Security Scan Component Host Service; D:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 NisSrv;@D:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; D:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 214952]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SimpleSlideShowServer;SimpleSlideShowServer; D:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [2011-12-16 27584]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; D:\Windows\system32\Wat\WatAdminSvc.exe [2012-05-14 1343400]

-----------------EOF-----------------

[vyosek]

Omlouvam se, z pracovnich duvodu jsem se k tomu nedostal

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Doporucuji odinstalovat Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

• Nahrady za Spybota:
  • Spyware Terminator - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=44730
  • SuperAntiSpyare - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=51359
• Samozrejme pouzivejte jen jeden z nich
• Osobne doporucuji SuperAntiSpyware

Spustte znovu RogueKiller

• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
• Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte
• Pak kliknete na Oprava Proxy a Zprava - otevre se log, ten sem vlozte

[Rob1NNk0]

Po splnení týchto krokov by sa už mal dať používať PC bez problémov?


Čo sa týka toho SuperAntiSpyare, je nutné si zakúpiť full verziu pokial chcem spustiť scan a následne vymazať resp. opraviť nakazené súbory, alebo stačí free?

[vyosek]

Urcite ne, je tam toho spousty a spousty - zaliskane od sklepa az na pudu, kamarad si tam chova celou zoo i s babkou pokladni

Postupne se tim vsim musime probrat, nejde to naraz - to neni jak hop na kravu a je tele

[Rob1NNk0]

Až tak? Tak to aby som si jeho disk zobral domov

Sranda, že to je až také zlé. Donedávna, cca 5 dní bolo všetko OK, až pokial nechcel stiahnuť jedno PDFko a vtedy sa všetko pokašlalo

Hop na krávu a je tele? Aneb, hop na mladou je mrně kiežby to tak tak v tomto prípade bolo Spyware je pekná špina

[vyosek]

Je tam nejaka ta havet a pak strasne moc zbytecnosti

Zitra bych sem mel nakukovat prubezne cely den, takze snad se pripadne potkame

[Rob1NNk0]

S tými zbytočnosťami súhlasím, to som si všimol. Tak dúfam, že sa toho zbavíme čo najdôkladnejšie

Tak zatial

[vyosek]

Nebojte, mam v planu duklady sken utilitami

Zatim se mejte

[Rob1NNk0]

Zdravím,

tak som pomazal tie toolbary

[Rob1NNk0]

Host:

RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows 7 (6.1.7600 ) 32 bits version
Spustené v : Normálny režim
Užívateľ: Stando [Práva Správcu]
Režim: Oprava HOSTS -- Dátum: 08/03/2012 17:37:36

¤¤¤ Škodlivé procesy: 3 ¤¤¤
[SUSP PATH] FLVSrvLib.dll -- D:\Users\Stando\AppData\Local\FLVService\lib\FLVSrvLib.dll -> UNLOADED
[SUSP PATH] FLVSrvLib.dll -- D:\Users\Stando\AppData\Local\FLVService\lib\FLVSrvLib.dll -> UNLOADED
[SUSP PATH] FLVSrvLib.dll -- D:\Users\Stando\AppData\Local\FLVService\lib\FLVSrvLib.dll -> UNLOADED

¤¤¤ Ovládač: [NAHRATÉ] ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončené : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

[Rob1NNk0]

Proxy:

RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows 7 (6.1.7600 ) 32 bits version
Spustené v : Normálny režim
Užívateľ: Stando [Práva Správcu]
Režim: Oprava Proxy -- Dátum: 08/03/2012 17:38:45

¤¤¤ Škodlivé procesy: 3 ¤¤¤
[SUSP PATH] FLVSrvLib.dll -- D:\Users\Stando\AppData\Local\FLVService\lib\FLVSrvLib.dll -> UNLOADED
[SUSP PATH] FLVSrvLib.dll -- D:\Users\Stando\AppData\Local\FLVService\lib\FLVSrvLib.dll -> UNLOADED
[SUSP PATH] FLVSrvLib.dll -- D:\Users\Stando\AppData\Local\FLVService\lib\FLVSrvLib.dll -> UNLOADED

¤¤¤ Ovládač: [NAHRATÉ] ¤¤¤

¤¤¤ Záznamy Registrov: 0 ¤¤¤

Dokončené : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt