nelze spustit aplikace

apurvathea

Ahoj, mam problem se svym laptopem.. at spustim jakoukoli aplikaci- hned vyskoci okno, ze v aplikaci doslo v chybe a bude ukoncena. Kdyz toto okno necham na pozadi- program dal jede ale pomalu. A celkove je laptop pomaly... Projela jsem to NODem, neco nasel a odstranil, pak spy firw.. taktez neco naslo a odstranilo. Ale muj problem to nevyresilo.. nevito co s tim, jsem uz zoufala.. dekuji, prikladam log

Logfile of HijackThis v1.99.1
Scan saved at 19:45:59, on 18. 9. 2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\Eset\nod32.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Jozulik\Local Settings\Temp\wz2200\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://zoznam.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: (no name) - {C1626E66-C26B-C628-E1DF-CDACCFA26EE1} - C:\Program Files\Common Files\goskdl.dll
O2 - BHO: (no name) - {C2626E66-D21B-E628-C1DF-1DACCFA36ED2} - C:\Program Files\Common Files\fjOs0r.dll
O2 - BHO: (no name) - {D3626E66-B13B-C628-ACDF-BDABCFA265E1} - C:\Program Files\Common Files\Relive.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... jhtml?p=ZU
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se8300.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{23FD8F53-4824-4BC2-8B51-A1C14289C277}: NameServer = 194.168.4.100,194.168.8.100
O17 - HKLM\System\CS1\Services\Tcpip\..\{23FD8F53-4824-4BC2-8B51-A1C14289C277}: NameServer = 194.168.4.100,194.168.8.100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

likc · Příspěvek od **likc** » pát 21. zář 2007, 16:54

wow, tak takle zavirovany PC uz tu dlouho nebyl, ale nejak to dame dohromady. Snad.

fixni.
C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O2 - BHO: (no name) - {C1626E66-C26B-C628-E1DF-CDACCFA26EE1} - C:\Program Files\Common Files\goskdl.dll
O2 - BHO: (no name) - {C2626E66-D21B-E628-C1DF-1DACCFA36ED2} - C:\Program Files\Common Files\fjOs0r.dll
O2 - BHO: (no name) - {D3626E66-B13B-C628-ACDF-BDABCFA265E1} - C:\Program Files\Common Files\Relive.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=2 /w
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... jhtml?p=ZU

resni
Nainstaluj firewall. Dejme tomu comodo.

Pak posli novy log (po restartu). Uvidime co tam zbude a dodelame zbytek, bohuzel ted nestiham.

apurvathea · Příspěvek od **apurvathea** » sob 22. zář 2007, 16:22

provedu a pak hodim log, zatim diky

apurvathea · Příspěvek od **apurvathea** » sob 22. zář 2007, 22:51

tak vsechno udelano- misto comodo jsem dala kerio.. a problem stale pretrvava
hazim novy log
Logfile of HijackThis v1.99.1
Scan saved at 21:46, on 2007-09-22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\vsnp325.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\dwwin.exe
C:\Documents and Settings\Jozulik\My Documents\downloads+programs\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://zoznam.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se8300.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

likc · Příspěvek od **likc** » ned 23. zář 2007, 09:45

Na www.virustotal.com dej otestovat
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\vsnp325.exe

stahni ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

spust combo postupuj dle pokynu na obrazovce, behem skenu neklikej do otevreneho okna programu; cela akce trva cca. 5-10 minut
pc muze byt restartovan

vloz sem nove logy z combo fixu a HJT

apurvathea · Příspěvek od **apurvathea** » pon 24. zář 2007, 18:59

Logfile of HijackThis v1.99.1
Scan saved at 12:03:27, on 24. 9. 2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergencySrv.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\vsnp325.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergency.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\dwwin.exe
C:\Documents and Settings\Jozulik\My Documents\downloads+programs\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://zoznam.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [SpyEmergency] "C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergency.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se8300.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Spy Emergency Shield Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergencySrv.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

ComboFix 07-09-18.4 - "Jozulik" 2007-09-24 11:43:44.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.366 [GMT 1:00]
.

((((((((((((((((((((((((( Files Created from 2007-08-24 to 2007-09-24 )))))))))))))))))))))))))))))))
.

2007-09-23 17:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-09-23 01:52 14,528 --a------ C:\WINDOWS\system32\drivers\spyemrg_guard.sys
2007-09-23 01:52 14,016 --a------ C:\WINDOWS\system32\drivers\spyemrg.sys
2007-09-23 01:52 <DIR> d-------- C:\Program Files\NETGATE
2007-09-23 01:52 <DIR> d-------- C:\DOCUME~1\Jozulik\APPLIC~1\Spy Emergency
2007-09-23 01:52 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\NETGATE
2007-09-22 22:45 <DIR> d-------- C:\Program Files\Common Files\snp325
2007-09-22 22:45 <DIR> d-------- C:\DOCUME~1\Jozulik\APPLIC~1\InstallShield
2007-09-22 21:31 <DIR> d-------- C:\Program Files\Kerio
2007-09-19 11:35 17,024 --a--c--- C:\WINDOWS\system32\dllcache\ccdecode.sys
2007-09-19 11:35 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2007-09-19 11:34 53,760 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2007-09-19 11:34 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2007-09-19 11:14 827,392 --a------ C:\WINDOWS\vsnp325.exe
2007-09-19 11:14 61,440 --a------ C:\WINDOWS\system32\vsnp325.dll
2007-09-19 11:14 53,248 --a------ C:\WINDOWS\system32\csnp325.dll
2007-09-19 11:14 270,336 --a------ C:\WINDOWS\tsnp325.exe
2007-09-19 11:14 20,480 --a------ C:\WINDOWS\FixCamera.exe
2007-09-19 11:14 147,456 --a------ C:\WINDOWS\system32\rsnp325.dll
2007-09-19 11:14 135,168 --a------ C:\WINDOWS\amcap.exe
2007-09-19 11:14 10,251,904 --a------ C:\WINDOWS\system32\drivers\snp325.sys
2007-09-18 21:01 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-09-18 20:01 <DIR> d-------- C:\Program Files\nod32
2007-09-18 18:20 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2007-09-18 18:20 298,104 --a------ C:\WINDOWS\system32\imon.dll
2007-09-18 18:20 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2007-09-18 10:38 <DIR> d-------- C:\{80001022-0000-0000-19E5-EE54A2F94096}
2007-09-18 09:22 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2007-09-02 22:28 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2007-09-02 22:28 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-23 20:05 --------- d-------- C:\DOCUME~1\Jozulik\APPLIC~1\Skype
2007-09-22 23:33 21442 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
2007-09-19 11:14 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-09-18 20:00 --------- d-------- C:\Program Files\Sunbelt Software
2007-09-18 17:03 --------- d-------- C:\Program Files\Common Files\Symantec Shared
2007-09-18 12:43 --------- d-------- C:\Program Files\Symantec
2007-09-17 14:05 --------- d-------- C:\Program Files\Windows Media Connect 2
2007-08-19 14:25 --------- d-------- C:\Program Files\IrfanView
2007-08-14 13:22 --------- d-------- C:\DOCUME~1\Jozulik\APPLIC~1\Ahead
2007-08-14 13:08 --------- d-------- C:\Program Files\Nero
2007-08-14 13:08 --------- d-------- C:\Program Files\Common Files\Ahead
2007-08-14 10:54 --------- d-------- C:\Program Files\Cossacks - Back To War
2007-08-14 10:28 --------- d-------- C:\DOCUME~1\Jozulik\APPLIC~1\WinRAR
2007-08-14 10:24 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
2007-08-12 17:51 --------- d-------- C:\DOCUME~1\Jozulik\APPLIC~1\Azureus
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-06-26 07:08 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 13:56]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-23 20:17]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-23 20:13]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-23 20:17]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 00:02]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-05 14:59 C:\WINDOWS\RTHDCPL.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-13 15:50 C:\WINDOWS\agrsmmsg.exe]
"THotkey"="C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe" [2006-08-25 13:47]
"TPSMain"="TPSMain.exe" [2005-08-03 14:26 C:\WINDOWS\system32\TPSMain.exe]
"NDSTray.exe"="NDSTray.exe" []
"Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2006-02-02 12:11]
"SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-05-12 10:31]
"TFncKy"="TFncKy.exe" []
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-10-06 05:20]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-02 01:38]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-02 01:32]
"ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [2006-07-27 19:12]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 09:54]
"Lexmark X1100 Series"="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 15:43]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-06-12 19:30]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-09-18 20:01]
"SunServer"="C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe" [2005-10-28 15:33]
"FixCamera"="C:\WINDOWS\FixCamera.exe" [2007-02-12 14:50]
"tsnp325"="C:\WINDOWS\tsnp325.exe" [2006-10-10 15:49]
"snp325"="C:\WINDOWS\vsnp325.exe" [2006-10-10 14:11]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-11 11:26]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 13:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-20 20:35]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-11-02 14:43]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 17:45]
"SpyEmergency"="C:\Program Files\NETGATE\Spy Emergency 2007\SpyEmergency.exe" [2007-09-18 09:41]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]

C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26]
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2006-03-26 22:44:08]

C:\DOCUME~1\Jozulik\STARTM~1\Programs\Startup\
Microsoft Office OneNote 2003 Quick Launch.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-03-17 14:06:14]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 13:11 233472]
"{0FAD2E16-C8EF-5AC1-1E6A-AE3FD8EF56B3}"= C:\Program Files\Internet Explorer\msvcrt.dll [ ]
"{DC7596CB-D6CC-DCA3-DE52-DEEA63F6C61D}"= C:\Program Files\Internet Explorer\rksldk.dll [ ]
"{E952B8F8-D91A-4EDD-851C-EE1A0F944469}"= C:\WINDOWS\system32\ztfree0.dll [ ]
"{71046DD5-E136-4C4B-A6B5-91C30CB15291}"= C:\WINDOWS\system32\jtdoor0.dll [2007-06-13 11:23 11776]
"{D8CC4845-441C-44F8-9053-28F2EF67655B}"= C:\WINDOWS\system32\dadoor1.dll [ ]
"{0DAEBA6A-86CA-4B96-AF96-0C8C2C358FBD}"= C:\WINDOWS\system32\dhdoor1.dll [ ]
"{6826A3DB-EA8E-4E67-880D-53D04C7C0BD8}"= C:\WINDOWS\system32\qjdoor1.dll [ ]
"{CC3596CB-D6C1-ECA1-AE51-DEEA63F6C21C}"= C:\Program Files\Internet Explorer\OnlO0r.dll [ ]
"{3422FB0F-95EB-458A-8B56-39552017A4EF}"= C:\WINDOWS\system32\mhdoor0.dll [ ]
"{E03C23BD-35B7-49C2-BBCA-6D8CEC2507E3}"= C:\WINDOWS\system32\wldoor1.dll [ ]
"{A3C95A74-638D-4C6B-A856-4B27664A7F47}"= C:\WINDOWS\system32\wgdoor1.dll [ ]
"{EDFF29C1-5A70-4460-AC1D-16DCB4B672F0}"= C:\WINDOWS\system32\rxdoor1.dll [ ]
"{4E3FBFA4-F1CC-4B66-B333-B9F0FF4B4748}"= C:\WINDOWS\system32\mydoor0.dll [2007-06-13 11:23 18432]
"{ABD0935D-B35A-47BD-BA9A-81678DDE74DD}"= C:\WINDOWS\system32\qhdoor0.dll [2007-06-13 11:23 12800]
"{04A0CB31-FDEB-4EB8-889B-E00ED87BCE23}"= C:\WINDOWS\system32\cqdoor1.dll [ ]
"{08E909A4-B236-48DD-8BCC-90A604B93E68}"= C:\WINDOWS\system32\tldoor1.dll [ ]
"{781FBCC1-99C7-4AE0-95F7-66EA49E86DD7}"= C:\WINDOWS\system32\zxdoor1.dll [ ]
"{68F7767A-090C-4BBF-A015-720ACC6706E2}"= C:\WINDOWS\system32\wddoor1.dll [ ]
"{5731EA1D-6AAF-4DE9-BDDA-7B390A75B286}"= C:\WINDOWS\system32\wodoor0.dll [ ]
"{076394AD-7FDD-44EF-A075-32C68DBAB99B}"= C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunExecuteHook.dll [2005-10-28 14:15 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys
R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys
R1 SpyEmrg;Spy Emergency Driver;C:\WINDOWS\system32\Drivers\spyemrg.sys
R3 NETw3x32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows XP 32 Bit;C:\WINDOWS\system32\DRIVERS\NETw3x32.sys
R3 PSched;QoS Packet Scheduler;C:\WINDOWS\system32\DRIVERS\psched.sys
R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys
S3 SNP325;USB PC Camera (SNPSTD325);C:\WINDOWS\system32\DRIVERS\snp325.sys
S3 tosrfec;Bluetooth ACPI from TOSHIBA;C:\WINDOWS\system32\DRIVERS\tosrfec.sys

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Schedule

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{94ff1acf-26e1-11dc-bd39-0018dea7d833}]
AutoRun\command- F:\LaunchU3.exe -a

.
**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-24 11:47:13
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-09-24 11:48:58
C:\ComboFix-quarantined-files.txt ... 2007-09-24 11:48
.
--- E O F ---

Kód: Vybrat vše

2007-07-08 21:23      15399    --a------    C:\Qoobox\Quarantine\C\ComboFix\FProps.vbs.vir
2007-07-12 22:36      1024    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\History\search2.vir
2007-07-12 22:36      118784    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL.vir
2007-07-12 22:36      143421    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL.vir
2007-07-12 22:36      1940    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Cache\001B944D.bin.vir
2007-07-12 22:36      24576    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE.vir
2007-07-12 22:36      28672    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE.vir
2007-07-12 22:36      381012    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL.vir
2007-07-12 22:36      40960    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL.vir
2007-07-12 22:36      57344    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL.vir
2007-07-12 22:36      78879    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm.vir
2007-07-12 22:37      1284    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Cache\001BC7E0.bin.vir
2007-07-12 22:37      1668    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Cache\001BC688.bin.vir
2007-07-12 22:37      1724    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Cache\001BB9D6.bin.vir
2007-07-12 22:57      10134    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\icons\PSS.ICO.vir
2007-07-12 22:57      106998    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Notifier\FISH.F3S.vir
2007-07-12 22:57      113081    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S.vir
2007-07-12 22:57      118784    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3POPSWT.DLL.vir
2007-07-12 22:57      118784    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3SKIN.DLL.vir
2007-07-12 22:57      122747    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Notifier\MAID.F3S.vir
2007-07-12 22:57      12782    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO.vir
2007-07-12 22:57      129559    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S.vir
2007-07-12 22:57      139264    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3CJPEG.DLL.vir
2007-07-12 22:57      140    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3FFXTBR.MANIFEST.vir
2007-07-12 22:57      140    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3NTSTBR.MANIFEST.vir
2007-07-12 22:57      143360    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3SHLLVW.DLL.vir
2007-07-12 22:57      143421    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3HTMLMU.DLL.vir
2007-07-12 22:57      147456    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3MSG.DLL.vir
2007-07-12 22:57      149817    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S.vir
2007-07-12 22:57      155471    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S.vir
2007-07-12 22:57      16384    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3IMPIPE.EXE.vir
2007-07-12 22:57      20164    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3BKGERR.JPG.vir
2007-07-12 22:57      20480    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3WPHOOK.DLL.vir
2007-07-12 22:57      243509    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S.vir
2007-07-12 22:57      24576    --a------    C:\Qoobox\Quarantine\C\Program Files\Internet Explorer\msimg32.dll.vir
2007-07-12 22:57      24576    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3IMSTUB.DLL.vir
2007-07-12 22:57      24576    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3RESTUB.DLL.vir
2007-07-12 22:57      24576    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3SKPLAY.EXE.vir
2007-07-12 22:57      24673    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\NPMYWEBS.DLL.vir
2007-07-12 22:57      24675    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3SLSRCH.EXE.vir
2007-07-12 22:57      24677    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE.vir
2007-07-12 22:57      249856    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3HISTSW.DLL.vir
2007-07-12 22:57      272367    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S.vir
2007-07-12 22:57      28672    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3PSSAVR.SCR.vir
2007-07-12 22:57      28672    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3IDLE.DLL.vir
2007-07-12 22:57      28672    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE.vir
2007-07-12 22:57      28672    --a------    C:\Qoobox\Quarantine\C\WINDOWS\system32\f3PSSavr.scr.vir
2007-07-12 22:57      290816    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3SCRCTR.DLL.vir
2007-07-12 22:57      301118    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S.vir
2007-07-12 22:57      305    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3WALLPP.DAT.vir
2007-07-12 22:57      319560    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL.vir
2007-07-12 22:57      34118    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Message\COMMON.F3S.vir
2007-07-12 22:57      381012    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL.vir
2007-07-12 22:57      40960    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\MWSOESTB.DLL.vir
2007-07-12 22:57      43287    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S.vir
2007-07-12 22:57      4814    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3FFXTBR.JAR.vir
2007-07-12 22:57      49245    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3PLUGIN.DLL.vir
2007-07-12 22:57      5446    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3SPACER.WMV.vir
2007-07-12 22:57      56438    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S.vir
2007-07-12 22:57      56688    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Game\REVERSI.F3S.vir
2007-07-12 22:57      57344    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3OUTLCN.DLL.vir
2007-07-12 22:57      6462    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3NTSTBR.JAR.vir
2007-07-12 22:57      65536    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3BROVLY.DLL.vir
2007-07-12 22:57      65536    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3SCHMON.EXE.vir
2007-07-12 22:57      66726    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Game\CHESS.F3S.vir
2007-07-12 22:57      71675    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Notifier\DOG.F3S.vir
2007-07-12 22:57      73728    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3HTTPCT.DLL.vir
2007-07-12 22:57      7406    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\icons\CM.ICO.vir
2007-07-12 22:57      7406    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\icons\MFC.ICO.vir
2007-07-12 22:57      7406    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\icons\SMILEY.ICO.vir
2007-07-12 22:57      7406    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\icons\WB.ICO.vir
2007-07-12 22:57      86078    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\M3HTML.DLL.vir
2007-07-12 22:57      86085    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3DTACTL.DLL.vir
2007-07-12 22:57      89655    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S.vir
2007-07-12 22:57      94208    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\2.bin\F3REPROX.DLL.vir
2007-07-12 22:58      4    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Settings\s_pid.dat.vir
2007-07-12 22:58      57344    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL.vir
2007-07-13 07:59      145    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Message\COMMON\mid_dots.gif.vir
2007-07-13 07:59      1517    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Message\COMMON\warn.gif.vir
2007-07-13 07:59      1922    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Message\COMMON\ask_logo.gif.vir
2007-07-13 07:59      2044    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Message\COMMON\center.htm.vir
2007-07-13 07:59      2353    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Message\COMMON\autoup.gif.vir
2007-07-13 07:59      2380    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Message\COMMON\systrayp.htm.vir
2007-07-13 07:59      2385    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Message\COMMON\protect.htm.vir
2007-07-13 07:59      2570    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Message\COMMON\systray.htm.vir
2007-07-13 07:59      3036    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Message\COMMON\shocked.gif.vir
2007-07-13 07:59      3630    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Message\COMMON\autoup.htm.vir
2007-07-13 07:59      3753    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Message\COMMON\mws_logo.gif.vir
2007-07-13 07:59      64    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Message\COMMON\tp_grad.gif.vir
2007-07-13 07:59      7179    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Message\COMMON\index.htm.vir
2007-07-13 07:59      724    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Message\COMMON\stop.gif.vir
2007-07-15 21:27      116    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Cache\001B8931.vir
2007-07-15 21:27      1928    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Cache\00038EA5.bin.vir
2007-07-15 21:27      244    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Cache\0003A8D4.bin.vir
2007-07-15 21:27      944    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Cache\00039E73.bin.vir
2007-07-15 21:27      976    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Cache\0003A634.bin.vir
2007-07-19 09:44      30    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Settings\settings.dat.vir
2007-07-19 09:44      40    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Settings\settings.dat.bak.vir
2007-07-19 09:44      407    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Settings\setting2.htm.vir
2007-07-19 09:44      459    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Settings\setting2.htm.bak.vir
2007-07-19 12:27      116    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Cache\001C068F.vir
2007-07-19 12:27      1192    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Cache\00A03166.bin.vir
2007-07-19 12:27      1644    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Cache\00A02E59.bin.vir
2007-07-19 12:27      920    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Cache\00A0305C.bin.vir
2007-09-10 21:00      48187    --a------    C:\Qoobox\Quarantine\C\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html.vir
2007-09-10 21:00      57477    --a------    C:\Qoobox\Quarantine\C\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html.vir
2007-09-18 08:54      125447    --a------    C:\Qoobox\Quarantine\C\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html.vir
2007-09-18 08:54      428953    --a------    C:\Qoobox\Quarantine\C\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html.vir
2007-09-18 16:17      24026    --a------    C:\Qoobox\Quarantine\C\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html.vir
2007-09-18 16:17      31236    --a------    C:\Qoobox\Quarantine\C\Program Files\FunWebProducts\Shared\Cache\AvatarSmallBtn.html.vir
2007-09-18 17:21      106    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Cache\00B895D8.vir
2007-09-18 17:21      233472    --a------    C:\Qoobox\Quarantine\C\WINDOWS\system32\wpcap.dll.vir
2007-09-18 17:21      32512    --a------    C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\npf.sys.vir
2007-09-18 17:21      61440    --a------    C:\Qoobox\Quarantine\C\WINDOWS\system32\WanPacket.dll.vir
2007-09-18 17:21      81920    --a------    C:\Qoobox\Quarantine\C\WINDOWS\system32\Packet.dll.vir
2007-09-18 19:27      1111    --a------    C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\Cache\files.ini.vir
2007-09-18 21:01      91    --a------    C:\Qoobox\Quarantine\f\autorun.inf.vir
2007-09-18 21:04      1198    --a------    C:\Qoobox\Quarantine\Registry_backups\LEGACY_NPF.reg.cf
2007-09-18 21:04      2404    --a------    C:\Qoobox\Quarantine\Registry_backups\services_NPF.reg.cf


Folder PATH listing
Volume serial number is ACCC-D273
C:\QOOBOX\QUARANTINE
+---C
|   +---ComboFix
|   |       FProps.vbs.vir
|   |      
|   +---Program Files
|   |   +---Common Files
|   |   +---FunWebProducts
|   |   |   \---Shared
|   |   |       \---Cache
|   |   |               AvatarSmallBtn.html.vir
|   |   |               CursorManiaBtn.html.vir
|   |   |               MailStampBtn.html.vir
|   |   |               MyFunCardsIMBtn.html.vir
|   |   |               MyStationeryBtn.html.vir
|   |   |               SmileyCentralBtn.html.vir
|   |   |              
|   |   +---Internet Explorer
|   |   |       msimg32.dll.vir
|   |   |      
|   |   \---MyWebSearch
|   |       +---bar
|   |       |   +---1.bin
|   |       |   |       F3HTMLMU.DLL.vir
|   |       |   |       M3SKIN.DLL.vir
|   |       |   |       M3SKPLAY.EXE.vir
|   |       |   |       MWSBAR.DLL.vir
|   |       |   |       MWSOEMON.EXE.vir
|   |       |   |       MWSOESTB.DLL.vir
|   |       |   |      
|   |       |   +---2.bin
|   |       |   |       F3BKGERR.JPG.vir
|   |       |   |       F3BROVLY.DLL.vir
|   |       |   |       F3CJPEG.DLL.vir
|   |       |   |       F3DTACTL.DLL.vir
|   |       |   |       F3HISTSW.DLL.vir
|   |       |   |       F3HTMLMU.DLL.vir
|   |       |   |       F3HTTPCT.DLL.vir
|   |       |   |       F3IMSTUB.DLL.vir
|   |       |   |       F3POPSWT.DLL.vir
|   |       |   |       F3PSSAVR.SCR.vir
|   |       |   |       F3REPROX.DLL.vir
|   |       |   |       F3RESTUB.DLL.vir
|   |       |   |       F3SCHMON.EXE.vir
|   |       |   |       F3SCRCTR.DLL.vir
|   |       |   |       F3SHLLVW.DLL.vir
|   |       |   |       F3SPACER.WMV.vir
|   |       |   |       F3WALLPP.DAT.vir
|   |       |   |       F3WPHOOK.DLL.vir
|   |       |   |       M3FFXTBR.JAR.vir
|   |       |   |       M3FFXTBR.MANIFEST.vir
|   |       |   |       M3HTML.DLL.vir
|   |       |   |       M3IDLE.DLL.vir
|   |       |   |       M3IMPIPE.EXE.vir
|   |       |   |       M3MSG.DLL.vir
|   |       |   |       M3NTSTBR.JAR.vir
|   |       |   |       M3NTSTBR.MANIFEST.vir
|   |       |   |       M3OUTLCN.DLL.vir
|   |       |   |       M3PLUGIN.DLL.vir
|   |       |   |       M3SKIN.DLL.vir
|   |       |   |       M3SKPLAY.EXE.vir
|   |       |   |       M3SLSRCH.EXE.vir
|   |       |   |       M3SRCHMN.EXE.vir
|   |       |   |       MWSBAR.DLL.vir
|   |       |   |       MWSOEMON.EXE.vir
|   |       |   |       MWSOEPLG.DLL.vir
|   |       |   |       MWSOESTB.DLL.vir
|   |       |   |       NPMYWEBS.DLL.vir
|   |       |   |      
|   |       |   +---Avatar
|   |       |   |       COMMON.F3S.vir
|   |       |   |      
|   |       |   +---Cache
|   |       |   |       00038EA5.bin.vir
|   |       |   |       00039E73.bin.vir
|   |       |   |       0003A634.bin.vir
|   |       |   |       0003A8D4.bin.vir
|   |       |   |       001B8931.vir
|   |       |   |       001B944D.bin.vir
|   |       |   |       001BB9D6.bin.vir
|   |       |   |       001BC688.bin.vir
|   |       |   |       001BC7E0.bin.vir
|   |       |   |       001C068F.vir
|   |       |   |       00A02E59.bin.vir
|   |       |   |       00A0305C.bin.vir
|   |       |   |       00A03166.bin.vir
|   |       |   |       00B895D8.vir
|   |       |   |       files.ini.vir
|   |       |   |      
|   |       |   +---Game
|   |       |   |       CHECKERS.F3S.vir
|   |       |   |       CHESS.F3S.vir
|   |       |   |       REVERSI.F3S.vir
|   |       |   |      
|   |       |   +---History
|   |       |   |       search2.vir
|   |       |   |      
|   |       |   +---icons
|   |       |   |       CM.ICO.vir
|   |       |   |       MFC.ICO.vir
|   |       |   |       PSS.ICO.vir
|   |       |   |       SMILEY.ICO.vir
|   |       |   |       WB.ICO.vir
|   |       |   |       ZWINKY.ICO.vir
|   |       |   |      
|   |       |   +---Message
|   |       |   |   |   COMMON.F3S.vir
|   |       |   |   |  
|   |       |   |   \---COMMON
|   |       |   |           ask_logo.gif.vir
|   |       |   |           autoup.gif.vir
|   |       |   |           autoup.htm.vir
|   |       |   |           center.htm.vir
|   |       |   |           index.htm.vir
|   |       |   |           mid_dots.gif.vir
|   |       |   |           mws_logo.gif.vir
|   |       |   |           protect.htm.vir
|   |       |   |           shocked.gif.vir
|   |       |   |           stop.gif.vir
|   |       |   |           systray.htm.vir
|   |       |   |           systrayp.htm.vir
|   |       |   |           tp_grad.gif.vir
|   |       |   |           warn.gif.vir
|   |       |   |          
|   |       |   +---Notifier
|   |       |   |       COMMON.F3S.vir
|   |       |   |       DOG.F3S.vir
|   |       |   |       FISH.F3S.vir
|   |       |   |       KUNGFU.F3S.vir
|   |       |   |       LIFEGARD.F3S.vir
|   |       |   |       MAID.F3S.vir
|   |       |   |       MAILBOX.F3S.vir
|   |       |   |       OPERA.F3S.vir
|   |       |   |       ROBOT.F3S.vir
|   |       |   |       SEDUCT.F3S.vir
|   |       |   |       SURFER.F3S.vir
|   |       |   |      
|   |       |   \---Settings
|   |       |           prevcfg2.htm.vir
|   |       |           setting2.htm.bak.vir
|   |       |           setting2.htm.vir
|   |       |           settings.dat.bak.vir
|   |       |           settings.dat.vir
|   |       |           s_pid.dat.vir
|   |       |          
|   |       \---SrchAstt
|   |           +---1.bin
|   |           |       MWSSRCAS.DLL.vir
|   |           |      
|   |           \---2.bin
|   |                   MWSSRCAS.DLL.vir
|   |                  
|   \---WINDOWS
|       \---system32
|           |   f3PSSavr.scr.vir
|           |   Packet.dll.vir
|           |   WanPacket.dll.vir
|           |   wpcap.dll.vir
|           |  
|           \---drivers
|                   npf.sys.vir
|                  
+---f
|       autorun.inf.vir
|      
\---Registry_backups
       LEGACY_NPF.reg.cf
       services_NPF.reg.cf

likc · Příspěvek od **likc** » úte 25. zář 2007, 11:25

jak dopadly ty dva soubory na virustotalu?
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\vsnp325.exe

nelze spustit aplikace

nelze spustit aplikace

new log

nove logy