Odosielanie nevyžiadanej pošty

Zpráva

hezel · #1 Příspěvek od **hezel** » 24 zář 2010 09:20

Mám v syséme vírus, ktorý rozposiela nevyžiadanú poštu, zistil som to tak, že aj mne prišla nevyžiadaná pošta z mojej e-mailovej adresy viackrát.
Prednedávnom mi prišla pošta ktorú eset identifikoval ako infiltráciu, okamžite som ju vymazal a automaticky zaslal na preverenie. Kontrolou PC sa nezistil žiaden vírus. Ako to riešiť?
V prílohe zasielam aj súbor so spustenými aplikíciami vytvorený aplikáciou UPM - Ultimate Process Manager, Prosím o urýchlenú pomoc!!!
ako zaslať log.txt ked ne je povolena pripona txt?

#2 Příspěvek od **JaRon** » 24 zář 2010 09:34

vloz log RSIT - ako bezny text - pomocou ctrl+c ctrl+v

hezel · #3 Příspěvek od **hezel** » 24 zář 2010 09:54

OK
Windows Vista SP 2 (build 6002)
Boot Mode: Normal
Ověření souborů Microsoftu: Ano
Whitelist: Ano
Internet Explorer v8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
Log vygenerován: 22.09.2010 23:32:19
================================================================

Běžící procesy
================================================================

(rootkit?) audiodg.exe
C:\PROGRAM FILES\PROTECTOR SUITE QL\UPEKSVR.EXE
C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSBTSRV.EXE
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HP1006MC.EXE
C:\WINDOWS\SYSTEM32\DRIVERS\XAUDIO.EXE
C:\PROGRAM FILES\APOINT\APOINT.EXE
C:\WINDOWS\SYSTEM32\HKCMD.EXE
C:\WINDOWS\SYSTEM32\IGFXPERS.EXE
C:\PROGRAM FILES\SCANSOFT\PAPERPORT\PPTD40NT.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP UT\BIN\HPPUSG.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\PRNSTATUSMX\PRNSTATUSMX.EXE
C:\PROGRAM FILES\ACTIV SOFTWARE\ACTIVDRIVER\ACTIVCONTROL2.EXE
D:\DOKUMENTY\DOWNLOAD\MENINY.EXE
C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSBTMNG.EXE
C:\PROGRAM FILES\RAINLENDAR\RAINLENDAR.EXE
C:\PROGRAM FILES\APOINT\APNTEX.EXE
C:\PROGRAM FILES\ACTIV SOFTWARE\ACTIVDRIVER\ACTIVMGR.EXE
C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSA2DP.EXE
C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSBTHID.EXE
C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSBTBTY.EXE
C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSBTHSP.EXE
C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSAVRC.EXE
C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSOBEX.EXE
C:\PROGRAM FILES\TOSHIBA\BLUETOOTH TOSHIBA STACK\TOSBTPROC.EXE
C:\PROGRAM FILES\MOBILE PARTNER\MOBILE PARTNER.EXE

Scanner
================================================================
[S] audiodg.exe
Proces se nepodařilo otevřít
ROOTKIT? Skrytá cesta
Spouští se po startu HKCU Run [ISUSPM Startup]
Nelze otevřít

[S] SLsvc.exe
EntryPoint v sekci: .TEXT
|_ Celkový počet sekcí: 5

[?] upeksvr.exe
Soubor 7%

[R] sqlservr.exe
Ověřený Microsoft: Ne

[?] TosBtSrv.exe
Nemá okno
Soubor 7%

[?] HP1006MC.EXE
Non Microsoft v System32:
Nemá okno

[?] XAudio.exe
Non Microsoft v System32:
Nemá okno

[S] explorer.exe
Spouští se po startu HKLM Winlogon [Shell]

[S] MSASCui.exe
Spouští se po startu HKLM Run [Windows Defender]

[?] Apoint.exe
Spouští se po startu HKLM Run [Apoint]

[R] ISBMgr.exe
Spouští se po startu HKLM Run [ISBMgr.exe]

[R] egui.exe
Spouští se po startu HKLM Run [egui]

[R] VCUServe.exe
Spouští se po startu HKLM Run [VAIOCameraUtility]

[?] hkcmd.exe
Non Microsoft v System32:
Spouští se po startu HKLM Run [HotKeysCmds]

[?] igfxpers.exe
Non Microsoft v System32:
Spouští se po startu HKLM Run [Persistence]

[?] pptd40nt.exe
Spouští se po startu HKLM Run [PaperPort PTD]
Soubor 7%

[?] hppusg.exe
Bez výrobce
Spouští se po startu HKLM Run [HPUsageTracking]
EntryPoint v sekci:
|_ Celkový počet sekcí: 3
Soubor 12%

[?] PrnStatusMX.exe
Spouští se po startu HKLM Run [PrnStatusMX]

[R] realsched.exe
Spouští se po startu HKLM Run [TkBellExe]

[?] ActivControl2.exe
Spouští se po startu HKLM Run [ActivControl]
Nemá okno
Soubor 14%

[R] vc9play.exe
Spouští se po startu HKLM Run [VC9Player]

[?] Meniny.exe
Spouští se po startu HKCU Run [KrosMeniny]
EntryPoint v sekci: CODE
|_ Celkový počet sekcí: 8
Soubor 70%

[?] TosBtMng.exe
Spouští se po startu Po spuštění []
Soubor 14%

[?] Rainlendar.exe
Soubor 14%

[?] ActivMgr.exe
Bez výrobce
Soubor 12%

[?] TosA2dp.exe
Soubor 7%

[?] TosBtHid.exe
Soubor 7%

[?] TosBtBty.exe
Soubor 7%

[?] TosBtHSP.exe
Soubor 7%

[?] TosAVRC.exe
Soubor 7%

[?] TosOBEX.exe
Soubor 7%

[?] TosBtProc.exe
Soubor 14%

[?] Mobile Partner.exe
Bez výrobce
Soubor 12%

Po spuštění
================================================================

HKCU Run
|_ [?][ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -startup
|_ [!][KrosMeniny] D:\DOKUMENTY\Download\Meniny.exe
|_ [R][Skype] C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized
|_ [R][ICQ] C:\Program Files\ICQ7.2\ICQ.exe silent loginmode=4
|_ [R][Google Update] C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe /c

HKLM Run
|_ [S][Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe -hide
|_ [?][Apoint] C:\Program Files\Apoint\Apoint.exe
|_ [?][DRCU] C:\Program Files\Sony\DRCU\DRCU.exe
|_ [R][PSQLLauncher] C:\Program Files\Protector Suite QL\launcher.exe /startup
|_ [?][NvCplDaemon] C:\Windows\system32\NvCpl.dll ,NvStartup
|_ [?][NvMediaCenter] C:\Windows\system32\NvMcTray.dll ,NvTaskbarInit
|_ [R][egui] C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice
|_ [?][IgfxTray] C:\Windows\system32\igfxtray.exe
|_ [?][HotKeysCmds] C:\Windows\system32\hkcmd.exe
|_ [?][Persistence] C:\Windows\system32\igfxpers.exe
|_ [?][PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
|_ [?][IndexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
|_ [?][PP8 Reminder] C:\Program Files\Scansoft\PaperPort\WebEreg\NAVBrowser.exe -r C:\Program Files\Scansoft\PaperPort\WebEreg\navload.ini
|_ (Soubor nenalezen)
|_ [?][HPUsageTracking] C:\Program Files\Hewlett-Packard\HP UT\bin\hppusg.exe C:\Program Files\Hewlett-Packard\HP UT
|_ [?][PrnStatusMX] C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe
|_ [R][TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
|_ [?][ActivControl] C:\Program Files\Activ Software\Activdriver\ActivControl2.exe

HKLM ShellServiceObjectDelayLoad
|_ [X][WebCheck] (Soubor nenalezen)

HKLM IC
|_ [?][{89820200-ECBD-11cf-8B85-00AA005B4340}] regsvr32.exe /s /n /i:U shell32.dll

HKLM Winlogon Notify
|_ [?][igfxcui] C:\Windows\system32\igfxdev.dll
|_ [?][psfus] C:\Windows\system32\psqlpwd.dll
|_ [?][VESWinlogon] C:\Windows\system32\VESWinlogon.dll

Po spuštění
|_ C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
|_ [?][Bluetooth Manager.lnk] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

HKLM BHO
|_ [?][{CA6319C0-31B7-401E-A518-A07C3DB8F777}] C:\PROGRA~1\GOOGLE~1\BAE.dll

Služby (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================
[X] Symantec Lic NetConnect service
|_ Cesta: C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: CLTNetCnService
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Share Process
|_ Dependency:

[X] Google Update Service (gupdate)
|_ Cesta: C:\Program Files\Google\Update\GoogleUpdate.exe /svc
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: gupdate
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency: RPCSS

[X] SQL Server (VAIO_VEDB)
|_ Cesta: C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -sVAIO_VEDB
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: MSSQL$VAIO_VEDB
|_ StartName: NT AUTHORITY\NetworkService
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Win32 Own Process
|_ Dependency:

[?] TOSHIBA Bluetooth Service
|_ Cesta: C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
| |_ Výrobce: TOSHIBA CORPORATION
| |_ Popis: TOSHIBA Bluetooth Service
| |_ MD5: 76148C3159718B701252F87B067904A6
|
|_ Jméno: TOSHIBA Bluetooth Service
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Win32 Own Process
|_ Dependency: RPCSS

[?] XAudioService
|_ Cesta: C:\Windows\system32\DRIVERS\xaudio.exe
| |_ Výrobce: Conexant Systems, Inc.
| |_ Popis: Modem Audio Service
| |_ MD5: 28DC5D626E036A75A572556F0A6EB1F6
|
|_ Jméno: XAudioService
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Win32 Own Process
|_ Dependency:

Ovladače (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================
[?] Promethean Serial Board Driver
|_ Cesta: C:\Windows\system32\DRIVERS\activhidsermini.sys
| |_ Výrobce: Promethean Technologies Ltd
| |_ Popis: Promethean Activboard
| |_ MD5: 76D5DC8B3136F4F199F3D960B6DCA98F
|
|_ Jméno: ActivHidSerMini
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Angelnt
|_ Cesta: C:\Windows\System32\Drivers\ANGELNT.SYS
| |_ Výrobce: Identcode Ltd.
| |_ Popis: Angel Software Authorization Driver
| |_ MD5: 4A8CB8FEA9DCB6F93017F413E2646001
|
|_ Jméno: Angelnt
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Alps Pointing-device Filter Driver
|_ Cesta: C:\Windows\system32\DRIVERS\Apfiltr.sys
| |_ Výrobce: Alps Electric Co., Ltd.
| |_ Popis: Alps Touch Pad Driver
| |_ MD5: 7C2F57BCE81FA74933F0E1C84A97C9DB
|
|_ Jméno: ApfiltrService
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Team MFP Comm Driver
|_ Cesta: C:\Windows\System32\Drivers\DgivEcp.Sys
| |_ Výrobce: Samsung Electronics Co., Ltd.
| |_ Popis: Windows 2k,XP IEEE-1284 parallel class driver for ECP, Byte, and Nibble modes
| |_ MD5: 770471DE2550820FEEB7E5D24BF2E273
|
|_ Jméno: DgivEcp
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Zastaveno
|_ Typ: Kernel Driver
|_ Dependency: +Parallel Arbitrator

[?] HSF_DPV
|_ Cesta: C:\Windows\system32\DRIVERS\HSX_DPV.sys
| |_ Výrobce: Conexant Systems, Inc.
| |_ Popis: HSF_DP driver
| |_ MD5: 53229DCF431D76434816CD29251168A0
|
|_ Jméno: HSF_DPV
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] HSXHWAZL
|_ Cesta: C:\Windows\system32\DRIVERS\HSXHWAZL.sys
| |_ Výrobce: Conexant Systems, Inc.
| |_ Popis: HSF_HWAZL WDM driver
| |_ MD5: 31F949D452201F2F0AF0C88D7DB512CD
|
|_ Jméno: HSXHWAZL
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Huawei DataCard USB Modem and USB Serial
|_ Cesta: C:\Windows\system32\DRIVERS\ewusbmdm.sys
| |_ Výrobce: Huawei Technologies Co., Ltd.
| |_ Popis: USB Modem/Serial Device Driver
| |_ MD5: 19E6885A061011D8DABE8F64498423FA
|
|_ Jméno: hwdatacard
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] igfx
|_ Cesta: C:\Windows\system32\DRIVERS\igdkmd32.sys
| |_ Výrobce: Intel Corporation
| |_ Popis: Intel Graphics Kernel Mode Driver
| |_ MD5: 09F6812F0B242BDA67709A17E5BFFFF6
|
|_ Jméno: igfx
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit
|_ Cesta: C:\Windows\system32\DRIVERS\NETw3v32.sys
| |_ Výrobce: Intel® Corporation
| |_ Popis: Intel® Wireless LAN Driver
| |_ MD5: ACC6170D80C69E50145B370023B64ED3
|
|_ Jméno: NETw3v32
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Promethean HID Mouse Service
|_ Cesta: C:\Windows\system32\DRIVERS\activmouse.sys
| |_ Výrobce: Promethean Technologies Ltd
| |_ Popis: Promethean Multiple Screen Mouse Filter
| |_ MD5: C32C1D34DC26DFAAF7BCCC2B1E7EA602
|
|_ Jméno: prmvmouse
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] R5U870 UVC Lower Filter
|_ Cesta: C:\Windows\System32\Drivers\R5U870FLx86.sys
| |_ Výrobce: Ricoh
| |_ Popis: Description string for UvcFilter driver
| |_ MD5: 1839C6DB8C49D1911D946F1B3383EF6A
|
|_ Jméno: R5U870FLx86
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] R5U870 UVC Upper Filter
|_ Cesta: C:\Windows\System32\Drivers\R5U870FUx86.sys
| |_ Výrobce: Ricoh
| |_ Popis: Description string for UvcUpperFilter driver
| |_ MD5: 8F80F66AFCAAF743418A2E7EE593DB3C
|
|_ Jméno: R5U870FUx86
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Sony HDD Protection Filter Driver
|_ Cesta: C:\Windows\system32\DRIVERS\shpf.sys
| |_ Výrobce: Sony Corporation
| |_ Popis: Sony HDD Protection Driver
| |_ MD5: 571AED0899D559671672EA9DA3FDF4CF
|
|_ Jméno: shpf
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Sony Firmware Extension Parser Device
|_ Cesta: C:\Windows\System32\Drivers\SonyNC.sys
| |_ Výrobce: Sony Corporation
| |_ Popis: Sony Firmware Extension Parser driver
| |_ MD5: DB31D8989B3450569C29780E7FA98C48
|
|_ Jméno: SNC
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Sony Image Conversion Filter Driver
|_ Cesta: C:\Windows\system32\DRIVERS\SonyImgF.sys
| |_ Výrobce: Sony Corporation
| |_ Popis: Sony Image Filter Driver
| |_ MD5: 2F30C6EC1904CDB6F32CA69622726EB4
|
|_ Jméno: SonyImgF
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Sony Programmable I/O Control Device
|_ Cesta: C:\Windows\system32\DRIVERS\SonyPI.sys
| |_ Výrobce: Sony Corporation
| |_ Popis: Sony Programmable I/O Control Device
| |_ MD5: 6832CDA4C9336294DF1DF124F6627B6C
|
|_ Jméno: SPI
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] SSPORT
|_ Cesta: C:\Windows\system32\Drivers\SSPORT.sys
| |_ Výrobce: Samsung Electronics
| |_ Popis: Port Contention Driver
| |_ MD5: 5F77725EC309DE1242D8EFC8E9259A9F
|
|_ Jméno: SSPORT
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] SigmaTel High Definition Audio CODEC
|_ Cesta: C:\Windows\system32\drivers\stwrt.sys
| |_ Výrobce: SigmaTel, Inc.
| |_ Popis: NDRC
| |_ MD5: 6C7E2B9E0919149357E2D5057FE58146
|
|_ Jméno: STHDA
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] ti21sony
|_ Cesta: C:\Windows\system32\drivers\ti21sony.sys
| |_ Výrobce: Texas Instruments
| |_ Popis: ti21sony.sys
| |_ MD5: 7C7445B4C2BD46C56ABB3499DA52B75C
|
|_ Jméno: ti21sony
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Bluetooth COM Port
|_ Cesta: C:\Windows\system32\DRIVERS\tosporte.sys
| |_ Výrobce: TOSHIBA Corporation
| |_ Popis: TOSHIBA Bluetooth Port Emulation Driver
| |_ MD5: 8D624D3BD1F2D78BD1C01A2D4E954B4E
|
|_ Jméno: tosporte
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Bluetooth RFBUS
|_ Cesta: C:\Windows\system32\DRIVERS\tosrfbd.sys
| |_ Výrobce: TOSHIBA CORPORATION
| |_ Popis: Bluetooth RF Bus Driver
| |_ MD5: 42A23FF09BD172FA3F6A3A0A589EF1B0
|
|_ Jméno: tosrfbd
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Bluetooth RFBNEP
|_ Cesta: C:\Windows\System32\Drivers\tosrfbnp.sys
| |_ Výrobce: TOSHIBA Corporation
| |_ Popis: Bluetooth RFBNEP Driver
| |_ MD5: 90C8525BC578AAFFE87C2D0ED4379E9E
|
|_ Jméno: tosrfbnp
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Bluetooth RFHID
|_ Cesta: C:\Windows\system32\DRIVERS\Tosrfhid.sys
| |_ Výrobce: TOSHIBA Corporation.
| |_ Popis: Bluetooth HID Driver from TOSHIBA
| |_ MD5: 28099A4E52148319AFA685D93A2244D0
|
|_ Jméno: Tosrfhid
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Bluetooth USB Controller
|_ Cesta: C:\Windows\system32\DRIVERS\tosrfusb.sys
| |_ Výrobce: TOSHIBA CORPORATION
| |_ Popis: Bluetooth USB Miniport Driver
| |_ MD5: 967316FB4777BC6EAAA0E15552FEF768
|
|_ Jméno: tosrfusb
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] winachsf
|_ Cesta: C:\Windows\system32\DRIVERS\HSX_CNXT.sys
| |_ Výrobce: Conexant Systems, Inc.
| |_ Popis: HSF_CNXT driver
| |_ MD5: 6D2350BB6E77E800FC4BE4E5B7A2E89A
|
|_ Jméno: winachsf
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] XAudio
|_ Cesta: C:\Windows\system32\DRIVERS\xaudio.sys
| |_ Výrobce: Conexant Systems, Inc.
| |_ Popis: Modem Audio Device Driver
| |_ MD5: 5A7FF9A18FF6D7E0527FE3ABF9204EF8
|
|_ Jméno: XAudio
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller
|_ Cesta: C:\Windows\system32\DRIVERS\yk60x86.sys
| |_ Výrobce: Marvell
| |_ Popis: NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller
| |_ MD5: 69222091B6285906AFF82E43681CF826
|
|_ Jméno: yukonwlh
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

Moduly (Zobraz i bezpečné DLL: False, Jen bez výrobce: True, Zobraz registrované: False)
================================================================
[?] infra.dll
|_ Cesta: C:\Program Files\Protector Suite QL\infra.dll
|_ MD5: 4041B7CA2555C4248EECDA1034A0AFD4
|_ Výrobce: UPEK Inc.
|_ Procesy
|_ lsass.exe (868)
|_ upeksvr.exe (1800)
|_ explorer.exe (3352)
|_ vc9play.exe (2952)
|_ psqltray.exe (1580)
|_ iexplore.exe (4380)
|_ iexplore.exe (4000)
|_ CCleaner.exe (2364)
|_ UPM.exe (2108)

[?] homefus2.dll
|_ Cesta: C:\Program Files\Protector Suite QL\homefus2.dll
|_ MD5: C6B66A3D6546B43FAE8475F05D8A5371
|_ Výrobce: UPEK Inc.
|_ Procesy
|_ lsass.exe (868)
|_ upeksvr.exe (1800)
|_ psqltray.exe (1580)

[?] psqlpwd.dll
|_ Cesta: C:\Windows\System32\psqlpwd.dll
|_ MD5: 8CEE602A12031A9686DA9A6967DC378D
|_ Výrobce: UPEK Inc.
|_ Procesy
|_ lsass.exe (868)

[?] remote.dll
|_ Cesta: C:\Program Files\Protector Suite QL\remote.dll
|_ MD5: D5A496BAC31A66E01A04C3F5DF40B613
|_ Výrobce: UPEK Inc.
|_ Procesy
|_ upeksvr.exe (1800)
|_ psqltray.exe (1580)

[?] homepass.dll
|_ Cesta: C:\Program Files\Protector Suite QL\homepass.dll
|_ MD5: 4612FCEAC5590BF2031669F6025337F2
|_ Výrobce: UPEK Inc.
|_ Procesy
|_ upeksvr.exe (1800)

[?] bio.dll
|_ Cesta: C:\Program Files\Protector Suite QL\bio.dll
|_ MD5: E925FFDBB28F17FA6D8E3A55B020D96B
|_ Výrobce: UPEK Inc.
|_ Procesy
|_ upeksvr.exe (1800)
|_ psqltray.exe (1580)

[?] provider.dll
|_ Cesta: C:\Program Files\Protector Suite QL\provider.dll
|_ MD5: B28E2540B10CC150E1DA77C9BEC1D6F3
|_ Výrobce: UPEK Inc.
|_ Procesy
|_ upeksvr.exe (1800)
|_ psqltray.exe (1580)

[?] tosbdapi.dll
|_ Cesta: C:\Windows\System32\TosBdAPI.dll
|_ MD5: 085F180F10BAD13396CFFADAC5AFB5D9
|_ Výrobce: TOSHIBA CORPORATION.
|_ Procesy
|_ spoolsv.exe (312)
|_ TosBtMng.exe (3592)
|_ TosA2dp.exe (3528)
|_ TosBtHSP.exe (4312)
|_ TosAVRC.exe (4432)
|_ TosOBEX.exe (4856)
|_ TosBtProc.exe (5580)

[?] tosbtapi.dll
|_ Cesta: C:\Windows\System32\TosBtAPI.dll
|_ MD5: E6E67F4B840FCD0BCA5E1DADB5B575BE
|_ Výrobce: TOSHIBA CORPORATION.
|_ Procesy
|_ spoolsv.exe (312)
|_ TosBtMng.exe (3592)
|_ TosA2dp.exe (3528)
|_ TosBtHSP.exe (4312)
|_ TosOBEX.exe (4856)

[?] mfc80.dll
|_ Cesta: C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80.dll
|_ MD5: 4928AB3A304DDF05C354DE3807A4A66B
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ VC9SecS.exe (2292)
|_ vc9play.exe (2952)
|_ vc9tray.exe (4408)

[?] activfocushook.dll
|_ Cesta: C:\ProgramData\Activ Software\ActivApplications\ActivFocusHook.dll
|_ MD5: 68A1D163EE5D8A3369A7448DF970AE75
|_ Výrobce: ?
|_ Procesy
|_ dwm.exe (3296)
|_ explorer.exe (3352)
|_ MSASCui.exe (3680)
|_ ISBMgr.exe (3704)
|_ egui.exe (3740)
|_ VCUServe.exe (3748)
|_ hppusg.exe (2216)
|_ PrnStatusMX.exe (1640)
|_ ActivControl2.exe (1084)
|_ vc9play.exe (2952)
|_ Meniny.exe (3140)
|_ TosBtMng.exe (3592)
|_ Rainlendar.exe (3204)
|_ psqltray.exe (1580)
|_ ActivMgr.exe (1032)
|_ TosA2dp.exe (3528)
|_ TosBtHid.exe (4212)
|_ TosBtBty.exe (4220)
|_ TosBtHSP.exe (4312)
|_ vc9tray.exe (4408)
|_ TosAVRC.exe (4432)
|_ TosOBEX.exe (4856)
|_ TosBtProc.exe (5580)
|_ Mobile Partner.exe (4624)
|_ wmpnscfg.exe (4208)
|_ iexplore.exe (4380)
|_ iexplore.exe (4000)
|_ FlashUtil10c.exe (4980)
|_ iexplore.exe (4264)

[?] farchns.dll
|_ Cesta: C:\Program Files\Protector Suite QL\farchns.dll
|_ MD5: D2D46776E0469913F81296281D4D9400
|_ Výrobce: UPEK Inc.
|_ Procesy
|_ explorer.exe (3352)
|_ vc9play.exe (2952)
|_ psqltray.exe (1580)
|_ iexplore.exe (4380)
|_ iexplore.exe (4000)
|_ CCleaner.exe (2364)
|_ UPM.exe (2108)

[?] snyutils.dll
|_ Cesta: C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll
|_ MD5: B7ABD8175EDAF8DEA455942555BF0C27
|_ Výrobce: Sony Corporation
|_ Procesy
|_ Switcher.exe (3648)
|_ ISBMgr.exe (3704)

[?] sxbios.dll
|_ Cesta: C:\Program Files\Common Files\Sony Shared\SXBios\SXBios.dll
|_ MD5: 0E0C09D30B7391B3816230B9056BBB10
|_ Výrobce: Sony Corporation
|_ Procesy
|_ Switcher.exe (3648)
|_ ISBMgr.exe (3704)

[?] frn.dll
|_ Cesta: C:\Program Files\Sony\Wireless Switch Setting Utility\Frn.dll
|_ MD5: 79398ACE41B9DD0A830E0CD754314F6D
|_ Výrobce: Sony Corporation
|_ Procesy
|_ Switcher.exe (3648)

[?] msvcr70.dll
|_ Cesta: C:\Windows\System32\msvcr70.dll
|_ MD5: D2AE90EBBCBE265DFA10DA91635C7878
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ Switcher.exe (3648)
|_ ISBMgr.exe (3704)

[?] mfc80u.dll
|_ Cesta: C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
|_ MD5: 686B224B4987C22B153FBB545FEE9657
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ egui.exe (3740)

[?] vculib.dll
|_ Cesta: C:\Program Files\Sony\VAIO Camera Utility\VCULib.dll
|_ MD5: 31EEE54DC66CCB516FD87FB3891FF1AF
|_ Výrobce:
|_ Procesy
|_ VCUServe.exe (3748)

[?] hptools.dll
|_ Cesta: C:\Program Files\Hewlett-Packard\HP UT\bin\HPTools.dll
|_ MD5: 415C9DC5DA9391281DC9623EC63BD23D
|_ Výrobce: ?
|_ Procesy
|_ hppusg.exe (2216)
|_ hppusg.exe (2216)

[?] hptoolkit.dll
|_ Cesta: C:\Program Files\Hewlett-Packard\HP UT\bin\HPToolkit.dll
|_ MD5: D3142532E4097F32AC247060313D1272
|_ Výrobce: ?
|_ Procesy
|_ hppusg.exe (2216)
|_ hppusg.exe (2216)

[?] enumeration.dll
|_ Cesta: C:\Program Files\Hewlett-Packard\HP UT\bin\Enumeration.dll
|_ MD5: 2235E529604FB7960188FC75B5B54C22
|_ Výrobce: ?
|_ Procesy
|_ hppusg.exe (2216)
|_ hppusg.exe (2216)

[?] interop.hpqusg.dll
|_ Cesta: C:\Windows\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\interop.hpqusg.dll
|_ MD5: FF885A5A7AF62F47A5B97F385CFD4FBF
|_ Výrobce:
|_ Procesy
|_ hppusg.exe (2216)

[?] hpstreamsinterface.dll
|_ Cesta: C:\Program Files\Hewlett-Packard\HP UT\bin\HPStreamsInterface.dll
|_ MD5: 3D523E810687893A0DAC2E1D1645DA27
|_ Výrobce: ?
|_ Procesy
|_ hppusg.exe (2216)
|_ hppusg.exe (2216)

[?] hpqusg.dll
|_ Cesta: C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqusg.dll
|_ MD5: 60D2CFC4891B7208D11896299AF26C80
|_ Výrobce: Hewlett-Packard Co.
|_ Procesy
|_ hppusg.exe (2216)

[?] hppatusg01.dll
|_ Cesta: C:\Windows\System32\hppatusg01.dll
|_ MD5: 6298E1053F7041FA5F5152D27D96F0DC
|_ Výrobce: ?
|_ Procesy
|_ hppusg.exe (2216)

[?] atl80.dll
|_ Cesta: C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll
|_ MD5: 3E9A33113D663D8BD5ED38858E669652
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ hppusg.exe (2216)

[?] hpusagetracking.dll
|_ Cesta: C:\Program Files\Hewlett-Packard\HP UT\bin\HPUsageTracking.dll
|_ MD5: 201B40A3D7F0D5BD313E66664298CEF9
|_ Výrobce: ?
|_ Procesy
|_ hppusg.exe (2216)

[?] prmnst.dll
|_ Cesta: C:\Program Files\Activ Software\Activdriver\prmnst.dll
|_ MD5: 4122F6C6556D87E816DFEE1AB000F50E
|_ Výrobce: ?
|_ Procesy
|_ ActivControl2.exe (1084)

[?] nctaudiofile2.dll
|_ Cesta: C:\Windows\System32\NCTAudioFile2.dll
|_ MD5: FBCC81EC674C7EEB86D859503B13BF23
|_ Výrobce: NCT Company Ltd.
|_ Procesy
|_ vc9play.exe (2952)

[?] tosbtmnglang.dll
|_ Cesta: C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMngLang.dll
|_ MD5: FEFA614B9AA8D3191B4539B2C8A8454D
|_ Výrobce: TOSHIBA CORPORATION.
|_ Procesy
|_ TosBtMng.exe (3592)

[?] tosbtmnghelp.dll
|_ Cesta: C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMngHelp.dll
|_ MD5: E16A486409F6B0604C7470FB079A0298
|_ Výrobce: TOSHIBA CORPORATION.
|_ Procesy
|_ TosBtMng.exe (3592)

[?] tosbtsddb.dll
|_ Cesta: C:\Windows\System32\TosBtSDDB.dll
|_ MD5: AA6677900A55BD6A72ABB0B30912A55B
|_ Výrobce: TOSHIBA CORPORATION.
|_ Procesy
|_ TosBtMng.exe (3592)

[?] btusrmod.dll
|_ Cesta: C:\Program Files\Toshiba\Bluetooth Toshiba Stack\BtUsrMod.dll
|_ MD5: 2E154ECB31864A9C221A866A545D39A5
|_ Výrobce: TOSHIBA CORPORATION
|_ Procesy
|_ TosBtMng.exe (3592)

[?] lcwizard.dll
|_ Cesta: C:\Windows\System32\LCWizard.dll
|_ MD5: 9E7CB0432597E638B012C882648019C5
|_ Výrobce: TOSHIBA CORPORATION
|_ Procesy
|_ TosBtMng.exe (3592)
|_ TosBtHSP.exe (4312)
|_ TosOBEX.exe (4856)

[?] tosbtload.dll
|_ Cesta: C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtLoad.dll
|_ MD5: E4BB0288A98D2AD4AFB844A3B0AA3D7C
|_ Výrobce: TOSHIBA
|_ Procesy
|_ TosBtMng.exe (3592)

[?] tosbtafh.dll
|_ Cesta: C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtAfh.dll
|_ MD5: FD17972042A2D3A539E6EA3110E92B43
|_ Výrobce:
|_ Procesy
|_ TosBtMng.exe (3592)

[?] icalplugin.dll
|_ Cesta: C:\Program Files\Rainlendar\Plugins\iCalPlugin.dll
|_ MD5: D34961569155AB575928D2BBC75F4578
|_ Výrobce:
|_ Procesy
|_ Rainlendar.exe (3204)

[?] iniformatplugin.dll
|_ Cesta: C:\Program Files\Rainlendar\Plugins\IniFormatPlugin.dll
|_ MD5: 849BC78008EED21E86AE78E27F645FA0
|_ Výrobce:
|_ Procesy
|_ Rainlendar.exe (3204)

[?] outlookplugin.dll
|_ Cesta: C:\Program Files\Rainlendar\Plugins\OutlookPlugin.dll
|_ MD5: 9958D9F6A66E2F172E7BF1999039A976
|_ Výrobce:
|_ Procesy
|_ Rainlendar.exe (3204)

[?] serverplugin.dll
|_ Cesta: C:\Program Files\Rainlendar\Plugins\ServerPlugin.dll
|_ MD5: 02FB596CEFDDD0ECBAAD3CCA39756CAF
|_ Výrobce:
|_ Procesy
|_ Rainlendar.exe (3204)

[?] rainlendar.dll
|_ Cesta: C:\Program Files\Rainlendar\Rainlendar.dll
|_ MD5: AE55315529406375CE9C1C925B5730DB
|_ Výrobce:
|_ Procesy
|_ Rainlendar.exe (3204)

[?] aluskin.dll
|_ Cesta: C:\Program Files\Protector Suite QL\aluskin.dll
|_ MD5: AD2CFF67B9358D33560A9577214416C7
|_ Výrobce: UPEK Inc.
|_ Procesy
|_ psqltray.exe (1580)

[?] fdhome.dll
|_ Cesta: C:\Program Files\Protector Suite QL\fdhome.dll
|_ MD5: 4C5B62293F4B1A07C707AC74FD354A4F
|_ Výrobce: UPEK Inc.
|_ Procesy
|_ psqltray.exe (1580)

[?] pwdbank.dll
|_ Cesta: C:\Program Files\Protector Suite QL\pwdbank.dll
|_ MD5: 9E8D927F862FECFC4382EEA3C24A7380
|_ Výrobce: UPEK Inc.
|_ Procesy
|_ psqltray.exe (1580)

[?] tpmkey.dll
|_ Cesta: C:\Program Files\Protector Suite QL\tpmkey.dll
|_ MD5: 004DE88D80EBA8A592C0A7B3132D1340
|_ Výrobce: UPEK Inc.
|_ Procesy
|_ psqltray.exe (1580)

[?] infcore.dll
|_ Cesta: C:\Program Files\Protector Suite QL\infcore.dll
|_ MD5: E259B489ABE3F14770C39B8AED4D3A32
|_ Výrobce: UPEK Inc.
|_ Procesy
|_ psqltray.exe (1580)

[?] psqltray.dll
|_ Cesta: C:\Program Files\Protector Suite QL\psqltray.dll
|_ MD5: 51A58B923C98F9EADF43FDB201B1DB17
|_ Výrobce: UPEK Inc.
|_ Procesy
|_ psqltray.exe (1580)

[?] tsscore.dll
|_ Cesta: C:\Program Files\Protector Suite QL\tsscore.dll
|_ MD5: F2A1B3F185E92579425DD817FC1E15C6
|_ Výrobce: UPEK Inc.
|_ Procesy
|_ psqltray.exe (1580)

[?] applaun.dll
|_ Cesta: C:\Program Files\Protector Suite QL\applaun.dll
|_ MD5: 0C05C948A56548169A3B7B7169382BE1
|_ Výrobce: UPEK Inc.
|_ Procesy
|_ psqltray.exe (1580)

[?] ms2fs.dll
|_ Cesta: C:\Program Files\Protector Suite QL\ms2fs.dll
|_ MD5: 28172A661D521D98F4C975FA9E6F8EE5
|_ Výrobce: UPEK Inc.
|_ Procesy
|_ psqltray.exe (1580)

[?] libactivboardex.dll
|_ Cesta: C:\Windows\libactivboardex.dll
|_ MD5: CD43D6F971BD10D44C8CAAFCFB7414D2
|_ Výrobce: ?
|_ Procesy
|_ ActivMgr.exe (1032)

[?] qtnetwork4.dll
|_ Cesta: C:\Program Files\Activ Software\Activdriver\QtNetwork4.dll
|_ MD5: 3023B1B17C45E6786B597580E58F2FC5
|_ Výrobce:
|_ Procesy
|_ ActivMgr.exe (1032)

[?] qtgui4.dll
|_ Cesta: C:\Program Files\Activ Software\Activdriver\QtGui4.dll
|_ MD5: 549E8BFF2985F8DD969458D84871F331
|_ Výrobce:
|_ Procesy
|_ ActivMgr.exe (1032)

[?] qtcore4.dll
|_ Cesta: C:\Program Files\Activ Software\Activdriver\QtCore4.dll
|_ MD5: 43A4462AA605CB0FA102A7F94A70834F
|_ Výrobce:
|_ Procesy
|_ ActivMgr.exe (1032)

[?] tosavdtapi.dll
|_ Cesta: C:\Windows\System32\TosAvdtAPI.dll
|_ MD5: B2182E0401542B486FC1117204345A63
|_ Výrobce: TOSHIBA CORPORATION.
|_ Procesy
|_ TosA2dp.exe (3528)

[?] tossndplug.dll
|_ Cesta: C:\Windows\System32\TosSndPlug.dll
|_ MD5: 1D93FA179DD16C497682E1499AF7B8E1
|_ Výrobce: TOSHIBA CORPORATION.
|_ Procesy
|_ TosA2dp.exe (3528)
|_ TosBtHSP.exe (4312)

[?] tosbteccapi.dll
|_ Cesta: C:\Windows\System32\TosBtECCAPI.dll
|_ MD5: 558C7FE3994FD6269A9170B51D9AB985
|_ Výrobce: TOSHIBA CORPORATION.
|_ Procesy
|_ TosA2dp.exe (3528)
|_ TosBtHSP.exe (4312)

[?] bcgcbpro94080.dll
|_ Cesta: C:\Program Files\Virtual CD v9\System\BCGCBPRO94080.dll
|_ MD5: 25E0C8AAD0BA0D1E940D0B54D0E7B71B
|_ Výrobce: BCGSoft Ltd
|_ Procesy
|_ vc9tray.exe (4408)

[?] tosavctapi.dll
|_ Cesta: C:\Windows\System32\TosAvctAPI.dll
|_ MD5: 1157C82F041243BC0C3639D515CAEBE0
|_ Výrobce: TOSHIBA CORPORATION.
|_ Procesy
|_ TosAVRC.exe (4432)

[?] tosobex.dll
|_ Cesta: C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.dll
|_ MD5: 6B0D4136B16CBDF051BDB7A225A77781
|_ Výrobce: TOSHIBA corporation
|_ Procesy
|_ TosBtProc.exe (5580)

[?] skinmagicu.dll
|_ Cesta: C:\Program Files\Mobile Partner\SkinMagicU.dll
|_ MD5: 08D373921FF680B5AAE59E6F0814D987
|_ Výrobce: Appspeed Inc.
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] devicemgrplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\DeviceMgrPlugin.dll
|_ MD5: 391839BF359822EF8C311CF83E439663
|_ Výrobce:
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] netinfoplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\NetInfoPlugin.dll
|_ MD5: FCB7A738B407F8F9F133B0D5384DA317
|_ Výrobce:
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] dialupplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\DialUpPlugin.dll
|_ MD5: 4E868724F02A5899A10767A5A21E60E3
|_ Výrobce:
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] traceplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\TracePlugin.dll
|_ MD5: DD5D129CE334D0A4CB202AAFAD8BF1C1
|_ Výrobce: TODO: <???>
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] ndisplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\NDISPlugin.dll
|_ MD5: 0732798943D2E4CD64C941F722D0562D
|_ Výrobce: TODO: <???>
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] deviceoperate.dll
|_ Cesta: C:\Program Files\Mobile Partner\DeviceOperate.dll
|_ MD5: 6F342CEA23E25060EDBD9898CD7D2784
|_ Výrobce: ?
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] netconnectplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\NetConnectPlugin.dll
|_ MD5: DA4DF4CCEA00B03F6076F0996733EC13
|_ Výrobce: TODO: <???>
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] detectdev.dll
|_ Cesta: C:\Program Files\Mobile Partner\DetectDev.dll
|_ MD5: 3F4A0BC07DA339AB6D086193EFD786CB
|_ Výrobce: ?
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] configfileplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\ConfigFilePlugin.dll
|_ MD5: 372F6C071CD468DC4B1C32DFE0EE5CC5
|_ Výrobce:
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] xcodec.dll
|_ Cesta: C:\Program Files\Mobile Partner\XCodec.dll
|_ MD5: 81DEE88399ED2C0EBA0851419BD9A728
|_ Výrobce: ?
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] netinfouiexplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\NetInfoUIExPlugin.dll
|_ MD5: E355F52D33D9A38909336D5D27667532
|_ Výrobce: TODO: <Company name>
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] atcomm.dll
|_ Cesta: C:\Program Files\Mobile Partner\atcomm.dll
|_ MD5: BE36E63F5943C2E3C480188108948F24
|_ Výrobce: ?
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] xframeplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\XFramePlugin.dll
|_ MD5: 094D3535F31C62A4D948883AF68D3D00
|_ Výrobce: TODO: <???>
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] devicemgruiplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\DeviceMgrUIPlugin.dll
|_ MD5: 110DFC2BF9B522A3D11276BD5F164E43
|_ Výrobce:
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] ndisapi.dll
|_ Cesta: C:\Program Files\Mobile Partner\NDISAPI.dll
|_ MD5: 762D4EC32CDFDE9D2CB5DD497FABBDC4
|_ Výrobce:
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] menumgrplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\MenuMgrPlugin.dll
|_ MD5: 27E99C0B340FD0374626020AF154A7EE
|_ Výrobce: TODO: <???>
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] localemgrplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\LocaleMgrPlugin.dll
|_ MD5: 3EAF7DB2EBC601120A17C19F2B24567B
|_ Výrobce:
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] smsuiplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\SMSUIPlugin.dll
|_ MD5: 9E23362A6A901FA1CACC4945BDEB6E63
|_ Výrobce: TODO: <???>
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] notifyserviceplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\NotifyServicePlugin.dll
|_ MD5: 08260B6DFB214DBF24B5D9A0366F5995
|_ Výrobce:
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] toolbarmgrplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\ToolBarMgrPlugin.dll
|_ MD5: B62F2D87B77CE7F11A1F6CDF9D6AF3F7
|_ Výrobce: TODO: <???>
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] addrbookplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\AddrBookPlugin.dll
|_ MD5: ACBA3116EAAE0FA2EAD0C3CAE5198583
|_ Výrobce: Huawei Technologies
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] filemanager.dll
|_ Cesta: C:\Program Files\Mobile Partner\FileManager.dll
|_ MD5: 8636338523933065E547D2C648AE339D
|_ Výrobce:
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] smsplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\SMSPlugin.dll
|_ MD5: 6CFE6556426424603A7C554DAD25C450
|_ Výrobce:
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] statusbarmgrplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\StatusBarMgrPlugin.dll
|_ MD5: 7133563693FCBAE0EB80A04FA211775E
|_ Výrobce: TODO: <???>
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] layoutplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\LayoutPlugin.dll
|_ MD5: 42777B4A0BAD1A3357F6A4227077FAB7
|_ Výrobce: TODO: <???>
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] dialupuiplugin.dll
|_ Cesta: C:\Program Files\Mobile Partner\DialupUIPlugin.dll
|_ MD5: 309C4834DC60C87643874235E9957CEB
|_ Výrobce: TODO: <???>
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] skinmagicexu.dll
|_ Cesta: C:\Program Files\Mobile Partner\SkinMagicExU.dll
|_ MD5: 7413DA8202F557FCC49F26A7B60956D7
|_ Výrobce: TODO: <???>
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] container.dll
|_ Cesta: C:\Program Files\Mobile Partner\Container.dll
|_ MD5: FAA0CCC2690C380ACCA42DA6358BF580
|_ Výrobce: TODO: <???>
|_ Procesy
|_ Mobile Partner.exe (4624)

[?] bae.dll
|_ Cesta: C:\Program Files\Google BAE\BAE.dll
|_ MD5: 7E08D0CA051C3BAAE8534E3472AA3992
|_ Výrobce: Your Company Name
|_ Procesy
|_ iexplore.exe (4000)
|_ iexplore.exe (4264)

================================================================
Ultimate Process Manager v4.1.3 - [ Lodus Software ]

#4 Příspěvek od **JaRon** » 24 zář 2010 10:06

chcel som sice RSIT - no pokracujeme:
stiahni a uloz na plochu ComboFix

potom spust pod uctom s administratorskym opravnenim

akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie

Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.

po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)

hezel · #5 Příspěvek od **hezel** » 24 zář 2010 10:12

OK viem medzitým som urobil aj to posielam:

Logfile of random's system information tool 1.08 (written by random/random)
Run by PC at 2010-09-24 10:58:30
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 61 GB (49%) free of 124 GB
Total RAM: 2037 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:59:00, on 24.09.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\Program Files\Hewlett-Packard\HP UT\bin\hppusg.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Activ Software\Activdriver\ActivControl2.exe
C:\Program Files\Virtual CD v9\System\vc9play.exe
C:\Program Files\Apoint\ApMsgFwd.exe
D:\DOKUMENTY\Download\Meniny.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ICQ7.2\ICQ.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Activ Software\Activdriver\activmgr.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
C:\Program Files\Virtual CD v9\System\VC9Tray.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R0KR2WO7\RSIT[1].exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\PC.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.azet.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [DRCU] "C:\Program Files\Sony\DRCU\DRCU.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [PP8 Reminder] "C:\Program Files\Scansoft\PaperPort\WebEreg\NAVBrowser.exe" -r "C:\Program Files\Scansoft\PaperPort\WebEreg\navload.ini"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files\Hewlett-Packard\HP UT\bin\hppusg.exe" "C:\Program Files\Hewlett-Packard\HP UT"
O4 - HKLM\..\Run: [PrnStatusMX] C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ActivControl] C:\Program Files\Activ Software\Activdriver\ActivControl2.exe
O4 - HKLM\..\Run: [VC9Player] C:\Program Files\Virtual CD v9\System\VC9Play.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [KrosMeniny] D:\DOKUMENTY\Download\Meniny.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Google Update] "C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_93C8148BBB233F43.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{226ADC43-7CC7-4192-961C-DEF30257A79E}: NameServer = 213.151.200.30 213.151.208.161
O17 - HKLM\System\CS1\Services\Tcpip\..\{226ADC43-7CC7-4192-961C-DEF30257A79E}: NameServer = 213.151.200.30 213.151.208.161
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Virtual CD v9 Management Service (VC9SecS) - H+H Software GmbH - C:\Program Files\Virtual CD v9\System\VC9SecS.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10121 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4253639542-3842050692-1369441549-1004Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4253639542-3842050692-1369441549-1004UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-20 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-03-13 501384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\PROGRA~1\GOOGLE~1\BAE.dll [2006-06-23 98304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2006-09-11 118784]
"DRCU"=C:\Program Files\Sony\DRCU\DRCU.exe [2006-12-03 61440]
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2006-11-11 43128]
"PSQLLauncher"=C:\Program Files\Protector Suite QL\launcher.exe [2006-11-29 49168]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-11-22 7757824]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-11-22 81920]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-03-19 2029640]
"VAIOCameraUtility"=C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe [2006-11-14 411768]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2006-11-27 98304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2006-11-27 106496]
"Persistence"=C:\Windows\system32\igfxpers.exe [2006-11-27 81920]
"PaperPort PTD"=C:\Program Files\Scansoft\PaperPort\pptd40nt.exe [2003-05-20 45108]
"IndexSearch"=C:\Program Files\Scansoft\PaperPort\IndexSearch.exe [2003-05-20 36864]
"PP8 Reminder"=C:\Program Files\Scansoft\PaperPort\WebEreg\NAVBrowser.exe [2003-02-27 729088]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
""= []
"HPUsageTracking"=C:\Program Files\Hewlett-Packard\HP UT\bin\hppusg.exe [2007-11-02 36864]
"PrnStatusMX"=C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe [2007-08-29 1077248]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-20 202256]
"ActivControl"=C:\Program Files\Activ Software\Activdriver\ActivControl2.exe [2009-04-03 1040384]
"VC9Player"=C:\Program Files\Virtual CD v9\System\VC9Play.exe [2009-10-01 202056]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]
"KrosMeniny"=D:\DOKUMENTY\Download\Meniny.exe [2010-01-15 1420288]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2010-08-22 133432]
"Google Update"=C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-16 136176]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Rainlendar.lnk - C:\Program Files\Rainlendar\Rainlendar.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2006-11-27 212992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Windows\system32\psqlpwd.dll [2006-11-29 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2006-11-24 73728]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-24 10:58:31 ----D---- C:\Program Files\trend micro
2010-09-24 10:58:30 ----D---- C:\rsit
2010-09-22 21:06:28 ----D---- C:\Program Files\CCleaner
2010-09-22 20:35:02 ----D---- C:\Program Files\Ultimate Process Manager
2010-09-15 11:33:03 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-15 11:29:34 ----A---- C:\Windows\system32\usp10.dll
2010-09-15 11:29:30 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-09-15 11:27:56 ----A---- C:\Windows\system32\inetcomm.dll

======List of files/folders modified in the last 1 months======

2010-09-24 10:58:52 ----D---- C:\Windows\Temp
2010-09-24 10:58:31 ----D---- C:\Program Files
2010-09-24 10:55:39 ----D---- C:\Users\PC\AppData\Roaming\Skype
2010-09-24 08:51:09 ----SHD---- C:\System Volume Information
2010-09-24 08:24:00 ----D---- C:\Users\PC\AppData\Roaming\skypePM
2010-09-24 08:23:49 ----D---- C:\Users\PC\AppData\Roaming\ICQ
2010-09-23 11:46:06 ----D---- C:\Windows\Prefetch
2010-09-23 06:03:56 ----D---- C:\Windows
2010-09-22 23:06:39 ----D---- C:\Users\PC\AppData\Roaming\Media Player Classic
2010-09-22 23:01:01 ----D---- C:\Windows\system32\LogFiles
2010-09-22 23:00:54 ----D---- C:\Windows\Debug
2010-09-22 21:41:06 ----A---- C:\Windows\eporadca_1005.ini
2010-09-22 21:38:52 ----D---- C:\Program Files\E-Poradca Máj 2010
2010-09-22 21:33:33 ----A---- C:\Windows\eporadca_1002.ini
2010-09-22 21:31:54 ----D---- C:\Program Files\E-Poradca Február 2010
2010-09-22 21:26:33 ----D---- C:\Program Files\Inkscape
2010-09-22 21:24:27 ----D---- C:\ProgramData\Pixela
2010-09-22 21:24:22 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-22 21:24:21 ----D---- C:\Program Files\PIXELA
2010-09-22 21:22:44 ----D---- C:\Windows\system32\Tasks
2010-09-22 19:21:28 ----D---- C:\Windows\System32
2010-09-22 19:21:27 ----D---- C:\Windows\inf
2010-09-22 19:21:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-21 19:04:40 ----D---- C:\OLYMP
2010-09-21 18:08:17 ----D---- C:\Alfa
2010-09-16 08:53:12 ----D---- C:\Windows\winsxs
2010-09-16 08:43:01 ----D---- C:\Windows\system32\catroot
2010-09-16 08:43:00 ----D---- C:\Windows\system32\catroot2
2010-09-16 08:39:59 ----D---- C:\Program Files\Windows Mail
2010-09-16 07:22:41 ----SHD---- C:\Windows\Installer
2010-09-16 07:22:25 ----D---- C:\ProgramData\Microsoft Help
2010-09-16 07:17:06 ----A---- C:\Windows\system32\mrt.exe
2010-09-15 23:21:17 ----D---- C:\Windows\Tasks
2010-09-12 20:00:17 ----D---- C:\Program Files\Mozilla Firefox
2010-09-11 12:41:08 ----D---- C:\Windows\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-08-18 45200]
R0 shpf;Sony HDD Protection Filter Driver; C:\Windows\system32\DRIVERS\shpf.sys [2006-12-01 12416]
R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2006-10-18 10216]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-03-19 107256]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS [2010-01-04 51072]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-03-19 113960]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-03-19 131976]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-03-19 38240]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2006-11-22 5120]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 8192]
R3 ActivHidSerMini;Promethean Serial Board Driver; C:\Windows\system32\DRIVERS\activhidsermini.sys [2008-12-17 55424]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2006-08-30 140800]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-03-19 33096]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-18 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-10-18 206848]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101632]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-27 1476096]
R3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-10-30 1786880]
R3 prmvmouse;Promethean HID Mouse Service; C:\Windows\system32\DRIVERS\activmouse.sys [2008-12-17 4352]
R3 R5U870FLx86;R5U870 UVC Lower Filter ; C:\Windows\System32\Drivers\R5U870FLx86.sys [2006-11-09 73472]
R3 R5U870FUx86;R5U870 UVC Upper Filter ; C:\Windows\System32\Drivers\R5U870FUx86.sys [2006-11-09 43904]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-18 8192]
R3 SNC;Sony Firmware Extension Parser Device; C:\Windows\System32\Drivers\SonyNC.sys [2006-10-13 27520]
R3 SonyImgF;Sony Image Conversion Filter Driver; C:\Windows\system32\DRIVERS\SonyImgF.sys [2006-09-06 30976]
R3 SPI;Sony Programmable I/O Control Device; C:\Windows\system32\DRIVERS\SonyPI.sys [2006-10-05 33792]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-02-06 650240]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-18 9216]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2006-11-28 39056]
R3 ti21sony;ti21sony; C:\Windows\system32\drivers\ti21sony.sys [2006-11-06 227328]
R3 toshidpt;Bluetooth HID Port; C:\Windows\system32\drivers\Toshidpt.sys [2005-07-11 3712]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-01-12 113792]
R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2006-10-05 73600]
R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
R3 tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-01-12 40576]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-19 45624]
R3 usbvideo;R5U870 (UVC) ; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-10-18 659968]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-15 195072]
S2 DgivEcp;Team MFP Comm Driver; C:\Windows\System32\Drivers\DgivEcp.Sys [2004-08-11 41984]
S3 AF15BDA;AF9015 BDA Filter; C:\Windows\system32\DRIVERS\AF15BDA.sys [2007-03-20 300544]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 esihdrv;esihdrv; \??\C:\Users\PC\AppData\Local\Temp\esihdrv.sys []
S3 ft1000;Flarion Flash OFDM wireless service; C:\Windows\system32\DRIVERS\ft1000.sys [2006-09-13 61568]
S3 HdAudAddService;Driver di funzioni Microsoft 1.1 UAA per servizio High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HH9Help.sys;HH9Help.sys; \??\C:\Windows\system32\drivers\HH9Help.sys [2006-09-20 11392]
S3 MSKSSRV;Proxy di servizio di flusso Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Proxy clock di flusso Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Proxy di gestione qualita di flusso Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Convertitore a T/Sito a sito per flusso Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-11-22 4455264]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\Windows\system32\DRIVERS\silabenm.sys [2009-10-08 17920]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\Windows\system32\DRIVERS\silabser.sys [2009-10-08 63872]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2007-01-22 53376]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-03-19 731840]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-03-06 28933976]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2006-10-31 77824]
R2 VC9SecS;Virtual CD v9 Management Service; C:\Program Files\Virtual CD v9\System\VC9SecS.exe [2009-10-01 132424]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-04 386560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-29 133104]
S2 Utilita di pianificazione di LiveUpdate automatico;Utilita di pianificazione di LiveUpdate automatico; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 DfSdkS;Defragmentation-Service; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 406016]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-03-19 20680]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe [2006-10-04 57344]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe [2006-10-04 57344]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe [2006-10-04 69632]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2006-04-14 240416]

-----------------EOF-----------------

#6 Příspěvek od **JaRon** » 24 zář 2010 10:17

urob ten CF
to ze Ti prisla posta akoze z Tvojej adresy, este nemusi znamenat zavirenie PC - mohla byt iba zneuzita Tvoja e-mailova adresa
viac uvidime z logu CF

hezel · #7 Příspěvek od **hezel** » 01 říj 2010 10:02

Tak tu je ten log z combofix:

ComboFix 10-09-30.03 - PC 01.10.2010 10:15:42.1.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.421.1051.18.2037.1178 [GMT 2:00]
Running from: c:\users\PC\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\page
c:\programdata\page\page.ico
c:\programdata\page\page.URL
c:\users\PC\AppData\Local\Temp\ppcrlui_5084_2

.
((((((((((((((((((((((((( Files Created from 2010-09-01 to 2010-10-01 )))))))))))))))))))))))))))))))
.

2010-10-01 08:33 . 2010-10-01 08:33 -------- d-----w- c:\users\PC\AppData\Local\temp
2010-10-01 08:33 . 2010-10-01 08:33 -------- d-----w- c:\users\Guest\AppData\Local\temp
2010-10-01 08:33 . 2010-10-01 08:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-10-01 07:19 . 2010-10-01 07:19 -------- d-----w- c:\windows\sk
2010-10-01 07:18 . 2010-09-22 22:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-10-01 07:14 . 2010-10-01 07:14 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-10-01 07:08 . 2010-10-01 07:19 -------- d-----w- c:\program files\Windows Live
2010-10-01 07:05 . 2010-10-01 07:05 -------- d-----w- c:\program files\Microsoft
2010-10-01 07:05 . 2010-10-01 07:05 -------- d-----w- c:\program files\MSN Toolbar
2010-10-01 07:04 . 2010-10-01 07:07 -------- d-----w- c:\program files\Bing Bar Installer
2010-10-01 07:03 . 2009-09-04 15:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2010-10-01 07:03 . 2009-09-04 15:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2010-10-01 07:03 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-10-01 06:58 . 2010-10-01 06:58 -------- d-----w- c:\program files\Microsoft Silverlight
2010-10-01 06:57 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2010-10-01 06:55 . 2010-10-01 08:08 -------- d-----w- c:\users\PC\AppData\Local\Windows Live
2010-10-01 06:55 . 2010-10-01 06:55 -------- d-----w- c:\program files\Common Files\Windows Live
2010-09-29 09:44 . 2010-06-22 13:30 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-24 08:58 . 2010-09-24 08:59 -------- d-----w- c:\program files\trend micro
2010-09-24 08:58 . 2010-09-24 08:59 -------- d-----w- C:\rsit
2010-09-22 22:47 . 2010-09-22 22:47 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-22 22:32 . 2010-09-22 22:32 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-22 19:06 . 2010-09-22 19:06 -------- d-----w- c:\program files\CCleaner
2010-09-22 18:35 . 2010-09-22 18:35 -------- d-----w- c:\program files\Ultimate Process Manager
2010-09-15 09:33 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-15 09:29 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2010-09-15 09:29 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-09-15 09:27 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-01 07:59 . 2004-12-31 22:16 122888 ----a-w- c:\users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-29 15:27 . 2009-05-30 15:09 -------- d-----w- c:\users\PC\AppData\Roaming\Skype
2010-09-29 15:04 . 2009-05-30 15:10 -------- d-----w- c:\users\PC\AppData\Roaming\skypePM
2010-09-27 17:01 . 2009-05-30 15:00 -------- d-----w- c:\users\PC\AppData\Roaming\ICQ
2010-09-24 09:15 . 2009-09-18 05:43 85414 ----a-w- c:\windows\system32\perfh01B.dat
2010-09-24 09:15 . 2009-09-18 05:43 26264 ----a-w- c:\windows\system32\perfc01B.dat
2010-09-24 09:15 . 2006-11-06 01:49 762948 ----a-w- c:\windows\system32\perfh010.dat
2010-09-24 09:15 . 2006-11-06 01:49 165344 ----a-w- c:\windows\system32\perfc010.dat
2010-09-22 21:06 . 2009-07-12 20:01 -------- d-----w- c:\users\PC\AppData\Roaming\Media Player Classic
2010-09-22 19:38 . 2010-07-14 09:30 -------- d-----w- c:\program files\E-Poradca Máj 2010
2010-09-22 19:31 . 2010-03-09 12:24 -------- d-----w- c:\program files\E-Poradca Február 2010
2010-09-22 19:26 . 2010-05-06 13:39 -------- d-----w- c:\program files\Inkscape
2010-09-22 19:24 . 2010-07-25 09:13 -------- d-----w- c:\programdata\Pixela
2010-09-22 19:24 . 2007-03-13 13:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-22 19:24 . 2010-07-25 09:08 -------- d-----w- c:\program files\PIXELA
2010-09-16 06:39 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-09-16 05:22 . 2007-03-13 16:13 -------- d-----w- c:\programdata\Microsoft Help
2010-08-24 19:42 . 2010-07-11 18:29 -------- d-----w- c:\program files\ICQ7.2
2010-08-19 08:19 . 2010-08-19 08:19 -------- d-----w- c:\program files\gs
2010-08-17 22:18 . 2009-05-30 15:17 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2010-08-17 22:18 . 2007-03-13 16:06 45200 ------w- c:\windows\system32\drivers\PxHelp20.sys
2010-08-03 22:28 . 2010-08-03 22:28 -------- d-----w- c:\users\PC\AppData\Roaming\Softland
2010-08-03 22:28 . 2009-06-10 23:35 -------- d-----w- c:\program files\Softland
2010-07-26 14:37 . 2010-08-03 22:28 22856 ----a-w- c:\windows\system32\dopdfmn7.dll
2010-07-26 14:37 . 2010-08-03 22:28 19784 ----a-w- c:\windows\system32\dopdfmi7.dll
2010-07-25 09:22 . 2010-07-25 09:22 94257 ------w- c:\users\PC\AppData\Roaming\Real\RealPlayer\Temp\~Upg0\RNMOREINFO\rnmoreinfo.exe
2010-07-14 08:00 . 2010-07-25 09:31 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-07-11 18:55 . 2006-11-02 10:25 51200 ----a-w- c:\windows\Inf\infpub.dat
2010-07-11 18:55 . 2006-11-02 10:25 143360 ----a-w- c:\windows\Inf\infstrng.dat
2010-07-11 18:55 . 2006-11-02 10:25 86016 ----a-w- c:\windows\Inf\infstor.dat
2010-07-11 13:47 . 2010-07-11 13:47 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2010-07-11 13:47 . 2010-07-11 13:47 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2010-07-05 07:23 . 2010-04-03 12:24 439816 ----a-w- c:\users\PC\AppData\Roaming\Real\Update\setup3.11\setup.exe
2010-03-23 22:39 . 2010-03-23 22:26 2828 --sha-w- c:\windows\System32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2006-11-29 15:13 2854912 ----a-w- c:\program files\Protector Suite QL\farchns.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2006-11-29 15:13 2854912 ----a-w- c:\program files\Protector Suite QL\farchns.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
"Google Update"="c:\users\PC\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-06-16 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-18 1008184]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-09-11 118784]
"DRCU"="c:\program files\Sony\DRCU\DRCU.exe" [2006-12-03 61440]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2006-11-11 43128]
"PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2006-11-29 49168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-11-22 7757824]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-11-22 81920]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-03-19 2029640]
"VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2006-11-14 411768]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-11-27 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-11-27 106496]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-11-27 81920]
"PaperPort PTD"="c:\program files\Scansoft\PaperPort\pptd40nt.exe" [2003-05-20 45108]
"IndexSearch"="c:\program files\Scansoft\PaperPort\IndexSearch.exe" [2003-05-20 36864]
"PP8 Reminder"="c:\program files\Scansoft\PaperPort\WebEreg\NAVBrowser.exe" [2003-02-27 729088]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"HPUsageTracking"="c:\program files\Hewlett-Packard\HP UT\bin\hppusg.exe" [2007-11-02 36864]
"PrnStatusMX"="c:\program files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe" [2007-08-29 1077248]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-20 202256]
"ActivControl"="c:\program files\Activ Software\Activdriver\ActivControl2.exe" [2009-04-03 1040384]
"VC9Player"="c:\program files\Virtual CD v9\System\VC9Play.exe" [2009-10-01 202056]

c:\users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rainlendar.lnk - c:\program files\Rainlendar\Rainlendar.exe [2005-3-25 118784]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-1-18 2752512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2006-11-29 15:00 90112 ----a-w- c:\windows\System32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-11-24 09:36 73728 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-07-29 133104]
R2 Utilita di pianificazione di LiveUpdate automatico;Utilita di pianificazione di LiveUpdate automatico;c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [x]
R3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 406016]
R3 esihdrv;esihdrv;c:\users\PC\AppData\Local\Temp\esihdrv.sys [x]
R3 ft1000;Flarion Flash OFDM wireless service;c:\windows\system32\DRIVERS\ft1000.sys [2006-09-13 61568]
R3 HH9Help.sys;HH9Help.sys;c:\windows\system32\drivers\HH9Help.sys [2006-09-20 11392]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys [2009-10-08 17920]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys [2009-10-08 63872]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\DRIVERS\shpf.sys [2006-12-01 12416]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-03-19 107256]
S1 vdrv9000;vdrv9000;c:\windows\system32\DRIVERS\vdrv9000.sys [2009-03-17 113688]
S2 Angelnt;Angelnt;c:\windows\System32\Drivers\ANGELNT.SYS [2010-01-04 51072]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-03-19 731840]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-03-19 38240]
S2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-03-06 28933976]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2006-11-22 5120]
S2 VC9SecS;Virtual CD v9 Management Service;c:\program files\Virtual CD v9\System\VC9SecS.exe [2009-10-01 132424]
S3 ActivHidSerMini;Promethean Serial Board Driver;c:\windows\system32\DRIVERS\activhidsermini.sys [2008-12-17 55424]
S3 prmvmouse;Promethean HID Mouse Service;c:\windows\system32\DRIVERS\activmouse.sys [2008-12-17 4352]
S3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\Drivers\R5U870FLx86.sys [2006-11-09 73472]
S3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\Drivers\R5U870FUx86.sys [2006-11-09 43904]
S3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\DRIVERS\SonyImgF.sys [2006-09-06 30976]
S3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\DRIVERS\SonyPI.sys [2006-10-05 33792]
S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2006-11-06 227328]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder

2010-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-29 18:20]

2010-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-29 18:20]

2010-09-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4253639542-3842050692-1369441549-1004Core.job
- c:\users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-15 18:40]

2010-10-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4253639542-3842050692-1369441549-1004UA.job
- c:\users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-15 18:40]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.azet.sk/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_93C8148BBB233F43.dll/cmsidewiki.html
IE: {{0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\Windows Live\Companion\companioncore.dll
TCP: {226ADC43-7CC7-4192-961C-DEF30257A79E} = 213.151.200.30 213.151.208.161
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
FF - ProfilePath - c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\d2is8kr1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - www.azet.sk
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\d2is8kr1.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\d2is8kr1.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\FFExternalAlert.dll
FF - component: c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\d2is8kr1.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjpi160.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\program files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
FF - plugin: c:\users\PC\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\d2is8kr1.default\extensions\maps@ovi.com\plugins\npNMapG.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Utilitŕ di pianificazione di LiveUpdate automatico]
"ImagePath"="\"c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(916)
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\program files\Protector Suite QL\infra.dll
.
Completion time: 2010-10-01 10:43:54
ComboFix-quarantined-files.txt 2010-10-01 08:43

Pre-Run: 59 923 083 264 bytes free
Post-Run: 59 908 308 992 bytes free

- - End Of File - - 66B473AAD02B5DB976CF01DB90513232

#8 Příspěvek od **JaRon** » 01 říj 2010 10:10

preventivne prescanuj PC s AVPTool, ale zatial to nevypada, ze tato masina by posielala SPAM

VIRY.CZ

Odosielanie nevyžiadanej pošty

Odosielanie nevyžiadanej pošty

Re: Odosielanie nevyžiadanej pošty

Re: Odosielanie nevyžiadanej pošty

Re: Odosielanie nevyžiadanej pošty

Re: Odosielanie nevyžiadanej pošty

Re: Odosielanie nevyžiadanej pošty

Re: Odosielanie nevyžiadanej pošty

Re: Odosielanie nevyžiadanej pošty