O5 zavirovaný PC Vyřešeno

[indy3]

Nazdár všichni specialisti
mám problém už to tu jednou bylo

viz.
viewtopic.php?f=47&t=41237&start=0

Já jsem byl na netu kámoš mi poslal odkaz , že to je spořič tak na to kliknu a hle WIR

a block PC

je to prakticky to samý ale nevím co mám fixnout v Jakckovi

Doufám , že mi pomůžete chlapi

Pokuď hrajete nějakou ON-LINOvku jako travian atd.. tk bych za pomoc byl ochoten poslat SMS na premium učet

[Reklama]

[jaro3]

Takže nový log z HJT.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[indy3]

to už jsem dělal

Tady to je


Log-

Malwarebytes' Anti-Malware 1.39
Verze databáze: 2493
Windows 5.1.2600 Service Pack 3

2009-07-24 18:50:25
mbam-log-2009-07-24 (18-50-14).txt

Typ skenu: Rychlý sken
Objektu skenováno: 142498
Uplynulý cas: 55 minute(s), 28 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 159
Infikované hodnoty registru: 5
Infikované položky dat registru: 0
Infikované složky: 38
Infikované soubory: 175

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)

Infikované klíce registru:
HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{37b85a2a-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{37b85a2c-692b-4205-9cad-2626e4993404} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{38a7c9da-8db7-4d0f-a7b1-c4b1a305bddb} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{43382522-a846-46f4-ac57-1f71ae6e1086} (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{572fb162-c0ba-4edf-8cff-e3846153b9b0} (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{72a836d1-bc00-43c0-a941-17960e4fb842} (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8b8f6968-2f24-41e3-b653-e9613226f14d} (Trojan.KeenValue) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8d292ec0-6792-4a38-82ed-73a087e41ba6} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{127df9b4-d75d-44a6-af78-8c3a8ceb03db} (Adware.WhenUSave) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe (Rogue.Installer) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch (Adware.BookedSpace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-f3embed (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave (Adware.WhenUSave) -> No action taken.
HKEY_CLASSES_ROOT\AppID\ACM.dll (Adware.WhenUSave) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> No action taken.

Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\portmap.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\1 (Trojan.Agent) -> No action taken.

Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované složky:
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\1.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\2.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Game (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\History (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\icons (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Message (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Message\COMMON (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Notifier (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\screensaver\Cache (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\Shared (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\Shared\Cache (Adware.MyWebSearch) -> No action taken.
C:\Documents and Settings\LYNX\Nabídka Start\Programy\WhenU (Adware.WhenUSave) -> No action taken.
C:\Program Files\Save (Adware.WhenUSave) -> No action taken.
C:\Documents and Settings\Pavel\Data aplikací\FunWebProducts (Adware.MyWay) -> No action taken.
c:\documents and settings\Pavel\data aplikací\funwebproducts\Data (Adware.MyWay) -> No action taken.
c:\documents and settings\Pavel\data aplikací\funwebproducts\Data\Pavel (Adware.MyWay) -> No action taken.
C:\Program Files\DoubleD (Adware.DoubleD) -> No action taken.
c:\program files\DoubleD\Desktop Smiley Toolbar (Adware.DoubleD) -> No action taken.
C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440 (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\Data (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\FF (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\FF\chrome (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\FF\chrome\content (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\FF\components (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> No action taken.
c:\program files\system search dispatcher\1.2.0.750 (Adware.DoubleD) -> No action taken.
c:\program files\system search dispatcher\1.2.0.750\Data (Adware.DoubleD) -> No action taken.

Infikované soubory:
C:\Program Files\MyWebSearch\bar\3.bin\M3PLUGIN.DLL (Adware.MyWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE (Adware.MyWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3SRCHMN.EXE (Adware.MyWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3MSG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3HTML.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\M3SKIN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\F3REPROX.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\3.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> No action taken.
c:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> No action taken.
c:\program files\mozilla firefox\plugins\NPMyWebS.dll (Adware.MyWeb) -> No action taken.
c:\program files\mywebsearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\2.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\2.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\F3REGHK.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\F3SPACER.WMV (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\M3IDLE.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\3.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\avatar.htm (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\bgfadel.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\bgfader.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\common-x.css (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\common.css (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\cornerbl.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\cornerbr.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\ext_def.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\ext_roll.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\include.js (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\index.htm (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\loader.htm (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\loading.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\logo.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\max_def.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\max_roll.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\min_def.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\min_roll.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\noflash.htm (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\res_def.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\res_roll.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\spacer.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\spacer.swf (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\topgrad.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Avatar\COMMON\window.ico (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\00025394 (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\0002769D.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\000283FB.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\00028562.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\000286E9.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\00028870.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Cache\files.ini (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\History\search3 (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Message\COMMON\ask_logo.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Message\COMMON\autoup.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Message\COMMON\autoup.htm (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Message\COMMON\center.htm (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Message\COMMON\index.htm (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Message\COMMON\mid_dots.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Message\COMMON\mws_logo.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Message\COMMON\protect.htm (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Message\COMMON\shocked.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Message\COMMON\stop.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Message\COMMON\systray.htm (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Message\COMMON\systrayp.htm (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Message\COMMON\tp_grad.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Message\COMMON\warn.gif (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> No action taken.
c:\program files\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\screensaver\Cache\0008E1AE.swf (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\screensaver\Cache\0009A1A3.jpg (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\screensaver\Cache\files.ini (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\screensaver\Images\0008D923.urr (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\screensaver\Images\00090311.dat (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\screensaver\Images\0009BE33.dat (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\screensaver\Images\0067605B.urr (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\screensaver\Images\wrkparam.lst (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> No action taken.
c:\documents and settings\LYNX\nabídka start\Programy\WhenU\Learn More About WhenU Save.url (Adware.WhenUSave) -> No action taken.
c:\documents and settings\LYNX\nabídka start\Programy\WhenU\Learn More About WhenU SaveNow.url (Adware.WhenUSave) -> No action taken.
c:\documents and settings\LYNX\nabídka start\Programy\WhenU\Uninstall.lnk (Adware.WhenUSave) -> No action taken.
c:\documents and settings\LYNX\nabídka start\Programy\WhenU\WhenU Help Desk.lnk (Adware.WhenUSave) -> No action taken.
c:\documents and settings\LYNX\nabídka start\Programy\WhenU\WhenU.com Website.url (Adware.WhenUSave) -> No action taken.
c:\program files\Save\extra.exe (Adware.WhenUSave) -> No action taken.
c:\program files\Save\ffext.mod (Adware.WhenUSave) -> No action taken.
c:\program files\Save\save.db (Adware.WhenUSave) -> No action taken.
c:\program files\Save\save.htm (Adware.WhenUSave) -> No action taken.
c:\program files\Save\Saveupdate.exe (Adware.WhenUSave) -> No action taken.
c:\program files\Save\store.db (Adware.WhenUSave) -> No action taken.
c:\documents and settings\Pavel\data aplikací\funwebproducts\Data\Pavel\avatar.dat (Adware.MyWay) -> No action taken.
c:\documents and settings\Pavel\data aplikací\funwebproducts\Data\Pavel\outfit.dat (Adware.MyWay) -> No action taken.
c:\documents and settings\Pavel\data aplikací\funwebproducts\Data\Pavel\register.dat (Adware.MyWay) -> No action taken.
c:\documents and settings\Pavel\data aplikací\funwebproducts\Data\Pavel\zbucks.dat (Adware.MyWay) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\NPCommon.dll (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\NPIEAddOn.dll (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\unins000.dat (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\unins000.exe (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\Data\config.md (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\FF\chrome.manifest (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\FF\install.rdf (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\FF\chrome\content\NPAddOn.js (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\FF\components\NPFFAddOn.dll (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\2.0.0.2440\FF\components\NPFFHelperComponent.js (Adware.DoubleD) -> No action taken.
c:\program files\system search dispatcher\1.2.0.750\ssd.dll (Adware.DoubleD) -> No action taken.
c:\program files\system search dispatcher\1.2.0.750\unins000.dat (Adware.DoubleD) -> No action taken.
c:\program files\system search dispatcher\1.2.0.750\unins000.exe (Adware.DoubleD) -> No action taken.
c:\program files\system search dispatcher\1.2.0.750\Data\eacore.mx (Adware.DoubleD) -> No action taken.
c:\program files\system search dispatcher\1.2.0.750\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.
c:\program files\system search dispatcher\1.2.0.750\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.
c:\WINDOWS\system32\sfxzmtforum.dll (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\sfxzmtsmt.dll (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\pfxzmtaim.dll (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\pfxzmtforum.dll (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\pfxzmtgtal.dll (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\pfxzmticq.dll (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\pfxzmtsmt.dll (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\pfxzmtymsg.dll (Malware.Trace) -> No action taken.
C:\Program Files\setup.exe (Rogue.Installer) -> No action taken.
C:\Documents and Settings\Pavel\Local Settings\temp\win32.exe (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\Klárka\Nabídka Start\Programy\Po spuštění\Quick Office.lnk (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Pavel\Nabídka Start\Programy\Po spuštění\Quick Office.lnk (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\portmap.exe (Trojan.Agent) -> No action taken.
C:\Program Files\ICQToolbar\toolbaru.dll (Adware.BHO) -> No action taken.

[jaro3]

Odinstaluj:
Mywebsearch
Funwebproducts
WhenU
Save
DoubleD
internet saving optimizer
System Search Dispatcher


. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit log z MbAM.

Ten log z HJT taky..

[indy3]

jaro sory byl jsem pryč
nyní mažu atd...
ale dneska to ještě nebude sorry ale sestra má 18 tak zatím čau zítra tu budu až večer :( bohůžel:(
No nic užívejte života pánové

[jaro3]

Úpřímně řečeno -síla...

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - {59385f95-c52f-4a84-b674-4a4206b17218} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - (no file)
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] m ‘|\ü
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [do_not_delete] C:\WINDOWS\system32\do_not_delete.exe
O4 - HKLM\..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe
O4 - HKLM\..\Run: [servises] C:\WINDOWS\system32\servises.exe
O4 - HKLM\..\RunServicesOnce: [capscanuninstall] "C:\WINDOWS\command.com" /c del "C:\DOCUME~1\Admin\LOCALS~1\Temp\uninstal.exe"
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)


Vypni rez. ochranu u NOD32 + deaktivuj WinPatrol.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

Zítra se mrknu.

[indy3]

Nazdar byl u mě strýc

já u pc nebyl a nějak mi to spravil

jsem mu volal prej to se to smázlo přes COMBOFIX

Teď mi nejde SPRÁVCE ÚLOH a pár věcí

Ještě jsem něco čistil sám v ccleaneru.

jak jsi psal ať to fixnu z HJT tak jsem to tam nenašel tady Ti pošlu LOG

Logfile of HijackThis v1.99.1
Scan saved at 20:10, on 2009-07-25
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Administrator\Plocha\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll
O3 - Toolbar: (no name) - {97387E2B-B2FA-4E4A-A607-F3B5C134F71C} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunOnce: [combofix] C:\WINDOWS\system32\CF30771.exe /c C:\ComboFixCombobatch.bat
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://hostyn.nwt.cz/activex/AxisCamControl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


OSLAWA BYLA GOOD

[jaro3]

no jo, ale ten Combofix jsem potřeboval vidět, po něm tedy nejde správce úloh?
Nevím co bylo smazáno atd.Nemám to rád , když nevím co se předtím dělalo...


Jdi do adresáře C:\Combofix , měl by tam být někde log s výmazy. Nebo celou složku zararuj , zahesluj a pošli třeba sem:
http://www.edisk.cz/
Zítra se podívám.

[indy3]

Takže když zapnu pc tak to na mě plivne ERROR

Ten error nějak nejspíš souvisí s funkcí combofixu



Pak tu jsou ale další

Zapnu PC a : jako předtím když jsi to řešil PORTMAP

[img=http://img199.imageshack.us/img199/2100/beznzvuqmb.png]

dám OK a hned nato další:

[img=http://img520.imageshack.us/img520/2195/beznzv.th.png]

Když chci spávce úloh :

[img=http://img189.imageshack.us/img189/5861/spravce.th.png]







tady něco k tomu fixu co jsem našel v PC


http://uloz.to/2177098/jaro3-combo.rar

[jaro3]

Ty logy jsou staré, poslední je z ledna tohoto roku. Ten Combofix byl nejspíš proveden nestandardně a nevytvořil log.
Combofix se musí po každém odvirování odinstalovat a nemít ho tam roky...
Takže:

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

použij T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš>spustíš

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Pokud tam máš ještě toto:
Najdi a smaž:
C:\327882R2FWJFW
C:\ComboFix
C:\qoobox

Vypni rez. ochranu u NOD32 + deaktivuj WinPatrol.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[indy3]

Tak konečně trochu víc času vše jak jsi psal tady ej log z combu:

ComboFix 09-07-25.04 - Pavel 26.07.2009 9:35.5.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.768.461 [GMT 2:00]
Spuštěný z: c:\documents and settings\Pavel\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1296 [VPS 090725-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Kerio Personal Firewall *enabled* {333BECA0-DED8-4139-A516-8D9E44E22669}
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-06-26 do 2009-07-26 )))))))))))))))))))))))))))))))
.

2009-07-24 19:08 . 2009-07-24 19:08 -------- d-----w- c:\program files\CCleaner
2009-07-24 17:29 . 2009-07-24 17:29 -------- d-----w- c:\program files\Lavalys
2009-07-24 15:50 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-24 15:50 . 2009-07-24 15:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-24 15:50 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-24 07:44 . 2009-07-24 07:44 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2009-07-19 18:38 . 2009-07-19 18:38 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-07-13 19:17 . 2009-07-13 19:17 -------- d-sh--w- c:\documents and settings\Pavel\PrivacIE
2009-07-04 04:50 . 2009-07-04 04:50 -------- d-sh--w- c:\documents and settings\Pavel\IETldCache
2009-07-03 20:30 . 2009-06-02 10:12 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-07-03 20:30 . 2009-07-03 20:30 -------- d-----w- c:\windows\ie8updates
2009-07-03 20:28 . 2009-04-30 21:16 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-07-03 20:28 . 2009-04-30 21:16 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-07-03 20:26 . 2009-07-03 20:28 -------- dc-h--w- c:\windows\ie8
2009-07-02 11:34 . 1999-04-14 12:50 536064 ----a-w- c:\windows\system32\advert.dll
2009-07-01 12:22 . 2009-07-03 19:50 -------- d-----w- c:\program files\NukeNabber
2009-07-01 04:55 . 2009-07-01 04:57 -------- d-----w- c:\program files\ICQ FORCE
2009-06-29 18:09 . 2009-07-13 19:12 -------- d-----w- c:\program files\TeamViewer
2009-06-29 17:49 . 2009-06-29 17:49 -------- d-----w- c:\documents and settings\Pavel\temp
2009-06-28 19:58 . 2009-06-28 19:58 -------- d-----w- c:\program files\Ask.com
2009-06-28 19:51 . 2009-07-18 15:58 -------- d-----w- C:\QIP
2009-06-28 19:49 . 2009-06-28 19:52 -------- d-----w- c:\program files\Trillian

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-24 18:49 . 2005-11-10 18:44 -------- d-----w- c:\program files\Google
2009-07-19 18:55 . 2008-11-08 13:44 495 ----a-w- c:\windows\system32\drivers\fwdrv.err
2009-07-19 08:39 . 2008-09-20 19:25 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-07-15 14:34 . 2005-12-30 13:51 -------- d-----w- c:\program files\HP
2009-07-15 14:32 . 2005-12-30 13:51 -------- d-----w- c:\program files\Hewlett-Packard
2009-07-14 18:44 . 2006-10-20 13:01 -------- d-----w- c:\program files\letadla
2009-07-13 19:14 . 2009-06-02 17:03 -------- d-----w- c:\program files\Soulseek-Test
2009-06-21 13:11 . 2009-06-21 13:10 -------- d-----w- c:\program files\GIMP-2.0
2009-06-18 04:54 . 2009-06-18 04:54 -------- d-----w- c:\program files\IpSharkk
2009-06-16 14:40 . 2005-04-28 18:04 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:40 . 2005-04-28 18:03 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-12 16:54 . 2008-10-12 17:49 -------- d-----w- c:\program files\PhotoFiltre
2009-06-03 19:11 . 2005-04-28 18:04 1293824 ----a-w- c:\windows\system32\quartz.dll
2009-06-02 19:43 . 2009-06-02 19:43 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2009-06-02 19:43 . 2009-06-02 19:43 -------- d-----w- c:\program files\DVDVideoSoft
2009-05-29 15:24 . 2009-05-29 15:01 -------- d-----w- c:\program files\3C Poker Plus
2009-05-13 05:05 . 2005-04-28 18:04 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-07 15:33 . 2005-04-28 18:04 346624 ----a-w- c:\windows\system32\localspl.dll
2008-01-01 20:18 . 2007-09-20 13:44 9216 --sha-w- c:\program files\Thumbs.db
2007-12-01 17:51 . 2007-12-01 17:51 3 ----a-w- c:\program files\gp.info
2007-09-20 20:06 . 2007-09-20 20:06 2415104 ----a-w- c:\program files\trakAxPC.exe
2007-09-20 20:00 . 2007-09-20 20:00 1478144 ----a-w- c:\program files\TRes.dll
2007-09-20 20:00 . 2007-09-20 20:00 3893760 ----a-w- c:\program files\TIpp.dll
2006-12-02 13:27 . 2006-12-02 13:27 3102819 ----a-w- c:\program files\openofficeorg4.cab
2006-12-02 13:27 . 2006-12-02 13:27 57023217 ----a-w- c:\program files\openofficeorg3.cab
2006-12-02 13:24 . 2006-12-02 13:24 15486313 ----a-w- c:\program files\openofficeorg2.cab
2006-12-02 13:23 . 2006-12-02 13:23 18309618 ----a-w- c:\program files\openofficeorg1.cab
2006-12-02 13:15 . 2006-12-02 13:15 5294592 ----a-w- c:\program files\openofficeorg21.msi
2006-12-02 13:15 . 2006-12-02 13:15 217 ----a-w- c:\program files\setup.ini
2006-12-02 13:15 . 2006-12-02 13:15 1821008 ----a-w- c:\program files\instmsiw.exe
2006-12-02 13:15 . 2006-12-02 13:15 1707856 ----a-w- c:\program files\instmsia.exe
2001-10-29 11:15 . 2007-12-01 17:50 1240 -c--a-w- c:\program files\banner.html
1999-06-25 09:55 . 2007-12-01 17:50 149504 ------w- c:\program files\UNWISE.EXE
2009-07-15 21:16 . 2009-01-27 14:43 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{9CB65206-89C4-402c-BA80-02D8C59F9B1D}"= "c:\program files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL" [2007-08-27 57344]

[HKEY_CLASSES_ROOT\clsid\{9cb65206-89c4-402c-ba80-02d8c59f9b1d}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2008-10-21 10:13 741768 ----a-w- c:\program files\Ask.com\Supertoolbar\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\Supertoolbar\GenericAskToolbar.dll" [2008-10-21 741768]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"IpSharkk"="c:\program files\IpSharkk\IpSharkk.exe" [2008-09-11 716800]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"MMTray"="c:\program files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2006-01-17 135168]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 172032]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Maruçka\Nabˇdka Start\Programy\Po spuçtŘnˇ\
dBpowerAMP.lnk - c:\program files\Illustrate\dBpowerAMP\Amp.exe [2006-12-9 163902]

c:\documents and settings\An3§k@\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.1.lnk - c:\program files\OpenOffice.org 2.1\program\quickstart.exe [2006-12-1 393216]

c:\documents and settings\Kl rka\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.1.lnk - c:\program files\OpenOffice.org 2.1\program\quickstart.exe [2006-12-1 393216]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bitmeter2.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bitmeter2.lnk
backup=c:\windows\pss\Bitmeter2.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Pavel^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.1.lnk]
path=c:\documents and settings\Pavel\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.1.lnk
backup=c:\windows\pss\OpenOffice.org 2.1.lnkStartup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Nitro\\nitro.exe"=
"c:\\Program Files\\Njam\\njam.exe"=
"c:\\Program Files\\Microsoft Plus! Photo Story 2 LE\\PS2Trial.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\FreeCall\\FreeCall.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Java\\jre1.6.0_05\\bin\\java.exe"=
"c:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\Opera.exe"=
"c:\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\TrackMania Nations\\TmNationsESWC.exe"=
"c:\\Documents and Settings\\jirka\\UltraVNC\\vncviewer.exe"=
"c:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Program Files\\IpSharkk\\IpSharkk.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Pavel\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\NukeNabber\\nukenabber.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1:TCP"= 1:TCP:*:Disabled:vietcong
"16552:TCP"= 16552:TCP:*:Disabled:BitComet 16552 TCP
"16552:UDP"= 16552:UDP:*:Disabled:BitComet 16552 UDP
"5900:TCP"= 5900:TCP:*:Disabled:vnc5900
"5800:TCP"= 5800:TCP:*:Disabled:vnc5800

R1 anf0100.sys;anf0100.sys;c:\windows\system32\drivers\anf0100.sys [18.6.2009 6:54 9728]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2.9.2008 11:59 111184]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [26.9.2005 11:05 286720]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [26.9.2005 11:05 81920]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.9.2008 11:59 20560]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [24.7.2009 17:50 38160]
S4 SpywareCleanerService;SpywareCleanerService;c:\program files\Spyware Cleaner\SCService.exe --> c:\program files\Spyware Cleaner\SCService.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Obsah adresáře 'Naplánované úlohy'

2009-07-26 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\Supertoolbar\UpdateTask.exe [2008-10-21 10:13]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-DW6 - c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe
HKLM-Run-MyWebSearch Plugin - c:\progra~1\MYWEBS~1\bar\3.bin\M3PLUGIN.DLL
HKLM-Run-My Web Search Bar Search Scope Monitor - c:\progra~1\MYWEBS~1\bar\3.bin\m3SrchMn.exe


.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.mywebsearch.com/mywebsear ... Mvi0Pv3tBw
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Search - http://edits.mywebsearch.com/toolbaredi ... p=ZJfox000
IE: {{946B3E9E-E21A-49c8-9F63-900533FAFE15} - {454b4812-e572-4703-a1bb-63490809eac0} -
LSP: c:\program files\Google\Google Desktop Search\GoogleDesktopNetwork1.dll
FF - ProfilePath - c:\documents and settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\zlzb5p0b.default\
FF - prefs.js: browser.search.selectedEngine - MyWebSearch
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redi ... searchfor=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\zlzb5p0b.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}\components\XpcomOpusConnector.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-26 09:46
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-2347245532-1585570102-1919907186-1010\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:fa,5c,5e,d2,21,6c,dc,83,ca,63,fc,aa,41,2a,0b,d2,ce,2c,f8,8e,35,dd,c6,
1c,cf,ae,74,48,47,71,ba,12,08,2d,0d,e4,a2,b1,7d,4e,be,cc,b0,24,50,e2,0e,d9,\
"??"=hex:ae,1f,22,82,da,5c,64,17,4f,a2,e7,ce,a1,80,0d,59
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3560)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2009-07-26 9:51
ComboFix-quarantined-files.txt 2009-07-26 07:51

Před spuštěním: Volných bajtů: 29 119 979 520
Po spuštění: Volných bajtů: 29 103 517 696

259 --- E O F --- 2009-07-17 20:49

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

File::
c:\windows\system32\d3d9caps.dat

DirLook::
c:\documents and settings\Pavel\temp

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{9CB65206-89C4-402c-BA80-02D8C59F9B1D}"=-
[-HKEY_CLASSES_ROOT\clsid\{9cb65206-89c4-402c-ba80-02d8c59f9b1d}]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Toto otestuj na Virustotal
c:\program files\TRes.dll
c:\program files\TIpp.dll
c:\\Program Files\\NukeNabber\\nukenabber.exe
Vlož sem pak odkazy výsledků.
za 2h se podívám.