prosím o kontrolu logu Vyřešeno

[4422]

Zdravím. prosím o kontrolu logu. Dlouho mi to startuje. Dík moc.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:51:44, on 17.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Notebook Hardware Control\nhc.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\bar\Data aplikací\uTorrent\utorrent.exe
C:\Documents and Settings\bar\Plocha\program\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlhr] RunDll32.exe %SystemRoot%\System32\AdvPack.Dll,LaunchINFSection %SystemRoot%\inf\nlite.inf,C (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Sandra Service (SandraTheSrv) - Unknown owner - c:\INSTALL\Sandra\RpcSandraSrv.exe (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 7906 bytes

[Reklama]

[jaro3]

Odinstaluj:
ICQToolBar
uTorrentBar Toolbar
Toolbar: Conduit Engine



Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlhr] RunDll32.exe %SystemRoot%\System32\AdvPack.Dll,LaunchINFSection %SystemRoot%\inf\nlite.inf,C (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole můzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[4422]

Malwarebytes' Anti-Malware 1.45
http://www.malwarebytes.org

Verze databáze: 5238

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

18.1.2011 21:23:43
mbam-log-2011-01-18 (21-23-43).txt

Typ skenu: Rychlý sken
Skenované objekty: 200624
Uplynulý čas: 10 minuta(y), 16 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[memphisto]

Vyzkoušej StartUpLite. Log HJT i Mbam čistý.Defragmentuj disk, vyčisti registry.

[4422]

Trochu to ožilo, ale pořád dlouho startuje (asi 6 minut). Dík za pomoc.

[memphisto]

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[4422]

ComboFix 11-01-21.03 - bar 22.01.2011 11:54:34.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.895.405 [GMT 1:00]
Spuštěný z: c:\documents and settings\bar\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\daemon.dll
c:\windows\system\oeminfo.ini

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-22 do 2011-01-22 )))))))))))))))))))))))))))))))
.

2011-01-18 18:53 . 2011-01-18 18:53 -------- d-----w- c:\documents and settings\bar\DoctorWeb
2011-01-04 11:26 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-01-04 11:25 . 2011-01-04 11:25 -------- d-----w- c:\program files\PC Connectivity Solution
2011-01-04 10:39 . 2011-01-04 10:39 -------- d-----w- c:\documents and settings\bar\Data aplikací\Nero

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-22 10:44 . 2010-02-03 17:06 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2011-01-13 08:47 . 2010-06-30 04:32 38848 ----a-w- c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-02-23 09:04 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-02-23 09:04 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-02-23 09:04 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2010-02-23 09:04 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2010-02-23 09:04 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2010-02-23 09:04 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-02-23 09:04 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2010-02-23 09:04 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\UC.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\RAR.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\PKZIP.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\LHA.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\ARJ.PIF
2010-11-18 18:15 . 2010-02-03 06:36 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-11 09:17 . 2010-11-11 09:17 87608 ----a-w- c:\documents and settings\bar\Data aplikací\inst.exe
2010-11-11 09:17 . 2010-11-11 09:17 47360 ----a-w- c:\documents and settings\bar\Data aplikací\pcouffin.sys
2010-11-09 14:52 . 2004-08-17 12:49 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2005-11-11 12:43 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2004-08-17 12:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:23 . 2004-08-17 12:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-03 12:25 . 2004-08-17 12:44 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2001-10-25 13:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2004-08-17 12:48 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2005-11-11 12:42 1853312 ----a-w- c:\windows\system32\win32k.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-11-29 14:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngin0.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\documents and settings\bar\Data aplikací\uTorrent\utorrent.exe" [2010-12-13 395640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2011-01-13 3396624]
"NotebookHardwareControl"="c:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlhr"="c:\windows\System32\AdvPack.Dll" [2009-03-08 128512]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-17 44544]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStartMenuSubFolders"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoPrinters"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoChangeAnimation"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" silent loginmode=4
"uTorrent"="c:\documents and settings\bar\Data aplikací\uTorrent\utorrent.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"reset"=regedit /s reset.reg
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"ASUS Live Update"=c:\program files\ASUS\ASUS Live Update\ALU.exe
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe"
"SMSERIAL"=c:\windows\sm56hlpr.exe
"RTHDCPL"=RTHDCPL.EXE
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Administrator\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\bar\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"86:TCP"= 86:TCP:BroadCam Video Streaming Server Web Server
"1935:TCP"= 1935:TCP:BroadCam Video Streaming Server Flash Video Server
"4100:UDP"= 4100:UDP:uPNP Router Control Port
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [8.2.2010 10:45 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [8.2.2010 10:45 5248]
R0 ulsata2;ulsata2;c:\windows\system32\drivers\ulsata2.sys [11.11.2005 13:45 190720]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [23.2.2010 10:04 294608]
R1 FNETDEVI;FNETDEVI;c:\windows\system32\drivers\FNETDEVI.SYS [27.2.2010 12:10 19572]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23.2.2010 10:04 17744]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [3.2.2010 8:57 246520]
R3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [3.2.2010 8:05 1116544]
R3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [3.2.2010 8:05 7808]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [19.5.2010 9:37 135664]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - NHCDRIVERDEVICE

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2011-01-22 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]

2011-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-19 08:37]

2011-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-19 08:37]

2011-01-22 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2857422465-4168701361-813958858-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]

2011-01-22 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2857422465-4168701361-813958858-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]

2011-01-22 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-02-03 21:18]

2011-01-22 c:\windows\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
.
.
------- Doplňkový sken -------
.
uSearchAssistant = hxxp://www.google.com/ie
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... =CTXXXX&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - %profile%\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{CE18769B-C7FA-42D2-860D-17C4662C70AD} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-22 12:00
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(856)
c:\windows\system32\Ati2evxx.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2011-01-22 12:04:23
ComboFix-quarantined-files.txt 2011-01-22 11:04

Před spuštěním: 2 802 962 432
Po spuštění: 4 315 545 600

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional (TuneUp Záloha)" /noexecute=optin /fastdetect /TUTag=7WU3JN-BAK
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS.2="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS.0="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /TUTag=7WU3JN /Kernel=TUKernel.exe

- - End Of File - - D1E32B8F7FE607A61FE0288E82FF1BE1

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\documents and settings\bar\Data aplikací\inst.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Registry::
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStartMenuSubFolders"=-
"NoCommonGroups"=-
"NoPrinters"=-
"NoRecentDocsNetHood"=-
"NoChangeAnimation"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"reset"=-
"KernelFaultCheck"=-

Firefox::
FF - ProfilePath - c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... =CTXXXX&q=

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT


Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

[4422]

ComboFix 11-01-22.02 - bar 23.01.2011 6:42.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.895.488 [GMT 1:00]
Spuštěný z: c:\documents and settings\bar\Plocha\program\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\bar\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení

FILE ::
"c:\documents and settings\bar\Data aplikací\inst.exe"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-23 do 2011-01-23 )))))))))))))))))))))))))))))))
.

2011-01-18 18:53 . 2011-01-18 18:53 -------- d-----w- c:\documents and settings\bar\DoctorWeb
2011-01-04 11:26 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-01-04 11:25 . 2011-01-04 11:25 -------- d-----w- c:\program files\PC Connectivity Solution
2011-01-04 10:39 . 2011-01-04 10:39 -------- d-----w- c:\documents and settings\bar\Data aplikací\Nero

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-23 05:29 . 2010-02-03 17:06 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2011-01-13 08:47 . 2010-06-30 04:32 38848 ----a-w- c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-02-23 09:04 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-02-23 09:04 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-02-23 09:04 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2010-02-23 09:04 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2010-02-23 09:04 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2010-02-23 09:04 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-02-23 09:04 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2010-02-23 09:04 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\UC.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\RAR.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\PKZIP.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\LHA.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\ARJ.PIF
2010-11-18 18:15 . 2010-02-03 06:36 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-11 09:17 . 2010-11-11 09:17 87608 ----a-w- c:\documents and settings\bar\Data aplikací\inst.exe
2010-11-11 09:17 . 2010-11-11 09:17 47360 ----a-w- c:\documents and settings\bar\Data aplikací\pcouffin.sys
2010-11-09 14:52 . 2004-08-17 12:49 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2005-11-11 12:43 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2004-08-17 12:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:23 . 2004-08-17 12:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-03 12:25 . 2004-08-17 12:44 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2001-10-25 13:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2004-08-17 12:48 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2005-11-11 12:42 1853312 ----a-w- c:\windows\system32\win32k.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-11-29 14:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngin0.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\documents and settings\bar\Data aplikací\uTorrent\utorrent.exe" [2010-12-13 395640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2011-01-13 3396624]
"NotebookHardwareControl"="c:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlhr"="c:\windows\System32\AdvPack.Dll" [2009-03-08 128512]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-17 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" silent loginmode=4
"uTorrent"="c:\documents and settings\bar\Data aplikací\uTorrent\utorrent.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"ASUS Live Update"=c:\program files\ASUS\ASUS Live Update\ALU.exe
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe"
"SMSERIAL"=c:\windows\sm56hlpr.exe
"RTHDCPL"=RTHDCPL.EXE
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Administrator\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\bar\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"86:TCP"= 86:TCP:BroadCam Video Streaming Server Web Server
"1935:TCP"= 1935:TCP:BroadCam Video Streaming Server Flash Video Server
"4100:UDP"= 4100:UDP:uPNP Router Control Port
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [8.2.2010 10:45 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [8.2.2010 10:45 5248]
R0 ulsata2;ulsata2;c:\windows\system32\drivers\ulsata2.sys [11.11.2005 13:45 190720]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [23.2.2010 10:04 294608]
R1 FNETDEVI;FNETDEVI;c:\windows\system32\drivers\FNETDEVI.SYS [27.2.2010 12:10 19572]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23.2.2010 10:04 17744]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [3.2.2010 8:57 246520]
R3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [3.2.2010 8:05 1116544]
R3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [3.2.2010 8:05 7808]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [19.5.2010 9:37 135664]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2011-01-23 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]

2011-01-23 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2857422465-4168701361-813958858-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]

2011-01-23 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2857422465-4168701361-813958858-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]

2011-01-23 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-02-03 21:18]

2011-01-23 c:\windows\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
.
.
------- Doplňkový sken -------
.
uSearchAssistant = hxxp://www.google.com/ie
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - %profile%\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-23 06:52
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(732)
c:\windows\system32\Ati2evxx.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'explorer.exe'(3188)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\System32\TUProgSt.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\ATK0100\ATKOSD.exe
c:\windows\system32\wscntfy.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
.
**************************************************************************
.
Celkový čas: 2011-01-23 06:59:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-23 05:59

Před spuštěním: 3 846 905 856
Po spuštění: 3 835 236 352

- - End Of File - - 2349C9816EAB72EBD505D8F388AF6D19







Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:03:54, on 23.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Notebook Hardware Control\nhc.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\bar\Plocha\program\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet
O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\bar\Data aplikací\uTorrent\utorrent.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlhr] RunDll32.exe %SystemRoot%\System32\AdvPack.Dll,LaunchINFSection %SystemRoot%\inf\nlite.inf,C (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlhr] RunDll32.exe %SystemRoot%\System32\AdvPack.Dll,LaunchINFSection %SystemRoot%\inf\nlite.inf,C (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Sandra Service (SandraTheSrv) - Unknown owner - c:\INSTALL\Sandra\RpcSandraSrv.exe (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 6577 bytes

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\documents and settings\bar\Data aplikací\inst.exe

Folder::
c:\program files\ConduitEngine
c:\program files\ICQ6Toolbar

Driver::
ICQ Service

Firefox::
FF - ProfilePath - c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\
FF - Ext: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - %profile%\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[4422]

ComboFix 11-01-22.02 - bar 23.01.2011 13:03:02.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.895.526 [GMT 1:00]
Spuštěný z: c:\documents and settings\bar\Plocha\program\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\bar\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\documents and settings\bar\Data aplikací\inst.exe"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\sitespanel.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\arrow_eng.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\arrow_heb.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\btn_bg.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\btn_bg_lite.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\20minutos.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\about.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\abv.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aktuality.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aktualne.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\alljobs.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\allocine.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\altervista.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\amazon.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\answers.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aol.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aolradio.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\apple.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ard.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\as.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\atlas.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\atlassk.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aufeminin.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\autobazar.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\autobazar1.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\autocz.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\azet.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bazos.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bbc.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bbc.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bigmir.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\billiger.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bing.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\blesk.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bleskove.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\btv.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\calcalist.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\cas.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\cdiscount.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\centrum.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ciao.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\cnet.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\cnn.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\commentcamarche.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\corriere.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\csfd.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\d.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\dailymotion.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\data.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\deezer.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\default.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\delicious.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\depositfiles.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\deviantart.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\diary.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\digg.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\dir.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\disney.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\diva.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\dnevnik.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\doctissimo.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\donanimhaber.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ebay.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ebayanuncios.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ekolay.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\elmundo.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\elpais.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\eurosport.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\expats.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\facebook.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\finance.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\firmy.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\flickr.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\flix.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\fotolog.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\fox.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\france2.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\free.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\garanti.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gazeta.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gazetevatan.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gazzetta.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gbg.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gepime.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gismeteo.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gittigidiyor.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\globes.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gmail.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gmx.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\google.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\googleearth.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\googletranslate.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\haaretz.gif
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\haaretz.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\haber7.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\haberturk.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\hepsiburada.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\horadot.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\horoskopy.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\hurriyet.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\championat.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\chip.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\icq.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\idnes.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ilike.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ilmeteo.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\imageshack.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\imdb.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\impulse.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\infojobs.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\interfacelift.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\internethaber.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\iserialy.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\iua.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\izlesene.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\jappy.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\jeux.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\jeuxvideo.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\jing.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\joj.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\kijiji.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\kinopoisk.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\korrespondent.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lastfm.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\leboncoin.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lemonde.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lenta.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\leonardo.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lequipe.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\libero.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\libimseti.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lide.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\linternaute.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\livejournal.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mailru.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mako.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mappy.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mapy.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\marca.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\marketgid.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\markiza.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\megavideo.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\meinvz.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mekusharim.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\meta.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\milanobakeca.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\milliyet.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mimibazar.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\minibazar.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mobilen.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\morfix.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mouse.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mymovies.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\myspace.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\najisto.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nana.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nana10.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\netgames.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\netlog.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\novinky.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\novoteka.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nrg.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ntvmsnbc.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nytimes.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\odnoklassniki.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\one.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\orange.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\otto.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\pagesjaunes.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\peliculasyonkis.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\photobucket.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\picnik.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\pravda.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\profesia.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\prosieben.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\r10.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rapidshare.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rbc.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\repubblica.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rian.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rozetka.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rtl.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sabah.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sahibinden.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sat1.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\segundamano.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\seriesyonkis.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\seznam.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\seznamemail.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sfr.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\shmu.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\schuelervz.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\skyrock.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\slsp.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sme.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\snimka.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\softonic.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\spiegel.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\splinder.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sport-express.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sport5.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sportal.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sportcz.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sportes.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sporx.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\stahuj.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\stream.bmp
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\stream.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\studivz.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\subito.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\supercz.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\superhry.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\svejo.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\t-online.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tapuz.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\taringa.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\telecinco.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\terra.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tf1.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\themarker.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tiscali.ico

[4422]

c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\topky.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\torrents.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\travian.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tv.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\twitter.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ucoz.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ukr.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vbox7.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vesti.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vimeo.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\virgilio.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vkontakte.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vodafone.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\walla.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wallmart.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\walmart.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wamba.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wat.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\weather.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\web.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wer-kennt-wen.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wetter.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wikipedia.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wolframalpha.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\yad2.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\yahoo.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ynet.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\youtube.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\zamunda.bmp
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\zap.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\zena.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\menu.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\pin.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\pinc.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\powerd1.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\remove.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\reset.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\search_arrow.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\search_bg.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\unpin.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\blacklist.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_33.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_34.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_359.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_380.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_39.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_42.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_4201.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_49.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_7.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_90.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_972.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\voucher_list.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitAutoCompleteSearch.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitAutoCompleteSearch.xpt
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitToolbar.idl
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitToolbar.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitToolbar.xpt
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCore.dll
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCore.xpt
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\alertSettingsComponent.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\appContextMenu.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\engineContextMenu.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\engineSettings.json
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\fbAlert.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\getAppsContextMenu.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\postAppsContextMenu.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\toolbarContextMenu.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults\unsharedAppsContextMenu.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome.manifest
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome\utorrentbar.jar
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\install.rdf
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\lib\xpcom.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF\manifest.mf
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF\zigbert.rsa
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF\zigbert.sf
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.gif
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.PNG
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.src
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\setup.ini
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\version.txt
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\ConduitAutoCompleteSearch.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\ConduitAutoCompleteSearch.xpt
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\ConduitToolbar.idl
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\ConduitToolbar.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\ConduitToolbar.xpt
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\FFExternalAlert.dll
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\FFExternalAlert.xpt
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\RadioWMPCore.dll
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\RadioWMPCore.xpt
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\defaults\default_radio_skin.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\chrome.manifest
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\chrome\dvdvideosoft.jar
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\install.rdf
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\lib\xpcom.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\META-INF\manifest.mf
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\META-INF\zigbert.rsa
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\META-INF\zigbert.sf
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\searchplugin\conduit.gif
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\searchplugin\conduit.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\searchplugin\conduit.PNG
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\searchplugin\conduit.src
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\searchplugin\conduit.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\setup.ini
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\version.txt
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.xpt
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\components\ConduitToolbar.idl
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\components\ConduitToolbar.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\components\ConduitToolbar.xpt
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\components\RadioWMPCore.dll
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\components\RadioWMPCore.xpt
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\defaults\alertSettingsComponent.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\defaults\appContextMenu.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\defaults\engineContextMenu.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\defaults\engineSettings.json
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\defaults\fbAlert.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\defaults\getAppsContextMenu.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\defaults\postAppsContextMenu.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\defaults\toolbarContextMenu.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\defaults\unsharedAppsContextMenu.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\DualPackage\install.rdf
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\chrome.manifest
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\chrome\conduitengine.jar
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\install.rdf
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\lib\xpcom.js
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\META-INF\manifest.mf
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\META-INF\zigbert.rsa
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\META-INF\zigbert.sf
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\searchplugin\conduit.gif
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\searchplugin\conduit.ico
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\searchplugin\conduit.PNG
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\searchplugin\conduit.src
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\searchplugin\conduit.xml
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\setup.ini
c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\extensions\engine@conduit.com\version.txt
c:\program files\ConduitEngine
c:\program files\ConduitEngine\appContextMenu.xml
c:\program files\ConduitEngine\ConduitEngin0.dll
c:\program files\ConduitEngine\ConduitEngine.dll
c:\program files\ConduitEngine\ConduitEngineHelper.exe
c:\program files\ConduitEngine\ConduitEngineUninstall.exe
c:\program files\ConduitEngine\engineContextMenu.xml
c:\program files\ConduitEngine\EngineSettings.json
c:\program files\ConduitEngine\INSTALL.LOG
c:\program files\ConduitEngine\toolbar.cfg
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\filesplace.txt
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\program files\ICQ6Toolbar\voucher.bmp
c:\program files\ICQ6Toolbar\voucher2.bmp

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ICQ_SERVICE
-------\Service_ICQ Service


((((((((((((((((((((((((( Soubory vytvořené od 2010-12-23 do 2011-01-23 )))))))))))))))))))))))))))))))
.

2011-01-18 18:53 . 2011-01-18 18:53 -------- d-----w- c:\documents and settings\bar\DoctorWeb
2011-01-04 11:26 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-01-04 11:25 . 2011-01-04 11:25 -------- d-----w- c:\program files\PC Connectivity Solution
2011-01-04 10:39 . 2011-01-04 10:39 -------- d-----w- c:\documents and settings\bar\Data aplikací\Nero

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-23 11:54 . 2010-02-03 17:06 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2011-01-13 08:47 . 2010-06-30 04:32 38848 ----a-w- c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-02-23 09:04 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-02-23 09:04 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-02-23 09:04 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2010-02-23 09:04 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2010-02-23 09:04 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2010-02-23 09:04 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-02-23 09:04 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2010-02-23 09:04 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\UC.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\RAR.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\PKZIP.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\LHA.PIF
2010-11-29 06:56 . 2010-12-02 10:28 545 ----a-w- c:\windows\ARJ.PIF
2010-11-18 18:15 . 2010-02-03 06:36 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-11 09:17 . 2010-11-11 09:17 87608 ----a-w- c:\documents and settings\bar\Data aplikací\inst.exe
2010-11-11 09:17 . 2010-11-11 09:17 47360 ----a-w- c:\documents and settings\bar\Data aplikací\pcouffin.sys
2010-11-09 14:52 . 2004-08-17 12:49 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2005-11-11 12:43 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2004-08-17 12:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:23 . 2004-08-17 12:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-03 12:25 . 2004-08-17 12:44 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2001-10-25 13:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2004-08-17 12:48 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2005-11-11 12:42 1853312 ----a-w- c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((( SnapShot@2011-01-22_11.00.55 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-23 12:15 . 2011-01-23 12:15 16384 c:\windows\temp\Perflib_Perfdata_4ac.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\documents and settings\bar\Data aplikací\uTorrent\utorrent.exe" [2010-12-13 395640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2011-01-13 3396624]
"NotebookHardwareControl"="c:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlhr"="c:\windows\System32\AdvPack.Dll" [2009-03-08 128512]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-17 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" silent loginmode=4
"uTorrent"="c:\documents and settings\bar\Data aplikací\uTorrent\utorrent.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"ASUS Live Update"=c:\program files\ASUS\ASUS Live Update\ALU.exe
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe"
"SMSERIAL"=c:\windows\sm56hlpr.exe
"RTHDCPL"=RTHDCPL.EXE
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Administrator\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\bar\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"86:TCP"= 86:TCP:BroadCam Video Streaming Server Web Server
"1935:TCP"= 1935:TCP:BroadCam Video Streaming Server Flash Video Server
"4100:UDP"= 4100:UDP:uPNP Router Control Port
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [8.2.2010 10:45 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [8.2.2010 10:45 5248]
R0 ulsata2;ulsata2;c:\windows\system32\drivers\ulsata2.sys [11.11.2005 13:45 190720]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [23.2.2010 10:04 294608]
R1 FNETDEVI;FNETDEVI;c:\windows\system32\drivers\FNETDEVI.SYS [27.2.2010 12:10 19572]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [23.2.2010 10:04 17744]
R3 SynMini;USB2.0 1.3M WebCam;c:\windows\system32\drivers\SynMini.sys [3.2.2010 8:05 1116544]
R3 SynScan;USB2.0 1.3M WebCam Still Image;c:\windows\system32\drivers\SynScan.sys [3.2.2010 8:05 7808]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [19.5.2010 9:37 135664]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2011-01-23 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]

2011-01-23 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2857422465-4168701361-813958858-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]

2011-01-23 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2857422465-4168701361-813958858-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]

2011-01-23 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-02-03 21:18]

2011-01-23 c:\windows\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
.
.
------- Doplňkový sken -------
.
uSearchAssistant = hxxp://www.google.com/ie
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\bar\Data aplikací\Mozilla\Firefox\Profiles\odcneoqt.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\ConduitEngine\ConduitEngin0.dll
AddRemove-conduitEngine - c:\progra~1\CONDUI~1\ConduitEngineUninstall.exe
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-23 13:16
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(732)
c:\windows\system32\Ati2evxx.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\System32\TUProgSt.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2011-01-23 13:18:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-23 12:18

Před spuštěním: 3 791 798 272
Po spuštění: 3 663 310 848

- - End Of File - - 79DEE58218B1FA7B5A73B0D2F713CA14