Ask toolbar mě trošku zlobil musela jsem to řešit přes HiJackThise pak to šlo v pohodě.Crawler toolbar tam již nebyl.Po Combofixu Chování pc se zdal stejný log vkládám.A OTL ,mám ty dva logy také vkládám.
ComboFix 10-02-12.01 - Janette 16.02.2010 14:47:37.4.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.767.427 [GMT 1:00]
Spuštěný z: c:\documents and settings\Janette\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Janette\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100216-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
FILE ::
"c:\program files\Ask.com\UpdateTask.exe"
"c:\windows\Tasks\Scheduled Update for Ask Toolbar.job"
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-16 do 2010-02-16 )))))))))))))))))))))))))))))))
.
2010-02-15 07:18 . 2010-02-15 07:18 -------- d-----w- c:\program files\ESET
2010-02-14 20:14 . 2010-02-14 20:14 -------- d-----w- c:\program files\TrendMicro
2010-01-29 10:09 . 2010-01-29 10:09 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-29 10:09 . 2010-01-29 10:09 -------- d-----w- c:\program files\Java
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-16 12:19 . 2009-02-07 10:12 -------- d-----w- c:\program files\Veselá kuřata
2010-02-16 12:16 . 2005-06-12 15:02 -------- d-----w- c:\program files\ATI Technologies
2010-02-14 16:13 . 2009-04-20 19:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-29 10:10 . 2006-04-14 13:21 -------- d-----w- c:\program files\Common Files\Java
2010-01-07 15:07 . 2009-04-20 19:03 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-04-20 19:03 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-29 15:03 . 2009-03-04 11:24 -------- d-----w- c:\program files\ICQ6.5
2009-12-26 10:43 . 2009-12-26 10:34 -------- d-----w- c:\program files\Kájovy Vánoce - velké dobrodružství pračlověka Káji Hřibojeda
2009-11-24 23:54 . 2008-11-17 15:38 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2008-11-17 15:39 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2008-11-17 15:39 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2008-11-17 15:39 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2008-11-17 15:39 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2008-11-17 15:39 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2008-11-17 15:39 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2008-11-17 15:39 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2008-11-17 15:39 97480 ----a-w- c:\windows\system32\AvastSS.scr
.
((((((((((((((((((((((((((((( SnapShot@2010-02-15_19.50.34 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-16 09:01 . 2010-02-16 09:01 16384 c:\windows\Temp\Perflib_Perfdata_634.dat
+ 2010-02-16 09:01 . 2010-02-16 09:01 16384 c:\windows\Temp\Perflib_Perfdata_460.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CM-SmWizard"="c:\windows\System\SmWizard.exe" [2003-08-29 1454080]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-02-28 315392]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"ICQ Lite"="c:\program files\ICQLite\ICQLite.exe" [2006-07-27 3142236]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users.WINDOWS\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\ICQLite\\ICQLite.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [17.11.2008 16:39 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [17.11.2008 16:39 20560]
.
.
------- Doplňkový sken -------
.
uStart Page =
hxxp://www.seznam.cz/uInternet Settings,ProxyOverride = localhost;*.local
IE: Crawler Search
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Janette\Data aplikací\Mozilla\Firefox\Profiles\xxtp7fxz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
hxxp://seznam.czFF - prefs.js: keyword.URL -
hxxp://search.qip.ru/search?from=FF&query=FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Notify-AtiExtEvent - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-02-16 14:54
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(736)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3696)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-02-16 14:57:54
ComboFix-quarantined-files.txt 2010-02-16 13:57
ComboFix2.txt 2010-02-15 19:54
Před spuštěním: Volných bajtů: 20 188 672 000
Po spuštění: Volných bajtů: 20 154 134 528
- - End Of File - - 9BA648055156EA11DF66571CB28341A7
DALŠÍ LOGY Z OTL....
OTL logfile created on: 16.2.2010 15:09:11 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Documents and Settings\Janette\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
767,00 Mb Total Physical Memory | 397,00 Mb Available Physical Memory | 52,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 18,79 Gb Free Space | 32,08% Space Free | Partition Type: NTFS
Drive D: | 15,92 Gb Total Space | 15,65 Gb Free Space | 98,35% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JANETTE-E6AA23B
Current User Name: Janette
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Janette\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)
PRC - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.)
PRC - C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Janette\Plocha\OTL.exe (OldTimer Tools)
========== Win32 Services (SafeList) ========== SRV - (ATI Smart) -- File not found
SRV - (Ati HotKey Poller) -- File not found
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (catchme) -- File not found
DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (SCDEmu) -- C:\WINDOWS\system32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (usbaudio) Ovladač zvukové karty USB (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (HPZid412) -- C:\WINDOWS\system32\drivers\HPZid412.sys (HP)
DRV - (HPZius12) -- C:\WINDOWS\system32\drivers\HPZius12.sys (HP)
DRV - (HPZipr12) -- C:\WINDOWS\system32\drivers\HPZipr12.sys (HP)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (QCMerced) -- C:\WINDOWS\system32\drivers\lvcm.sys ()
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (cmuda) -- C:\WINDOWS\system32\drivers\cmuda.sys (C-Media Inc)
DRV - (vulfntrs) -- C:\WINDOWS\System32\Drivers\vulfntr.sys (VIA Technologies, Inc.)
DRV - (vulfnths) -- C:\WINDOWS\System32\Drivers\vulfnth.sys (VIA Technologies, Inc.)
DRV - (FETNDISB) -- C:\WINDOWS\system32\drivers\fetnd5b.sys (VIA Technologies, Inc. )
DRV - (NTSIM) -- C:\WINDOWS\system32\ntsim.sys (VIA Networking Technologies, Inc. )
DRV - (viaagp1) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (FETNDIS) -- C:\WINDOWS\system32\drivers\fetnd5.sys (VIA Technologies, Inc. )
DRV - (SetupNT) -- C:\WINDOWS\system32\SetupNT.sys ()
========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page =
http://www.microsoft.com/isapi/redir.dl ... r=iesearchIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dl ... r=iesearchIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.seznam.cz/IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://seznam.cz"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:3.0.8
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.04
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems:
cs@dictionaries.addons.mozilla.org:1.0.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.17
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010.01.29 11:09:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.01.13 17:06:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.01.29 11:09:39 | 000,000,000 | ---D | M]
[2008.12.04 18:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\Mozilla\Extensions
[2008.12.04 18:03:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Janette\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.02.16 13:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\Mozilla\Firefox\Profiles\xxtp7fxz.default\extensions
[2009.12.18 21:12:17 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Janette\Data aplikací\Mozilla\Firefox\Profiles\xxtp7fxz.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2008.12.28 16:15:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Janette\Data aplikací\Mozilla\Firefox\Profiles\xxtp7fxz.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
[2009.12.18 21:12:18 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Janette\Data aplikací\Mozilla\Firefox\Profiles\xxtp7fxz.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009.12.18 21:12:20 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Janette\Data aplikací\Mozilla\Firefox\Profiles\xxtp7fxz.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.12.18 21:12:16 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Documents and Settings\Janette\Data aplikací\Mozilla\Firefox\Profiles\xxtp7fxz.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2008.12.28 14:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\Mozilla\Firefox\Profiles\xxtp7fxz.default\extensions\cs@dictionaries.addons.mozilla.org
[2008.12.17 18:13:39 | 000,001,331 | ---- | M] () -- C:\Documents and Settings\Janette\Data aplikací\Mozilla\Firefox\Profiles\xxtp7fxz.default\searchplugins\crawlersrch.xml
[2010.02.14 19:55:47 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Janette\Data aplikací\Mozilla\Firefox\Profiles\xxtp7fxz.default\searchplugins\icqplugin-1.xml
[2008.11.18 13:56:02 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Janette\Data aplikací\Mozilla\Firefox\Profiles\xxtp7fxz.default\searchplugins\icqplugin.xml
[2009.08.17 06:10:05 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\Janette\Data aplikací\Mozilla\Firefox\Profiles\xxtp7fxz.default\searchplugins\qipsearch.xml
[2010.02.15 20:04:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.06 15:26:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.01.29 11:09:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2010.01.06 15:26:04 | 000,023,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.01.06 15:26:04 | 000,134,616 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007.04.10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2010.01.29 11:09:15 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2007.10.11 13:17:50 | 001,435,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
[2010.01.06 15:26:07 | 000,065,496 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2003.07.15 06:56:52 | 000,013,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2008.06.11 22:45:28 | 000,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2008.09.10 20:56:44 | 000,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2008.09.10 20:37:54 | 000,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2008.04.16 05:08:20 | 000,001,706 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2008.03.31 20:06:24 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2008.03.31 20:06:24 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2008.01.27 10:57:20 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2008.01.27 10:57:20 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2008.03.31 20:06:24 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.08.29 15:40:26 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - No CLSID value found.
O2 - BHO: (Pomocník pro přihlášení ke službě Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [CM-SmWizard] C:\WINDOWS\system\SmWizard.exe (C-Media Electronics Inc.)
O4 - HKLM..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (ICQ Ltd.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.196.209.2
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.17 15:35:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 14 Days ========== [2010.02.16 13:33:17 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Janette\Plocha\OTL.exe
[2010.02.15 20:41:14 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.02.15 20:41:14 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.02.15 20:41:14 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.02.15 20:41:14 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.02.15 20:39:22 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.02.15 17:47:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Janette\Recent
[2010.02.15 08:18:46 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.02.14 21:14:57 | 000,000,000 | ---D | C] -- C:\Program Files\TrendMicro
[2010.02.07 11:39:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Janette\Plocha\nová hudba
[2010.02.06 20:18:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Janette\Dokumenty\My Scans
[2007.10.20 19:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2007.04.05 16:51:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2006.01.11 18:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2005.11.18 18:08:59 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2005.07.08 17:12:29 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 14 Days ========== [2010.02.16 14:57:54 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.02.16 14:54:43 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.02.16 13:33:36 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Janette\Plocha\OTL.exe
[2010.02.16 13:08:18 | 000,000,010 | ---- | M] () -- C:\WINDOWS\Wininit.ini
[2010.02.16 11:16:01 | 000,000,058 | ---- | M] () -- C:\Documents and Settings\Janette\Plocha\Akční ceny, akční letáky, katalogy, prospekty.URL
[2010.02.16 10:00:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.02.16 10:00:37 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys
[2010.02.15 21:16:10 | 010,223,616 | -H-- | M] () -- C:\Documents and Settings\Janette\NTUSER.DAT
[2010.02.15 21:16:10 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Janette\ntuser.ini
[2010.02.15 20:38:15 | 003,857,112 | R--- | M] () -- C:\Documents and Settings\Janette\Plocha\ComboFix.exe
[2010.02.15 15:03:17 | 000,000,057 | ---- | M] () -- C:\Documents and Settings\Janette\Plocha\Výtok z dětských rodidel.URL
[2010.02.15 14:21:31 | 000,004,852 | ---- | M] () -- C:\WINDOWS\WTRAN32.INI
[2010.02.15 14:21:31 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC
[2010.02.15 13:13:55 | 000,000,051 | ---- | M] () -- C:\Documents and Settings\Janette\Plocha\Oddlužení fyzické osoby a firem bez zástavy.URL
[2010.02.14 21:25:43 | 000,000,074 | ---- | M] () -- C:\Documents and Settings\Janette\Plocha\prosím o kontrolu,nelíbí se mi .....URL
[2010.02.14 13:45:01 | 000,000,069 | ---- | M] () -- C:\Documents and Settings\Janette\Plocha\Nábytek Olomouc - Žlutá Hala.URL
[2010.02.12 08:00:12 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Janette\Plocha\Kopie - ŽIVOTOPIS nej.doc
[2010.02.11 08:41:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.02.07 09:49:25 | 000,000,271 | ---- | M] () -- C:\Documents and Settings\Janette\Data aplikací\default.rss
[2010.02.07 09:44:01 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.02.07 09:41:11 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\Janette\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.06 02:33:46 | 734,623,744 | ---- | M] () -- C:\Documents and Settings\Janette\Plocha\2008 Blesk pes pro kaĹľdĂ˝ pĹ™Ăpad ( Bolt )[ animovanĂ˝ komedie fantasy rodinnĂ˝ ] CZ blacklisted_site xXx 7736.avi
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2010.02.16 11:16:01 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\Janette\Plocha\Akční ceny, akční letáky, katalogy, prospekty.URL
[2010.02.15 20:41:14 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.02.15 20:41:14 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.02.15 20:41:14 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.02.15 20:41:14 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.02.15 20:41:14 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.02.15 20:35:55 | 003,857,112 | R--- | C] () -- C:\Documents and Settings\Janette\Plocha\ComboFix.exe
[2010.02.15 15:03:17 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\Janette\Plocha\Výtok z dětských rodidel.URL
[2010.02.15 13:13:55 | 000,000,051 | ---- | C] () -- C:\Documents and Settings\Janette\Plocha\Oddlužení fyzické osoby a firem bez zástavy.URL
[2010.02.14 21:25:43 | 000,000,074 | ---- | C] () -- C:\Documents and Settings\Janette\Plocha\prosím o kontrolu,nelíbí se mi .....URL
[2010.02.14 13:45:01 | 000,000,069 | ---- | C] () -- C:\Documents and Settings\Janette\Plocha\Nábytek Olomouc - Žlutá Hala.URL
[2010.02.12 07:58:00 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Janette\Plocha\Kopie - ŽIVOTOPIS nej.doc
[2010.02.07 09:41:10 | 734,623,744 | ---- | C] () -- C:\Documents and Settings\Janette\Plocha\2008 Blesk pes pro kaĹľdĂ˝ pĹ™Ăpad ( Bolt )[ animovanĂ˝ komedie fantasy rodinnĂ˝ ] CZ blacklisted_site xXx 7736.avi
[2009.12.03 10:19:15 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2009.04.05 18:23:15 | 001,097,728 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2009.04.05 18:23:15 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2009.04.05 18:23:14 | 000,909,312 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2009.04.05 18:23:14 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2009.03.29 10:53:23 | 000,000,271 | ---- | C] () -- C:\Documents and Settings\Janette\Data aplikací\default.rss
[2009.03.29 10:52:35 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.03.29 10:33:59 | 000,004,767 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2009.02.21 15:05:33 | 000,009,255 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009.02.21 15:05:20 | 001,317,152 | R--- | C] () -- C:\WINDOWS\System32\drivers\lvcm.sys
[2009.01.30 10:02:15 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Janette\Local Settings\Data aplikací\fusioncache.dat
[2009.01.30 09:55:42 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.01.14 10:28:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2008.12.13 15:52:38 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008.12.13 15:47:32 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\hpzinstall.log
[2008.11.27 19:11:28 | 000,001,892 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.11.17 20:29:16 | 000,000,050 | ---- | C] () -- C:\WINDOWS\Winamp.ini
[2008.11.17 20:29:03 | 000,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2008.11.17 18:39:05 | 000,004,852 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.11.17 18:25:20 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008.11.17 18:25:19 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2008.11.17 18:25:14 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.11.17 18:25:14 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.11.17 18:25:13 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.11.17 18:25:10 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.11.17 18:25:10 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.11.17 17:14:46 | 000,016,896 | ---- | C] () -- C:\Documents and Settings\Janette\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.17 17:11:04 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.11.17 15:51:21 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2008.11.17 15:51:21 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2008.11.17 15:51:18 | 000,000,010 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2008.11.17 15:51:17 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2008.11.17 15:51:09 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2008.11.17 15:48:55 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2008.11.17 15:44:53 | 000,003,000 | R--- | C] () -- C:\WINDOWS\System32\SetupNT.sys
[2008.03.09 11:53:45 | 000,002,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.07.07 03:00:00 | 000,003,165 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1999.01.27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997.06.13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
========== LOP Check ========== [2009.02.28 17:07:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Alawar Stargaze
[2009.04.26 14:07:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\FireGlow
[2008.11.17 19:41:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ICQ
[2009.03.15 14:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\IsolatedStorage
[2009.12.27 11:17:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Kristanix Games
[2008.11.27 19:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\OrbNetworks
[2010.01.02 19:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP
[2009.02.27 19:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TreeCardGames
[2009.01.17 15:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Veselé Omalovánky 1
[2008.12.25 16:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Veselé Omalovánky 2
[2008.12.25 16:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Veselé Omalovánky 3
[2009.03.29 11:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\Artogon
[2009.03.29 09:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\BriskRecorder
[2009.12.27 11:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\EleFun Games
[2009.03.01 12:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\Expert SoftWorks
[2009.02.21 14:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\FotoWire
[2009.05.07 18:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\ICQ
[2008.11.17 18:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\ICQ Toolbar
[2009.11.28 21:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\ICQLite
[2008.12.28 16:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\IEPro
[2010.02.06 20:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\Image Zone Express
[2009.05.22 12:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\MahJong Suite
[2008.12.28 16:20:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\MiniDm
[2009.02.27 20:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\MyMahj
[2009.02.27 20:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\pokerth
[2008.12.09 18:44:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\QIP
[2009.07.09 10:56:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\SprillBermudeChech
[2008.11.17 18:07:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Janette\Data aplikací\Zoner
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:BD13A410
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP:DFC5A2B2
< End of report >
.......................................................................................................................................................
Mozila nastavená snad tím nic nepokazím 
