Prosím o kontrolu logu OTM + RSIT

vašekp · Příspěvekod **vašekp** » 30 pro 2010 21:39

Ahoj, prosím o kontrolu logu. Děkuji

All processes killed
========== FILES ==========
C:\Program Files\AskBarDis\bar\Settings folder moved successfully.
C:\Program Files\AskBarDis\bar\History folder moved successfully.
C:\Program Files\AskBarDis\bar\Cache folder moved successfully.
C:\Program Files\AskBarDis\bar\bin folder moved successfully.
C:\Program Files\AskBarDis\bar folder moved successfully.
C:\Program Files\AskBarDis folder moved successfully.
File/Folder C:\WINDOWS\system32\servises.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\servises not found.
========== SERVICES/DRIVERS ==========
Service ASKService stopped successfully!
Service ASKService deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: All Users.WINDOWS

User: Andrea
->Temp folder emptied: 100744452 bytes
->Temporary Internet Files folder emptied: 196809 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 50787490 bytes
->Google Chrome cache emptied: 8226321 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 6933 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 6551428 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1107233 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49554 bytes

User: xy

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 232597118 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 519680 bytes

Total Files Cleaned = 385,00 mb

OTM by OldTimer - Version 3.1.17.2 log created on 12302010_212535

Files moved on Reboot...
C:\Documents and Settings\Andrea\Local Settings\Temp\~DF984B.tmp moved successfully.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_7f0.dat not found!
File C:\WINDOWS\temp\ZLT0406d.TMP not found!

Registry entries deleted on Reboot...

Logfile of random's system information tool 1.08 (written by random/random)
Run by Andrea at 2010-12-30 21:32:08
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 5 GB (16%) free of 35 GB
Total RAM: 3582 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:32:20, on 30.12.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
d:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\notepad.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Documents and Settings\Andrea\Local Settings\Data aplikací\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Andrea\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Andrea\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Andrea\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Andrea\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Andrea\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Andrea\Plocha\RSIT.exe
C:\Program Files\trend micro\Andrea.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search13.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search13.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Andrea\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: tom for ie - {8AA217B9-D729-4ee0-AED7-E93D695E94A2} - (no file)
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Andrea\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O4 - HKLM\..\Run: [avast!] d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Andrea\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [TransBar] C:\Documents and Settings\Andrea\Local Settings\Data aplikací\AKSoftware\TransBar\TransBar.exe /s
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {574940E0-1B7A-4881-8FA3-1E809714B156} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9943 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-1677128483-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-1677128483-725345543-1003UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-1677128483-725345543-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-1677128483-725345543-1004UA.job
C:\WINDOWS\tasks\Norton Security Scan for Andrea.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8AA217B9-D729-4ee0-AED7-E93D695E94A2}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Andrea\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-20 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-20 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"P17Helper"=Rundll32 P17.dll,P17Helper []
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-02-16 981384]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-09-19 16844800]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-07-12 74752]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-11-17 421160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"AdobeBridge"= []
"Google Update"=C:\Documents and Settings\Andrea\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-04-30 136176]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"TransBar"=C:\Documents and Settings\Andrea\Local Settings\Data aplikací\AKSoftware\TransBar\TransBar.exe [2005-06-01 65536]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2010-11-16 172856]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-12-29 3037696]

C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

C:\Documents and Settings\Andrea\Nabídka Start\Programy\Po spuštění
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\WINDOWS\Temp\~os59.tmp\rlvknlg.exe"="C:\WINDOWS\Temp\~os59.tmp\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-12-30 21:32:09 ----D---- C:\Program Files\trend micro
2010-12-30 21:32:08 ----D---- C:\rsit
2010-12-30 21:25:35 ----D---- C:\_OTM
2010-12-29 19:17:00 ----D---- C:\Documents and Settings\Andrea\Data aplikací\Spyware Terminator
2010-12-29 19:17:00 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Spyware Terminator
2010-12-29 19:17:00 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2010-12-29 19:16:57 ----D---- C:\Program Files\Spyware Terminator
2010-12-26 22:55:05 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\dPhMa08200
2010-12-25 17:34:06 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\tmp
2010-12-25 17:34:05 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\hps
2010-12-25 17:27:40 ----D---- C:\Program Files\dm
2010-12-02 23:26:02 ----D---- C:\Program Files\iPod

======List of files/folders modified in the last 1 months======

2010-12-30 21:32:20 ----D---- C:\WINDOWS\Prefetch
2010-12-30 21:32:09 ----RD---- C:\Program Files
2010-12-30 21:29:46 ----D---- C:\WINDOWS\Internet Logs
2010-12-30 21:29:10 ----D---- C:\WINDOWS\Temp
2010-12-30 21:27:59 ----D---- C:\WINDOWS\system32\ias
2010-12-30 21:27:48 ----AD---- C:\WINDOWS
2010-12-30 21:26:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-12-30 21:25:46 ----D---- C:\WINDOWS\system32
2010-12-30 20:54:40 ----D---- C:\WINDOWS\Minidump
2010-12-30 11:38:37 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Electronic Arts
2010-12-29 19:20:24 ----D---- C:\WINDOWS\system32\CatRoot2
2010-12-29 19:19:06 ----D---- C:\Program Files\Winferno
2010-12-29 19:17:01 ----D---- C:\WINDOWS\system32\drivers
2010-12-29 17:46:28 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-12-29 16:38:15 ----D---- C:\Documents and Settings\Andrea\Data aplikací\Security_File
2010-12-28 08:20:08 ----D---- C:\Program Files\Mozilla Firefox
2010-12-27 09:22:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-12-26 23:05:53 ----D---- C:\Documents and Settings\Andrea\Data aplikací\Skype
2010-12-26 23:05:28 ----D---- C:\Documents and Settings\Andrea\Data aplikací\uTorrent
2010-12-26 18:14:06 ----D---- C:\Program Files\Minilyrics
2010-12-26 17:56:35 ----D---- C:\Lyrics
2010-12-26 17:20:33 ----D---- C:\Documents and Settings\Andrea\Data aplikací\ICQ
2010-12-26 16:09:26 ----D---- C:\Documents and Settings\Andrea\Data aplikací\skypePM
2010-12-25 17:32:50 ----SHD---- C:\WINDOWS\Installer
2010-12-25 17:32:50 ----SHD---- C:\Config.Msi
2010-12-24 17:51:18 ----D---- C:\Program Files\Burn4Free
2010-12-23 20:02:47 ----D---- C:\Documents and Settings\Andrea\Data aplikací\TuneUpMedia
2010-12-23 10:17:14 ----D---- C:\Documents and Settings\Andrea\Data aplikací\Abvent_Artlantis3
2010-12-23 10:11:51 ----D---- C:\Documents and Settings
2010-12-21 20:58:48 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TuneUpMedia
2010-12-18 19:20:50 ----D---- C:\Documents and Settings\Andrea\Data aplikací\BSplayer
2010-12-13 14:50:58 ----D---- C:\Program Files\uTorrent
2010-12-11 13:43:18 ----HD---- C:\WINDOWS\inf
2010-12-03 23:42:49 ----D---- C:\Program Files\DivX
2010-12-03 23:42:49 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\DivX
2010-12-02 23:26:53 ----D---- C:\Program Files\iTunes
2010-12-02 23:23:46 ----SD---- C:\WINDOWS\Tasks
2010-12-02 23:23:21 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-12-02 23:23:15 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-12-02 23:22:32 ----D---- C:\Program Files\Bonjour
2010-12-01 13:35:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-11-21 691696]
R0 srescan;srescan; C:\WINDOWS\system32\ZoneLabs\srescan.sys [2008-11-17 51688]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-02-16 353672]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2006-11-22 72704]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-12-08 142336]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-12-08 114688]
R3 P17;Sound Blaster Audigy; C:\WINDOWS\system32\drivers\P17.sys [2006-03-17 1163264]
R3 p17filt;p17filt; C:\WINDOWS\system32\drivers\p17filt.sys [2006-03-20 1452032]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-09-19 101504]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 ageah5em;ageah5em; C:\WINDOWS\system32\drivers\ageah5em.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-17 274304]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-28 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-28 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-28 21568]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-09-19 4617728]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-09-28 41984]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664]
R2 aswUpdSv;avast! iAVS4 Control Service; d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; d:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-12-29 488960]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-10-11 38912]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-02-16 2402184]
R3 avast! Mail Scanner;avast! Mail Scanner; d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; d:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-11-17 820008]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-11-09 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-06 655624]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 PCPitstop Scheduling;PCPitstop Scheduling; C:\Program Files\PCPitstop\PCPitstopScheduleService.exe [2009-06-26 85504]

-----------------EOF-----------------

Reklama

Příspěvekod **memphisto** » 30 pro 2010 22:21

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

vašekp · Příspěvekod **vašekp** » 30 pro 2010 23:17

Dr. Web nic nenašel.

All processes killed
========== FILES ==========
C:\Program Files\AskBarDis\bar\Settings folder moved successfully.
C:\Program Files\AskBarDis\bar\History folder moved successfully.
C:\Program Files\AskBarDis\bar\Cache folder moved successfully.
C:\Program Files\AskBarDis\bar\bin folder moved successfully.
C:\Program Files\AskBarDis\bar folder moved successfully.
C:\Program Files\AskBarDis folder moved successfully.
File/Folder C:\WINDOWS\system32\servises.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\servises not found.
========== SERVICES/DRIVERS ==========
Service ASKService stopped successfully!
Service ASKService deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: All Users.WINDOWS

User: Andrea
->Temp folder emptied: 100744452 bytes
->Temporary Internet Files folder emptied: 196809 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 50787490 bytes
->Google Chrome cache emptied: 8226321 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 6933 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 6551428 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1107233 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49554 bytes

User: xy

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 232597118 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 519680 bytes

Total Files Cleaned = 385,00 mb

OTM by OldTimer - Version 3.1.17.2 log created on 12302010_212535

Files moved on Reboot...
C:\Documents and Settings\Andrea\Local Settings\Temp\~DF984B.tmp moved successfully.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_7f0.dat not found!
File C:\WINDOWS\temp\ZLT0406d.TMP not found!

Registry entries deleted on Reboot...

Logfile of random's system information tool 1.08 (written by random/random)
Run by Andrea at 2010-12-30 21:32:08
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 5 GB (16%) free of 35 GB
Total RAM: 3582 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:32:20, on 30.12.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
d:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\notepad.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Documents and Settings\Andrea\Local Settings\Data aplikací\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Andrea\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Andrea\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Andrea\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Andrea\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Andrea\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Andrea\Plocha\RSIT.exe
C:\Program Files\trend micro\Andrea.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search13.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search13.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Andrea\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: tom for ie - {8AA217B9-D729-4ee0-AED7-E93D695E94A2} - (no file)
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Andrea\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O4 - HKLM\..\Run: [avast!] d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Andrea\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [TransBar] C:\Documents and Settings\Andrea\Local Settings\Data aplikací\AKSoftware\TransBar\TransBar.exe /s
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {574940E0-1B7A-4881-8FA3-1E809714B156} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9943 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-1677128483-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-1677128483-725345543-1003UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-1677128483-725345543-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-1677128483-725345543-1004UA.job
C:\WINDOWS\tasks\Norton Security Scan for Andrea.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8AA217B9-D729-4ee0-AED7-E93D695E94A2}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Andrea\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-20 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-20 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"P17Helper"=Rundll32 P17.dll,P17Helper []
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-02-16 981384]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-09-19 16844800]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-07-12 74752]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-11-17 421160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"AdobeBridge"= []
"Google Update"=C:\Documents and Settings\Andrea\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-04-30 136176]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"TransBar"=C:\Documents and Settings\Andrea\Local Settings\Data aplikací\AKSoftware\TransBar\TransBar.exe [2005-06-01 65536]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2010-11-16 172856]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-12-29 3037696]

C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

C:\Documents and Settings\Andrea\Nabídka Start\Programy\Po spuštění
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\WINDOWS\Temp\~os59.tmp\rlvknlg.exe"="C:\WINDOWS\Temp\~os59.tmp\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-12-30 21:32:09 ----D---- C:\Program Files\trend micro
2010-12-30 21:32:08 ----D---- C:\rsit
2010-12-30 21:25:35 ----D---- C:\_OTM
2010-12-29 19:17:00 ----D---- C:\Documents and Settings\Andrea\Data aplikací\Spyware Terminator
2010-12-29 19:17:00 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Spyware Terminator
2010-12-29 19:17:00 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2010-12-29 19:16:57 ----D---- C:\Program Files\Spyware Terminator
2010-12-26 22:55:05 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\dPhMa08200
2010-12-25 17:34:06 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\tmp
2010-12-25 17:34:05 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\hps
2010-12-25 17:27:40 ----D---- C:\Program Files\dm
2010-12-02 23:26:02 ----D---- C:\Program Files\iPod

======List of files/folders modified in the last 1 months======

2010-12-30 21:32:20 ----D---- C:\WINDOWS\Prefetch
2010-12-30 21:32:09 ----RD---- C:\Program Files
2010-12-30 21:29:46 ----D---- C:\WINDOWS\Internet Logs
2010-12-30 21:29:10 ----D---- C:\WINDOWS\Temp
2010-12-30 21:27:59 ----D---- C:\WINDOWS\system32\ias
2010-12-30 21:27:48 ----AD---- C:\WINDOWS
2010-12-30 21:26:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-12-30 21:25:46 ----D---- C:\WINDOWS\system32
2010-12-30 20:54:40 ----D---- C:\WINDOWS\Minidump
2010-12-30 11:38:37 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Electronic Arts
2010-12-29 19:20:24 ----D---- C:\WINDOWS\system32\CatRoot2
2010-12-29 19:19:06 ----D---- C:\Program Files\Winferno
2010-12-29 19:17:01 ----D---- C:\WINDOWS\system32\drivers
2010-12-29 17:46:28 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-12-29 16:38:15 ----D---- C:\Documents and Settings\Andrea\Data aplikací\Security_File
2010-12-28 08:20:08 ----D---- C:\Program Files\Mozilla Firefox
2010-12-27 09:22:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-12-26 23:05:53 ----D---- C:\Documents and Settings\Andrea\Data aplikací\Skype
2010-12-26 23:05:28 ----D---- C:\Documents and Settings\Andrea\Data aplikací\uTorrent
2010-12-26 18:14:06 ----D---- C:\Program Files\Minilyrics
2010-12-26 17:56:35 ----D---- C:\Lyrics
2010-12-26 17:20:33 ----D---- C:\Documents and Settings\Andrea\Data aplikací\ICQ
2010-12-26 16:09:26 ----D---- C:\Documents and Settings\Andrea\Data aplikací\skypePM
2010-12-25 17:32:50 ----SHD---- C:\WINDOWS\Installer
2010-12-25 17:32:50 ----SHD---- C:\Config.Msi
2010-12-24 17:51:18 ----D---- C:\Program Files\Burn4Free
2010-12-23 20:02:47 ----D---- C:\Documents and Settings\Andrea\Data aplikací\TuneUpMedia
2010-12-23 10:17:14 ----D---- C:\Documents and Settings\Andrea\Data aplikací\Abvent_Artlantis3
2010-12-23 10:11:51 ----D---- C:\Documents and Settings
2010-12-21 20:58:48 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TuneUpMedia
2010-12-18 19:20:50 ----D---- C:\Documents and Settings\Andrea\Data aplikací\BSplayer
2010-12-13 14:50:58 ----D---- C:\Program Files\uTorrent
2010-12-11 13:43:18 ----HD---- C:\WINDOWS\inf
2010-12-03 23:42:49 ----D---- C:\Program Files\DivX
2010-12-03 23:42:49 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\DivX
2010-12-02 23:26:53 ----D---- C:\Program Files\iTunes
2010-12-02 23:23:46 ----SD---- C:\WINDOWS\Tasks
2010-12-02 23:23:21 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-12-02 23:23:15 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-12-02 23:22:32 ----D---- C:\Program Files\Bonjour
2010-12-01 13:35:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-11-21 691696]
R0 srescan;srescan; C:\WINDOWS\system32\ZoneLabs\srescan.sys [2008-11-17 51688]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-02-16 353672]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2006-11-22 72704]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-12-08 142336]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-12-08 114688]
R3 P17;Sound Blaster Audigy; C:\WINDOWS\system32\drivers\P17.sys [2006-03-17 1163264]
R3 p17filt;p17filt; C:\WINDOWS\system32\drivers\p17filt.sys [2006-03-20 1452032]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-09-19 101504]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 ageah5em;ageah5em; C:\WINDOWS\system32\drivers\ageah5em.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-17 274304]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-28 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-28 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-28 21568]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-09-19 4617728]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-09-28 41984]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664]
R2 aswUpdSv;avast! iAVS4 Control Service; d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; d:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-12-29 488960]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-10-11 38912]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-02-16 2402184]
R3 avast! Mail Scanner;avast! Mail Scanner; d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; d:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-11-17 820008]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-11-09 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-06 655624]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 PCPitstop Scheduling;PCPitstop Scheduling; C:\Program Files\PCPitstop\PCPitstopScheduleService.exe [2009-06-26 85504]

-----------------EOF-----------------

Příspěvekod **memphisto** » 31 pro 2010 01:37

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

vašekp · Příspěvekod **vašekp** » 31 pro 2010 09:25

ComboFix 10-12-30.03 - Andrea 31.12.2010 9:08.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3582.3130 [GMT 1:00]
Spuštěný z: c:\documents and settings\Andrea\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 101230-1] *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Andrea\Dokumenty\cc_20101230_205607.reg
c:\program files\ICQ6.5\ICQLRun.exe
c:\program files\KwinzySrch
c:\program files\KwinzySrch\kwinzy.exe
c:\program files\KwinzySrch\uninstall.exe
c:\program files\RelevantKnowledge
c:\program files\RelevantKnowledge\rlls.dll
c:\program files\RelevantKnowledge\rloci.bin
c:\program files\RelevantKnowledge\rlvknlg.exe
c:\windows\settings.reg
c:\windows\system32\Data
c:\windows\system32\detoured.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-28 do 2010-12-31 )))))))))))))))))))))))))))))))
.

2010-12-30 21:51 . 2010-12-30 21:51 -------- d-----w- c:\documents and settings\Andrea\DoctorWeb
2010-12-30 21:50 . 2010-12-30 21:50 -------- d-----w- c:\documents and settings\Andrea\Data aplikací\Malwarebytes
2010-12-30 21:50 . 2010-12-30 21:50 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Malwarebytes
2010-12-30 21:50 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-30 21:50 . 2010-12-30 22:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-30 21:50 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-30 20:32 . 2010-12-30 20:32 -------- d-----w- c:\program files\trend micro
2010-12-30 20:32 . 2010-12-30 20:32 -------- d-----w- C:\rsit
2010-12-30 20:25 . 2010-12-30 20:25 -------- d-----w- C:\_OTM
2010-12-29 18:17 . 2010-12-30 21:59 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Spyware Terminator
2010-12-29 18:17 . 2010-12-30 19:13 -------- d-----w- c:\documents and settings\Andrea\Data aplikací\Spyware Terminator
2010-12-29 18:17 . 2010-12-29 18:17 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-12-29 18:16 . 2010-12-30 19:49 -------- d-----w- c:\program files\Spyware Terminator
2010-12-26 21:55 . 2010-12-28 16:28 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\dPhMa08200
2010-12-25 16:34 . 2010-12-25 16:34 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\tmp
2010-12-25 16:34 . 2010-12-25 16:34 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\hps
2010-12-25 16:27 . 2010-12-25 16:27 -------- d-----w- c:\program files\dm
2010-12-02 22:26 . 2010-12-02 22:26 -------- d-----w- c:\program files\iPod
2010-12-02 22:23 . 2010-12-02 22:23 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY\Data aplikací\Apple Computer

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-07 11:23 . 2010-10-07 11:23 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-10-07 11:23 . 2010-10-07 11:23 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-10-07 11:23 . 2010-10-07 11:23 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-10-07 11:23 . 2010-10-07 11:23 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-10-03 09:44 . 2010-10-03 09:44 59904 ----a-w- c:\windows\system32\ZLIB1.DLL
2004-08-17 13:49 93184 -csha-w- c:\windows\system32\dllcache\iexplore.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Andrea\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-04-30 136176]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"TransBar"="c:\documents and settings\Andrea\Local Settings\Data aplikací\AKSoftware\TransBar\TransBar.exe" [2005-06-01 65536]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2010-11-16 172856]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-12-29 3037696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"P17Helper"="P17.dll" [2006-03-17 81408]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-15 981384]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 110592]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-19 16844800]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-07-12 74752]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-11-17 421160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\Andrea\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-7-31 113664]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

c:\documents and settings\All Users.WINDOWS\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-7-31 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21.11.2009 13:22 691696]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [1.11.2009 12:28 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [29.12.2010 19:17 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.11.2009 12:28 20560]
R3 p17filt;p17filt;c:\windows\system32\drivers\p17filt.sys [20.3.2006 18:34 1452032]
S4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe [1.11.2009 18:33 85504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'

2010-12-29 c:\windows\Tasks\Norton Security Scan for Andrea.job
- c:\program files\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2009-12-28 04:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource= ... =CT1750559
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uCustomizeSearch = hxxp://search13.net/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Get Styles\ct.htm
FF - ProfilePath - c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://search13.net?clid=486
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... 2.0.0.2&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Get Styles: {6236BA26-C117-4007-928C-DE0716C7FA80} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
FF - Ext: Homepage Guard: {6236BA26-C117-4007-928C-DE0716C7FA81} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA81}
FF - Ext: Usage Stat: {6236BA26-C117-4007-928C-DE0716C7FA96} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
FF - Ext: AniWeather: {4176DFF4-4698-11DE-BEEB-45DA55D89593} - %profile%\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}
FF - Ext: MidnightFox: {66871bd1-5ba2-4739-b485-2a15f5969bd8} - %profile%\extensions\{66871bd1-5ba2-4739-b485-2a15f5969bd8}
FF - Ext: Slickerfox: {359faf50-e061-11dd-ad8b-0800200c9a66} - %profile%\extensions\{359faf50-e061-11dd-ad8b-0800200c9a66}
FF - Ext: Flagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: Express Tab: {6236BA26-C117-4007-928C-DE0716C7FA82} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA82}
FF - Ext: U Flv: {7645f4b1-1f19-13dd-2d6b-0200600c2a56} - %profile%\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
FF - Ext: {7645f4b1-1f19-13dd-2d6b-0200600c2a56}: {7645f4b1-1f19-13dd-2d6b-0200600c2a56} - %profile%\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: QAssistant: {63414328-3ab4-2c84-6c41-5a473c4b2ff7} - %profile%\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
FF - Ext: QAssistant: {63414328-3ab4-2c84-6c41-5a473c4b2ff7} - %profile%\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
FF - Ext: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)
WebBrowser-{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - (no file)
HKCU-Run-AdobeBridge - (no file)
AddRemove-Adobe Photoshop 7.0 - c:\program files\Adobe\Photoshop 7.0\Uninst.isu
AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-31 09:11
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(760)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2010-12-31 09:12:25
ComboFix-quarantined-files.txt 2010-12-31 08:12

Před spuštěním: 5 469 241 344
Po spuštění: 5 488 709 632

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - AC170830FE25B294DF340858776EEB32

Příspěvekod **memphisto** » 31 pro 2010 10:44

Odinstaluj Spyware Terminátora. Kdo ti radil OTM? Po čištění odinstaluj AVAST 4 a stáhni AVAST 5

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
DirLook::
c:\documents and settings\All Users.WINDOWS\Data aplikací\dPhMa08200
c:\documents and settings\All Users.WINDOWS\Data aplikací\tmp
c:\documents and settings\All Users.WINDOWS\Data aplikací\hps
c:\program files\dm

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000000

Folder::
c:\program files\Norton Security Scan

DDS::
uStart Page = hxxp://search.conduit.com?SearchSource= ... =CT1750559
uInternet Settings,ProxyOverride = *.local
uCustomizeSearch = hxxp://search13.net/

Firefox::
FF - ProfilePath - c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://search13.net?clid=486
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... 2.0.0.2&q=
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

vašekp · Příspěvekod **vašekp** » 31 pro 2010 17:57

OTM mě poradil pitimir 25.10.2009 mám to nazvané Prosím o kontrolu logu, myslel jsem, že je to tak lepší.

ComboFix 10-12-30.03 - Andrea 31.12.2010 16:51:42.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3582.3151 [GMT 1:00]
Spuštěný z: c:\documents and settings\Andrea\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Andrea\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 101231-0] *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\about.xul
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\autocomplete.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\exitobserver.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\globals.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\highlight.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.css
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtabs.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\icqtoolbar.xul
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgLarge.gif
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\bgSmall.gif
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonBlue.gif
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\buttonGreen.gif
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img\searchLogo.gif
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\localfileupdate.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\menu-button.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab.html
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_bg.html
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_cz.html
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_de.html
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_en.html
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_es.html
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_fr.html
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_he.html
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_it.html
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_ru.html
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_sk.html
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_tr.html
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\newTab_uk.html
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\options.xul
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsegamesxml.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\parsemenuxml.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\peoplesearch.xul
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\prefutils.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\search.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\sitespanel.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\splitter.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\statistics.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\tabcontext.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\utilities.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\voucher.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\zoom.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\icq_locale.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\itb_options.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg\options.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\icq_locale.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\itb_options.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs\options.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\icq_locale.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\itb_options.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de\options.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\icq_locale.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\itb_options.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US\options.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\icq_locale.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\itb_options.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es\options.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\icq_locale.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\itb_options.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr\options.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\icq_locale.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\itb_options.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he\options.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\icq_locale.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\itb_options.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it\options.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\icq_locale.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\itb_options.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru\options.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\icq_locale.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\itb_options.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk\options.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\icq_locale.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\itb_options.dtd
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr\options.properties
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\about.css
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\abt.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ain.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\ang.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\arrow_eng.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\arrow_heb.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\btn_bg.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\btn_bg_lite.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\default.css
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dis.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\dropmarker.css
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\20minutos.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\about.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\abv.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aktuality.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aktualne.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\alljobs.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\allocine.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\altervista.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\amazon.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\answers.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aol.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aolradio.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\apple.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ard.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\as.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\atlas.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\atlassk.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\aufeminin.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\autobazar.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\autobazar1.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\autocz.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\azet.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bazos.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bbc.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bbc.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bigmir.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\billiger.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bing.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\blesk.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\bleskove.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\btv.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\calcalist.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\cas.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\cdiscount.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\centrum.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ciao.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\cnet.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\cnn.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\commentcamarche.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\corriere.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\csfd.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\d.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\dailymotion.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\data.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\deezer.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\default.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\delicious.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\depositfiles.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\deviantart.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\diary.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\digg.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\dir.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\disney.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\diva.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\dnevnik.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\doctissimo.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\donanimhaber.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ebay.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ebayanuncios.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ekolay.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\elmundo.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\elpais.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\eurosport.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\expats.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\facebook.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\finance.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\firmy.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\flickr.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\flix.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\fotolog.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\fox.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\france2.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\free.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\garanti.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gazeta.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gazetevatan.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gazzetta.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gbg.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gepime.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gismeteo.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gittigidiyor.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\globes.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gmail.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\gmx.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\google.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\googleearth.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\googletranslate.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\haaretz.gif
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\haaretz.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\haber7.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\haberturk.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\hepsiburada.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\horadot.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\horoskopy.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\hurriyet.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\championat.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\chip.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\icq.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\idnes.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ilike.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ilmeteo.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\imageshack.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\imdb.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\impulse.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\infojobs.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\interfacelift.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\internethaber.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\iserialy.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\iua.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\izlesene.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\jappy.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\jeux.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\jeuxvideo.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\jing.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\joj.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\kijiji.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\kinopoisk.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\korrespondent.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lastfm.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\leboncoin.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lemonde.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lenta.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\leonardo.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lequipe.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\libero.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\libimseti.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lide.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\linternaute.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\livejournal.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mailru.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mako.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mappy.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mapy.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\marca.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\marketgid.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\markiza.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\megavideo.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\meinvz.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mekusharim.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\meta.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\milanobakeca.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\milliyet.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mimibazar.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\minibazar.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mobilen.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\morfix.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mouse.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mymovies.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\myspace.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\najisto.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nana.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nana10.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\netgames.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\netlog.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\novinky.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\novoteka.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nrg.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ntvmsnbc.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nytimes.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\odnoklassniki.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\one.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\orange.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\otto.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\pagesjaunes.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\peliculasyonkis.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\photobucket.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\picnik.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\pravda.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\profesia.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\prosieben.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\r10.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rapidshare.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rbc.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\repubblica.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rian.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rozetka.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rtl.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sabah.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sahibinden.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sat1.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\segundamano.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\seriesyonkis.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\seznam.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\seznamemail.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sfr.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\shmu.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\schuelervz.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\skyrock.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\slsp.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sme.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\snimka.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\softonic.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\spiegel.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\splinder.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sport-express.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sport5.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sportal.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sportcz.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sportes.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sporx.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\stahuj.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\stream.bmp
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\stream.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\studivz.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\subito.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\supercz.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\superhry.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\svejo.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\t-online.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tapuz.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\taringa.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\telecinco.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\terra.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tf1.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\themarker.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tiscali.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\topky.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\torrents.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\travian.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tv.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\twitter.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ucoz.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ukr.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vbox7.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vesti.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vimeo.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\virgilio.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vkontakte.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vodafone.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\walla.ico

vašekp · Příspěvekod **vašekp** » 31 pro 2010 17:59

c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\repubblica.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rian.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rozetka.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rtl.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sabah.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sahibinden.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sat1.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\segundamano.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\seriesyonkis.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\seznam.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\seznamemail.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sfr.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\shmu.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\schuelervz.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\skyrock.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\slsp.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sme.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\snimka.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\softonic.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\spiegel.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\splinder.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sport-express.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sport5.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sportal.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sportcz.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sportes.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sporx.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\stahuj.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\stream.bmp
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\stream.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\studivz.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\subito.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\supercz.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\superhry.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\svejo.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\t-online.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tapuz.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\taringa.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\telecinco.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\terra.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tf1.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\themarker.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tiscali.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\topky.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\torrents.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\travian.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tv.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\twitter.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ucoz.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ukr.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vbox7.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vesti.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vimeo.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\virgilio.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vkontakte.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vodafone.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\walla.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wallmart.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\walmart.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wamba.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wat.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\weather.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\web.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wer-kennt-wen.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wetter.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wikipedia.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wolframalpha.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\yad2.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\yahoo.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ynet.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\youtube.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\zamunda.bmp
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\zap.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\zena.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\menu.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\pin.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\pinc.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\powerd1.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\remove.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\reset.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\search_arrow.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\search_bg.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\unpin.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\blacklist.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_33.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_34.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_359.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_380.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_39.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_42.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_4201.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_49.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_7.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_90.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_972.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\voucher_list.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\ConduitAutoCompleteSearch.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\ConduitAutoCompleteSearch.xpt
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\ConduitToolbar.idl
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\ConduitToolbar.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\ConduitToolbar.xpt
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFExternalAlert.dll
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFExternalAlert.xpt
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.dll
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.xpt
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\default_radio_skin.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\fbAlert.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\chrome.manifest
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\chrome\bs_player.jar
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\install.rdf
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\lib\xpcom.js
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\META-INF\manifest.mf
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\META-INF\zigbert.rsa
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\META-INF\zigbert.sf
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin\conduit.gif
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin\conduit.ico
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin\conduit.PNG
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin\conduit.src
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin\conduit.xml
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\setup.ini
c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\version.txt
c:\program files\Norton Security Scan
c:\program files\Norton Security Scan\Engine\2.7.0.52\{2A85E335-7417-424d-AD89-31DED1689794}.dat
c:\program files\Norton Security Scan\Engine\2.7.0.52\{407D1C08-B366-4aca-92FB-E04E97F6681D}.dat
c:\program files\Norton Security Scan\Engine\2.7.0.52\BilBDRes.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\ccL80U.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\ccScanw.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\ccVrTrst.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\dec_abi.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\DefLoad.exe
c:\program files\Norton Security Scan\Engine\2.7.0.52\DefUtDCD.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\diLueCbk.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\ecmldr32.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\HeartBt.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\help.htm
c:\program files\Norton Security Scan\Engine\2.7.0.52\InstWrap.exe
c:\program files\Norton Security Scan\Engine\2.7.0.52\Microsoft.VC80.CRT.manifest
c:\program files\Norton Security Scan\Engine\2.7.0.52\msl.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\msvcp80.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\msvcr80.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\Nss.exe
c:\program files\Norton Security Scan\Engine\2.7.0.52\patch25d.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\PrdDtRes.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\ReputationCacheDB.db
c:\program files\Norton Security Scan\Engine\2.7.0.52\RevList.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\RptCdRes.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\SAUpdt.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\ScanCore.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\ScanRes.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\ScanText.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\SKUCfg.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\SKURes.dll
c:\program files\Norton Security Scan\Engine\2.7.0.52\symbos.exe
c:\program files\Norton Security Scan\Engine\2.7.0.52\SymHTML.dll
c:\program files\Norton Security Scan\isolate.ini

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-28 do 2010-12-31 )))))))))))))))))))))))))))))))
.

2010-12-30 21:51 . 2010-12-30 21:51 -------- d-----w- c:\documents and settings\Andrea\DoctorWeb
2010-12-30 21:50 . 2010-12-30 21:50 -------- d-----w- c:\documents and settings\Andrea\Data aplikací\Malwarebytes
2010-12-30 21:50 . 2010-12-30 21:50 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Malwarebytes
2010-12-30 21:50 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-30 21:50 . 2010-12-30 22:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-30 21:50 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-30 20:32 . 2010-12-30 20:32 -------- d-----w- c:\program files\trend micro
2010-12-30 20:32 . 2010-12-30 20:32 -------- d-----w- C:\rsit
2010-12-30 20:25 . 2010-12-30 20:25 -------- d-----w- C:\_OTM
2010-12-26 21:55 . 2010-12-28 16:28 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\dPhMa08200
2010-12-25 16:34 . 2010-12-25 16:34 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\tmp
2010-12-25 16:34 . 2010-12-25 16:34 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\hps
2010-12-25 16:27 . 2010-12-25 16:27 -------- d-----w- c:\program files\dm
2010-12-02 22:26 . 2010-12-02 22:26 -------- d-----w- c:\program files\iPod
2010-12-02 22:23 . 2010-12-02 22:23 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY\Data aplikací\Apple Computer

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-07 11:23 . 2010-10-07 11:23 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-10-07 11:23 . 2010-10-07 11:23 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-10-07 11:23 . 2010-10-07 11:23 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-10-07 11:23 . 2010-10-07 11:23 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-10-03 09:44 . 2010-10-03 09:44 59904 ----a-w- c:\windows\system32\ZLIB1.DLL
2004-08-17 13:49 93184 -csha-w- c:\windows\system32\dllcache\iexplore.exe
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\documents and settings\All Users.WINDOWS\Data aplikací\dPhMa08200 ----

2010-12-26 21:55 . 2010-12-28 07:14 94 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\dPhMa08200\dPhMa08200

---- Directory of c:\documents and settings\All Users.WINDOWS\Data aplikací\hps ----

2010-12-25 16:34 . 2010-12-25 16:34 1610 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\hps\5500\04.06.07\resources\orderingdetails5500.xml
2010-12-25 16:34 . 2010-12-25 16:34 4248 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\hps\5500\04.06.07\resources\fonts-win.xml

---- Directory of c:\documents and settings\All Users.WINDOWS\Data aplikací\tmp ----

2010-12-25 16:34 . 2010-12-25 16:50 81149 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\tmp\rwstjg.tmp

---- Directory of c:\program files\dm ----

((((((((((((((((((((((((((((( SnapShot@2010-12-31_08.11.04 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-12-31 16:01 . 2010-12-31 16:01 16384 c:\windows\Temp\Perflib_Perfdata_7c0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Andrea\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-04-30 136176]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"TransBar"="c:\documents and settings\Andrea\Local Settings\Data aplikací\AKSoftware\TransBar\TransBar.exe" [2005-06-01 65536]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2010-11-16 172856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"P17Helper"="P17.dll" [2006-03-17 81408]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-15 981384]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 110592]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-19 16844800]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-07-12 74752]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-11-17 421160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\Andrea\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-7-31 113664]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

c:\documents and settings\All Users.WINDOWS\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-7-31 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21.11.2009 13:22 691696]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [1.11.2009 12:28 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.11.2009 12:28 20560]
R3 p17filt;p17filt;c:\windows\system32\drivers\p17filt.sys [20.3.2006 18:34 1452032]
S4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe [1.11.2009 18:33 85504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Get Styles\ct.htm
FF - ProfilePath - c:\documents and settings\Andrea\Data aplikací\Mozilla\Firefox\Profiles\4da465wu.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Get Styles: {6236BA26-C117-4007-928C-DE0716C7FA80} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
FF - Ext: Homepage Guard: {6236BA26-C117-4007-928C-DE0716C7FA81} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA81}
FF - Ext: Usage Stat: {6236BA26-C117-4007-928C-DE0716C7FA96} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
FF - Ext: AniWeather: {4176DFF4-4698-11DE-BEEB-45DA55D89593} - %profile%\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}
FF - Ext: MidnightFox: {66871bd1-5ba2-4739-b485-2a15f5969bd8} - %profile%\extensions\{66871bd1-5ba2-4739-b485-2a15f5969bd8}
FF - Ext: Slickerfox: {359faf50-e061-11dd-ad8b-0800200c9a66} - %profile%\extensions\{359faf50-e061-11dd-ad8b-0800200c9a66}
FF - Ext: Flagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: Express Tab: {6236BA26-C117-4007-928C-DE0716C7FA82} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA82}
FF - Ext: U Flv: {7645f4b1-1f19-13dd-2d6b-0200600c2a56} - %profile%\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
FF - Ext: {7645f4b1-1f19-13dd-2d6b-0200600c2a56}: {7645f4b1-1f19-13dd-2d6b-0200600c2a56} - %profile%\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
FF - Ext: QAssistant: {63414328-3ab4-2c84-6c41-5a473c4b2ff7} - %profile%\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
FF - Ext: QAssistant: {63414328-3ab4-2c84-6c41-5a473c4b2ff7} - %profile%\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-NSS - c:\program files\Norton Security Scan\Engine\2.7.0.52\InstWrap.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-31 17:01
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(760)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'explorer.exe'(2680)
c:\windows\system32\msi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\program files\Alwil Software\Avast4\aswUpdSv.exe
d:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\Rundll32.exe
c:\windows\system32\rundll32.exe
c:\documents and settings\Andrea\Local Settings\Data aplikací\Google\Update\1.2.183.39\GoogleCrashHandler.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\wdfmgr.exe
d:\program files\Alwil Software\Avast4\ashMaiSv.exe
d:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-12-31 17:04:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-12-31 16:04
ComboFix2.txt 2010-12-31 08:12

Před spuštěním: 5 556 203 520
Po spuštění: 5 517 393 920

- - End Of File - - DD39829A0BC88CCD8AED560C6049E58C

Příspěvekod **memphisto** » 31 pro 2010 18:09

Toto otestuj na Virustotal
c:\documents and settings\All Users.WINDOWS\Data aplikací\tmp\rwstjg.tmp

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

vašekp · Příspěvekod **vašekp** » 31 pro 2010 19:44

Nemůžu najít tento soubor:
c:\documents and settings\All Users.WINDOWS\Data aplikací\tmp\rwstjg.tmp

vašekp · Příspěvekod **vašekp** » 31 pro 2010 20:20

už jsem to spustil

vašekp · Příspěvekod **vašekp** » 31 pro 2010 23:47

Hodně štěstí, zdraví, spokojenosti a křišťálovou lupu v roce 2011 přeju všem z pc-helpu.

Prosím o kontrolu logu OTM + RSIT Vyřešeno

Prosím o kontrolu logu OTM + RSIT

Re: Prosím o kontrolu logu OTM + RSIT

Re: Prosím o kontrolu logu OTM + RSIT

Re: Prosím o kontrolu logu OTM + RSIT

Re: Prosím o kontrolu logu OTM + RSIT

Re: Prosím o kontrolu logu OTM + RSIT

Re: Prosím o kontrolu logu OTM + RSIT

Re: Prosím o kontrolu logu OTM + RSIT

Re: Prosím o kontrolu logu OTM + RSIT

Re: Prosím o kontrolu logu OTM + RSIT

Re: Prosím o kontrolu logu OTM + RSIT

Re: Prosím o kontrolu logu OTM + RSIT

Kdo je online