2.Cast:
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\libero.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\libimseti.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\lide.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\linternaute.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\livejournal.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mailru.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mako.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mappy.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mapy.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\marca.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\marketgid.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\markiza.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\megavideo.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\meinvz.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mekusharim.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\meta.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\milanobakeca.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\milliyet.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mimibazar.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\minibazar.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mobilen.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\morfix.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mouse.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\mymovies.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\myspace.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\najisto.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nana.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nana10.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\netgames.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\netlog.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\novinky.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\novoteka.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nrg.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ntvmsnbc.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\nytimes.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\odnoklassniki.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\one.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\orange.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\otto.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\pagesjaunes.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\peliculasyonkis.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\photobucket.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\picnik.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\pravda.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\profesia.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\prosieben.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\r10.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rapidshare.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rbc.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\repubblica.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rian.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rozetka.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\rtl.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sabah.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sahibinden.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sat1.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\segundamano.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\seriesyonkis.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\seznam.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\seznamemail.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sfr.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\shmu.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\schuelervz.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\skyrock.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\slsp.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sme.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\snimka.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\softonic.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\spiegel.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\splinder.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sport-express.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sport5.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sportal.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sportcz.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sportes.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\sporx.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\stahuj.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\stream.bmp
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\stream.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\studivz.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\subito.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\supercz.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\superhry.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\svejo.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\t-online.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tapuz.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\taringa.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\telecinco.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\terra.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tf1.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\themarker.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tiscali.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\topky.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\torrents.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\travian.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\tv.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\twitter.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ucoz.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ukr.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vbox7.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vesti.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vimeo.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\virgilio.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vkontakte.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\vodafone.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\walla.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wallmart.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\walmart.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wamba.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wat.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\weather.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\web.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wer-kennt-wen.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wetter.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wikipedia.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\wolframalpha.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\yad2.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\yahoo.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\ynet.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\youtube.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\zamunda.bmp
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\zap.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon\zena.ico
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\hide.png
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\icons.png
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\logo_small.gif
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\menu.png
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_r.png
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\more_vouchers_y.png
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\options.css
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\peoplesearch.css
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\pin.png
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\pinc.png
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\powerd1.png
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\remove.png
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\reset.png
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\search_arrow.png
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\search_bg.png
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\unpin.png
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg.png
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\voucher_bg_y.png
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\blacklist.xml
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites.xml
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_33.xml
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_34.xml
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_359.xml
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_380.xml
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_39.xml
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_42.xml
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_4201.xml
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_49.xml
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_7.xml
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_90.xml
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\local_sites_972.xml
c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites\voucher_list.xml
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-16 do 2011-02-16 )))))))))))))))))))))))))))))))
.
2073-04-13 15:17 . 2006-11-21 18:48 203576 ------w- c:\program files\Microsoft Games\Age of Empires III\autopatcher2.exe
2011-02-16 15:41 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-16 15:41 . 2011-02-16 15:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-16 15:41 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-16 15:36 . 2011-02-16 15:36 388096 ----a-r- c:\documents and settings\Roman\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-02-16 15:36 . 2011-02-16 15:36 -------- d-----w- c:\program files\Trend Micro
2011-02-15 08:34 . 2011-01-13 09:41 5890896 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{194828C5-C394-43F4-8244-5308B98C0A20}\mpengine.dll
2011-02-14 16:38 . 2011-02-14 16:38 -------- d-----w- c:\documents and settings\All Users\Data aplikací\CDRWIN 8
2011-02-14 16:29 . 2011-02-14 16:38 -------- d-----w- c:\program files\CDRWIN 8
2011-02-12 15:27 . 2008-11-10 10:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
2011-02-12 15:27 . 2006-10-26 18:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2011-02-12 15:26 . 2011-02-12 15:26 -------- d-----w- c:\program files\Microsoft.NET
2011-02-12 15:24 . 2011-02-12 15:24 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-02-07 13:27 . 2011-02-07 13:27 -------- d-----w- c:\documents and settings\Roman\Local Settings\Data aplikací\2K Games
2011-02-07 13:26 . 2011-02-07 13:26 -------- d-----w- c:\program files\NVIDIA Corporation
2011-02-06 19:31 . 2011-02-06 19:31 1409 ----a-w- c:\windows\QTFont.for
2011-01-21 14:44 . 2011-01-21 14:44 440320 -c----w- c:\windows\system32\dllcache\shimgvw.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-13 14:45 . 2008-05-13 15:17 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-02-13 14:45 . 2009-03-03 13:19 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-02-13 14:45 . 2008-05-13 15:15 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-01-21 14:44 . 2006-03-02 12:00 440320 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-13 09:41 . 2007-10-10 15:31 5890896 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-01-13 08:47 . 2010-06-29 13:57 38848 ----a-w- c:\windows\avastSS.scr
2011-01-13 08:47 . 2007-10-08 19:37 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2008-04-06 10:30 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2007-10-08 19:37 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2007-10-08 19:37 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2007-10-08 19:37 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2007-10-08 19:37 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2007-10-08 19:37 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2008-04-06 10:30 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-07 14:09 . 2006-03-02 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:04 . 2006-03-02 12:00 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34 . 2006-03-02 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:52 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:52 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:52 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:25 . 2006-03-02 12:00 729088 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2010-12-09 15:15 . 2006-03-02 12:00 713216 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 15:14 . 2004-08-17 15:45 2029056 ------w- c:\windows\system32\ntkrnlpa.exe
2010-12-09 15:14 . 2006-03-02 12:00 2150912 ------w- c:\windows\system32\ntoskrnl.exe
2010-12-09 14:30 . 2006-03-02 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2011-01-13 3396624]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2007-01-20 200704]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 01:42 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"d:\\Strong\\StrongDC.exe"=
"d:\\Instalace games\\Fifa 08\\FIFA08.exe"=
"d:\\Instalace games\\Codemasters\\Race Driver 3\\RD3.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Instalace games\\Battlefield II\\BF2.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"d:\\Instalace games\\COD World At War\\CALL OF DUTY WORLD AT WAR\\CoDWaW.exe"=
"d:\\Instalace games\\Company of Heroes\\RelicCOH.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"d:\\Instalace games\\Flat Out Carnage\\FlatOut Ultimate Carnage\\Fouc.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [6.4.2008 11:30 294608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6.4.2008 11:30 17744]
R2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.;c:\windows\system32\drivers\wf88vcap.sys [17.11.2007 13:50 208851]
R2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.;c:\windows\system32\drivers\WF88XBAR.sys [17.11.2007 13:50 10324]
R2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.;c:\windows\system32\drivers\wf88tune.sys [17.11.2007 13:50 34789]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 18:19 13592]
S2 gupdate1c9ec50c4d178c;Služba Google Update (gupdate1c9ec50c4d178c);c:\program files\Google\Update\GoogleUpdate.exe [13.6.2009 18:54 133104]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [17.11.2007 13:55 9446]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [9.10.2007 16:41 642560]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
2011-02-16 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
2011-02-16 c:\windows\Tasks\User_Feed_Synchronization-{96590F88-7F72-4DA0-B6F5-4C1FBE6B3433}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Free YouTube Download - c:\documents and settings\Roman\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Roman\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
FF - ProfilePath - c:\documents and settings\Roman\Data aplikací\Mozilla\Firefox\Profiles\0sdkz6lh.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-16 20:27
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(756)
c:\windows\system32\Ati2evxx.dll
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
c:\program files\common files\logitech\bluetooth\LBTServ.dll
.
Celkový čas: 2011-02-16 20:28:54
ComboFix-quarantined-files.txt 2011-02-16 19:28
ComboFix2.txt 2011-02-16 17:30
Před spuštěním: 9 258 000 384
Po spuštění: 9 374 969 856
- - End Of File - - A3942FDC22C6644B1BF85A9E8FAD85EF
Prosim o kontrolu logu Vyřešeno
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Prosim o kontrolu logu
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials
+ Nový log z HJT
Jak je na tom PC?
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials
+ Nový log z HJT
Jak je na tom PC?
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Prosim o kontrolu logu
pc mi pripada rychlejsi slape jak hodinky 
jestli je to tedy vse tak moc diky!
zde log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:23:40, on 17.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Comodo\Firewall\cpf.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\Program Files\FlashGet\jccatch.dll
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Roman\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Roman\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Služba Google Update (gupdate1c9ec50c4d178c) (gupdate1c9ec50c4d178c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
--
End of file - 5378 bytes
jestli je to tedy vse tak moc diky!zde log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:23:40, on 17.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Comodo\Firewall\cpf.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\Program Files\FlashGet\jccatch.dll
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Roman\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Roman\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Služba Google Update (gupdate1c9ec50c4d178c) (gupdate1c9ec50c4d178c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
--
End of file - 5378 bytes
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Prosim o kontrolu logu
Ještě v HJT fixni:
Pokud nejsou problémy, můžeš dát vyřešeno :)
Kód: Vybrat vše
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimePokud nejsou problémy, můžeš dát vyřešeno :)
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Prosim o kontrolu logu Vyřešeno
supr jeste jednou diky 
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 117 hostů