Kontrola Logu

ilias · Příspěvekod **ilias** » 22 bře 2011 15:42

Prosim o kontrolu logu ... a vyřešení jednoho problému.. nemůžu odinstalovat replay media catcher 4 .. měl jsem s tím problemy při první instalaci a naslednýho odinstalování, jelikož jsem zjistil že mám starší verzi a chtěl jsem si stahnout novější verzi, ale ani novejsi verze mi nevyhovuje a mam stejny problem, jelikoz jsem pouzil creck a zrejme diky tomu nejde odinstalovat nebo nvm.. dik

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 15:37:22, on 22.3.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\xp\Local Settings\Data aplikací\Seznam.cz\postak.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Psi\Psi.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Documents and Settings\xp\Local Settings\Data aplikací\Seznam.cz\core.2.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Seznam Postak] "C:\Documents and Settings\xp\Local Settings\Data aplikací\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Psi.lnk = C:\Program Files\Psi\Psi.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 4340320093
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe

--
End of file - 7378 bytes

Reklama

Příspěvekod **jaro3** » 22 bře 2011 17:50

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

ilias · Příspěvekod **ilias** » 22 bře 2011 19:01

vše provedeno ...

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6133

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

22.3.2011 19:00:20
mbam-log-2011-03-22 (19-00-20).txt

Typ kontroly: Rychlý test
Testované objekty: 139736
Uplynulý čas: 3 minut, 13 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Příspěvekod **jaro3** » 22 bře 2011 20:01

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

+
Registry Search
Stáhni si Registry Search

Rozbal si soubor do složky a potom poklepej na regsearch.exe ke startu programu.
Do volné linky(linek) nad Enter search string case independent zkopíruj a vlož:

Kód: Vybrat vše

replay media catcher 4

A klikni na OK.Otevře se notepad s textem a celý text z něho sem vlož.

ilias · Příspěvekod **ilias** » 22 bře 2011 22:45

ComboFix 11-03-22.03 - xp 22.03.2011 22:34:34.10.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1022.617 [GMT 1:00]
Spuštěný z: c:\documents and settings\xp\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-22 do 2011-03-22 )))))))))))))))))))))))))))))))
.
.
2011-03-21 15:30 . 2011-03-22 08:46 -------- d-----w- c:\program files\Applian Technologies
2011-03-21 15:29 . 2011-03-21 15:29 -------- d-----w- c:\program files\Nová složka
2011-03-14 08:47 . 2011-03-14 08:47 -------- d-----w- c:\program files\Common Files\Java
2011-03-14 08:47 . 2011-03-14 08:47 -------- d-----w- c:\program files\Sun
2011-03-14 08:47 . 2011-03-14 08:47 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-03-14 08:47 . 2011-03-14 08:47 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-11 16:22 . 2011-03-11 16:22 -------- d-----w- c:\documents and settings\xp\Local Settings\Data aplikací\Jaksta_Technologies_Pty_L
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-09 13:53 . 2004-08-17 13:49 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-17 13:49 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-07 17:55 . 2011-02-07 17:55 20367424 ----a-w- c:\program files\gimp-2.6.11-i686-setup-1.exe
2011-02-02 07:58 . 2007-11-13 11:34 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-29 10:43 . 2011-01-29 10:43 17379614 ----a-w- c:\program files\psi-0.14-win-setup.exe
2011-01-27 11:57 . 2007-11-13 11:34 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-25 10:31 . 2011-01-25 10:30 2976440 ----a-w- c:\program files\ccsetup302.exe
2011-01-23 21:16 . 2007-12-23 19:15 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-01-22 17:59 . 2010-01-24 09:10 7734240 ----a-w- c:\program files\mbam-setup.exe
2011-01-21 14:44 . 2004-08-17 13:49 440320 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-16 16:35 . 2011-01-16 16:35 10292995 ----a-w- c:\program files\StahovaniZaSMS-manager-1-2-1.exe
2011-01-07 14:09 . 2004-08-17 13:48 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:04 . 2004-08-17 13:44 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-18 11:12 . 2010-12-18 11:12 9306104 ----a-w- c:\program files\Thunderbird Setup 3.1.7.exe
2010-12-11 17:47 . 2010-12-11 17:47 9032272 ----a-w- c:\program files\megamanager.exe
2010-11-08 16:59 . 2010-12-11 17:08 17255272 ----a-w- c:\program files\JDownloaderINTSetup_3.exe
2010-09-10 21:18 . 2010-10-26 11:25 63696532 ----a-w- c:\program files\HTCSync_3.0.5439.exe
2010-08-22 07:07 . 2010-08-22 07:06 3276672 ----a-w- c:\program files\RapidShareManager2WindowsSetup.exe
2010-08-21 16:29 . 2010-02-07 20:14 714136 ----a-w- c:\program files\jxpiinstall.exe
2010-05-28 20:18 . 2010-05-28 20:17 12383736 ----a-w- c:\program files\picasa36-setup.exe
2010-01-22 20:22 . 2010-01-22 20:22 1401344 ----a-w- c:\program files\HijackThis.msi
2010-01-21 19:11 . 2010-01-21 19:08 2072320 ----a-w- c:\program files\postak-2.3.6.exe
2009-09-28 15:46 . 2009-09-28 15:46 10277728 ----a-w- c:\program files\winamp556_full_emusic-7plus_en-us.exe
2009-08-18 15:01 . 2009-08-18 15:01 26009056 ----a-w- c:\program files\AdbeRdr910_cs_CZ.exe
2009-07-25 10:12 . 2009-07-25 10:12 36105728 ----a-w- c:\program files\ess_nt32_csy.msi
2009-06-16 08:11 . 2009-06-16 08:11 17013088 ----a-w- c:\program files\IE8-WindowsXP-x86-CSY.exe
2009-06-09 14:40 . 2009-06-09 14:40 25786688 ----a-w- c:\program files\wmp11-windowsxp-x86-CS-CZ.exe
2009-05-29 16:46 . 2009-05-29 16:46 27184434 ----a-w- c:\program files\JAD7_BASIC.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-07 39408]
"Seznam Postak"="c:\documents and settings\xp\Local Settings\Data aplikací\Seznam.cz\postak.exe" [2009-11-02 448664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-01 7618560]
"NvMediaCenter"="NvMCTray.dll" [2006-06-01 86016]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
c:\documents and settings\xp\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Psi.lnk - c:\program files\Psi\Psi.exe [2009-12-3 8456704]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"ctfmon.exe"= c:\windows\ctfmon.exe
"c:\\Program Files\\Psi\\Psi.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1822:TCP"= 1822:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.12.2007 20:15 691696]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [13.11.2007 13:16 13696]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 14:47 107256]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [17.8.2004 14:49 14336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.5.2009 14:47 731840]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [7.9.2010 16:01 79872]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [27.5.2009 11:38 102400]
R3 LVHybrid;LVHybrid service;c:\windows\system32\drivers\LVHybrid.sys [13.11.2007 13:38 834944]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.1.2011 11:32 136176]
S3 appliandMP;appliandMP;c:\windows\system32\DRIVERS\appliand.sys --> c:\windows\system32\DRIVERS\appliand.sys [?]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [26.10.2010 12:28 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22.6.2010 17:01 21248]
S3 NCHSSVAD;SoundTap Recorder;c:\windows\system32\drivers\nchssvad.sys [15.5.2010 22:01 21120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-22 c:\windows\Tasks\User_Feed_Synchronization-{D8961499-0764-48AF-BEED-95A980B898F1}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-22 22:38
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1248)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-03-22 22:40:04
ComboFix-quarantined-files.txt 2011-03-22 21:39
.
Před spuštěním: Volných bajtů: 129 992 187 904
Po spuštění: Volných bajtů: 130 175 520 768
.
- - End Of File - - D58AFD94032A80267530C4F79CEDF728

-----------------------------------------------------------------

Windows Registry Editor Version 5.00

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.6.0

; Results at 22.3.2011 22:43:35 for strings:
; 'replay media catcher 4 '
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS

; End Of The Log...

Příspěvekod **jaro3** » 22 bře 2011 23:46

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

File::
c:\windows\Tasks\User_Feed_Synchronization-{D8961499-0764-48AF-BEED-95A980B898F1}.job

Driver::
appliandMP

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
 [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
 [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
 [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

Start--spustit , napiš:
regedit a dej Ok.
v levém stromovém adresáři rozklikni:
HKEY_LOCAL_MACHINE HKEY_USERS \Software a najdi složku:
replay media catcher 4--- na tu pravým klikni a smaž jí.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

ilias · Příspěvekod **ilias** » 23 bře 2011 10:52

log po combofixu a novy HJC

ComboFix 11-03-22.03 - xp 23.03.2011 10:38:53.11.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1022.590 [GMT 1:00]
Spuštěný z: c:\documents and settings\xp\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\xp\Plocha\CFScript.txt
AV: ESET Smart Security 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
FILE ::
"c:\windows\Tasks\User_Feed_Synchronization-{D8961499-0764-48AF-BEED-95A980B898F1}.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\User_Feed_Synchronization-{D8961499-0764-48AF-BEED-95A980B898F1}.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_appliandMP
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-23 do 2011-03-23 )))))))))))))))))))))))))))))))
.
.
2011-03-21 15:30 . 2011-03-22 08:46 -------- d-----w- c:\program files\Applian Technologies
2011-03-21 15:29 . 2011-03-21 15:29 -------- d-----w- c:\program files\Nová složka
2011-03-14 08:47 . 2011-03-14 08:47 -------- d-----w- c:\program files\Common Files\Java
2011-03-14 08:47 . 2011-03-14 08:47 -------- d-----w- c:\program files\Sun
2011-03-14 08:47 . 2011-03-14 08:47 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-03-14 08:47 . 2011-03-14 08:47 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-11 16:22 . 2011-03-11 16:22 -------- d-----w- c:\documents and settings\xp\Local Settings\Data aplikací\Jaksta_Technologies_Pty_L
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-09 13:53 . 2004-08-17 13:49 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-17 13:49 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-07 17:55 . 2011-02-07 17:55 20367424 ----a-w- c:\program files\gimp-2.6.11-i686-setup-1.exe
2011-02-02 07:58 . 2007-11-13 11:34 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-29 10:43 . 2011-01-29 10:43 17379614 ----a-w- c:\program files\psi-0.14-win-setup.exe
2011-01-27 11:57 . 2007-11-13 11:34 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-25 10:31 . 2011-01-25 10:30 2976440 ----a-w- c:\program files\ccsetup302.exe
2011-01-23 21:16 . 2007-12-23 19:15 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-01-22 17:59 . 2010-01-24 09:10 7734240 ----a-w- c:\program files\mbam-setup.exe
2011-01-21 14:44 . 2004-08-17 13:49 440320 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-16 16:35 . 2011-01-16 16:35 10292995 ----a-w- c:\program files\StahovaniZaSMS-manager-1-2-1.exe
2011-01-07 14:09 . 2004-08-17 13:48 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:04 . 2004-08-17 13:44 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-18 11:12 . 2010-12-18 11:12 9306104 ----a-w- c:\program files\Thunderbird Setup 3.1.7.exe
2010-12-11 17:47 . 2010-12-11 17:47 9032272 ----a-w- c:\program files\megamanager.exe
2010-11-08 16:59 . 2010-12-11 17:08 17255272 ----a-w- c:\program files\JDownloaderINTSetup_3.exe
2010-09-10 21:18 . 2010-10-26 11:25 63696532 ----a-w- c:\program files\HTCSync_3.0.5439.exe
2010-08-22 07:07 . 2010-08-22 07:06 3276672 ----a-w- c:\program files\RapidShareManager2WindowsSetup.exe
2010-08-21 16:29 . 2010-02-07 20:14 714136 ----a-w- c:\program files\jxpiinstall.exe
2010-05-28 20:18 . 2010-05-28 20:17 12383736 ----a-w- c:\program files\picasa36-setup.exe
2010-01-22 20:22 . 2010-01-22 20:22 1401344 ----a-w- c:\program files\HijackThis.msi
2010-01-21 19:11 . 2010-01-21 19:08 2072320 ----a-w- c:\program files\postak-2.3.6.exe
2009-09-28 15:46 . 2009-09-28 15:46 10277728 ----a-w- c:\program files\winamp556_full_emusic-7plus_en-us.exe
2009-08-18 15:01 . 2009-08-18 15:01 26009056 ----a-w- c:\program files\AdbeRdr910_cs_CZ.exe
2009-07-25 10:12 . 2009-07-25 10:12 36105728 ----a-w- c:\program files\ess_nt32_csy.msi
2009-06-16 08:11 . 2009-06-16 08:11 17013088 ----a-w- c:\program files\IE8-WindowsXP-x86-CSY.exe
2009-06-09 14:40 . 2009-06-09 14:40 25786688 ----a-w- c:\program files\wmp11-windowsxp-x86-CS-CZ.exe
2009-05-29 16:46 . 2009-05-29 16:46 27184434 ----a-w- c:\program files\JAD7_BASIC.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-03-22_21.38.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-03-23 09:45 . 2011-03-23 09:45 16384 c:\windows\temp\Perflib_Perfdata_88.dat
+ 2011-03-23 09:45 . 2011-03-23 09:45 16384 c:\windows\temp\Perflib_Perfdata_79c.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-07 39408]
"Seznam Postak"="c:\documents and settings\xp\Local Settings\Data aplikací\Seznam.cz\postak.exe" [2009-11-02 448664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-01 7618560]
"NvMediaCenter"="NvMCTray.dll" [2006-06-01 86016]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
c:\documents and settings\xp\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Psi.lnk - c:\program files\Psi\Psi.exe [2009-12-3 8456704]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"ctfmon.exe"= c:\windows\ctfmon.exe
"c:\\Program Files\\Psi\\Psi.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1039:TCP"= 1039:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.12.2007 20:15 691696]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [13.11.2007 13:16 13696]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 14:47 107256]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [17.8.2004 14:49 14336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.5.2009 14:47 731840]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [7.9.2010 16:01 79872]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [27.5.2009 11:38 102400]
R3 LVHybrid;LVHybrid service;c:\windows\system32\drivers\LVHybrid.sys [13.11.2007 13:38 834944]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.1.2011 11:32 136176]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [26.10.2010 12:28 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22.6.2010 17:01 21248]
S3 NCHSSVAD;SoundTap Recorder;c:\windows\system32\drivers\nchssvad.sys [15.5.2010 22:01 21120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-23 10:46
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2768)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\ATKKBService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\RunDLL32.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
.
**************************************************************************
.
Celkový čas: 2011-03-23 10:48:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-03-23 09:48
ComboFix2.txt 2011-03-22 21:40
.
Před spuštěním: Volných bajtů: 129 073 389 568
Po spuštění: Volných bajtů: 129 314 177 024
.
- - End Of File - - 77AB572AEF1B9711A4C9230EFD071990

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 10:50:06, on 23.3.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\xp\Local Settings\Data aplikací\Seznam.cz\postak.exe
C:\Program Files\Psi\Psi.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Documents and Settings\xp\Local Settings\Data aplikací\Seznam.cz\core.2.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Seznam Postak] "C:\Documents and Settings\xp\Local Settings\Data aplikací\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Psi.lnk = C:\Program Files\Psi\Psi.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 4340320093
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe

--
End of file - 6617 bytes

jdu na ten regedit ...

EDIT: ted jsem si vzpomnel ze uz jsem se v to sam hrabal v tom regeditu uz predtim nez jsem pozadal o kontrolu logu a vymazal jsem si to, jelikoz jsem si myslel ze to staci jen takhle vymazat a bude to ok.. nemohu to tam najit, tak nvm jestli to tam vubec najdu kdyz jsem to predtim sve pomoci vymazal... nevm jestli to byla statna volba, no.. nasel jsem tam akorat replay AV a convertr ale to s tim asi nema nic spolecnyho.. vix screen http://i55.tinypic.com/2e6af5k.jpg

Příspěvekod **jaro3** » 23 bře 2011 20:47

asi to bude ono , firma je Applian Technologies....
http://www.applian.com/replay-media-catcher/demo.php

pak udělej ten OTL , teda pokud budou ještě potíže.

ilias · Příspěvekod **ilias** » 23 bře 2011 22:53

Zde je první log

OTL logfile created on: 23.3.2011 22:46:31 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\xp\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 022,00 Mb Total Physical Memory | 631,00 Mb Available Physical Memory | 62,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 119,01 Gb Free Space | 79,85% Space Free | Partition Type: NTFS

Computer Name: 6939B540DA9F441 | User Name: xp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\xp\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files\Psi\Psi.exe ()
PRC - C:\Documents and Settings\xp\Local Settings\Data aplikací\Seznam.cz\postak.exe ()
PRC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe (WDC)
PRC - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\ATKKBService.exe (ASUSTeK COMPUTER INC.)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\xp\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- File not found
SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_d76cf65.dll ()
SRV - (PassThru Service) -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (WDBtnMgrSvc.exe) -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe (WDC)
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
SRV - (ATKKeyboardService) -- C:\WINDOWS\ATKKBService.exe (ASUSTeK COMPUTER INC.)

========== Driver Services (SafeList) ==========

DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (htcnprot) -- C:\WINDOWS\system32\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV - (NCHSSVAD) -- C:\WINDOWS\system32\drivers\nchssvad.sys (NCH Swift Sound)
DRV - (HTCAND32) -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (epfwtdi) -- C:\WINDOWS\system32\drivers\epfwtdi.sys (ESET)
DRV - (Epfwndis) -- C:\WINDOWS\system32\drivers\epfwndis.sys (ESET)
DRV - (epfw) -- C:\WINDOWS\system32\drivers\epfw.sys (ESET)
DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (dtscsi) -- C:\WINDOWS\System32\Drivers\dtscsi.sys (DT Soft Ltd.)
DRV - (LVHybrid) -- C:\WINDOWS\system32\drivers\LVHybrid.sys (Animation Technologies Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (nvata) -- C:\WINDOWS\system32\DRIVERS\nvata.sys (NVIDIA Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (EIO) -- C:\WINDOWS\system32\drivers\EIO.sys (ASUSTeK Computer Inc.)
DRV - (asuskbnt) -- C:\WINDOWS\system32\drivers\atkkbnt.sys (ASUSTeK COMPUTER INC.)
DRV - (BIOS) -- C:\WINDOWS\system32\drivers\BIOS.sys (BIOSTAR Group)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.1.7

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.11.14 11:19:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011.03.14 09:47:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.12.18 14:56:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2009.07.25 11:22:08 | 000,000,000 | ---D | M]

[2010.12.18 14:57:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Extensions
[2010.12.18 14:57:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xp\Data aplikací\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

O1 HOSTS File: ([2011.03.23 10:45:31 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (Ukazatel S-Rank) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.2.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Seznam Postak] C:\Documents and Settings\xp\Local Settings\Data aplikací\Seznam.cz\postak.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\xp\Nabídka Start\Programy\Po spuštění\Psi.lnk = C:\Program Files\Psi\Psi.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftup ... 4340320093 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\xp\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\xp\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.03.23 22:43:21 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\xp\Plocha\OTL.exe
[2011.03.23 17:01:39 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.03.23 17:00:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Plocha\Exit Festival 2009 Serbia
[2011.03.22 22:42:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Plocha\Nová složka (2)
[2011.03.22 22:32:58 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.03.22 22:32:58 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.03.22 22:32:58 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.03.22 22:32:58 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.03.22 22:32:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.03.22 22:32:39 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.03.22 18:47:05 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\xp\Plocha\ATF-Cleaner.exe
[2011.03.22 09:30:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Plocha\Nová složka
[2011.03.21 16:30:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Applian Technologies
[2011.03.21 16:30:01 | 000,000,000 | ---D | C] -- C:\Program Files\Applian Technologies
[2011.03.21 16:29:20 | 000,000,000 | ---D | C] -- C:\Program Files\Nová složka
[2011.03.18 09:14:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011.03.14 09:47:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2011.03.14 09:47:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.03.14 09:47:20 | 000,000,000 | ---D | C] -- C:\Program Files\Sun
[2011.03.14 09:47:14 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.03.14 09:47:14 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.03.14 09:47:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.03.14 09:47:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.03.14 09:47:14 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011.03.13 00:28:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\xp\Recent
[2011.03.11 17:22:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Dokumenty\My Streaming Media
[2011.03.11 17:22:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Local Settings\Data aplikací\Jaksta_Technologies_Pty_L
[2011.02.07 18:55:02 | 020,367,424 | ---- | C] (The GIMP Team ) -- C:\Program Files\gimp-2.6.11-i686-setup-1.exe
[2011.01.25 11:30:59 | 002,976,440 | ---- | C] (Piriform Ltd) -- C:\Program Files\ccsetup302.exe
[2011.01.16 17:35:33 | 010,292,995 | ---- | C] ( ) -- C:\Program Files\StahovaniZaSMS-manager-1-2-1.exe
[2010.12.18 12:12:53 | 009,306,104 | ---- | C] (Mozilla) -- C:\Program Files\Thunderbird Setup 3.1.7.exe
[2010.12.11 18:47:08 | 009,032,272 | ---- | C] (Acresso Software Inc. ) -- C:\Program Files\megamanager.exe
[2010.12.11 18:08:30 | 017,255,272 | ---- | C] (AppWork UG (haftungsbeschränkt)) -- C:\Program Files\JDownloaderINTSetup_3.exe
[2010.10.26 12:25:49 | 063,696,532 | ---- | C] (HTC ) -- C:\Program Files\HTCSync_3.0.5439.exe
[2010.08.22 08:06:48 | 003,276,672 | ---- | C] (RapidShare AG) -- C:\Program Files\RapidShareManager2WindowsSetup.exe
[2010.05.28 21:17:33 | 012,383,736 | ---- | C] (Google Inc.) -- C:\Program Files\picasa36-setup.exe
[2010.02.07 21:14:30 | 000,714,136 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\jxpiinstall.exe
[2010.01.24 10:10:38 | 007,734,240 | ---- | C] (Malwarebytes Corporation ) -- C:\Program Files\mbam-setup.exe
[2009.09.28 16:46:03 | 010,277,728 | ---- | C] (Nullsoft, Inc.) -- C:\Program Files\winamp556_full_emusic-7plus_en-us.exe
[2009.08.18 16:01:28 | 026,009,056 | ---- | C] ( ) -- C:\Program Files\AdbeRdr910_cs_CZ.exe
[2009.06.23 20:09:48 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\xp\Data aplikací\pcouffin.sys
[2009.06.16 09:11:22 | 017,013,088 | ---- | C] (Microsoft Corporation) -- C:\Program Files\IE8-WindowsXP-x86-CSY.exe
[2009.06.09 15:40:32 | 025,786,688 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wmp11-windowsxp-x86-CS-CZ.exe
[2009.05.29 17:46:35 | 027,184,434 | ---- | C] (Macrovision Corporation) -- C:\Program Files\JAD7_BASIC.exe

========== Files - Modified Within 30 Days ==========

[2011.03.23 22:43:31 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xp\Plocha\OTL.exe
[2011.03.23 22:37:39 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.03.23 22:37:22 | 000,063,804 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011.03.23 22:37:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.03.23 20:17:24 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D8961499-0764-48AF-BEED-95A980B898F1}.job
[2011.03.23 17:06:59 | 000,000,050 | ---- | M] () -- C:\WINDOWS\MegaManager.INI
[2011.03.23 10:45:31 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.03.22 22:31:08 | 004,299,253 | R--- | M] () -- C:\Documents and Settings\xp\Plocha\ComboFix.exe
[2011.03.22 18:47:05 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\xp\Plocha\ATF-Cleaner.exe
[2011.03.21 22:46:57 | 000,002,479 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Replay Media Catcher 4.lnk
[2011.03.20 19:30:48 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.03.20 00:57:19 | 000,122,928 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.03.17 23:32:59 | 021,343,118 | ---- | M] () -- C:\Documents and Settings\xp\Plocha\Chuckie_-_Live_at_SXSW_in_Austin_Texas_17-03-2011-Razorator.mp3
[2011.03.16 21:08:27 | 000,003,422 | ---- | M] () -- C:\Documents and Settings\xp\.recently-used.xbel
[2011.03.14 09:47:04 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.03.14 09:47:04 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.03.14 09:47:04 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.03.14 09:47:04 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011.03.14 09:47:03 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.03.08 12:22:34 | 168,039,552 | ---- | M] () -- C:\Documents and Settings\xp\Plocha\Greg Wilson - Mister Saturday Night Brooklyn 05.03.11.mp3
[2011.03.01 13:01:00 | 064,311,267 | ---- | M] () -- C:\Documents and Settings\xp\Plocha\01-martin_solveig_-_live_at_lavo_(nyc)-sat-02-18-2011-talion.mp3
[2011.02.26 16:39:31 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2011.02.26 14:14:39 | 000,000,327 | ---- | M] () -- C:\Documents and Settings\xp\Plocha\Dokumenty.lnk

========== Files Created - No Company Name ==========

[2011.03.23 20:14:32 | 000,000,460 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D8961499-0764-48AF-BEED-95A980B898F1}.job
[2011.03.22 22:32:58 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.03.22 22:32:58 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.03.22 22:32:58 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.03.22 22:32:58 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.03.22 22:32:58 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.03.22 22:31:08 | 004,299,253 | R--- | C] () -- C:\Documents and Settings\xp\Plocha\ComboFix.exe
[2011.03.21 22:46:57 | 000,002,479 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Replay Media Catcher 4.lnk
[2011.03.17 23:32:40 | 021,343,118 | ---- | C] () -- C:\Documents and Settings\xp\Plocha\Chuckie_-_Live_at_SXSW_in_Austin_Texas_17-03-2011-Razorator.mp3
[2011.03.16 21:08:27 | 000,003,422 | ---- | C] () -- C:\Documents and Settings\xp\.recently-used.xbel
[2011.03.08 12:22:29 | 168,039,552 | ---- | C] () -- C:\Documents and Settings\xp\Plocha\Greg Wilson - Mister Saturday Night Brooklyn 05.03.11.mp3
[2011.03.01 11:22:00 | 064,311,267 | ---- | C] () -- C:\Documents and Settings\xp\Plocha\01-martin_solveig_-_live_at_lavo_(nyc)-sat-02-18-2011-talion.mp3
[2011.02.26 16:39:30 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2011.02.26 14:14:39 | 000,000,327 | ---- | C] () -- C:\Documents and Settings\xp\Plocha\Dokumenty.lnk
[2011.01.29 11:43:45 | 017,379,614 | ---- | C] () -- C:\Program Files\psi-0.14-win-setup.exe
[2010.12.18 14:57:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.12.12 06:01:57 | 000,337,920 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.11.24 21:00:21 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2010.09.04 16:19:37 | 000,016,096 | ---- | C] () -- C:\Documents and Settings\xp\Local Settings\Data aplikací\Schedule8.dat
[2010.09.03 15:49:58 | 000,000,440 | ---- | C] () -- C:\WINDOWS\smrpro.INI
[2010.04.25 01:19:05 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySMP3Cut.dat
[2010.01.22 21:22:39 | 000,002,429 | ---- | C] () -- C:\Program Files\HiJackThis.lnk
[2010.01.22 21:22:01 | 001,401,344 | ---- | C] () -- C:\Program Files\HijackThis.msi
[2010.01.21 20:08:16 | 002,072,320 | ---- | C] () -- C:\Program Files\postak-2.3.6.exe
[2009.08.11 16:26:47 | 000,001,065 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009.07.25 11:12:29 | 036,105,728 | ---- | C] () -- C:\Program Files\ess_nt32_csy.msi
[2009.06.23 20:10:05 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\xp\Data aplikací\vso_ts_preview.xml
[2009.06.23 20:09:48 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\xp\Data aplikací\pcouffin.cat
[2009.06.23 20:09:48 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\xp\Data aplikací\pcouffin.inf
[2008.08.04 20:26:45 | 000,000,035 | ---- | C] () -- C:\WINDOWS\Weather.Ini
[2008.07.17 21:02:37 | 000,000,598 | ---- | C] () -- C:\WINDOWS\level.ini
[2008.02.14 17:33:03 | 000,000,085 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2007.11.18 17:52:02 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2007.11.14 22:31:08 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2007.11.14 22:31:08 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2007.11.14 18:39:26 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.11.13 14:05:00 | 000,000,323 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.11.13 13:38:32 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007.11.13 13:38:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\LV34CoInst.dll
[2007.11.13 13:28:08 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2007.11.13 13:28:08 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2007.11.13 13:28:08 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2007.11.13 13:28:08 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2007.11.13 13:28:08 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2007.11.13 13:28:07 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2007.11.13 13:28:07 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2007.11.13 13:28:07 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2007.11.13 13:28:07 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2007.11.13 13:28:07 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2007.11.13 13:26:04 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.11.13 13:25:01 | 000,122,928 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007.11.13 13:23:02 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2007.11.13 13:22:17 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtkHDAud.dat
[2007.11.13 12:40:10 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007.11.13 12:35:14 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006.06.10 03:10:12 | 000,007,359 | -H-- | C] () -- C:\Documents and Settings\xp\Data aplikací\xplog.dat
[2006.06.01 10:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.06.01 10:22:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006.06.01 10:22:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.06.01 10:22:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006.06.01 10:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.06.01 10:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.06.01 10:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.06.01 10:22:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006.06.01 10:22:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006.06.01 10:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.06.01 10:22:00 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 11:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.10.14 11:56:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2004.08.17 14:58:58 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.01.12 22:53:52 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2001.10.25 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2010.05.12 09:53:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Boss Media
[2010.10.26 12:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2009.07.25 11:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.09.14 17:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2008.02.11 23:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NFS Underground
[2007.12.06 14:32:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.02.16 11:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2009.07.25 11:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.06.23 21:28:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\vsosdk
[2009.09.19 12:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.06.30 19:24:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010.08.21 08:37:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\AOMrec
[2010.10.09 18:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\Apowersoft
[2011.01.25 11:47:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\CheckPoint
[2009.05.29 17:48:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\COWON
[2007.12.23 19:59:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\Datalayer
[2009.07.25 11:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\ESET
[2007.11.15 20:44:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\flightgear.org
[2007.11.15 20:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\fltk.org
[2011.03.16 21:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\gtk-2.0
[2010.10.26 12:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\HTC
[2010.10.26 12:30:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2009.05.20 20:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\ICQ
[2007.11.15 21:53:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\InterVideo
[2007.12.06 15:11:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\Leadertech
[2010.01.17 14:09:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\LogoMaker
[2010.12.11 18:48:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\Megaupload
[2009.08.28 10:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\Microgaming
[2010.05.15 22:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\NCH Swift Sound
[2007.12.06 14:42:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\Nokia
[2010.12.11 18:08:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\OpenCandy
[2007.12.06 14:31:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\PC Suite
[2009.07.24 18:42:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\SoundSpectrum
[2009.08.11 16:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\streamripper
[2009.10.10 14:51:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\Thinstall
[2010.12.18 14:57:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\Thunderbird
[2010.11.05 10:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\Vso
[2009.11.16 18:39:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\WD
[2010.09.04 16:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Data aplikací\YouSendIt
[2011.03.23 20:17:24 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D8961499-0764-48AF-BEED-95A980B898F1}.job

========== Purity Check ==========

< End of report >

ilias · Příspěvekod **ilias** » 23 bře 2011 22:54

zde je druhý log

OTL Extras logfile created on: 23.3.2011 22:46:31 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\xp\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 022,00 Mb Total Physical Memory | 631,00 Mb Available Physical Memory | 62,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 119,01 Gb Free Space | 79,85% Space Free | Partition Type: NTFS

Computer Name: 6939B540DA9F441 | User Name: xp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [RapidShareManagerMail] -- C:\Program Files\RapidShareManager\RapidShareManager.exe -mailto "%1" (RapidShare AG)
Directory [RapidShareManagerUpload] -- C:\Program Files\RapidShareManager\RapidShareManager.exe -sendto "%1" (RapidShare AG)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"1039:TCP" = 1039:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Media Player\wmplayer.exe" = C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"ctfmon.exe" = C:\WINDOWS\ctfmon.exe
"C:\Program Files\Psi\Psi.exe" = C:\Program Files\Psi\Psi.exe:*:Enabled:Psi -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1C504B59-FFBF-4A65-9E0E-FE06159CAB9B}" = WD Drive Manager (x86)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{29C22873-B939-4EF9-B6E3-1EFE7FA391D1}" = ASUS nVidia Driver
"{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}" = Next Generation Visualisations
"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{32A3A4F4-B792-11D6-A78A-00B0D0160240}" = Java(TM) SE Development Kit 6 Update 24
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{607169F0-07F6-4797-99D2-D5E7C4715E20}" = Mega Manager
"{6B0A8356-2312-497F-B11D-0839D0BDB7CE}" = HTC Sync
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6F0703F3-0A49-4142-8EB8-1842AD809CCA}" = Replay Media Catcher 4
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8075BC83-7F8F-4FE0-9792-685723B06713}" = ESET Smart Security
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD 4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.2 - Czech
"{B4FEA924-630D-11D4-B78E-005004566E4D}" = ViewSonic Monitor Drivers
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1BA1F1C-D88B-405D-953F-D7074B65453D}" = LifeView DTV
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"3FA1705966809259F916AF817C59B4F389F4572C" = Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"43F823BB1254E3C3EDE08BFF1AAFDE696A032009" = Balíček ovladače systému Windows - Lifeview (LVHybrid) MEDIA (02/06/2007 13.35.04.001)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{D1BA1F1C-D88B-405D-953F-D7074B65453D}" = LifeView DTV
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NVIDIA Drivers" = NVIDIA Drivers
"PK-PCSU_is1" = Zrychleni Pocitace
"Psi" = Psi (remove only)
"RapidShare Manager" = RapidShare Manager
"SHOUTcast" = SHOUTcast DSP plugin V2
"StahovaniZaSms.cz_is1" = StahovaniZaSms.cz verze 1.2.1
"szn-software-postak" = Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)
"Totalcmd" = Total Commander (Remove or Repair)
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"szn-software-postak" = Seznam Pošťák 2 (Pouze já.)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 22.3.2011 4:41:37 | Computer Name = 6939B540DA9F441 | Source = MsiInstaller | ID = 11001
Description =

Error - 22.3.2011 4:42:05 | Computer Name = 6939B540DA9F441 | Source = MsiInstaller | ID = 11001
Description =

Error - 22.3.2011 4:42:29 | Computer Name = 6939B540DA9F441 | Source = MsiInstaller | ID = 11706
Description = Product: Replay Media Catcher 4 -- Error 1706. An installation package
for the product Replay Media Catcher 4 cannot be found. Try the installation again
using a valid copy of the installation package 'RMC.Setup.msi'.

Error - 22.3.2011 4:43:29 | Computer Name = 6939B540DA9F441 | Source = MsiInstaller | ID = 11706
Description = Product: Replay Media Catcher 4 -- Error 1706. An installation package
for the product Replay Media Catcher 4 cannot be found. Try the installation again
using a valid copy of the installation package 'RMC.Setup.msi'.

Error - 22.3.2011 4:45:24 | Computer Name = 6939B540DA9F441 | Source = MsiInstaller | ID = 11706
Description = Product: Replay Media Catcher 4 -- Error 1706. An installation package
for the product Replay Media Catcher 4 cannot be found. Try the installation again
using a valid copy of the installation package 'RMC.Setup.msi'.

Error - 22.3.2011 4:45:49 | Computer Name = 6939B540DA9F441 | Source = MsiInstaller | ID = 11001
Description =

Error - 22.3.2011 10:27:27 | Computer Name = 6939B540DA9F441 | Source = MsiInstaller | ID = 11706
Description = Product: Replay Media Catcher 4 -- Error 1706. An installation package
for the product Replay Media Catcher 4 cannot be found. Try the installation again
using a valid copy of the installation package 'RMC.Setup.msi'.

Error - 22.3.2011 10:27:50 | Computer Name = 6939B540DA9F441 | Source = MsiInstaller | ID = 11706
Description = Product: Replay Media Catcher 4 -- Error 1706. An installation package
for the product Replay Media Catcher 4 cannot be found. Try the installation again
using a valid copy of the installation package 'RMC.Setup.msi'.

Error - 22.3.2011 11:13:39 | Computer Name = 6939B540DA9F441 | Source = MsiInstaller | ID = 11001
Description =

Error - 22.3.2011 11:13:51 | Computer Name = 6939B540DA9F441 | Source = MsiInstaller | ID = 11001
Description =

[ System Events ]
Error - 14.3.2011 4:51:10 | Computer Name = 6939B540DA9F441 | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 14.3.2011 4:51:10 | Computer Name = 6939B540DA9F441 | Source = Service Control Manager | ID = 7031
Description = Služba Internet Pass-Through Service byla nečekaně ukončena. Stalo
se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat
službu.

Error - 14.3.2011 4:51:11 | Computer Name = 6939B540DA9F441 | Source = Service Control Manager | ID = 7034
Description = Služba WD Drive Manager Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 14.3.2011 4:51:11 | Computer Name = 6939B540DA9F441 | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 14.3.2011 15:00:37 | Computer Name = 6939B540DA9F441 | Source = Service Control Manager | ID = 7034
Description = Služba ATK Keyboard Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 14.3.2011 15:00:37 | Computer Name = 6939B540DA9F441 | Source = Service Control Manager | ID = 7034
Description = Služba Bonjour Service byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 14.3.2011 15:00:37 | Computer Name = 6939B540DA9F441 | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 14.3.2011 15:00:37 | Computer Name = 6939B540DA9F441 | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 14.3.2011 15:00:37 | Computer Name = 6939B540DA9F441 | Source = Service Control Manager | ID = 7031
Description = Služba Internet Pass-Through Service byla nečekaně ukončena. Stalo
se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat
službu.

Error - 14.3.2011 15:00:37 | Computer Name = 6939B540DA9F441 | Source = Service Control Manager | ID = 7034
Description = Služba WD Drive Manager Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

< End of report >

Příspěvekod **jaro3** » 24 bře 2011 19:58

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O18 - Protocol\Handler\ipp - No CLSID value found

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp 
c:\windows\Tasks\*.job 
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Documents and Settings\All Users\Plocha\Replay Media Catcher 4.lnk

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{6F0703F3-0A49-4142-8EB8-1842AD809CCA}" =- 

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

C:\Program Files\Nová složka---tuto složku si sám vytvořil?

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\WINDOWS\System32\SySMP3Cut.dat

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Stáhni si Registry Search

Rozbal si soubor do složky a potom poklepej na regsearch.exe ke startu programu.
Do volné linky(linek) nad Enter search string case independent zkopíruj a vlož:

Kód: Vybrat vše

Applian

A klikni na OK.Otevře se notepad s textem a celý text z něho sem vlož.

To samé s tímto:

Kód: Vybrat vše

RMC

ilias · Příspěvekod **ilias** » 25 bře 2011 09:54

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Error: No service named rpcapd) Remote Packet Capture Protocol v.0 (experimental was found to stop!
Service\Driver key rpcapd) Remote Packet Capture Protocol v.0 (experimental not found.
File File not found not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\User_Feed_Synchronization-{D8961499-0764-48AF-BEED-95A980B898F1}.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Documents and Settings\All Users\Plocha\Replay Media Catcher 4.lnk moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{6F0703F3-0A49-4142-8EB8-1842AD809CCA} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6F0703F3-0A49-4142-8EB8-1842AD809CCA}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: xp
->Temp folder emptied: 27110 bytes
->Temporary Internet Files folder emptied: 10651527 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 1991 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 10,00 mb

OTL by OldTimer - Version 3.2.22.3 log created on 03252011_093938

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_324.dat not found!

Registry entries deleted on Reboot...

----------------------------------------------------------------------------------------------------------------------------------

Tu složku jsem si vytvořil sám pro extrahaci !!!

----------------------------------------------------------------------------------------------------------------------------------

virustotal výsledek

Kód: Vybrat vše

http://www.virustotal.com/file-scan/report.html?id=0f7e5b031a1706e40329c19e1059dca60f8cef74aaa8e73a911a414bc59e4907-1301042790

----------------------------------------------------------------------------------------------------------------------------------

Výsledek hledání Apllian

Windows Registry Editor Version 5.00

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.6.0

; Results at 25.3.2011 9:58:44 for strings:
; 'applian'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS

[HKEY_LOCAL_MACHINE\SOFTWARE\Applian Technologies]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Flash.VideoFile\shell\open\command]
@="\"C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\FLVPlayer.exe\" \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|aag.DLL]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|aconv.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|ainstaller.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|alang.DLL]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|aliccl.DLL]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|amusicdns.DLL]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|anet.DLL]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|armcp.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|asmr.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|aui.DLL]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|auicf.DLL]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|auif.DLL]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|auninstall.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|aws.DLL]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|AxInterop.ShockwaveFlashObjects.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|crypto.DLL]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|da|alang.resources.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|de|alang.resources.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|es|alang.resources.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|fr|alang.resources.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|Interop.iTunesLibs.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|Interop.ShockwaveFlashObjects.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|Ionic.Utils.Zip.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|it|alang.resources.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|log4net.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|pt|alang.resources.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|ru|alang.resources.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|System.Data.SQLite.DLL]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|taglib-sharp.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\install\\"=""
"C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\"=""
"C:\\Program Files\\Applian Technologies\\"=""
"C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\es\\"=""
"C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\MusicDns\\"=""
"C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\pt\\"=""
"C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\de\\"=""
"C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\fr\\"=""
"C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\da\\"=""
"C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\ru\\"=""
"C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\it\\"=""
"C:\\Documents and Settings\\All Users\\Nabídka Start\\Programy\\Applian Technologies\\"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01C35AF9A06EE55A0AEC1B70F6FEFB1A]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\log4net.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\055ABD5DB141B2905FAC24259246DFB9]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\MusicDns\\libexpat.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0D24C0EBDACB656C425F95FBF5FDD880]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\taglib-sharp.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0DCE54758EF9FA65D33F2FF71E45F1FC]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\start_monitoring.wav"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FDCEBEFE31AAE3C54AAD336011EA638]
"3F3070F694A02414E88B8124DA08C9AC"="02:\\Software\\Applian Technologies\\Replay Media Catcher 4\\InstallDir"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1180465A551C4D27EE18EB19C6F1A0A2]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\Interop.iTunesLibs.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\11F1869565E39D1DEE98F6764AD17D08]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\da\\alang.resources.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\19206341481ECCA116D651DE208AB7A5]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\fr\\alang.resources.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\19CB6F693910C45BD7345144A1803287]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\aui.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\19E2ABF16C312265DF34A63DEE25BD0D]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\auif.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A6738D747B4B63D7276512175D4C982]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\Interop.ShockwaveFlashObjects.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1D36EDE7B28FE8469091E5F9CAAE3597]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\armcp.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DA1E8E5C5BBE79034FBF006D6E181AB]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\install\\appliand.sys"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\275AA1DC8B86DA2B96E5D24FB476D2B4]
"3F3070F694A02414E88B8124DA08C9AC"="01:\\Software\\Applian\\Director\\ReplayMediaCatcher\\Path"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30AF05E26028F75FE8E220587A99F3C7]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\ndisapi.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3195482C0095F7A444CCB7ADA26C6139]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\banner.bmp"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3648CF27CFA60AB85F3DD061E6EC3AFD]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\Ionic.Utils.Zip.LICENSE.txt"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\39E6CBF8026D4C183D70EC009DEBE841]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\ConversionSettings.xml"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3F2EB7BBC27BB2145120D019E394EAF5]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\qtCopy.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3F3070F694A02414E88B8124DA08C9AC]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4F47DB8EC4396200AFC23E1286D981B8]
"3F3070F694A02414E88B8124DA08C9AC"="02:\\Software\\Applian Technologies\\Replay Media Catcher 4\\"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\56F6D6DF9FC3CF367FD4349AF2412147]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\download_error.wav"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\57D3E09856BBD8920FAFE32B8891AF98]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\de\\alang.resources.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5A39C258BFBA686D5CF843B41CC56C36]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\FLVPlayer.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C8E3618F37F8C2A3A11EA5608A5862A]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\MusicDns\\libofa.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C90A72C1AE03EED351CBDB71D2FC1B4]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\install\\appliand_m.cat"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C9164B97B8C2470827C1872C1C85543]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\aag.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5FC7072AD6436ABDB0DA65464CF61988]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\FLVPlayer.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\631306C1CCCF5DB57640BF97D8187BAE]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\VistaAudioLib.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\638D699CDC3CDDFD92148AAAAA663E3F]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\log4net.LICENSE.txt"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\64667475E885D284EC064481231050FB]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\END USER LICENSE AGREEMENT.rtf"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\66F82405C8118A4B1488EDD54797D5FA]
"3F3070F694A02414E88B8124DA08C9AC"="01:\\Software\\Applian\\Director\\ReplayMediaCatcher\\"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6CCAB6A568EFA17284909C18A13ED69F]
"3F3070F694A02414E88B8124DA08C9AC"="02:\\Software\\Applian Technologies\\"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6E98275E1134FAD3C88F82FD8A007095]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\it\\alang.resources.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7904CFC309B7D02D7E1AA4DD9C76FC80]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\install\\snetcfg.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A8A8BDB2779583B3BA283C15CE6DB21]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\ffmpeg.exe.LICENSE.txt"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BC5D59E2711BC6CD00AC3F3C46861E7]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\armcp.exe.config"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7C0B585490161897CCB3339AE4AC948A]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\MusicDns\\avdevice-52.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7EEACB8817F7878C9AF15F253FCA37A1]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\Ionic.Utils.Zip.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8282ADC3D341E8FE1FA29A8CF092B2BD]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\MusicDns\\libfftw3-3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\855AF81E7FBC8211F64AB996FF81A612]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\anet.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\862AC08CD7AEE41FC445E98B305B15D7]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\es\\alang.resources.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\87B65EAF32035C64075135061FDD6E27]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\MusicDns\\avutil-49.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8878B75525E2AD818D0E6D2D6354FC55]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\MusicDns\\amusicdnsw.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8BCCFE0DEFF066FE79F02BEE54BC9070]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\install\\DriverSigning.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\91EB48AAA576021766C9D075C75DA900]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\RCAT.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\93F14E548386389639E99929AA42D722]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\download_finished.wav"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9477875028D6A5A9C309B977301AF794]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\ru\\alang.resources.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94B162B984BC5875D9D86B8B25518EC6]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\audgopherw.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95116CBD2B21B622C15E52E3E2BA4747]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\audhook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\952CBAAC5B6BE1D8342EACACA754F073]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\stop_monitoring.wav"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A483105E3BB5B05B4E282E88EC55472]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\MusicDns\\MusicDNS.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9CEB3F8032347A644069ABD0C46B52D9]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\alang.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D7FC6DB6188B633529F3226AEBB3B7D]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\MusicDns\\avcodec-51.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5D318BBBEED9B5C8719B761118CC945]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\System.Data.SQLite.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6813B0336D54446E5142EEEBB502E89]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\aliccl.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8555162D4AEA25628CFB88AA6491209]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\crypto.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAF6579BD14FAB1F3BA6239E04B95B7D]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\auninstall.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AFAED9523BD83D1C63652E5B57D436AC]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\armcp.exe.log4net"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6A81D9542B4213056E4492824F5D270]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\amusicdns.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B987A092B1D023B4687DA57C5755956D]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\ffmpeg.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA57955D99DF5C41B821F7917BD9E601]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\ainstaller.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAA4F9D034C504C92AEBFE3FD28571BA]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\AxInterop.ShockwaveFlashObjects.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB389DC7FCE4CEFA14089986CBCF1A4E]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\asmr.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC89F0D6AD2D1B025749BDA87B4F78C3]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\MusicDns\\avformat-52.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C13BE9D4311CEC7260BD35C997C44A15]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\MusicDns\\swscale-0.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9B9AFB49DD4AFF1CAE07DF6B0899C7D]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\aws.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE8BCD7199E66ED0217143236F516C84]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\install\\appliand.inf"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D1E613B059E914C8B44C995DC3D5286B]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\aconv.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D375A9603A040E909B39372D97715649]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\pt\\alang.resources.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D37B9ACB863063C47DD2E59C65DAB1C0]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\install\\appliand_m.inf"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD8A4D880060B6F48C8C2801D8D9A96B]
"3F3070F694A02414E88B8124DA08C9AC"="01:\\Software\\Applian\\Director\\ReplayMediaCatcher\\Version"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF9383A6C6109D7AD19BA01E08B610FD]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\install\\appliand.cat"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5006F11453A0D12830386129F04901A]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\auicf.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E78870482D1653B64A2EB980FBCD72C9]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\MusicDns\\libcurl-3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED20C0A759E7A50F38DD1DEAB7F4A94F]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\crypto.LICENSE.html"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F078A2E48C176117796B8F1ACE6369EB]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\audgopher.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FED8ED2EA2DEA6A518CF309C05D9DAE9]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\User Guide.url"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3F3070F694A02414E88B8124DA08C9AC\InstallProperties]
"URLInfoAbout"="http://www.applian.com"
"Publisher"="Applian Technologies"
; Contents of value:
; http://www.applian.com/support.php
"HelpLink"=hex(2):68,00,74,00,74,00,70,00,3a,00,2f,00,2f,00,77,00,77,00,77,00,\
2e,00,61,00,70,00,70,00,6c,00,69,00,61,00,6e,00,2e,00,63,00,6f,00,6d,00,2f,\
00,73,00,75,00,70,00,70,00,6f,00,72,00,74,00,2e,00,70,00,68,00,70,00,00,00
"Contact"="Applian Technologies"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F0703F3-0A49-4142-8EB8-1842AD809CCA}]
"URLInfoAbout"="http://www.applian.com"
"Publisher"="Applian Technologies"
; Contents of value:
; http://www.applian.com/support.php
"HelpLink"=hex(2):68,00,74,00,74,00,70,00,3a,00,2f,00,2f,00,77,00,77,00,77,00,\
2e,00,61,00,70,00,70,00,6c,00,69,00,61,00,6e,00,2e,00,63,00,6f,00,6d,00,2f,\
00,73,00,75,00,70,00,70,00,6f,00,72,00,74,00,2e,00,70,00,68,00,70,00,00,00
"Contact"="Applian Technologies"

[HKEY_USERS\S-1-5-21-436374069-527237240-725345543-1003\Software\Applian]

[HKEY_USERS\S-1-5-21-436374069-527237240-725345543-1003\Software\Applian\ConverterEng]

[HKEY_USERS\S-1-5-21-436374069-527237240-725345543-1003\Software\Applian\Director]

[HKEY_USERS\S-1-5-21-436374069-527237240-725345543-1003\Software\Applian\Director\ReplayAV]

[HKEY_USERS\S-1-5-21-436374069-527237240-725345543-1003\Software\Applian\Director\ReplayConverter]

[HKEY_USERS\S-1-5-21-436374069-527237240-725345543-1003\Software\Applian\FLVConverter]

[HKEY_USERS\S-1-5-21-436374069-527237240-725345543-1003\Software\Applian\Streaming Media Recorder 4]

[HKEY_USERS\S-1-5-21-436374069-527237240-725345543-1003\Software\ApplianTechnologies]

[HKEY_USERS\S-1-5-21-436374069-527237240-725345543-1003\Software\ApplianTechnologies\AudioGopher]

[HKEY_USERS\S-1-5-21-436374069-527237240-725345543-1003\Software\ApplianTechnologies\AudioGopher\counterparts]

[HKEY_USERS\S-1-5-21-436374069-527237240-725345543-1003\Software\ApplianTechnologies\Freecorder4Settings]

[HKEY_USERS\S-1-5-21-436374069-527237240-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Applian Technologies]

; End Of The Log...

-----------------------------------------------------------------------------------------------------------------------

Windows Registry Editor Version 5.00

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.6.0

; Results at 25.3.2011 10:01:41 for strings:
; 'rmc'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS

[HKEY_LOCAL_MACHINE\SOFTWARE\Applian Technologies]
"RMC4Installer"="RCATSetup4.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecabb0bd-7f19-11d2-978e-0000f8757e2a}]
@="CrmClerk Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecabb0bd-7f19-11d2-978e-0000f8757e2a}\ProgID]
@="CrmClerk.CrmClerk.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecabb0bd-7f19-11d2-978e-0000f8757e2a}\VersionIndependentProgID]
@="CrmClerk.CrmClerk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrmClerk.CrmClerk]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrmClerk.CrmClerk]
@="CrmClerk Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrmClerk.CrmClerk\CurVer]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrmClerk.CrmClerk\CurVer]
@="CrmClerk.CrmClerk.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrmClerk.CrmClerk.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrmClerk.CrmClerk.1]
@="CrmClerk Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrmClerk.CrmClerk.1\CLSID]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|armcp.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Applian Technologies|Replay Media Catcher 4|armcp.exe]
; Contents of value:
; @J0cKTwj{8u7c89i!--j>fZvjP?M0CHHIh6[3$V~N
;
"armcp,Version=\"4.1.1.0\",Culture=\"neutral\",PublicKeyToken=\"A57485CC76699F6F\",ProcessorArchitecture=\"x86\""=hex(7):40,\
00,4a,00,30,00,63,00,4b,00,54,00,77,00,6a,00,7b,00,38,00,75,00,37,00,63,00,\
38,00,39,00,69,00,21,00,2d,00,2d,00,6a,00,3e,00,66,00,5a,00,76,00,6a,00,50,\
00,3f,00,4d,00,30,00,43,00,48,00,48,00,49,00,68,00,36,00,5b,00,33,00,24,00,\
56,00,7e,00,4e,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3F3070F694A02414E88B8124DA08C9AC\SourceList]
"PackageName"="RMC.Setup.msi"
; Contents of value:
; n;1;C:\DOCUME~1\xp\LOCALS~1\Temp\RMC4Install\
"LastUsedSource"=hex(2):6e,00,3b,00,31,00,3b,00,43,00,3a,00,5c,00,44,00,4f,00,\
43,00,55,00,4d,00,45,00,7e,00,31,00,5c,00,78,00,70,00,5c,00,4c,00,4f,00,43,\
00,41,00,4c,00,53,00,7e,00,31,00,5c,00,54,00,65,00,6d,00,70,00,5c,00,52,00,\
4d,00,43,00,34,00,49,00,6e,00,73,00,74,00,61,00,6c,00,6c,00,5c,00,00,00

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3F3070F694A02414E88B8124DA08C9AC\SourceList\Net]
; Contents of value:
; C:\DOCUME~1\xp\LOCALS~1\Temp\RMC4Install\
"1"=hex(2):43,00,3a,00,5c,00,44,00,4f,00,43,00,55,00,4d,00,45,00,7e,00,31,00,\
5c,00,78,00,70,00,5c,00,4c,00,4f,00,43,00,41,00,4c,00,53,00,7e,00,31,00,5c,\
00,54,00,65,00,6d,00,70,00,5c,00,52,00,4d,00,43,00,34,00,49,00,6e,00,73,00,\
74,00,61,00,6c,00,6c,00,5c,00,00,00

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{27B06FE5-86D2-4A9D-97CB-772299819F29}]
@="IWMEncTransformCollection"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{53610480-9695-11D1-82ED-00A0C91EEDE9}]
@="ICRMClerk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BBC01830-8D3B-11D1-82EC-00A0C91EEDE9}]
@="ICrmCompensator"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EF015DE4-52BE-464A-922E-9D72318B4B3B}]
@="IWMDRMContentAuthor"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F0BAF8E4-7804-11D1-82E9-00A0C91EEDE9}]
@="ICrmCompensatorVariants"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950762\Filelist\0]
"FileName"="rmcast.sys"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950762\Filelist\1]
"FileName"="rmcast.sys"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950762\Filelist\2]
"FileName"="rmcast.sys"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950762\Filelist\3]
"FileName"="rmcast.sys"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950762\Filelist\4]
"FileName"="rmcast.sys"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950762\Filelist\5]
"FileName"="rmcast.sys"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP4\KB950762\Filelist\6]
"FileName"="rmcast.sys"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1D36EDE7B28FE8469091E5F9CAAE3597]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\armcp.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BC5D59E2711BC6CD00AC3F3C46861E7]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\armcp.exe.config"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AFAED9523BD83D1C63652E5B57D436AC]
"3F3070F694A02414E88B8124DA08C9AC"="C:\\Program Files\\Applian Technologies\\Replay Media Catcher 4\\armcp.exe.log4net"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3F3070F694A02414E88B8124DA08C9AC\InstallProperties]
"InstallSource"="C:\\DOCUME~1\\xp\\LOCALS~1\\Temp\\RMC4Install\\"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F0703F3-0A49-4142-8EB8-1842AD809CCA}]
"InstallSource"="C:\\DOCUME~1\\xp\\LOCALS~1\\Temp\\RMC4Install\\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Video\{B774DE5A-F090-4328-8A51-630CD1010BB5}\0000]
; Contents of value:
;
"00000001RMColorSaturationBoost"=hex:00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Video\{B774DE5A-F090-4328-8A51-630CD1010BB5}\0000]
; Contents of value:
;
"00000001RMColorSaturationBoost"=hex:00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Video\{B774DE5A-F090-4328-8A51-630CD1010BB5}\0000]
; Contents of value:
;
"00000001RMColorSaturationBoost"=hex:00,00,00,00

[HKEY_USERS\S-1-5-21-436374069-527237240-725345543-1003\Software\ApplianTechnologies\AudioGopher\counterparts]
"armcp.exe"="armcp.exe"

[HKEY_USERS\S-1-5-21-436374069-527237240-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count]
; Contents of value:
; 4 PÉť:MQČ
"HRZR_EHAPCY:\"P\
:\\JVAQBJF\\flfgrz32\\jfphv.pcy\",Pragehz mnormcrčraí"=hex:34,00,00,00,06,0\
0,00,00,50,c9,9d,3a,4d,51,c8,01

[HKEY_USERS\S-1-5-21-436374069-527237240-725345543-1003\Software\Piriform\CCleaner]
"MSG_CONFIRMCLEAN"="False"

; End Of The Log...

Kontrola Logu Vyřešeno

Kontrola Logu Vyřešeno

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Re: Kontrola Logu

Kdo je online