Prosím, co s tímto nálezem

pavel66 · Příspěvekod **pavel66** » 12 bře 2010 09:36

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll acpi.sys ataport.SYS PCIIDEX.SYS msahci.sys win32k.sys ntkrnlpa.exe
kernel: MBR read successfully
user & kernel MBR OK

Reklama

Damned · Příspěvekod **Damned** » 12 bře 2010 10:00

Tak už vážně netuším, čím by to mohlo být. Bohužel.....

pavel66 · Příspěvekod **pavel66** » 12 bře 2010 10:49

njn, tak dik

Damned · Příspěvekod **Damned** » 12 bře 2010 11:25

Pokud si do toho kopl, je taky nutno se mrknou, zda nedošlo k mechanickému poškození. Mě taky blbla flesh, protože sem tlustej jak vepř a mám nohy do divnýho písmena.
Musel jsem ten konektor vytáhnout, srovnat a zatím to drží.

pavel66 · Příspěvekod **pavel66** » 12 bře 2010 13:45

to fakt patri sem?

jinak sem se chtel zeptat nemam treba zkusit nejakej program na registry?

jo a jeste nemuze to mit neco spolecnýho s procesem svchost.exe mam jich ve spravci asi 14( poprpadne nejaka rada na odstraneni?)

Damned · Příspěvekod **Damned** » 12 bře 2010 14:21

Na vyčištění registru použij Wise Registry Cleaner ↓.
svchost je hlavní systémový proces.

Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output. File age ponech na 30 days. Všechny chlívky změň na All. Klikni na Run Scan. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

pavel66 · Příspěvekod **pavel66** » 12 bře 2010 17:33

ten wise registr nasel 996 problemu a 39 neopravil

otl

http://www.upnito.sk/subor/ede6bd0e42eb ... 69214.html

OTL Extras logfile created on: 12.3.2010 17:19:23 - Run 1
OTL by OldTimer - Version 3.1.37.0 Folder = C:\Users\NB\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289,54 Gb Total Space | 71,10 Gb Free Space | 24,56% Space Free | Partition Type: NTFS
Drive D: | 8,55 Gb Total Space | 1,59 Gb Free Space | 18,62% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NOTEBOOK
Current User Name: NB
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (All) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\Windows\System32\shell32.dll (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4091301431-3146374880-2057195779-1000\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{20C1E2C8-2E0C-41E6-847C-D9267E2ECFF5}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp4\wnt500x86\rpcsandrasrv.exe |
"{23BABBBC-8FCE-45C2-B53A-02FEAC79FF98}" = lport=2869 | protocol=6 | dir=in | app=system |
"{33F18D69-9C3F-475C-8DBE-425544AAC436}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{375D0F0C-6463-46D3-98D4-38261139C5AD}" = lport=139 | protocol=6 | dir=in | app=system |
"{3CC88C09-2F15-483F-9EE4-14E561150883}" = rport=138 | protocol=17 | dir=out | app=system |
"{490EE524-03A1-4B7D-BF4A-49BC909327E5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6040AB25-7717-48E3-9A05-E73468C50DB0}" = rport=139 | protocol=6 | dir=out | app=system |
"{686E65C6-736C-45F9-88E9-2FA18B42A92F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7D7482E3-BA5C-47F8-B2A6-D2565DCB1D8C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{91C8FCA1-F7AF-4B51-AB19-B9D7F9D21817}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{94B0C394-CD36-4F2E-B267-61B38A7C59DD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9F493DD8-D5BC-4997-B8C5-82BD49FB128C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B5E72BCB-F54E-4114-8A6D-D5D7EF6D3E07}" = lport=138 | protocol=17 | dir=in | app=system |
"{C4EDE604-0269-4842-B109-C16A5A005DDA}" = lport=445 | protocol=6 | dir=in | app=system |
"{C829F35E-E333-45F8-B67F-CFFE1BE2B28C}" = lport=137 | protocol=17 | dir=in | app=system |
"{C8D08458-9A47-49DA-B4A5-F68C18028A43}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D270F12D-3DD6-4AA8-B540-A1CCB02CEAB1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D7D35556-9C08-4231-BAA8-86A9E1073428}" = rport=137 | protocol=17 | dir=out | app=system |
"{E04269D3-5DB2-46EE-B6F1-3B6D244CF1A1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EF36C99F-84EA-408A-905E-0526B0C5A5DE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F1CF9CE7-3DBC-4F13-B55B-0B4CF7D3CB0B}" = rport=445 | protocol=6 | dir=out | app=system |
"{FB3C964F-642B-48F4-A564-7BCB8F6C7595}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B9DEA9A-D45A-4E06-9230-66287E9C4407}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0E1F19DB-F3B2-4519-BCBA-4CA0EA2225F5}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{0EFAFD4D-3589-42A7-ABB9-BDD989C7F74A}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{0FC43CD7-D8A8-4A77-AD7D-7E722407C496}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{117CAF2E-863E-4383-A3D6-DE457EC1619C}" = protocol=17 | dir=in | app=c:\program files\ea games\mirror's edge\binaries\mirrorsedge.exe |
"{1634DD85-5DBE-4CA1-86E6-A9B33B23E046}" = protocol=6 | dir=in | app=c:\program files\activision\wolfenstein\mp\wolf2mp.exe |
"{1B53A2B8-E9C6-4ECA-9B3C-1CA4F827F0E9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1C8B1441-89BA-4B4E-89C4-6AE6357A89A4}" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"{1F42BA91-6D89-4048-920B-AC9D446D7178}" = protocol=6 | dir=out | app=system |
"{1FE8B217-DE9D-4151-9732-67CF70B4696E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2784A094-853F-42A5-B48D-4460395D0370}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{2EA90013-319F-44C6-AA42-219F0346EA0F}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{362927C9-39E4-4BB0-95D7-E52529053D22}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{3DC9C983-052B-4105-ABD4-594D1154F328}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{42082753-8986-4E72-80D2-59072C3A3C43}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{481B05DC-858E-4A05-BBCE-4A65DEBFE3A4}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{4F8CED76-0AAC-45D3-B24E-44F8B7AEA43D}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{52CF8C4F-4FFE-48C9-87DB-83837C832E9C}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\tsmagent.exe |
"{5AD594DA-E93E-4C5D-8ECA-6B5D6BF3CB6D}" = protocol=17 | dir=in | app=c:\program files\activision\wolfenstein\mp\wolf2mplite.exe |
"{5B0247E1-E052-4C18-8C8F-48E7A0078060}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qpservice.exe |
"{695C1C17-D0F3-4B74-8BE7-4C3C940069DA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6D74E17C-8DCD-4809-9278-A14185C13612}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{6DCCAA94-4E8C-4D44-8202-6C7F21C65058}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{711AE9EC-972A-4770-86D6-FCCBCAAAE756}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{7168D511-55DA-4CBE-9DDB-5F3919545FC9}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{72C4796B-2341-412B-ADBE-AF7E1EC59ABF}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{79904D3C-7CF8-4069-B57C-B70978502D97}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{89764387-0B68-44C6-B46F-0C7F40C30AE7}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{8CA1B5B6-99DB-452F-A51A-977C04D77047}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8FEAE5EB-0D69-423D-85EC-69338CE43390}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{91245371-44A8-449D-8EBC-D1F2827A306C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9681246B-CC33-477D-A454-438187A8FD2B}" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"{9A989B73-A79B-4FE1-A002-F69A8851F8F8}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\tsmagent.exe |
"{9DCE85E9-9652-463D-9D09-ADC71E3AB8E5}" = protocol=6 | dir=in | app=c:\program files\activision\wolfenstein\mp\wolf2mplite.exe |
"{9F8BA3A0-C7A0-40DE-A85C-CD51D446DAFB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A1E681B6-E447-4E22-9D43-40C3CEE1A4AC}" = protocol=17 | dir=in | app=c:\program files\activision\wolfenstein\mp\wolf2mp.exe |
"{A829E07B-8FCF-4782-8095-DC562DAA2BC5}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{ABCF4EC7-4C2F-48AD-9590-DC770C5CFBAF}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{B0802F62-ED6C-4AB0-B879-4D357EC4F5EE}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{B9E51F82-2A36-416B-B5BD-99D452A6CFBC}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qp.exe |
"{C0DD8B0C-4D66-4DE3-8E06-F66B5F1E60BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D42F186F-03A9-465F-BC90-DBDCCDC674E1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D604B3C1-F6C9-4039-A28A-92B61BE18ADC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DAE2D34B-ABCC-4DEF-B40C-4E04A4559E1D}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{DBE2B2EE-0606-47F4-BA5D-1C52C3B6D452}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DF468D13-C176-4CBF-B908-28F119A215BF}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{E2B085BA-919F-4B5C-B757-583D6EF45D63}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{E3D8E70F-E4D7-48AF-AB0C-FF1957CD59DA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E8D273AB-3BBF-45CF-B0FB-AB5E351B8CA0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E90B4213-BD8A-4027-BDCF-09C9123FDEFF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EA33474F-5C06-4ED5-9EC6-D7CB89F2D251}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{EAA05E24-01AC-4BFB-BC42-99B74E150ACC}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp4\wnt500x86\rpcsandrasrv.exe |
"{EB02B66B-CB93-4EA0-B99E-0629A57BFEDA}" = protocol=6 | dir=in | app=c:\program files\ea games\mirror's edge\binaries\mirrorsedge.exe |
"{ECE2AA2E-255A-4BB4-998D-3DC6F9767642}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EF06F4F4-2A17-4E43-9B83-186C96786E4E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FA43BE48-F76B-45FE-B8B5-CA81B93655B5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"TCP Query User{0633EB00-64C9-42E6-8BE2-50A392F1B902}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{0E417155-940A-444F-8CF3-EE0845776092}C:\users\nb\appdata\local\temp\rar$ex00.536\game.exe" = protocol=6 | dir=in | app=c:\users\nb\appdata\local\temp\rar$ex00.536\game.exe |
"TCP Query User{0F12A315-9F8A-44F0-B34D-4184DA0E6AEC}C:\users\nb\desktop\red faction\program files\volition inc\red faction guerrilla\rfg.exe" = protocol=6 | dir=in | app=c:\users\nb\desktop\red faction\program files\volition inc\red faction guerrilla\rfg.exe |
"TCP Query User{0FD09154-37BE-43BB-B4D4-ACFE456CD956}C:\users\nb\desktop\flatout2\flatout2\flatout2.exe" = protocol=6 | dir=in | app=c:\users\nb\desktop\flatout2\flatout2\flatout2.exe |
"TCP Query User{14CC70E8-CF50-4784-B54B-CC7089373C36}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{14CD01C5-5B36-4863-B2C6-02261A0663BF}C:\users\nb\desktop\red faction\program files\volition inc\red faction guerrilla\rfg.exe" = protocol=6 | dir=in | app=c:\users\nb\desktop\red faction\program files\volition inc\red faction guerrilla\rfg.exe |
"TCP Query User{18DF0290-3F90-4C1B-96EF-EDBFACDA2275}C:\windows\ehome\ehexthost.exe" = protocol=6 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"TCP Query User{1D14C6A9-9CB8-4C00-925A-DA9A02919FA0}C:\users\nb\appdata\local\temp\rar$ex00.368\sdc230\strongdc.exe" = protocol=6 | dir=in | app=c:\users\nb\appdata\local\temp\rar$ex00.368\sdc230\strongdc.exe |
"TCP Query User{2B99AFBF-EFB8-4274-9746-4E6757C7F762}C:\program files\maple 12\jre\bin\maple.exe" = protocol=6 | dir=in | app=c:\program files\maple 12\jre\bin\maple.exe |
"TCP Query User{4458EABC-BBFE-4A47-AB0D-FD754BFF5319}C:\program files\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"TCP Query User{53084CD0-7DA1-41AD-991B-07095556FB44}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |
"TCP Query User{53A6298E-5D52-4CBB-B571-1D056E1F07C3}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{6AFB813E-8B68-4E69-958E-398EF79A0183}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{727ECF60-DD54-46DD-8DC0-E32D526C76A0}C:\program files\maple 12\jre\bin\maple.exe" = protocol=6 | dir=in | app=c:\program files\maple 12\jre\bin\maple.exe |
"TCP Query User{774A49EC-4FFA-4F9A-9BF3-9EA4F082DE81}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe |
"TCP Query User{7A0DEE09-C5C2-41B0-AA57-365C9D4FD792}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe |
"TCP Query User{84D5A765-6AF9-4BDE-96A8-05F3F352D388}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{851B5248-8D2B-4E7B-805A-DA3E7E128B90}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{8B63B9EA-5B6B-450A-977C-4A685BC4C486}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{92E95365-646B-4045-BAF3-919E1D49E7A1}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{98C861F8-4004-486F-949B-BFCBB7AD5DDF}C:\windows\ehome\ehexthost.exe" = protocol=6 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"TCP Query User{9E343155-1A54-4493-AB72-10CD0F375233}C:\program files\codemasters\colin mcrae rally 2\cmr2network.exe" = protocol=6 | dir=in | app=c:\program files\codemasters\colin mcrae rally 2\cmr2network.exe |
"TCP Query User{A95C8B95-7E25-44C9-A461-9F90D1FE45FF}C:\program files\sega\vancouver 2010\vancouver.exe" = protocol=6 | dir=in | app=c:\program files\sega\vancouver 2010\vancouver.exe |
"TCP Query User{B01C085B-0498-4EAC-BFBB-ABD945CB2E59}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{B7768EA3-29CB-4208-BA93-729527EBA9C8}C:\users\nb\appdata\local\temp\rar$ex00.742\strongdc.exe" = protocol=6 | dir=in | app=c:\users\nb\appdata\local\temp\rar$ex00.742\strongdc.exe |
"TCP Query User{B77EECB9-32D1-4EAF-8DA5-43D030E9E495}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{C34047BE-C327-4EF4-A891-8B7A2B3781B3}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{CC4869C3-28DB-49BE-9F32-E1F594D2AA11}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\czech\setup.exe" = protocol=6 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\czech\setup.exe |
"TCP Query User{D54CE274-27EA-496B-B24B-AC0A302580A5}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{DAABE754-33D2-4C26-87E0-625696A5CB50}C:\program files\maple 12\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\maple 12\jre\bin\java.exe |
"TCP Query User{E149FC26-858C-45C2-8AF0-D3E45BCD4B4F}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{E3B87A7F-276A-496E-9A83-4C60C8CDCDB4}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{EE2BFB21-B72C-4D97-BCBC-B749399C47B1}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{EF42496C-6398-4F70-BD6B-2C517E3DD9D4}C:\program files\tmunitedforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmunitedforever\tmforever.exe |
"TCP Query User{EF4B87D4-2793-4110-9BCF-1A3B291D9817}C:\program files\kn_strongdc\strongdc.exe" = protocol=6 | dir=in | app=c:\program files\kn_strongdc\strongdc.exe |
"TCP Query User{F38522DF-F413-406B-9F5C-E7DA6A7DA343}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{F41710D7-403B-4492-A24B-5C5BC0A014CE}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{FA7DC7C7-735F-486A-ACC8-D11A57ADB288}C:\users\nb\desktop\flatout2\flatout\flatout2.exe" = protocol=6 | dir=in | app=c:\users\nb\desktop\flatout2\flatout\flatout2.exe |
"TCP Query User{FAC57459-396B-47D2-A497-40A8561DB1D5}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{FE0274DF-614C-4C21-8036-31894290539B}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{FFE89F0C-D0C7-4F29-9BAC-6942D8BBCCC0}C:\program files\kn_strongdc\strongdc.exe" = protocol=6 | dir=in | app=c:\program files\kn_strongdc\strongdc.exe |
"UDP Query User{00AFABBC-DEDF-4DF5-B9F8-E0D4211567E8}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{08544AAA-7445-4C31-B37E-0796904FFA72}C:\users\nb\desktop\flatout2\flatout\flatout2.exe" = protocol=17 | dir=in | app=c:\users\nb\desktop\flatout2\flatout\flatout2.exe |
"UDP Query User{1F435388-4BF7-4226-A791-B89D4DA6A679}C:\program files\maple 12\jre\bin\maple.exe" = protocol=17 | dir=in | app=c:\program files\maple 12\jre\bin\maple.exe |
"UDP Query User{24D40B37-4196-41DE-9A65-B1EAF854228F}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{28ADEBC3-2467-4A7D-85A0-AD0A13C8779E}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{430134BA-0297-40A3-AADF-19C257A214F5}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{4985D49B-B16D-4A35-93BB-D9D85B91A393}C:\program files\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\program files\icqlite\icqlite.exe |
"UDP Query User{49A71492-9E22-4ED1-AC44-F15AA59F18EA}C:\users\nb\desktop\red faction\program files\volition inc\red faction guerrilla\rfg.exe" = protocol=17 | dir=in | app=c:\users\nb\desktop\red faction\program files\volition inc\red faction guerrilla\rfg.exe |
"UDP Query User{5210903D-9CC8-4E5B-B3F4-74F6920083DA}C:\program files\tmunitedforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmunitedforever\tmforever.exe |
"UDP Query User{5A4860B8-F9FE-4329-A7BC-74CD8867178B}C:\program files\codemasters\colin mcrae rally 2\cmr2network.exe" = protocol=17 | dir=in | app=c:\program files\codemasters\colin mcrae rally 2\cmr2network.exe |
"UDP Query User{658D66D2-1019-48C6-8E89-6243517D3C46}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{6A0A9D63-22F0-4269-AF75-9B37C8A2976F}C:\users\nb\desktop\flatout2\flatout2\flatout2.exe" = protocol=17 | dir=in | app=c:\users\nb\desktop\flatout2\flatout2\flatout2.exe |
"UDP Query User{6F146C24-954D-49E2-A996-1A57251F7EDD}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{71FD8792-FF5E-4F01-B881-790DB3A0998F}C:\program files\kn_strongdc\strongdc.exe" = protocol=17 | dir=in | app=c:\program files\kn_strongdc\strongdc.exe |
"UDP Query User{765EDC21-DEA1-442A-8547-CF09DF0079E3}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{8961F83D-30CC-4409-A232-E19D27F19A64}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{9006BC92-4318-4797-88CB-1B7CB48DD335}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{90D87719-D378-4BE7-86E7-E1A20958C383}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |
"UDP Query User{93A9130F-C6F0-4D93-8149-BA919DEA63C7}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{95181E16-9E07-416E-882B-1D5A934E759D}C:\users\nb\appdata\local\temp\rar$ex00.368\sdc230\strongdc.exe" = protocol=17 | dir=in | app=c:\users\nb\appdata\local\temp\rar$ex00.368\sdc230\strongdc.exe |
"UDP Query User{96F8B08D-B8D9-4CD8-B264-D84922D6CCFF}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{9EA8BDFA-428B-4F90-B32A-551C944C7047}C:\windows\ehome\ehexthost.exe" = protocol=17 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"UDP Query User{A3B32A64-B792-47D9-81E7-9653C8C3A34F}C:\program files\maple 12\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\maple 12\jre\bin\java.exe |
"UDP Query User{A81DA3B3-5621-46F0-9EE5-BA672BD8E8D4}C:\windows\ehome\ehexthost.exe" = protocol=17 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"UDP Query User{A8AEF428-3377-47B6-BA2D-5F79C1D42143}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{AA15FD1A-45EA-4E93-A7EC-DA77A66B1A0E}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{AB97367C-8BF0-4FA3-9095-2FCFC636C941}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{B076213E-D0AC-44AF-9842-9F06B07FD0C7}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{BBDF5F30-D9DD-4D9E-BC10-1EC5EA011E80}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe |
"UDP Query User{BC2D8E54-7137-4576-8D0E-441C1BDD4FEC}C:\users\nb\desktop\red faction\program files\volition inc\red faction guerrilla\rfg.exe" = protocol=17 | dir=in | app=c:\users\nb\desktop\red faction\program files\volition inc\red faction guerrilla\rfg.exe |
"UDP Query User{BE2B5B8C-2899-4BD0-92A8-9252B99007B9}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{C148660C-E3E8-464B-BDE6-4911F9BBF1E8}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{C160DA3D-2EB4-44EF-8E40-B8BDC777E988}C:\users\nb\appdata\local\temp\rar$ex00.742\strongdc.exe" = protocol=17 | dir=in | app=c:\users\nb\appdata\local\temp\rar$ex00.742\strongdc.exe |
"UDP Query User{CCCCF623-5985-46FD-99EA-186D77329A35}C:\program files\microsoft games\age of empires ii\empires2.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.exe |
"UDP Query User{CE6A7E97-0D41-4AB6-925A-DEBA343966D0}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{DD9B0D86-59EC-45D3-AC9C-81DF9A6A2822}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{F2342957-819A-4B6E-A704-0E93C8F83AA9}C:\program files\maple 12\jre\bin\maple.exe" = protocol=17 | dir=in | app=c:\program files\maple 12\jre\bin\maple.exe |
"UDP Query User{F249D1B8-A3E4-4540-A093-C50B104C44A2}C:\program files\sega\vancouver 2010\vancouver.exe" = protocol=17 | dir=in | app=c:\program files\sega\vancouver 2010\vancouver.exe |
"UDP Query User{F3FEDAFB-90C3-4926-951C-B2AD5C906FCF}C:\program files\kn_strongdc\strongdc.exe" = protocol=17 | dir=in | app=c:\program files\kn_strongdc\strongdc.exe |
"UDP Query User{F4964DC0-B345-42AD-9A85-5BA63A21DA07}C:\users\nb\appdata\local\temp\rar$ex00.536\game.exe" = protocol=17 | dir=in | app=c:\users\nb\appdata\local\temp\rar$ex00.536\game.exe |
"UDP Query User{FEDAE68D-6813-4C96-8903-3775F0D7257A}C:\programdata\kaspersky lab setup files\kaspersky internet security 2009\czech\setup.exe" = protocol=17 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\czech\setup.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{022F6097-A053-4B1B-BE50-3AADE4116B92}" = Opera 10.50
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6204
"{06379784-4648-46BF-9426-0B10817F0AF5}" = PhotoView 360
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Pomocník pro přihlášení ke službě Windows Live ID
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{11C3DB90-D872-49F4-A428-40B13E7745CD}" = HP Customer Experience Enhancements
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{15262012-213A-4f65-9019-C8A409EC0156}" = HP Officejet J6400 Series
"{15D7ECFC-B252-4990-A6BC-1C550A046FE5}" = SolidWorks eDrawings 2009
"{188C0E25-3D65-4DAC-9C00-7483FBA4C7EB}" = Status
"{19B72AA9-985A-11D4-9C8A-00D0B75D1498}" = Colin McRae Rally 2
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{279D3818-7287-4ab4-A927-542EBEA9E365}" = ProductContext
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{325CC540-F105-4074-BFC0-B8E26BFFE1D5}" = SolidWorks Explorer 2009 sp0
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{380CC749-8C28-4C74-BE01-45921D062302}" = BPDSoftware_Ini
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{41853D20-40CC-4266-978D-F128BB97CA96}" = 6400_Help
"{4C6A8BA7-06F9-4F4E-8D58-4419767A0CD2}" = HP Easy Setup - Frontend
"{4D262E86-E37A-4BCD-9BA6-D8FA1C3F5F39}" = SolidWorks 2009 SP0
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}" = Nokia PC Suite
"{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{5D934326-165A-413b-B056-26BE1EC082AF}" = J6400
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{63C2981B-6E59-4514-8FC8-3C7A6368D0AE}" = HP User Guides 0126
"{63D0588C-2740-459D-AFB4-6B03461B7891}" = SolidWorks Simulation 2009 SP0
"{65BD9AB2-696E-4598-91E6-C3EE77E64460}" = SolidWorks Motion 2009 SP0
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85155187-3BEF-47B4-A662-346FEABF67A6}" = ProtectSmart Hard Drive Protection
"{85C8D391-0EAE-4492-8A0A-2EE8B0B6DA03}" = BPDSoftware
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ABA00898-9467-4689-9F40-DE7F58C8429C}" = Fax
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}" = Windows Live Movie Maker
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1EE19E5-30DC-4912-85E9-B656867F27B6}_is1" = ICQ Password Changer 1.0
"{b25af741-265e-4ea4-8f0e-3b9df68bdeae}" = Nero 9
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{B9242864-2841-4ADE-86E0-8F90F91B04DD}" = Logitech Gaming Software
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BBF5C82E-78DE-48CD-9A83-B6D4E0AB7785}_is1" = CzechRO All-In-One Pack 24.2.2009
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C3A13A35-63AC-427a-92E6-960C1D01FABB}" = Poradce pro upgrade na systém Windows 7
"{C4BE99A4-D1C7-46CC-9E06-B901A4BC7854}_is1" = ICQ Password Hasher 1.2
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EE1671E1-ECB2-446B-A278-E8C56CFC839E}" = DWGeditor
"{EFC5939F-470F-454E-B3DA-F51FDD83F6CE}" = HP MediaSmart SmartMenu
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Empires 2.0" = Microsoft Age of Empires II
"BatteryBar" = BatteryBar (remove only)
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"BSPlayerf" = BS.Player FREE
"Cadkey 98 Release 1.04 CZ_is1" = Cadkey 98 Release 1.04 CZ
"Carom3D" = Carom3D
"CCleaner" = CCleaner (remove only)
"CzechRO" = CzechRO
"Defraggler" = Defraggler
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD Shrink_is1" = DVD Shrink 3.2
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Maple 12" = Maple 12
"MatlabR2008a" = MATLAB R2008a
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"Mozilla Firefox (3.0.18)" = Mozilla Firefox (3.0.18)
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"O2 Internet Konfigurator" = O2 Internet Konfigurator
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"RocketDock_is1" = RocketDock 1.3.5
"Shop for HP Supplies" = Shop for HP Supplies
"SolidWorks Installation Manager 20090-40000-1100-200" = SolidWorks 2009 SP0
"SpeedFan" = SpeedFan (remove only)
"Summer Athletics 2009_is1" = Summer Athletics 2009
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"szn-software-listicka" = Seznam Lištička 2 (Všichni uživatelé tohoto počítače.)
"The KMPlayer" = The KMPlayer (remove only)
"TmNationsForever_is1" = TmNationsForever_Fix_2009_10_09
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Wise Registry Cleaner_is1" = Wise Registry Cleaner Professional V5.12
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4091301431-3146374880-2057195779-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8.3.2010 16:03:44 | Computer Name = Notebook | Source = Application Hang | ID = 1002
Description = Program sidebar.exe verze 6.0.6002.18005 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení
problémů. ID procesu: 1328 Čas zahájení: 01cabefa69c23156 Čas ukončení: 116

Error - 8.3.2010 16:23:26 | Computer Name = Notebook | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 8.3.2010 17:07:55 | Computer Name = Notebook | Source = WinMgmt | ID = 10
Description =

Error - 8.3.2010 17:22:03 | Computer Name = Notebook | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 8.3.2010 17:57:39 | Computer Name = Notebook | Source = VSS | ID = 8194
Description =

Error - 8.3.2010 17:57:57 | Computer Name = Notebook | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 9.3.2010 10:54:22 | Computer Name = Notebook | Source = WinMgmt | ID = 10
Description =

Error - 9.3.2010 11:08:28 | Computer Name = Notebook | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 9.3.2010 14:19:53 | Computer Name = Notebook | Source = WinMgmt | ID = 10
Description =

Error - 9.3.2010 14:33:50 | Computer Name = Notebook | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

[ Media Center Events ]
Error - 1.3.2010 16:13:21 | Computer Name = Notebook | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerAccumulate failed;
Win32 GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media
Center Guide

[ OSession Events ]
Error - 11.2.2010 10:24:24 | Computer Name = Notebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 11.3.2010 4:08:43 | Computer Name = Notebook | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{959AB14E-5FF7-463B-8EB7-3330DCEF3B07},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 11.3.2010 4:15:00 | Computer Name = Notebook | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{959AB14E-5FF7-463B-8EB7-3330DCEF3B07},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 12.3.2010 8:39:48 | Computer Name = Notebook | Source = Service Control Manager | ID = 7000
Description =

Error - 12.3.2010 8:40:13 | Computer Name = Notebook | Source = Service Control Manager | ID = 7022
Description =

Error - 12.3.2010 8:41:09 | Computer Name = Notebook | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 12.3.2010 8:54:01 | Computer Name = Notebook | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003
Description =

Error - 12.3.2010 11:45:24 | Computer Name = Notebook | Source = Service Control Manager | ID = 7000
Description =

Error - 12.3.2010 11:45:28 | Computer Name = Notebook | Source = Service Control Manager | ID = 7022
Description =

Error - 12.3.2010 11:46:28 | Computer Name = Notebook | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 12.3.2010 11:59:37 | Computer Name = Notebook | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003
Description =

< End of report >

Damned · Příspěvekod **Damned** » 12 bře 2010 17:49

Zabal mi prosím tě ten soubor do archívu. Zobrazuje se mi v html, a to je guláš, že se v něm nevyzná ani moje pidlooký oko.

To co neopraví WRC, jsou buď zamčený, nebo root klíče.

pavel66 · Příspěvekod **pavel66** » 12 bře 2010 18:05

http://www.upnito.sk/subor/fe091016f9d2 ... ea109.html

Damned · Příspěvekod **Damned** » 12 bře 2010 19:08

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
DRV - (SANDRA) --  File not found
DRV - (NwlnkFwd) --  File not found
DRV - (NwlnkFlt) --  File not found
DRV - (npkycryp) --  File not found
DRV - (npkcrypt) --  File not found
DRV - (MRESP50a64) --  File not found
DRV - (MRENDIS5) --  File not found
DRV - (MREMPR5) --  File not found
DRV - (MREMP50a64)
DRV - (IpInIp) --  File not found
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

:Files
C:\Windows\VDLL.DLL
C:\Windows\System32\runouce.exe
C:\Windows\rundll16.exe
C:\Windows\RUNDL132.EXE
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\$RECYCLE.BIN
C:\ProgramData\McAfee Security Scan
C:\ProgramData\Symantec
C:\ProgramData\Norton
C:\ProgramData\NortonInstaller
C:\ProgramData\nvModes.001
C:\Windows\hpwins14.dat
C:\Windows\System\hpsysdrv.dat
C:\Windows\System32\ezdigsgn.dat
C:\Windows\xUninstall.bat
C:\Users\NB\AppData\Local\d3d9caps.dat
C:\Windows\tasks\SA.DAT
C:\ProgramData\nvModes.001
C:\Windows\yacht.xws
C:\Windows\System\hpsysdrv.dat
C:\Windows\tasks\SA.DAT

:Reg

:Commands
[purity]
[emptytemp]
[emptyflash]
[start explorer]
[Reboot]

Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

pavel66 · Příspěvekod **pavel66** » 12 bře 2010 23:18

nechce to jet pustim a pise to nahore na okne u názvu (neodpovídá)

Damned · Příspěvekod **Damned** » 12 bře 2010 23:22

Tak to upravím.

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

:Files
C:\Windows\VDLL.DLL
C:\Windows\System32\runouce.exe
C:\Windows\rundll16.exe
C:\Windows\RUNDL132.EXE
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\$RECYCLE.BIN
C:\ProgramData\McAfee Security Scan
C:\ProgramData\Symantec
C:\ProgramData\Norton
C:\ProgramData\NortonInstaller
C:\ProgramData\nvModes.001
C:\Windows\hpwins14.dat
C:\Windows\System\hpsysdrv.dat
C:\Windows\System32\ezdigsgn.dat
C:\Windows\xUninstall.bat
C:\Users\NB\AppData\Local\d3d9caps.dat
C:\Windows\tasks\SA.DAT
C:\ProgramData\nvModes.001
C:\Windows\yacht.xws
C:\Windows\System\hpsysdrv.dat
C:\Windows\tasks\SA.DAT

:Reg

:Commands
[purity]
[emptytemp]
[emptyflash]
[start explorer]
[Reboot]

Prosím, co s tímto nálezem Vyřešeno

Re: Prosím, co s tímto nálezem

Re: Prosím, co s tímto nálezem

Re: Prosím, co s tímto nálezem

Re: Prosím, co s tímto nálezem

Re: Prosím, co s tímto nálezem

Re: Prosím, co s tímto nálezem

Re: Prosím, co s tímto nálezem

Re: Prosím, co s tímto nálezem

Re: Prosím, co s tímto nálezem

Re: Prosím, co s tímto nálezem

Re: Prosím, co s tímto nálezem

Re: Prosím, co s tímto nálezem

Kdo je online