Neznámý uživatelský účet

Zpráva

iduss20 · #1 Příspěvek od **iduss20** » 17 kvě 2013 12:20

Dobrý den,
ve Win7 se mi najednou začal vytvářet (a po smazání obnovovat) neznámý uživatelský účet (typ standardní, nechráněný heslem) s exotickým názvem "dmxaiwlabxmi". Když jsem odpojila pc od internetu - po restartu už se tento účet neobjevil - ale jakmile jsem se k internetu znovu připojila - byl tam znovu

#2 Příspěvek od **stell** » 17 kvě 2013 12:35

Zdravim
Klikni na tlačidlo Štart
Do poľa Vyhľadať zadaj regedit a stlač kláves Enter.
Ak sa zobrazí výzva funkcie Kontrola používateľských kont, klikni na položku Áno .

V Editore databázy Registry prejdi na nasledujúci priečinok:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

Pravy klik na zlozku ProfileList>.klik Export, a uloz na plochu.
Pravy klik upravit>>a obsah vloz sem.

iduss20 · #3 Příspěvek od **iduss20** » 17 kvě 2013 12:43

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList]
"ProfilesDirectory"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,44,00,72,\
00,69,00,76,00,65,00,25,00,5c,00,55,00,73,00,65,00,72,00,73,00,00,00
"Default"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,44,00,72,00,69,00,\
76,00,65,00,25,00,5c,00,55,00,73,00,65,00,72,00,73,00,5c,00,44,00,65,00,66,\
00,61,00,75,00,6c,00,74,00,00,00
"Public"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,44,00,72,00,69,00,76,\
00,65,00,25,00,5c,00,55,00,73,00,65,00,72,00,73,00,5c,00,50,00,75,00,62,00,\
6c,00,69,00,63,00,00,00
"ProgramData"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,44,00,72,00,69,\
00,76,00,65,00,25,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,44,00,\
61,00,74,00,61,00,00,00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18]
"Flags"=dword:0000000c
"State"=dword:00000000
"RefCount"=dword:00000001
"Sid"=hex:01,01,00,00,00,00,00,05,12,00,00,00
"ProfileImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,\
00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,\
5c,00,63,00,6f,00,6e,00,66,00,69,00,67,00,5c,00,73,00,79,00,73,00,74,00,65,\
00,6d,00,70,00,72,00,6f,00,66,00,69,00,6c,00,65,00,00,00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19]
"ProfileImagePath"=hex(2):43,00,3a,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,\
00,73,00,5c,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,50,00,72,00,6f,00,\
66,00,69,00,6c,00,65,00,73,00,5c,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,\
00,72,00,76,00,69,00,63,00,65,00,00,00
"Flags"=dword:00000000
"State"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20]
"ProfileImagePath"=hex(2):43,00,3a,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,\
00,73,00,5c,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,50,00,72,00,6f,00,\
66,00,69,00,6c,00,65,00,73,00,5c,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,\
00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,00,00
"Flags"=dword:00000000
"State"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-314801186-1437938027-1381154866-1001]
"ProfileImagePath"=hex(2):43,00,3a,00,5c,00,55,00,73,00,65,00,72,00,73,00,5c,\
00,4a,00,69,00,74,00,75,00,61,01,6b,00,61,00,00,00
"Flags"=dword:00000000
"State"=dword:00000000
"Sid"=hex:01,05,00,00,00,00,00,05,15,00,00,00,22,7c,c3,12,6b,31,b5,55,32,c0,52,\
52,e9,03,00,00
"ProfileLoadTimeLow"=dword:00000000
"ProfileLoadTimeHigh"=dword:00000000
"RefCount"=dword:00000004
"RunLogonScriptSync"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-314801186-1437938027-1381154866-1003]
"ProfileImagePath"=hex(2):43,00,3a,00,5c,00,55,00,73,00,65,00,72,00,73,00,5c,\
00,4a,00,61,00,6e,00,61,00,00,00
"Flags"=dword:00000000
"State"=dword:00000204
"Sid"=hex:01,05,00,00,00,00,00,05,15,00,00,00,22,7c,c3,12,6b,31,b5,55,32,c0,52,\
52,eb,03,00,00
"ProfileLoadTimeLow"=dword:00000000
"ProfileLoadTimeHigh"=dword:00000000
"RefCount"=dword:00000000
"RunLogonScriptSync"=dword:00000000

#4 Příspěvek od **stell** » 17 kvě 2013 12:58

ok,
1:Otvorte Notepad (Poznámkový blok) a skopíruj do neho text.
2:Potom klikneme na záložku Súbor v menu Uložiť ako.. ..
3:Ako je Názov súboru, tak do toho riadku napíšeme:profil.bat
4:Typ súboru tak tam vyberiete všetky súbory
5:A uložíme ho na plochu.
7:Wista a Win 7,pravý klik spustite ako správca.
8:subor profil.txt sa ti otvori, obsah vloz sem

Kód: Vybrat vše

reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" /s > profil.txt && start notepad profil.txt
exit

iduss20 · #5 Příspěvek od **iduss20** » 17 kvě 2013 13:15

Když už mám na ploše vytvořený: "profil.bat" - tak ho otevřu jako správce, ale ihned se mi zavře... takže nemůžu nic zkopírovat

#6 Příspěvek od **stell** » 17 kvě 2013 13:20

"profil.bat" - tak ho otevřu jako správce, ale ihned se mi zavře

Precitaj este raz navod. profil.bat treba spustit a nie otvarat, po spusteni o chvilku sa ti otvori automaticky textovy subor profil.txt, tento obsah sem skopiruj.

iduss20 · #7 Příspěvek od **iduss20** » 17 kvě 2013 13:34

Možná je ta chyba ve mně

Ale dávám spustit jako správce (screen mý plochy: http://iduss20.rajce.idnes.cz/nastenka/#profil.jpg ) a když to takto spustím, tak asi tak na 1 vteřinu vyskočí nějaké okno, ale ihned se zavře a už se nic neděje... :/

#8 Příspěvek od **stell** » 17 kvě 2013 13:36

daj "hladat" profil.txt
ci najde, ak ano obsah sem vloz.

iduss20 · #9 Příspěvek od **iduss20** » 17 kvě 2013 13:39

Nenašlo to nic

žádné položky hledání neodpovídají...

#10 Příspěvek od **stell** » 17 kvě 2013 13:45

Stiahnite OTL
http://oldtimer.geekstogo.com/OTL.exe
na plochu
Spustite, potom do spodného políčka vložte nasledujúci skript.

Kód: Vybrat vše

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList  /s
netsvcs

Označte položku
Pre všetkých užívateľov.
Označte položky Kontrola na háveď "LOP" a Kontrola na háveď "Purity"
Kliknite na tlačidlo Prehľadať
Po dokončení, sem vložte logami OTL.Txt a Extras.Txt

iduss20 · #11 Příspěvek od **iduss20** » 17 kvě 2013 14:20

OTL:

OTL logfile created on: 17.5.2013 15:11:48 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jituška\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,93 Gb Total Physical Memory | 1,01 Gb Available Physical Memory | 34,43% Memory free
5,86 Gb Paging File | 3,61 Gb Available in Paging File | 61,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 281,44 Gb Total Space | 119,64 Gb Free Space | 42,51% Space Free | Partition Type: NTFS
Drive D: | 16,35 Gb Total Space | 2,36 Gb Free Space | 14,43% Space Free | Partition Type: NTFS
Drive F: | 5,23 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: JITUŠKA-HP | User Name: Jituška | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.05.17 14:55:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jituška\Desktop\OTL.exe
PRC - [2013.04.09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.03.21 15:19:46 | 001,341,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2013.02.15 09:53:46 | 000,341,800 | ---- | M] () -- C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
PRC - [2012.10.20 22:25:52 | 000,409,696 | ---- | M] (Microsoft Corporation) -- C:\Programy moje\Microsoft Office 2007\Office12\WINWORD.EXE
PRC - [2010.07.02 11:51:16 | 000,027,192 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010.07.02 11:48:24 | 000,602,680 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010.04.23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.04.09 16:54:38 | 001,441,544 | ---- | M] (Motorola, Inc.) -- C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe

========== Modules (No Company Name) ==========

MOD - [2013.05.15 10:34:02 | 013,136,776 | ---- | M] () -- C:\Users\Jituška\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll
MOD - [2013.04.09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013.04.09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013.04.09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013.04.09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013.04.09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2011.10.05 04:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2010.05.19 10:05:58 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010.05.19 10:05:58 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010.05.19 10:05:58 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013.03.21 15:19:46 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.08.17 01:32:45 | 001,028,096 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010.06.29 11:52:12 | 004,181,256 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)
SRV:64bit: - [2010.06.18 16:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010.05.20 13:28:14 | 000,677,128 | ---- | M] (Motorola, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV:64bit: - [2010.05.20 13:28:12 | 001,096,968 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)
SRV:64bit: - [2010.04.19 18:55:18 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService)
SRV:64bit: - [2009.11.18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.05.14 20:44:12 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.15 09:53:46 | 000,341,800 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe -- (PCSUService)
SRV - [2012.09.27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012.07.13 14:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Programy moje\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010.08.17 01:32:44 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.07.02 11:51:16 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010.06.01 15:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010.04.04 01:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.03.11 19:13:42 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.02.14 13:21:06 | 000,058,416 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2013.02.14 13:21:04 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013.01.10 10:25:22 | 000,190,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2013.01.10 10:25:22 | 000,059,440 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2013.01.10 10:25:20 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.09.23 01:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.06.29 10:12:26 | 003,232,768 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmusb.sys -- (BTMUSB)
DRV:64bit: - [2010.06.23 21:37:24 | 000,931,168 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2010.05.20 12:19:14 | 000,042,496 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaud.sys -- (btmaudio)
DRV:64bit: - [2010.04.23 03:17:40 | 000,318,000 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.04.13 09:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.04.09 16:53:04 | 000,052,736 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmcom.sys -- (BTMCOM)
DRV:64bit: - [2010.03.23 03:57:20 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.03.05 21:57:00 | 010,300,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {D2AB4D14-FB6D-4C3C-9AB8-A2956EB3807F}
IE:64bit: - HKLM\..\SearchScopes\{D2AB4D14-FB6D-4C3C-9AB8-A2956EB3807F}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{FCE3DB81-79CE-491C-BB02-D2ADBD645EC0}: "URL" = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKLM\..\SearchScopes,DefaultScope = {D2AB4D14-FB6D-4C3C-9AB8-A2956EB3807F}
IE - HKLM\..\SearchScopes\{D2AB4D14-FB6D-4C3C-9AB8-A2956EB3807F}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes\{FCE3DB81-79CE-491C-BB02-D2ADBD645EC0}: "URL" = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-314801186-1437938027-1381154866-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
IE - HKU\S-1-5-21-314801186-1437938027-1381154866-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3176921
IE - HKU\S-1-5-21-314801186-1437938027-1381154866-1001\..\SearchScopes,DefaultScope = {D2AB4D14-FB6D-4C3C-9AB8-A2956EB3807F}
IE - HKU\S-1-5-21-314801186-1437938027-1381154866-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchT ... F395E31A6E
IE - HKU\S-1-5-21-314801186-1437938027-1381154866-1001\..\SearchScopes\{D2AB4D14-FB6D-4C3C-9AB8-A2956EB3807F}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-314801186-1437938027-1381154866-1001\..\SearchScopes\{FCE3DB81-79CE-491C-BB02-D2ADBD645EC0}: "URL" = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
IE - HKU\S-1-5-21-314801186-1437938027-1381154866-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programy moje\Picasa\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013.04.25 08:04:01 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Picasa (Enabled) = C:\Programy moje\Picasa\Picasa3\npPicasa3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Dokumenty Google = C:\Users\Jituška\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Jituška\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jituška\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Jituška\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Jituška\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0\
CHR - Extension: express-files = C:\Users\Jituška\AppData\Local\Google\Chrome\User Data\Default\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh\10.16.1.521_0\
CHR - Extension: Gmail = C:\Users\Jituška\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-314801186-1437938027-1381154866-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll (Motorola, Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-314801186-1437938027-1381154866-1001..\Run: [DAEMON Tools Lite] C:\Programy moje\Daemon Tools\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-314801186-1437938027-1381154866-1001..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKU\S-1-5-21-314801186-1437938027-1381154866-1001..\Run: [Facebook Update] "C:\Users\Jituška\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found
O4 - HKU\S-1-5-21-314801186-1437938027-1381154866-1001..\Run: [Infium] "C:\Programy moje\QIP 2012\qip.exe" /autorun File not found
O4 - HKU\S-1-5-21-314801186-1437938027-1381154866-1001..\Run: [PCSpeedUp] C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe ()
O4 - HKU\S-1-5-21-314801186-1437938027-1381154866-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Programy moje\Microsoft Office 2007\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Programy moje\Microsoft Office 2007\Office12\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy moje\Microsoft Office 2007\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy moje\Microsoft Office 2007\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy moje\Microsoft Office 2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0F1B6B98-547D-4B54-AA77-C5902196B66D}: DhcpNameServer = 192.168.1.1 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{406BCC1B-7993-4AFB-8AD1-817F056DA969}: DhcpNameServer = 192.168.1.1 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\ara.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\blindman.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdbootcd.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdcleaner.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sddelfile.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdfiles.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdfilescanhelper.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdimmunize.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdlogreport.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdpesetup.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdpestart.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdphonescan.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdpre.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdpreppos.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdquarantine.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdrootalyzer.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdsbiedit.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdscan.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdscript.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdsettings.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdshred.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdsysrepair.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdtools.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdtray.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdupdate.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdwelcome.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\unins000.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\xcacls.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\ara.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\blindman.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdbootcd.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdcleaner.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sddelfile.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdfiles.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdfilescanhelper.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdimmunize.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdlogreport.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdpesetup.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdpestart.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdphonescan.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdpre.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdpreppos.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdquarantine.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdrootalyzer.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdsbiedit.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdscan.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdscript.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdsettings.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdshred.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdsysrepair.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdtools.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdtray.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdupdate.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdwelcome.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\unins000.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\xcacls.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.01.31 23:20:39 | 000,055,616 | R--- | M] (Electronic Arts) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2013.01.31 20:28:14 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{05469808-8a52-11e2-b59f-60eb69598924}\Shell - "" = AutoRun
O33 - MountPoints2\{05469808-8a52-11e2-b59f-60eb69598924}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2013.01.31 23:20:39 | 000,055,616 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.05.17 14:55:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jituška\Desktop\OTL.exe
[2013.05.17 12:10:29 | 000,000,000 | ---D | C] -- C:\Users\Jituška\Desktop\škola rozdělit
[2013.05.16 22:51:34 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.05.16 22:51:34 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.05.16 22:51:32 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.16 22:51:32 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.05.16 22:51:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.16 22:51:32 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.05.16 22:51:32 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.05.16 22:51:31 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.05.16 22:51:31 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.05.16 22:51:30 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.16 22:51:30 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.05.16 22:51:30 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.16 22:51:29 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.16 22:51:29 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.16 22:51:29 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.05.16 07:42:11 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.05.16 07:42:11 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.05.16 07:41:53 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.05.16 07:41:53 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.05.16 07:41:52 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.05.16 07:41:52 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.05.16 07:41:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013.05.07 20:31:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.04.30 18:47:50 | 000,000,000 | ---D | C] -- C:\Users\Jituška\Documents\The KMPlayer
[2013.04.30 18:45:46 | 000,000,000 | ---D | C] -- C:\Users\Jituška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
[2013.04.28 20:28:30 | 000,000,000 | ---D | C] -- C:\Users\Jituška\Desktop\fotky
[2013.04.27 15:20:21 | 000,000,000 | ---D | C] -- C:\Users\Jituška\AppData\Roaming\GHISLER
[2013.04.25 08:05:54 | 000,000,000 | ---D | C] -- C:\Users\Jituška\AppData\Roaming\ESET
[2013.04.25 08:05:54 | 000,000,000 | ---D | C] -- C:\Users\Jituška\AppData\Local\ESET
[2013.04.25 08:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2013.04.25 08:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2013.04.25 08:03:59 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013.04.25 07:55:28 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2013.04.21 20:08:51 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.04.21 20:08:13 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.04.21 20:06:57 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.04.21 11:41:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.04.21 11:40:57 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.21 11:40:57 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.21 11:40:57 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.18 17:15:58 | 000,000,000 | ---D | C] -- C:\Users\Jituška\AppData\Roaming\Origin
[2013.04.18 17:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2013.04.18 17:15:55 | 000,000,000 | ---D | C] -- C:\Users\Jituška\AppData\Local\Origin
[2013.04.18 17:14:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2013.04.18 17:06:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2013.04.18 17:06:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2013.04.18 17:04:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2013.04.18 16:55:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts

========== Files - Modified Within 30 Days ==========

[2013.05.17 15:03:00 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.17 14:55:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jituška\Desktop\OTL.exe
[2013.05.17 14:49:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-314801186-1437938027-1381154866-1001UA.job
[2013.05.17 14:47:25 | 000,003,289 | ---- | M] () -- C:\Users\Jituška\Desktop\profil.bat
[2013.05.17 14:46:05 | 000,006,580 | ---- | M] () -- C:\Users\Jituška\Desktop\export.reg
[2013.05.17 14:43:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.17 13:36:27 | 000,377,833 | ---- | M] () -- C:\Users\Jituška\Desktop\SysInspector-JITUŠKA-HP-130517-1331.zip
[2013.05.17 13:17:11 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.17 13:17:11 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.17 13:10:45 | 000,002,010 | ---- | M] () -- C:\Users\Jituška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk
[2013.05.17 13:10:04 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.17 13:09:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.17 13:09:42 | 2361,585,664 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.17 12:51:03 | 000,001,100 | ---- | M] () -- C:\Users\Jituška\Desktop\ESET SysRescue.lnk
[2013.05.17 12:50:54 | 000,001,115 | ---- | M] () -- C:\Users\Jituška\Desktop\ESET SysInspector.lnk
[2013.05.17 12:50:49 | 000,002,005 | ---- | M] () -- C:\Users\Jituška\Desktop\ESET Smart Security.lnk
[2013.05.17 12:11:56 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.17 12:11:56 | 000,631,292 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.05.17 12:11:56 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.17 12:11:56 | 000,121,914 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.05.17 12:11:56 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.17 08:11:33 | 000,322,672 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.16 20:49:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-314801186-1437938027-1381154866-1001Core.job
[2013.05.14 20:58:45 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\PC SpeedUp Service Deactivator.job
[2013.05.14 20:44:10 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.05.14 20:44:10 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.04.30 18:45:46 | 000,000,800 | ---- | M] () -- C:\Users\Jituška\Desktop\KMPlayer.lnk
[2013.04.27 15:20:23 | 000,000,798 | ---- | M] () -- C:\Users\Jituška\Desktop\Total Commander.lnk
[2013.04.21 20:08:52 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.04.20 21:11:42 | 000,002,723 | ---- | M] () -- C:\Users\Jituška\Desktop\Microsoft Office Word 2007.lnk
[2013.04.20 21:11:42 | 000,002,641 | ---- | M] () -- C:\Users\Jituška\Desktop\Microsoft Office Excel 2007.lnk
[2013.04.20 21:11:42 | 000,002,625 | ---- | M] () -- C:\Users\Jituška\Desktop\Microsoft Office PowerPoint 2007.lnk
[2013.04.19 21:26:40 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJituška.job
[2013.04.18 20:15:34 | 000,001,350 | ---- | M] () -- C:\Users\Jituška\Desktop\TS3W – zástupce (2).lnk
[2013.04.18 17:14:17 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk

========== Files Created - No Company Name ==========

[2013.05.17 14:47:25 | 000,003,289 | ---- | C] () -- C:\Users\Jituška\Desktop\profil.bat
[2013.05.17 14:46:05 | 000,006,580 | ---- | C] () -- C:\Users\Jituška\Desktop\export.reg
[2013.05.17 13:36:27 | 000,377,833 | ---- | C] () -- C:\Users\Jituška\Desktop\SysInspector-JITUŠKA-HP-130517-1331.zip
[2013.05.17 12:51:03 | 000,001,100 | ---- | C] () -- C:\Users\Jituška\Desktop\ESET SysRescue.lnk
[2013.05.17 12:50:54 | 000,001,115 | ---- | C] () -- C:\Users\Jituška\Desktop\ESET SysInspector.lnk
[2013.05.17 12:50:49 | 000,002,005 | ---- | C] () -- C:\Users\Jituška\Desktop\ESET Smart Security.lnk
[2013.04.30 18:45:46 | 000,000,800 | ---- | C] () -- C:\Users\Jituška\Desktop\KMPlayer.lnk
[2013.04.27 15:20:23 | 000,000,798 | ---- | C] () -- C:\Users\Jituška\Desktop\Total Commander.lnk
[2013.04.27 15:20:22 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2013.04.27 15:20:22 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2013.04.27 15:20:22 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2013.04.27 15:20:22 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2013.04.27 15:20:22 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2013.04.27 15:20:22 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2013.04.21 20:08:52 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013.04.18 20:15:34 | 000,001,350 | ---- | C] () -- C:\Users\Jituška\Desktop\TS3W – zástupce (2).lnk
[2013.04.18 17:06:55 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2013.03.07 11:05:10 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013.03.05 10:43:58 | 000,000,284 | ---- | C] () -- C:\Windows\wininit.ini
[2013.02.20 18:49:58 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.03.11 19:16:04 | 000,000,000 | ---D | M] -- C:\Users\Jituška\AppData\Roaming\Babylon
[2013.03.11 19:18:01 | 000,000,000 | ---D | M] -- C:\Users\Jituška\AppData\Roaming\DAEMON Tools Lite
[2013.04.25 08:05:54 | 000,000,000 | ---D | M] -- C:\Users\Jituška\AppData\Roaming\ESET
[2013.03.15 21:43:04 | 000,000,000 | ---D | M] -- C:\Users\Jituška\AppData\Roaming\ExpressFiles
[2013.04.27 15:20:21 | 000,000,000 | ---D | M] -- C:\Users\Jituška\AppData\Roaming\GHISLER
[2013.04.18 17:16:00 | 000,000,000 | ---D | M] -- C:\Users\Jituška\AppData\Roaming\Origin
[2013.04.02 11:33:26 | 000,000,000 | ---D | M] -- C:\Users\Jituška\AppData\Roaming\uTorrent
[2013.04.06 14:32:55 | 000,000,000 | ---D | M] -- C:\Users\Jituška\AppData\Roaming\WildTangent
[2013.03.15 09:16:19 | 000,000,000 | ---D | M] -- C:\Users\Jituška\AppData\Roaming\Windows Live Writer

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s >
"ProfilesDirectory" = %SystemDrive%\Users -- [2013.05.16 20:08:49 | 000,000,000 | R--D | M]
"Default" = %SystemDrive%\Users\Default -- [2013.02.20 19:50:47 | 000,000,000 | RH-D | M]
"Public" = %SystemDrive%\Users\Public -- [2013.03.04 11:57:27 | 000,000,000 | R--D | M]
"ProgramData" = %SystemDrive%\ProgramData -- [2013.04.25 08:03:59 | 000,000,000 | -H-D | M]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18]
"Flags" = 12
"State" = 0
"RefCount" = 1
"Sid" = 01 01 00 00 00 00 00 05 12 00 00 00 [binary data]
"ProfileImagePath" = %systemroot%\system32\config\systemprofile -- [2013.02.20 20:14:11 | 000,000,000 | ---D | M]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19]
"ProfileImagePath" = C:\Windows\ServiceProfiles\LocalService -- [2009.07.14 09:12:21 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20]
"ProfileImagePath" = C:\Windows\ServiceProfiles\NetworkService -- [2009.07.14 09:12:21 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-314801186-1437938027-1381154866-1001]
"ProfileImagePath" = C:\Users\Jituška -- [2013.03.03 15:37:37 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
"Sid" = 01 05 00 00 00 00 00 05 15 00 00 00 22 7C C3 12 6B 31 B5 55 32 C0 52 52 E9 03 00 00 [binary data]
"ProfileLoadTimeLow" = 0
"ProfileLoadTimeHigh" = 0
"RefCount" = 20
"RunLogonScriptSync" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-314801186-1437938027-1381154866-1003]
"ProfileImagePath" = C:\Users\Jana -- [2013.04.28 11:45:02 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 516
"Sid" = 01 05 00 00 00 00 00 05 15 00 00 00 22 7C C3 12 6B 31 B5 55 32 C0 52 52 EB 03 00 00 [binary data]
"ProfileLoadTimeLow" = 0
"ProfileLoadTimeHigh" = 0
"RefCount" = 0
"RunLogonScriptSync" = 0

< End of report >

iduss20 · #12 Příspěvek od **iduss20** » 17 kvě 2013 14:21

EXTRAS:

OTL Extras logfile created on: 17.5.2013 14:56:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jituška\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,93 Gb Total Physical Memory | 1,20 Gb Available Physical Memory | 41,02% Memory free
5,86 Gb Paging File | 3,75 Gb Available in Paging File | 63,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 281,44 Gb Total Space | 119,64 Gb Free Space | 42,51% Space Free | Partition Type: NTFS
Drive D: | 16,35 Gb Total Space | 2,36 Gb Free Space | 14,43% Space Free | Partition Type: NTFS
Drive F: | 5,23 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: JITUŠKA-HP | User Name: Jituška | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-314801186-1437938027-1381154866-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Programy moje\Microsoft Office 2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programy moje\Microsoft Office 2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~4\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Programy moje\Microsoft Office 2007\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programy moje\Microsoft Office 2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~4\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{064F259D-037C-40B1-98D5-F8FFB4E0CD85}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0C1B4C68-4B09-424E-A619-92A1557E64E9}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0D0AAD0F-40D9-4B49-9846-7B3D25938499}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1714FFC3-4A97-467A-A063-D750C6FC6B37}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{190D04CB-CC72-4E5D-9DA2-4144AF5CCE1E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{20B70326-BCE6-4E34-BEC0-94F8073FDA0F}" = rport=139 | protocol=6 | dir=out | app=system |
"{40F5CD3A-BD37-47C4-A665-900513BAB9C3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{60D69D38-6E91-4BD2-B9E7-A956CC64CEE4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7105CF09-5F69-4BFE-B858-4887AFF13DE0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7314C4CF-B924-47DC-B383-DD72EC492D05}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{81BF12A8-0133-46E8-96B4-B961051F3952}" = rport=137 | protocol=17 | dir=out | app=system |
"{86B30527-1A2F-49B1-AB44-D8939E7056C9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8F6089D4-8B68-4522-B0B2-23B175B2F3AF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{905189D7-BCA4-41B8-8D9D-DD5A9F00A493}" = lport=445 | protocol=6 | dir=in | app=system |
"{9E87FCCA-6B6C-481D-BF6E-39709238C823}" = rport=445 | protocol=6 | dir=out | app=system |
"{9FBB46C9-D67D-4A72-88F3-317F83186F3D}" = rport=138 | protocol=17 | dir=out | app=system |
"{ABD6D88B-4333-4890-BD2B-A3793FF84F07}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AC0DC928-B27F-4F69-BEAD-63BBDCEC7A35}" = lport=138 | protocol=17 | dir=in | app=system |
"{C277FB93-E58A-420A-8F37-E441B754C2E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D07E63F2-6E57-42DB-B422-D08DECEE3E9E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D284C490-0707-4326-98D0-F28BA44A169C}" = lport=139 | protocol=6 | dir=in | app=system |
"{D2A049C2-4DA2-480F-8F78-0BE3EE72B583}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F3F3CD55-F2EE-4B53-8CBC-99EE2C2D1961}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F668AA40-7F66-40AB-B640-C83E75FE3E27}" = lport=137 | protocol=17 | dir=in | app=system |
"{FFE63D26-6F1A-44DB-9685-45033A971ED4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C282B0-E459-48D0-AB79-62B0AEDC3304}" = protocol=6 | dir=out | app=system |
"{02C115E6-F7F6-4212-BD96-B2457A984ABB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{049F8899-5FA1-4C96-A1FB-0BF98D809594}" = protocol=6 | dir=in | app=c:\programy moje\microsoft office 2007\office12\onenote.exe |
"{25B20CB7-D6CA-4AE0-AD9B-C087C9E773E0}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{28622737-A99A-4E46-BE67-EE76BBBDC799}" = protocol=6 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe |
"{2DE1F4BC-3868-4FB6-86A0-CEA9E25BA349}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3216CC9E-EF88-4DC1-9ABC-8BC260D66D1E}" = protocol=17 | dir=in | app=c:\programy moje\microsoft office 2007\office12\onenote.exe |
"{3CEC110A-9FF1-4C0C-AFF3-308008030771}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{453697EC-A66C-4761-8B70-8E2B168F2137}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4A38354D-20A4-4D53-B729-D6E07EBFC0C0}" = protocol=17 | dir=in | app=c:\programy moje\torrent\utorrent.exe |
"{4A400944-220F-4EB2-B75B-1A488316C428}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5671846A-1AFA-4646-A783-0539C16565C9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6403C5E1-2A7A-4449-A40D-935E3A43B8EA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{66AC8B78-47DB-4E9C-9EC5-367D143532E9}" = dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
"{66CC867B-FE05-493F-9D4A-4000C36DE2B4}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{70858FC9-E8D8-42D2-BE05-25D6F697D16B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{71473C13-F610-416B-8379-120CC64AF458}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{7A520B98-B42C-4F2B-BA37-C82F4B32D559}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{83965263-55C2-471F-9EED-6871D6F1A778}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{868E9BD9-FCD4-410C-BA3C-9A9B6F6E7A3B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{90AC8841-7328-46F9-A6E7-BA6C37CAF7A1}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{93FE8544-A1FF-4A7A-B15C-9CE50B259041}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{94ECC9FF-9E14-40A1-A9DF-E6805B2B2B6C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9906DCCE-EECF-4420-895E-E07A65936C67}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9944A88E-4A5C-40CD-827C-0E37629B86A9}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{9B4D6BCE-FDDE-437D-8CF3-1995B40AA67B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9CF9BA7F-5DD3-4846-8287-B7EDBF685E27}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A2616085-E531-4B9E-944B-89BD59284628}" = protocol=17 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe |
"{BC6793B8-25B9-496F-B0DA-19B9A2F50207}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{BCE05112-407D-4C35-90CE-2798FD2BFCC0}" = protocol=6 | dir=in | app=c:\programy moje\torrent\utorrent.exe |
"{BDE73FD8-65AF-463C-9575-CBDBCDE6EFB6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C16A5E62-7BBB-4E32-A25E-D7551B830A3A}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{C1C46223-762B-4DA1-83FF-7588E844B5BA}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{D2429DD5-5113-42B5-9AC1-7E9D3A002DBC}" = dir=in | app=c:\programy moje\skype\phone\skype.exe |
"{DBA31B66-91E5-4806-8D6E-457575D23DE8}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{DEBF7AAE-1B39-4370-90E1-E93B4CC7BE74}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F8E67E97-2053-479C-8010-1188B2162E7E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E990336-E620-4B14-A7B4-4DA369330355}" = HP Wireless Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{701D8EE6-6A5A-4509-9740-35F551193CE0}" = Windows Live Family Safety
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{983073CD-FAAF-4907-AA07-037DBA73B8EE}" = ESET Smart Security
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9}" = RtVOsd
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F61FD928-A74D-4AF9-9667-BE2BB6F2C386}" = Základní software zařízení HP Deskjet 2050 J510 series
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"PCSU-SL_is1" = Zrychleni Pocitace
"Ralink Motorola BC4 Bluetooth 3.0+HS Adapter_is1" = Ralink Motorola BC4 Bluetooth 3.0+HS Adapter
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = The Sims™ 3 Roční období
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Po setmění
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}" = HP Power Manager
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT3090 802.11b/g/n WiFi Adapter
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Povolání snů
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.4 - Czech
"{AF5D2519-C6B4-4AFD-9A8D-FBF74DD4F0A0}" = HP Product Detection
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = The Sims™ 3 Obludárium
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C2B13597-D96D-49D2-AFAC-E302003D2D50}" = HP Documentation
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2E791E1-C111-40DC-9A30-CCFCBD813FB6}" = HP Software Framework
"{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}" = HP Quick Launch
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Hrátky osudu
"{EA561FC0-A965-11E2-94D3-B8AC6F98CCE3}" = Google Earth Plug-in
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}" = The Sims™ 3 Studentský život
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"DAEMON Tools Lite" = DAEMON Tools Lite
"EasyBits Magic Desktop" = Magic Desktop
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"My HP Game Console" = HP Game Console
"Origin" = Origin
"Picasa 3" = Picasa 3
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"WT087328" = Blackhawk Striker 2
"WT087342" = Dora's Carnival Adventure
"WT087360" = Escape Rosecliff Island
"WT087361" = FATE
"WT087362" = Final Drive Nitro
"WT087374" = Jewel Quest - Heritage
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087420" = Agatha Christie - Death on the Nile
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087501" = Plants vs. Zombies
"WT087513" = Virtual Villagers - The Secret City
"WT087533" = Zuma Deluxe

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 26.3.2013 12:49:37 | Computer Name = Jituška-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: HPWMISVC.exe, verze: 2.0.14.0, časové razítko:
0x4c175e63 Název chybujícího modulu: OLEAUT32.dll, verze: 6.1.7601.17676, časové
razítko: 0x4e58702a Kód výjimky: 0xc0000005 Posun chyby: 0x00004660 ID chybujícího
procesu: 0x6bc Čas spuštění chybující aplikace: 0x01ce2a41d495f18b Cesta k chybující
aplikaci: C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe Cesta
k chybujícímu modulu: C:\Windows\syswow64\OLEAUT32.dll ID zprávy: 2495a897-9635-11e2-bddd-60eb69598924

Error - 3.4.2013 12:36:21 | Computer Name = Jituška-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Název chybujícího modulu: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Kód výjimky: 0xc0000005 Posun chyby: 0x0032fddd ID chybujícího procesu:
0x11d8 Čas spuštění chybující aplikace: 0x01ce308626e6c571 Cesta k chybující aplikaci:
C:\Programy moje\GTA San Andreas\GTA San Andreas\gta_sa.exe Cesta k chybujícímu
modulu: C:\Programy moje\GTA San Andreas\GTA San Andreas\gta_sa.exe ID zprávy: 9d77348f-9c7c-11e2-9395-60eb69598924

Error - 3.4.2013 12:37:43 | Computer Name = Jituška-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Název chybujícího modulu: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Kód výjimky: 0xc0000005 Posun chyby: 0x00346929 ID chybujícího procesu:
0x454 Čas spuštění chybující aplikace: 0x01ce308990b12ba3 Cesta k chybující aplikaci:
C:\Programy moje\GTA San Andreas\GTA San Andreas\gta_sa.exe Cesta k chybujícímu
modulu: C:\Programy moje\GTA San Andreas\GTA San Andreas\gta_sa.exe ID zprávy: ce7f7f7b-9c7c-11e2-9395-60eb69598924

Error - 3.4.2013 12:38:33 | Computer Name = Jituška-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Název chybujícího modulu: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Kód výjimky: 0xc0000005 Posun chyby: 0x00346929 ID chybujícího procesu:
0x12c4 Čas spuštění chybující aplikace: 0x01ce3089ae3ffa9f Cesta k chybující aplikaci:
C:\Programy moje\GTA San Andreas\GTA San Andreas\gta_sa.exe Cesta k chybujícímu
modulu: C:\Programy moje\GTA San Andreas\GTA San Andreas\gta_sa.exe ID zprávy: ec0c79b0-9c7c-11e2-9395-60eb69598924

Error - 3.4.2013 12:39:07 | Computer Name = Jituška-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Název chybujícího modulu: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Kód výjimky: 0xc0000005 Posun chyby: 0x00346929 ID chybujícího procesu:
0x594 Čas spuštění chybující aplikace: 0x01ce3089c28db99b Cesta k chybující aplikaci:
C:\Programy moje\GTA San Andreas\GTA San Andreas\gta_sa.exe Cesta k chybujícímu
modulu: C:\Programy moje\GTA San Andreas\GTA San Andreas\gta_sa.exe ID zprávy: 005c5b93-9c7d-11e2-9395-60eb69598924

Error - 4.4.2013 3:59:35 | Computer Name = Jituška-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Název chybujícího modulu: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Kód výjimky: 0xc0000005 Posun chyby: 0x00346929 ID chybujícího procesu:
0xe68 Čas spuštění chybující aplikace: 0x01ce310a58659ec1 Cesta k chybující aplikaci:
C:\Programy moje\GTA San Andreas\GTA San Andreas\gta_sa.exe Cesta k chybujícímu
modulu: C:\Programy moje\GTA San Andreas\GTA San Andreas\gta_sa.exe ID zprávy: 96c6e5ef-9cfd-11e2-afd0-60eb69598924

Error - 4.4.2013 7:54:36 | Computer Name = Jituška-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: gta_sa.exe, verze: 0.0.0.0, časové razítko:
0x427101ca Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x53ff8b90 ID chybujícího procesu: 0xd70 Čas spuštění
chybující aplikace: 0x01ce3128b441d185 Cesta k chybující aplikaci: C:\Programy moje\GTA
San Andreas\GTA San Andreas\gta_sa.exe Cesta k chybujícímu modulu: unknown ID zprávy:
6bc844ea-9d1e-11e2-9149-60eb69598924

Error - 17.4.2013 14:11:56 | Computer Name = Jituška-HP | Source = Application Hang | ID = 1002
Description = Program chrome.exe verze 26.0.1410.64 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
13cc Čas spuštění: 01ce3b6bc3a3993a Čas ukončení: 60000 Cesta k aplikaci: C:\Program
Files (x86)\Google\Chrome\Application\chrome.exe ID hlášení: 18cf283f-a78a-11e2-a63a-60eb69598924

Error - 18.4.2013 3:32:38 | Computer Name = Jituška-HP | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WINWORD.EXE, verze: 12.0.6668.5000, časové
razítko: 0x5083137f Název chybujícího modulu: oart.dll, verze: 12.0.6665.5003, časové
razítko: 0x5061d448 Kód výjimky: 0xc0000005 Posun chyby: 0x0001d908 ID chybujícího
procesu: 0xec0 Čas spuštění chybující aplikace: 0x01ce3bff5bd48501 Cesta k chybující
aplikaci: C:\Programy moje\Microsoft Office 2007\Office12\WINWORD.EXE Cesta k chybujícímu
modulu: C:\Programy moje\Microsoft Office 2007\Office12\oart.dll ID zprávy: 24fd10da-a7fa-11e2-8f82-60eb69598924

Error - 18.4.2013 11:06:23 | Computer Name = Jituška-HP | Source = Windows Installer 3.1 | ID = 921877
Description =

[ Hewlett-Packard Events ]
Error - 6.3.2013 16:13:23 | Computer Name = Jituška-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 v HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Odkaz na objekt není nastaven na instanci objektu. StackTrace: v HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: cs-CZ RAM: 3002
Ram
Utilization: 70 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()

Error - 6.3.2013 17:35:35 | Computer Name = Jituška-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 v HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Odkaz na objekt není nastaven na instanci objektu. StackTrace: v HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: cs-CZ RAM: 3002
Ram
Utilization: 60 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()

[ HP Wireless Assistant Events ]
Error - 25.2.2013 3:22:54 | Computer Name = Jituška-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filtr zpráv volání zrušil.
(Výjimka na základě hodnoty HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementObjectSearcher.Initialize()

v System.Management.ManagementObjectSearcher.Get() v HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) v HPPA_Service.CurrentConfiguration.ApplyDeviceManagerState(List`1
radios) v HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 27.2.2013 7:09:18 | Computer Name = Jituška-HP | Source = HP WA Application | ID = 0
Description = System.Exception HardwareAccess hasn't been instantiated properly.
v PAProgramAccess.Impl.UpdatePowerSchemeInformation(PowerScheme powerScheme)

Error - 21.3.2013 2:12:31 | Computer Name = Jituška-HP | Source = HP WA Application | ID = 0
Description = System.Exception HardwareAccess hasn't been instantiated properly.
v PAProgramAccess.Impl.UpdatePowerSchemeInformation(PowerScheme powerScheme)

Error - 21.3.2013 8:13:34 | Computer Name = Jituška-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filtr zpráv volání zrušil.
(Výjimka na základě hodnoty HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementObjectSearcher.Initialize()

v System.Management.ManagementObjectSearcher.Get() v HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) v HPPA_Service.CurrentConfiguration.ApplyDeviceManagerState(List`1
radios) v HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 26.3.2013 12:51:32 | Computer Name = Jituška-HP | Source = HP WA Application | ID = 0
Description = System.Exception HardwareAccess hasn't been instantiated properly.
v PAProgramAccess.Impl.UpdatePowerSchemeInformation(PowerScheme powerScheme)

Error - 27.3.2013 7:24:06 | Computer Name = Jituška-HP | Source = HP WA Application | ID = 0
Description = System.Exception HardwareAccess hasn't been instantiated properly.
v PAProgramAccess.Impl.UpdatePowerSchemeInformation(PowerScheme powerScheme)

Error - 8.4.2013 13:05:14 | Computer Name = Jituška-HP | Source = HP WA Application | ID = 0
Description = System.Exception HardwareAccess hasn't been instantiated properly.
v PAProgramAccess.Impl.UpdatePowerSchemeInformation(PowerScheme powerScheme)

Error - 18.4.2013 2:39:36 | Computer Name = Jituška-HP | Source = HP WA Application | ID = 0
Description = System.Exception HardwareAccess hasn't been instantiated properly.
v PAProgramAccess.Impl.UpdatePowerSchemeInformation(PowerScheme powerScheme)

Error - 1.5.2013 14:43:26 | Computer Name = Jituška-HP | Source = HP WA Application | ID = 0
Description = System.Exception HardwareAccess hasn't been instantiated properly.
v PAProgramAccess.Impl.UpdatePowerSchemeInformation(PowerScheme powerScheme)

Error - 6.5.2013 9:02:22 | Computer Name = Jituška-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Filtr zpráv volání zrušil.
(Výjimka na základě hodnoty HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementObjectSearcher.Initialize()

v System.Management.ManagementObjectSearcher.Get() v HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) v HPPA_Service.CurrentConfiguration.<ApplyFriendlyNames>b__23(RadioHardware
radio) v System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() v System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()

v HPPA_Service.CurrentConfiguration.ApplyFriendlyNames() v HPPA_Service.CurrentConfiguration.ReloadRadioList()

[ OSession Events ]
Error - 4.3.2013 10:36:27 | Computer Name = Jituška-HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2199
seconds with 1800 seconds of active time. This session ended with a crash.

Error - 18.4.2013 3:32:37 | Computer Name = Jituška-HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3239
seconds with 1140 seconds of active time. This session ended with a crash.

Error - 7.5.2013 5:17:33 | Computer Name = Jituška-HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4391
seconds with 3120 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 20.4.2013 4:40:49 | Computer Name = Jituška-HP | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby NlaSvc bylo dosaženo časového
limitu (30000 ms).

Error - 21.4.2013 5:33:14 | Computer Name = Jituška-HP | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby HPWMISVC bylo dosaženo časového
limitu (30000 ms).

Error - 22.4.2013 1:07:44 | Computer Name = Jituška-HP | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby Appinfo bylo dosaženo časového
limitu (30000 ms).

Error - 22.4.2013 1:07:44 | Computer Name = Jituška-HP | Source = Service Control Manager | ID = 7000
Description = Služba Informace o aplikaci neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 25.4.2013 1:58:01 | Computer Name = Jituška-HP | Source = DCOM | ID = 10010
Description =

Error - 25.4.2013 2:04:07 | Computer Name = Jituška-HP | Source = Service Control Manager | ID = 7030
Description = Služba ESET Service je označena jako interaktivní služba. Avšak systém
je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude
fungovat správně.

Error - 29.4.2013 4:04:02 | Computer Name = Jituška-HP | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (9:42:41, ?29.?4.?2013) bylo neočekávané.

Error - 30.4.2013 2:13:07 | Computer Name = Jituška-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x80070643): Definition Update for Windows Defender - KB915597
(Definition 1.149.884.0).

Error - 6.5.2013 2:50:45 | Computer Name = Jituška-HP | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (6:51:54, ?6.?5.?2013) bylo neočekávané.

Error - 8.5.2013 2:28:34 | Computer Name = Jituška-HP | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby PCSUService bylo dosaženo časového
limitu (30000 ms).

< End of report >

#13 Příspěvek od **stell** » 17 kvě 2013 14:31

Ok, ja tam nevidim ten ucet co si pisala, no nic, zatial odinstaluj tento program
C:\Program Files (x86)\Zrychleni Pocitace
Tak o pol /h.ti napisem dalsi postup.

#14 Příspěvek od **stell** » 17 kvě 2013 14:53

Spust OTL, ako spravca,
nastavenie nechaj tak ako je.
dole do okna vloz tento script.
A teraz klikni na Gombik, knoflik OPRAVIT.
Log po restarte vloz sem.

Kód: Vybrat vše

:OTL
IE - HKU\S-1-5-21-314801186-1437938027-1381154866-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3176921
IE - HKU\S-1-5-21-314801186-1437938027-1381154866-1001\..\SearchScopes,DefaultScope = {D2AB4D14-FB6D-4C3C-9AB8-A2956EB3807F}
IE - HKU\S-1-5-21-314801186-1437938027-1381154866-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=119816&tt=100313_9111pl&babsrc=SP_ss&mntrId=36F370F395E31A6E
O4 - HKLM..\Run: [] File not found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\ara.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\blindman.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdbootcd.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdcleaner.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sddelfile.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdfiles.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdfilescanhelper.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdimmunize.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdlogreport.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdpesetup.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdpestart.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdphonescan.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdpre.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdpreppos.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdquarantine.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdrootalyzer.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdsbiedit.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdscan.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdscript.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdsettings.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdshred.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdsysrepair.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdtools.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdtray.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdupdate.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\sdwelcome.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\unins000.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27:64bit: - HKLM IFEO\xcacls.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\ara.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\blindman.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdbootcd.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdcleaner.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sddelfile.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdfiles.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdfilescanhelper.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdimmunize.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdlogreport.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdpesetup.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdpestart.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdphonescan.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdpre.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdpreppos.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdquarantine.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdrootalyzer.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdsbiedit.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdscan.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdscript.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdsettings.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdshred.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdsysrepair.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdtools.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdtray.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdupdate.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\sdwelcome.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\unins000.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
O27 - HKLM IFEO\xcacls.exe: Debugger - C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe ()
[2013.05.17 14:47:25 | 000,003,289 | ---- | C] () -- C:\Users\Jituška\Desktop\profil.bat
[2013.05.17 14:46:05 | 000,006,580 | ---- | C] () -- C:\Users\Jituška\Desktop\export.reg
[2013.03.11 19:16:04 | 000,000,000 | ---D | M] -- C:\Users\Jituška\AppData\Roaming\Babylon
:Files
C:\Program Files (x86)\Zrychleni Pocitace
:Commands
[resethosts]
[emptytemp]
[clearallrestorepoints]
[Reboot]

iduss20 · #15 Příspěvek od **iduss20** » 17 kvě 2013 16:55

Omlouvám se, byla jsem pryč. Jinak je tedy zvláštní, že o tom uživatelském účtě, tam nejsou žádné záznamy. Tady posílám tu zprávu po restartu pc:

All processes killed
========== OTL ==========
HKU\S-1-5-21-314801186-1437938027-1381154866-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-314801186-1437938027-1381154866-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-314801186-1437938027-1381154866-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ara.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blindman.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdbootcd.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdcleaner.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sddelfile.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdfiles.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdfilescanhelper.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdimmunize.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdlogreport.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdpesetup.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdpestart.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdphonescan.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdpre.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdpreppos.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdquarantine.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdrootalyzer.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdsbiedit.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdscan.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdscript.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdsettings.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdshred.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdsysrepair.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdtools.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdtray.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdupdate.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdwelcome.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skype.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xcacls.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ara.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\blindman.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdbootcd.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdcleaner.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sddelfile.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdfiles.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdfilescanhelper.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdimmunize.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdlogreport.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdpesetup.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdpestart.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdphonescan.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdpre.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdpreppos.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdquarantine.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdrootalyzer.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdsbiedit.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdscan.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdscript.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdsettings.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdshred.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdsysrepair.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdtools.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdtray.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdupdate.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sdwelcome.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skype.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xcacls.exe\ not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe not found.
C:\Users\Jituška\Desktop\profil.bat moved successfully.
C:\Users\Jituška\Desktop\export.reg moved successfully.
C:\Users\Jituška\AppData\Roaming\Babylon folder moved successfully.
========== FILES ==========
File\Folder C:\Program Files (x86)\Zrychleni Pocitace not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User

User: Jana
->Temp folder emptied: 50811 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Jituška
->Temp folder emptied: 671867832 bytes
->Temporary Internet Files folder emptied: 15103915 bytes
->Java cache emptied: 35903 bytes
->Google Chrome cache emptied: 386112809 bytes
->Flash cache emptied: 1028 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 284454592 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46469368 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 339,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 05172013_174909

Files\Folders moved on Reboot...
C:\Users\Jituška\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\TMP00000001881CB10BF23F1478 not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

VIRY.CZ

Neznámý uživatelský účet

Neznámý uživatelský účet

Re: Neznámý uživatelský účet

ProfileList

Re: Neznámý uživatelský účet

Re: Neznámý uživatelský účet

Re: Neznámý uživatelský účet

Re: Neznámý uživatelský účet

Re: Neznámý uživatelský účet

Re: Neznámý uživatelský účet

Re: Neznámý uživatelský účet

Re: Neznámý uživatelský účet

Re: Neznámý uživatelský účet

Re: Neznámý uživatelský účet

Re: Neznámý uživatelský účet

Re: Neznámý uživatelský účet