Vypínání PC

Zpráva

Palla · #1 Příspěvek od **Palla** » 31 kvě 2012 13:33

Zdravím a prosím o kontrolu logu. Tak 2x za den ni vyskočí tabulka, že systém bude restartován, abych ukončil veškeré aplikace. Začalo to asi před týdnem. Log zde:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Uživatel at 2012-05-31 14:30:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (2%) free of 238 GB
Total RAM: 2014 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:30:25, on 31.5.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\sys.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\Documents and Settings\Uživatel\Local Settings\temp\Startup\fp1pdo91.exe
C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\Startup\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\Uživatel\Local Settings\temp\Startup\fp1pdo91.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Dokumenty\Downloads\RSIT (1).exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\trend micro\Uživatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\bhoanyj.exe,C:\WINDOWS\system32\hjddqgd.exe,C:\WINDOWS\system32\xwzzte.exe,C:\WINDOWS\system32\dquuju.exe,C:\WINDOWS\system32\pmqixb.exe,C:\WINDOWS\system32\hqntki.exe,C:\WINDOWS\system32\tdsshk.exe,C:\WINDOWS\system32\rgdsinl.exe,C:\WINDOWS\system32\jtqits.exe,C:\WINDOWS\system32\abphedz.exe,C:\WINDOWS\system32\zxsgfo.exe,
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: CrowdStar Gamebar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [gemstrmw] C:\WINDOWS\system32\gemstrmw.exe /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [lass] C:\WINDOWS\sys.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKLM\..\Policies\Explorer\Run: [10616] C:\DOCUME~1\ALLUSE~1\LOCALS~1\Temp\msiehv.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: fp1pdo91.exe
O4 - Startup: svchost.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Rychlé spuštění aplikace HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Rychlý začátek s aplikací HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {1AE23F24-D3E4-4C57-8468-6618B9B8B70F} (ICASign Class) - https://ib24.csob.cz/Comp/IcaSignerCZ.cab
O16 - DPF: {4ADC518E-B607-11D4-B395-0001020F4519} (SigVer Class) - https://portal.ozp.cz/obj/Signer.cab
O16 - DPF: {4C3CEE0B-4F2F-44C3-9586-4368F3200143} (ICApki Class) - http://download.ica.cz/icapki.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8025513031
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 8025834921
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F9740CE7-2A72-46DA-ACC3-E819FA57F3E1} (CSigner Class) - https://portal1.vzp.cz/http://u-por2e.o ... Signer.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Program Files\Eset\nod32krn.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\PEV.cfxxe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 11481 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1659004503-2049760794-725345543-1003Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1659004503-2049760794-725345543-1003UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-2049760794-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-2049760794-725345543-1003UA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-26 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
CrowdStar Gamebar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-26 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-03-26 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - CrowdStar Gamebar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2004-10-27 61952]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2005-01-01 847872]
"gemstrmw"=C:\WINDOWS\system32\gemstrmw.exe [2003-08-30 24576]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-10-04 8491008]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-10-04 81920]
"StatusClient 2.6"=C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe [2004-02-27 61440]
"TomcatStartup 2.5"=C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe [2004-05-10 188416]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-12-09 225280]
"LogitechVideo[inspector]"=C:\Program Files\Logitech\Video\InstallHelper.exe [2005-12-07 73728]
"LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-03-28 413696]
"lass"=C:\WINDOWS\sys.exe [2010-12-08 194560]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-03-07 3508624]
""= []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"10616"=C:\DOCUME~1\ALLUSE~1\LOCALS~1\Temp\msiehv.exe [2009-08-06 61056]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Facebook Update"=C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2011-12-23 137536]
"Google Update"=C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-02-01 136176]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2012-03-07 943504]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-03-07 21392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant]
C:\Program Files\Logitech\Video\CameraAssistant.exe [2005-12-07 489472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech Internet Handset.lnk]
C:\PROGRA~1\Logitech\LOGITE~1\LOGI_HDS.exe [2006-10-17 773656]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Rychlé spuštění aplikace HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
Rychlý začátek s aplikací HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\Startup
fp1pdo91.exe
svchost.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=lvcodec2.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.LEAD"=LCODCCMP.DLL
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll

======List of files/folders created in the last 1 month======

2017-12-19 17:14:20 ----AC---- C:\WINDOWS\system32\nms32.dll
2017-12-19 17:14:20 ----A---- C:\WINDOWS\system32\imon.dll
2017-12-19 17:14:20 ----A---- C:\WINDOWS\system32\drivers\amon.sys
2017-12-19 17:14:06 ----D---- C:\Program Files\ESET
2012-05-23 14:15:58 ----D---- C:\Stavba hlavní
2012-05-20 03:44:38 ----D---- C:\Program Files\DsNET Corp
2012-05-20 03:38:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ask
2012-05-14 11:50:55 ----D---- C:\clj3550 printing system
2012-05-12 03:13:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2012-05-12 03:03:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2012-05-12 03:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2695962$
2012-05-12 03:02:24 ----A---- C:\WINDOWS\imsins.BAK
2012-05-12 03:02:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2012-05-11 20:14:29 ----D---- C:\Program Files\Common Files\Sonic Shared
2012-05-11 18:55:30 ----HD---- C:\Config.Msi
2012-05-11 18:54:54 ----N---- C:\WINDOWS\hpgmdl13.dat
2012-05-11 18:54:54 ----A---- C:\WINDOWS\hpgins13.dat
2012-05-11 18:17:33 ----D---- C:\Program Files\COL11002
2012-05-11 18:02:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\HP
2012-05-10 11:59:50 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of files/folders modified in the last 1 month======

2012-05-31 14:30:20 ----D---- C:\Program Files\trend micro
2012-05-31 14:30:09 ----D---- C:\WINDOWS\Prefetch
2012-05-31 14:27:46 ----D---- C:\WINDOWS
2012-05-31 14:27:10 ----D---- C:\WINDOWS\temp
2012-05-31 14:25:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-05-28 05:08:12 ----A---- C:\WINDOWS\wincmd.ini
2012-05-28 04:37:37 ----D---- C:\WINDOWS\system32
2012-05-28 03:20:06 ----D---- C:\WINDOWS\system32\CatRoot2
2012-05-27 16:48:11 ----SHD---- C:\WINDOWS\Installer
2012-05-27 03:17:59 ----D---- C:\Filmy
2012-05-26 19:06:14 ----D---- C:\Naskenované
2012-05-25 20:27:55 ----A---- C:\WINDOWS\hpfccopy.INI
2012-05-25 19:12:28 ----HD---- C:\WINDOWS\inf
2012-05-24 21:15:46 ----D---- C:\100OLYMP
2012-05-23 18:41:55 ----D---- C:\Videos
2012-05-23 18:36:11 ----D---- C:\Mrtvé moře
2012-05-23 03:33:19 ----D---- C:\WINDOWS\Microsoft.NET
2012-05-23 03:02:17 ----D---- C:\WINDOWS\WinSxS
2012-05-20 17:39:08 ----SD---- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft
2012-05-20 03:44:38 ----RD---- C:\Program Files
2012-05-14 15:17:10 ----D---- C:\DVD
2012-05-14 12:47:36 ----A---- C:\WINDOWS\hplj1010.ini
2012-05-14 12:46:49 ----D---- C:\WINDOWS\system32\CatRoot
2012-05-14 12:45:33 ----D---- C:\Program Files\Hewlett-Packard
2012-05-14 12:02:47 ----A---- C:\WINDOWS\hpclj3550.ini
2012-05-14 12:01:17 ----HD---- C:\Program Files\Zero G Registry
2012-05-14 11:58:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-05-14 11:57:58 ----AC---- C:\WINDOWS\system32\AddPort.ini
2012-05-14 11:57:46 ----RD---- C:\WINDOWS\Fonts
2012-05-12 03:17:32 ----RSD---- C:\WINDOWS\assembly
2012-05-12 03:13:12 ----D---- C:\WINDOWS\system32\XPSViewer
2012-05-12 03:09:27 ----D---- C:\WINDOWS\Debug
2012-05-12 03:08:50 ----A---- C:\WINDOWS\system32\MRT.exe
2012-05-12 03:08:12 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-05-12 03:03:45 ----HD---- C:\WINDOWS\$hf_mig$
2012-05-11 20:14:39 ----D---- C:\temp
2012-05-11 20:14:29 ----D---- C:\WINDOWS\system32\drivers
2012-05-11 20:14:29 ----D---- C:\Program Files\Common Files
2012-05-11 20:13:14 ----D---- C:\Program Files\Common Files\HP
2012-05-11 20:12:14 ----A---- C:\WINDOWS\win.ini
2012-05-11 18:57:06 ----D---- C:\WINDOWS\twain_32
2012-05-11 18:42:30 ----D---- C:\Program Files\CCleaner
2012-05-11 17:19:21 ----HD---- C:\Program Files\Avago-HP
2012-05-10 15:08:03 ----AD---- C:\1
2012-05-10 11:59:53 ----SD---- C:\WINDOWS\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-08-19 46080]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-16 12032]
R2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2005-10-05 141312]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-03-04 127872]
R3 Dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976]
R3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 GTwinUSB;GTwinUSB; C:\WINDOWS\System32\Drivers\GTwinUSB.sys [2002-10-04 61776]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 itchfltr;iTouch Keyboard Filter; C:\WINDOWS\system32\DRIVERS\itchfltr.sys [2002-07-10 11008]
R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-12-06 39424]
R3 mf;mf; C:\WINDOWS\system32\DRIVERS\mf.sys [2008-04-13 63744]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NmPar;Unusable Parallel Port; C:\WINDOWS\system32\DRIVERS\NmPar.sys [2008-12-24 80256]
R3 nmserial;PCI Serial Port; C:\WINDOWS\system32\DRIVERS\nmserial.sys [2008-12-16 70016]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-10-04 6854464]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-07-11 35072]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-07-11 13184]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2008-05-21 9856]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2005-08-11 393088]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2011-12-08 30312]
S3 catchme;catchme; \??\C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.SYS []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-10-27 145920]
S3 Lvckap;Logitech Kernel Audio Processing Filter Driver; \??\C:\WINDOWS\system32\drivers\Lvckap.sys []
S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-12-06 7136]
S3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-12-06 916096]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2011-12-08 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-12-08 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-12-08 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-12-08 114280]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2006-05-23 20543]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-03-26 153376]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [2005-12-09 81920]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2017-12-19 372736]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2006-07-11 131131]
R2 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2006-07-11 65599]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-10-04 155716]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-29 135664]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\PEV.cfxxe [2010-04-26 256512]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-14 257696]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-29 135664]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-03-30 504104]
S3 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2006-05-12 439248]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **JaRon** » 31 kvě 2012 13:43

pouzi postup kolegu z 21:09 http://forum.viry.cz/viewtopic.php?f=13 ... l#p1116493

Palla · #3 Příspěvek od **Palla** » 31 kvě 2012 15:34

Log se podařil až na podruhý. Při první práci Combofixu zase vyskočila tabulka s textem: Probíhá vypnutí systému atd.

Log z Combofixu:

ComboFix 12-05-31.01 - Uživatel 31.05.2012 15:59:11.8.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2014.1325 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Dokumenty\Downloads\ComboFix.exe
AV: Eset NOD32 Antivirus 2.0 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ActiveArmor Firewall *Enabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\UIVATE~1\LOCALS~1\Temp\08f56ff6-864d-4a92-944a-57b870198cb2\CliSecureRT.dll
c:\docume~1\UIVATE~1\LOCALS~1\Temp\Startup\fp1pdo91.exe
c:\docume~1\UIVATE~1\LOCALS~1\Temp\Startup\svchost.exe
c:\documents and settings\Uživatel\Local Settings\temp\08f56ff6-864d-4a92-944a-57b870198cb2\CliSecureRT.dll
C:\DSC00021.JPG
C:\DSC00022.JPG
C:\DSC00023.jpg
C:\DSCF0104.JPG
c:\windows\Installer\{d7572434-dc92-7840-0824-92d8b42eff19}
c:\windows\Installer\{d7572434-dc92-7840-0824-92d8b42eff19}\@
c:\windows\Installer\{d7572434-dc92-7840-0824-92d8b42eff19}\n
c:\windows\Installer\{d7572434-dc92-7840-0824-92d8b42eff19}\U\00000001.@
c:\windows\Installer\{d7572434-dc92-7840-0824-92d8b42eff19}\U\80000000.@
c:\windows\Installer\{d7572434-dc92-7840-0824-92d8b42eff19}\U\800000cb.@
c:\windows\msmqinst.log
c:\windows\unin0405.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-28 do 2012-05-31 )))))))))))))))))))))))))))))))
.
.
2017-12-19 15:14 . 2017-12-19 15:14 300048 ----a-w- c:\windows\system32\drivers\amon.sys
2017-12-19 15:14 . 2017-12-19 15:14 245760 ----a-w- c:\windows\system32\imon.dll
2017-12-19 15:14 . 2017-12-19 15:14 114688 -c--a-w- c:\windows\system32\nms32.dll
2017-12-19 15:14 . 2008-02-08 04:23 -------- d-----w- c:\program files\ESET
2012-05-23 12:15 . 2012-05-25 17:54 -------- d-----w- C:\Stavba hlavní
2012-05-20 01:44 . 2012-05-20 01:44 -------- d-----w- c:\program files\DsNET Corp
2012-05-20 01:38 . 2012-05-20 01:38 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Ask
2012-05-14 09:50 . 2012-05-14 09:52 -------- d-----w- C:\clj3550 printing system
2012-05-11 18:14 . 2012-05-11 18:14 -------- d-----w- c:\program files\Common Files\Sonic Shared
2012-05-11 16:17 . 2012-05-11 16:51 -------- d-----w- c:\program files\COL11002
2012-05-11 16:02 . 2012-05-11 16:57 -------- d-----w- c:\documents and settings\All Users\Data aplikací\HP
2012-05-10 09:59 . 2012-05-14 12:14 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-25 14:52 . 2012-05-25 14:52 1260 ----a-w- C:\Certifikát VZP.zip
2012-05-14 12:14 . 2011-06-26 23:54 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-11 13:55 . 2011-02-09 14:05 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 13:55 . 2010-12-31 14:04 1862272 ----a-w- c:\windows\system32\win32k.sys
2012-04-11 13:55 . 2011-02-09 14:05 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-26 14:05 . 2012-03-26 14:05 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-03-26 14:05 . 2010-05-17 13:29 472808 ----a-w- c:\windows\system32\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\documents and settings\Uživatel\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" [2011-12-23 137536]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2012-03-06 943504]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-03-06 21392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2005-01-01 847872]
"gemstrmw"="c:\windows\system32\gemstrmw.exe" [2003-08-29 24576]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8491008]
"nwiz"="nwiz.exe" [2007-10-04 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920]
"StatusClient 2.6"="c:\program files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe" [2004-02-27 61440]
"TomcatStartup 2.5"="c:\program files\Hewlett-Packard\Toolbox\hpbpsttp.exe" [2004-05-10 188416]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-12-09 225280]
"LogitechVideo[inspector]"="c:\program files\Logitech\Video\InstallHelper.exe" [2005-12-07 09:33 73728]
"LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
"lass"="c:\windows\sys.exe" [2010-12-08 194560]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-03-06 3508624]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"10616"="c:\docume~1\ALLUSE~1\LOCALS~1\Temp\msiehv.exe" [2009-08-06 61056]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Rychlé spuštění aplikace HP Image Zone.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]
Rychlý začátek s aplikací HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech Internet Handset.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech Internet Handset.lnk
backup=c:\windows\pss\Logitech Internet Handset.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant]
2005-12-07 09:26 489472 -c--a-w- c:\program files\Logitech\Video\CameraAssistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 --sh--w- c:\program files\Messenger\msmsgs.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10336:TCP"= 10336:TCP
.
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 11:28 73728]
R3 GTwinUSB;GTwinUSB;c:\windows\system32\drivers\GTwinUSB.sys [20.12.2007 1:07 61776]
R3 itchfltr;iTouch Keyboard Filter;c:\windows\system32\drivers\itchfltr.sys [30.12.2007 5:39 11008]
R3 NmPar;Unusable Parallel Port;c:\windows\system32\drivers\NmPar.sys [14.12.2007 18:07 80256]
R3 nmserial;PCI Serial Port;c:\windows\system32\drivers\NmSerial.sys [14.12.2007 18:07 70016]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29.4.2010 19:39 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [10.5.2012 11:59 257696]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [30.3.2012 20:11 30312]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [29.4.2010 19:39 135664]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [30.3.2012 20:11 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [30.3.2012 20:11 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [30.3.2012 20:11 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [30.3.2012 20:11 114280]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-10 12:14]
.
2012-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-29 17:39]
.
2012-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-29 17:39]
.
2012-05-31 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-09-28 21:44]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uInternet Settings,ProxyOverride = <local>
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
LSP: imon.dll
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
DPF: {1AE23F24-D3E4-4C57-8468-6618B9B8B70F} - hxxps://ib24.csob.cz/Comp/IcaSignerCZ.cab
DPF: {4ADC518E-B607-11D4-B395-0001020F4519} - hxxps://portal.ozp.cz/obj/Signer.cab
DPF: {4C3CEE0B-4F2F-44C3-9586-4368F3200143} - hxxp://download.ica.cz/icapki.cab
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/static/pages/ ... ?3,16,13,0
DPF: {F9740CE7-2A72-46DA-ACC3-E819FA57F3E1} - hxxps://portal1.vzp.cz/http://u-por2e.op99.vzp.cz/IISIPortal/d ... Signer.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-31 16:23
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(656)
c:\windows\system32\SecureStoreCSP.dll
c:\windows\system32\SecureStoreCore.dll
c:\windows\system32\STM4XW32.dll
c:\windows\system32\LIBEAY32_098.dll
c:\windows\system32\SecureStoreCspRes.dll
.
- - - - - - - > 'lsass.exe'(712)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
- - - - - - - > 'explorer.exe'(8188)
c:\program files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSCS.DLL
c:\windows\system32\nvwddi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
c:\windows\System32\SCardSvr.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Eset\nod32krn.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\rundll32.exe
c:\program files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\HP\Digital Imaging\bin\hpqimzone.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Celkový čas: 2012-05-31 16:29:54 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-05-31 14:29
ComboFix2.txt 2010-11-01 11:07
ComboFix3.txt 2009-01-13 16:11
.
Před spuštěním: 4 318 662 656
Po spuštění: 4 819 689 472
.
- - End Of File - - 1688A3A462160DE94F4FD56423E3BA54

#4 Příspěvek od **JaRon** » 01 čer 2012 06:29

no este tam ostali nejake bubaky ,,,
Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"lass"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"10616"=-

File::
c:\windows\sys.exe
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job

Folder::
c:\program files\Ask.com

uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:

Obrázek

po aplikacii by mal vzniknut dalsi log, ten vloz sem

Palla · #5 Příspěvek od **Palla** » 29 čer 2012 22:56

Zde je log z Combofifu. Před použitím Combofixu se počítač stále tak 4x za den restartuje stylem, že vyskočí okno systém bude za 60 s restartován, uložte si potřebné dokumenty. Snad se tam něco najde. Předem díky.

ComboFix 12-06-28.03 - Uživatel 29.06.2012 23:23:39.10.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2014.1385 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Uživatel\Plocha\CFScript.txt
AV: Eset NOD32 Antivirus 2.0 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ActiveArmor Firewall *Enabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
.
FILE ::
"c:\windows\sys.exe"
"c:\windows\Tasks\Scheduled Update for Ask Toolbar.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\UIVATE~1\LOCALS~1\Temp\08f56ff6-864d-4a92-944a-57b870198cb2\CliSecureRT.dll
c:\documents and settings\Uživatel\Local Settings\temp\08f56ff6-864d-4a92-944a-57b870198cb2\CliSecureRT.dll
c:\windows\Installer\{d7572434-dc92-7840-0824-92d8b42eff19}
c:\windows\Installer\{d7572434-dc92-7840-0824-92d8b42eff19}\@
c:\windows\Installer\{d7572434-dc92-7840-0824-92d8b42eff19}\n
c:\windows\Installer\{d7572434-dc92-7840-0824-92d8b42eff19}\U\00000001.@
c:\windows\Installer\{d7572434-dc92-7840-0824-92d8b42eff19}\U\80000000.@
c:\windows\Installer\{d7572434-dc92-7840-0824-92d8b42eff19}\U\800000cb.@
c:\windows\msmqinst.log
c:\windows\system32\drivers\str.sys
.
---- Předchozí spuštění -------
.
c:\docume~1\UIVATE~1\LOCALS~1\Temp\08f56ff6-864d-4a92-944a-57b870198cb2\CliSecureRT.dll
c:\documents and settings\Uživatel\Local Settings\temp\08f56ff6-864d-4a92-944a-57b870198cb2\CliSecureRT.dll
c:\program files\Ask.com\cb_119.ico
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_118.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-28 do 2012-06-29 )))))))))))))))))))))))))))))))
.
.
2017-12-19 15:14 . 2017-12-19 15:14 300048 ----a-w- c:\windows\system32\drivers\amon.sys
2017-12-19 15:14 . 2017-12-19 15:14 245760 ----a-w- c:\windows\system32\imon.dll
2017-12-19 15:14 . 2017-12-19 15:14 114688 -c--a-w- c:\windows\system32\nms32.dll
2017-12-19 15:14 . 2012-06-12 14:48 -------- d-----w- c:\program files\ESET
2012-06-24 16:03 . 2006-01-20 16:53 512000 ----a-w- c:\windows\system32\ndmpeg4v.dll
2012-06-24 16:02 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2012-06-24 16:02 . 2001-09-05 02:18 225280 ------w- c:\program files\Common Files\InstallShield\IScript\IScript.dll
2012-06-24 16:02 . 2001-09-05 02:14 176128 ------w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2012-06-24 16:02 . 2001-09-05 02:13 32768 ------w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2012-06-22 16:56 . 2001-08-17 19:51 19584 -c--a-w- c:\windows\system32\dllcache\rasirda.sys
2012-06-22 16:56 . 2001-08-17 19:51 19584 ----a-w- c:\windows\system32\drivers\rasirda.sys
2012-06-22 16:56 . 2008-04-14 03:22 152064 -c--a-w- c:\windows\system32\dllcache\irftp.exe
2012-06-22 16:56 . 2008-04-14 03:22 152064 ----a-w- c:\windows\system32\irftp.exe
2012-06-22 16:56 . 2008-04-14 03:22 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2012-06-22 16:56 . 2008-04-14 03:22 8192 ----a-w- c:\windows\system32\wshirda.dll
2012-06-22 16:56 . 2008-04-14 03:21 27648 -c--a-w- c:\windows\system32\dllcache\irmon.dll
2012-06-22 16:56 . 2008-04-14 03:21 27648 ----a-w- c:\windows\system32\irmon.dll
2012-06-22 16:56 . 2008-04-13 18:54 88192 -c--a-w- c:\windows\system32\dllcache\irda.sys
2012-06-22 16:56 . 2008-04-13 18:54 88192 ----a-w- c:\windows\system32\drivers\irda.sys
2012-06-22 16:56 . 2001-08-17 19:49 26624 -c--a-w- c:\windows\system32\dllcache\irstusb.sys
2012-06-22 16:56 . 2001-08-17 19:49 26624 ----a-w- c:\windows\system32\drivers\irstusb.sys
2012-06-22 13:08 . 2012-06-22 13:09 -------- d-----w- C:\Fotky a videa telefon
2012-06-17 20:04 . 2012-06-17 20:04 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE
2012-06-13 23:09 . 2012-05-11 14:44 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-25 08:01 . 2012-05-10 09:59 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-25 08:01 . 2011-06-26 23:54 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-02 13:19 . 2007-12-14 10:33 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2007-12-14 10:33 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2007-12-14 10:13 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2007-12-14 10:13 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2007-12-14 10:13 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2008-12-03 02:37 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2007-12-14 10:33 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2007-12-14 10:33 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2007-12-14 10:13 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2007-12-14 10:13 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2004-08-17 13:49 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2007-12-14 10:13 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2007-12-14 10:13 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2009-01-12 03:41 17648 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2009-01-12 03:41 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2008-10-16 13:07 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-31 13:22 . 2004-08-17 13:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-25 14:52 . 2012-05-25 14:52 1260 ----a-w- C:\Certifikát VZP.zip
2012-05-16 15:09 . 2004-08-17 13:49 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 13:55 . 2010-12-31 14:04 1863168 ----a-w- c:\windows\system32\win32k.sys
2012-05-11 14:44 . 2004-08-17 13:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 14:44 . 2004-08-17 13:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-11 11:38 . 2004-08-17 13:44 385024 ----a-w- c:\windows\system32\html.iec
2012-05-05 03:14 . 2011-02-09 14:05 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-05 03:14 . 2011-02-09 14:05 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2007-12-14 10:11 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-05-31_14.23.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-06-29 21:42 . 2012-06-29 21:42 16384 c:\windows\temp\Perflib_Perfdata_754.dat
+ 2012-06-21 23:56 . 2012-06-02 13:19 45080 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.6.7600.256\wups2.dll
+ 2012-06-21 23:56 . 2012-06-02 13:19 35864 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.6.7600.256\wups.dll
+ 2003-04-16 12:00 . 2012-06-14 01:12 71632 c:\windows\system32\perfc009.dat
- 2003-04-16 12:00 . 2012-05-12 01:08 71632 c:\windows\system32\perfc009.dat
+ 2003-04-16 12:00 . 2012-06-14 01:12 82988 c:\windows\system32\perfc005.dat
- 2003-04-16 12:00 . 2012-05-12 01:08 82988 c:\windows\system32\perfc005.dat
+ 2004-08-17 13:49 . 2012-05-11 14:44 67072 c:\windows\system32\mshtmled.dll
- 2007-08-13 17:54 . 2012-03-01 10:59 55296 c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 17:54 . 2012-05-11 14:44 55296 c:\windows\system32\msfeedsbs.dll
+ 2004-08-17 13:49 . 2012-05-11 14:44 25600 c:\windows\system32\jsproxy.dll
- 2004-08-17 13:49 . 2012-03-01 10:59 25600 c:\windows\system32\jsproxy.dll
- 2009-12-16 15:50 . 2012-03-01 10:59 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2009-12-16 15:50 . 2012-05-11 14:44 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2007-12-14 10:13 . 2012-06-02 13:19 35864 c:\windows\system32\dllcache\wups.dll
+ 2007-12-14 10:13 . 2012-06-02 13:19 53784 c:\windows\system32\dllcache\wuauclt.exe
+ 2004-08-17 13:49 . 2012-05-11 14:44 67072 c:\windows\system32\dllcache\mshtmled.dll
+ 2007-12-14 11:22 . 2012-05-11 14:44 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-12-14 11:22 . 2012-03-01 10:59 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2004-08-17 13:49 . 2012-05-11 14:44 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2004-08-17 13:49 . 2012-03-01 10:59 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2004-08-17 13:49 . 2012-03-01 10:59 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-17 13:49 . 2012-05-11 14:44 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-17 13:49 . 2012-06-02 13:19 97304 c:\windows\system32\dllcache\cdm.dll
+ 2012-06-17 20:04 . 2012-06-17 20:04 32768 c:\windows\system32\config\systemprofile\PrivacIE\index.dat
+ 2007-12-14 10:18 . 2012-06-17 20:04 49152 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2012-06-17 20:04 . 2012-06-17 20:04 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012012061720120618\index.dat
+ 2007-12-14 10:18 . 2012-06-17 20:04 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2007-12-14 10:18 . 2012-04-19 02:51 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2010-10-29 07:27 . 2010-10-31 00:22 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2010-10-29 07:27 . 2012-06-17 20:04 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
- 2010-12-22 12:10 . 2012-04-19 02:51 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2012-06-17 20:04 . 2012-06-17 20:04 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2012-06-14 01:06 . 2012-03-01 10:59 12800 c:\windows\ie8updates\KB2699988-IE8\xpshims.dll
+ 2012-06-14 01:06 . 2012-03-01 10:59 66560 c:\windows\ie8updates\KB2699988-IE8\mshtmled.dll
+ 2012-06-14 01:06 . 2012-03-01 10:59 55296 c:\windows\ie8updates\KB2699988-IE8\msfeedsbs.dll
+ 2012-06-14 01:06 . 2012-03-01 10:59 43520 c:\windows\ie8updates\KB2699988-IE8\licmgr10.dll
+ 2012-06-14 01:06 . 2012-03-01 10:59 25600 c:\windows\ie8updates\KB2699988-IE8\jsproxy.dll
+ 2012-06-14 01:05 . 2012-06-14 01:05 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_8510b859\System.Drawing.Design.dll
+ 2012-06-14 01:16 . 2012-06-14 01:16 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3b34fc2c8c94ffe21f75168980b69dfe\System.Web.DynamicData.Design.ni.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-06-17 20:04 . 2012-06-17 21:19 7168 c:\windows\system32\config\systemprofile\Local Settings\Data aplikací\Microsoft\Internet Explorer\Recovery\Active\{9630373B-B8B7-11E1-9E0D-001D607E4E45}.dat
+ 2012-06-17 21:19 . 2012-06-17 21:19 7022 c:\windows\system32\config\systemprofile\Local Settings\Data aplikací\Microsoft\Internet Explorer\frameiconcache.dat
+ 2012-06-14 01:11 . 2012-06-14 01:11 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-05-12 01:07 . 2012-05-12 01:07 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2004-08-17 13:49 . 2012-03-01 10:59 105984 c:\windows\system32\url.dll
+ 2004-08-17 13:49 . 2012-05-11 14:44 105984 c:\windows\system32\url.dll
- 2003-04-16 12:00 . 2012-05-12 01:08 441696 c:\windows\system32\perfh009.dat
+ 2003-04-16 12:00 . 2012-06-14 01:12 441696 c:\windows\system32\perfh009.dat
- 2003-04-16 12:00 . 2012-05-12 01:08 438268 c:\windows\system32\perfh005.dat
+ 2003-04-16 12:00 . 2012-06-14 01:12 438268 c:\windows\system32\perfh005.dat
- 2004-08-17 13:49 . 2012-03-01 10:59 206848 c:\windows\system32\occache.dll
+ 2004-08-17 13:49 . 2012-05-11 14:44 206848 c:\windows\system32\occache.dll
+ 2004-08-17 13:49 . 2012-05-11 14:44 611840 c:\windows\system32\mstime.dll
- 2004-08-17 13:49 . 2012-03-01 10:59 611840 c:\windows\system32\mstime.dll
+ 2007-08-13 17:54 . 2012-05-11 14:44 629760 c:\windows\system32\msfeeds.dll
+ 2012-06-25 08:01 . 2012-06-25 08:01 686280 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
+ 2012-06-25 08:01 . 2012-06-25 08:01 465096 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.dll
+ 2012-05-10 09:59 . 2012-06-25 08:01 257224 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
- 2004-08-17 13:49 . 2012-03-01 10:59 184320 c:\windows\system32\iepeers.dll
+ 2004-08-17 13:49 . 2012-05-11 14:44 184320 c:\windows\system32\iepeers.dll
- 2004-08-17 13:49 . 2012-03-01 10:59 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-17 13:49 . 2012-05-11 14:44 387584 c:\windows\system32\iedkcs32.dll
- 2004-08-17 13:49 . 2012-02-29 12:17 174080 c:\windows\system32\ie4uinit.exe
+ 2004-08-17 13:49 . 2012-05-11 11:38 174080 c:\windows\system32\ie4uinit.exe
- 2007-12-14 10:59 . 2012-05-12 01:29 148400 c:\windows\system32\FNTCACHE.DAT
+ 2007-12-14 10:59 . 2012-06-14 12:03 148400 c:\windows\system32\FNTCACHE.DAT
+ 2007-12-14 10:13 . 2012-06-02 13:19 210968 c:\windows\system32\dllcache\wuweb.dll
+ 2007-12-14 10:13 . 2012-06-02 13:19 329240 c:\windows\system32\dllcache\wucltui.dll
+ 2007-12-14 10:13 . 2012-06-02 13:19 577048 c:\windows\system32\dllcache\wuapi.dll
- 2004-08-17 13:49 . 2012-03-01 10:59 916992 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-17 13:49 . 2012-05-16 15:09 916992 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-17 13:49 . 2012-05-11 14:44 105984 c:\windows\system32\dllcache\url.dll
- 2004-08-17 13:49 . 2012-03-01 10:59 105984 c:\windows\system32\dllcache\url.dll
+ 2011-08-10 13:28 . 2012-05-02 13:46 139656 c:\windows\system32\dllcache\rdpwd.sys
+ 2004-08-17 13:49 . 2012-05-11 14:44 206848 c:\windows\system32\dllcache\occache.dll
- 2004-08-17 13:49 . 2012-03-01 10:59 206848 c:\windows\system32\dllcache\occache.dll
- 2004-08-17 13:49 . 2012-03-01 10:59 611840 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-17 13:49 . 2012-05-11 14:44 611840 c:\windows\system32\dllcache\mstime.dll
+ 2007-12-14 11:22 . 2012-05-11 14:44 629760 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-12-16 15:50 . 2012-05-11 14:44 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-12-16 15:50 . 2012-03-01 10:59 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2004-08-17 13:49 . 2012-03-01 10:59 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-17 13:49 . 2012-05-11 14:44 184320 c:\windows\system32\dllcache\iepeers.dll
- 2010-06-10 07:21 . 2012-03-01 10:59 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-06-10 07:21 . 2012-05-11 14:44 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2004-08-17 13:49 . 2012-05-11 14:44 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-17 13:49 . 2012-03-01 10:59 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-17 13:49 . 2012-05-11 11:38 174080 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-17 13:49 . 2012-02-29 12:17 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2011-09-03 10:17 . 2012-05-31 13:22 602112 c:\windows\system32\dllcache\crypt32.dll
- 2011-09-03 10:17 . 2011-09-28 07:06 602112 c:\windows\system32\dllcache\crypt32.dll
- 2012-01-31 01:38 . 2012-01-31 01:38 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2012-04-21 05:15 . 2012-04-21 05:15 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2012-01-27 15:35 . 2012-01-27 15:35 471040 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
+ 2012-04-25 15:45 . 2012-04-25 15:45 471040 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
+ 2012-04-21 19:55 . 2012-04-21 19:55 980480 c:\windows\Installer\c274b89.msp
+ 2012-06-14 01:06 . 2012-03-01 10:59 916992 c:\windows\ie8updates\KB2699988-IE8\wininet.dll
+ 2012-06-14 01:06 . 2012-03-01 10:59 105984 c:\windows\ie8updates\KB2699988-IE8\url.dll
+ 2012-06-14 01:06 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2699988-IE8\spuninst\updspapi.dll
+ 2012-06-14 01:06 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2699988-IE8\spuninst\spuninst.exe
+ 2012-06-14 01:06 . 2012-03-01 10:59 206848 c:\windows\ie8updates\KB2699988-IE8\occache.dll
+ 2012-06-14 01:06 . 2012-03-01 10:59 611840 c:\windows\ie8updates\KB2699988-IE8\mstime.dll
+ 2012-06-14 01:06 . 2012-03-01 10:59 602112 c:\windows\ie8updates\KB2699988-IE8\msfeeds.dll
+ 2012-06-14 01:06 . 2009-03-08 03:35 521216 c:\windows\ie8updates\KB2699988-IE8\jsdbgui.dll
+ 2012-06-14 01:06 . 2012-03-01 10:59 247808 c:\windows\ie8updates\KB2699988-IE8\ieproxy.dll
+ 2012-06-14 01:06 . 2012-03-01 10:59 184320 c:\windows\ie8updates\KB2699988-IE8\iepeers.dll
+ 2012-06-14 01:06 . 2012-03-01 10:59 743424 c:\windows\ie8updates\KB2699988-IE8\iedvtool.dll
+ 2012-06-14 01:06 . 2012-03-01 10:59 387584 c:\windows\ie8updates\KB2699988-IE8\iedkcs32.dll
+ 2012-06-14 01:06 . 2012-02-29 12:17 174080 c:\windows\ie8updates\KB2699988-IE8\ie4uinit.exe
+ 2012-04-11 19:08 . 2012-04-11 19:08 471040 c:\windows\assembly\temp\MW4BJRZ7FN\System.Drawing.dll
+ 2012-06-14 01:06 . 2012-06-14 01:06 843776 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_ea15bf64\System.Drawing.dll
+ 2012-06-14 01:06 . 2012-06-14 01:06 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_00027b59\System.Drawing.Design.dll
+ 2012-06-14 01:14 . 2012-06-14 01:14 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\86e11a59f02b2dda27ec2e7cba351744\WindowsFormsIntegration.ni.dll
+ 2012-06-14 01:16 . 2012-06-14 01:16 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\698c2093d7ac57af935b399d1c0b1790\System.Web.Routing.ni.dll
+ 2012-06-14 01:16 . 2012-06-14 01:16 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\75248baf640115daeb0e580f1c5ff98b\System.Web.Extensions.Design.ni.dll
+ 2012-06-14 01:16 . 2012-06-14 01:16 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\40c3b61ac38613e2b4b0f196e86185eb\System.Web.Entity.ni.dll
+ 2012-06-14 01:16 . 2012-06-14 01:16 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\39cc9a830f7f08fd9f397be452fd78b0\System.Web.Entity.Design.ni.dll
+ 2012-06-14 01:16 . 2012-06-14 01:16 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\88b1fd4792e7b698b788594d8e5e3c09\System.Web.DynamicData.ni.dll
+ 2012-06-14 01:16 . 2012-06-14 01:16 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6333d22a2ea347432d46c40d93194c68\System.Web.Abstractions.ni.dll
+ 2012-06-14 01:12 . 2012-06-14 01:12 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
+ 2012-06-14 01:16 . 2012-06-14 01:16 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\79205fe0b7319e64d6ba53f98d49a63c\System.Messaging.ni.dll
+ 2012-06-14 01:14 . 2012-06-14 01:14 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\96a3fc1f74a00b618b70bd1701600408\System.Drawing.Design.ni.dll
+ 2012-06-14 01:05 . 2012-06-14 01:05 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\badd66e1d2b8416e9bb868ad059203c6\System.Configuration.Install.ni.dll
+ 2012-06-14 01:15 . 2012-06-14 01:15 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\c0045c1c7c29c7e7cc7bd60001b729a7\AspNetMMCExt.ni.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2012-04-11 19:08 . 2012-04-11 19:08 471040 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-06-14 01:05 . 2012-06-14 01:05 471040 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2004-08-17 13:49 . 2012-05-11 14:44 1212416 c:\windows\system32\urlmon.dll
- 2004-08-17 13:49 . 2012-03-01 10:59 1212416 c:\windows\system32\urlmon.dll
+ 2004-08-17 13:49 . 2012-05-11 14:44 6007808 c:\windows\system32\mshtml.dll
+ 2007-08-13 17:34 . 2012-05-11 14:44 2000384 c:\windows\system32\iertutil.dll
- 2007-08-13 17:34 . 2012-03-01 10:59 2000384 c:\windows\system32\iertutil.dll
+ 2007-12-14 10:13 . 2012-06-02 13:19 1933848 c:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 00:23 . 2012-05-15 13:55 1863168 c:\windows\system32\dllcache\win32k.sys
+ 2004-08-17 13:49 . 2012-05-11 14:44 1212416 c:\windows\system32\dllcache\urlmon.dll
- 2004-08-17 13:49 . 2012-03-01 10:59 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 00:23 . 2012-05-05 03:14 2194816 c:\windows\system32\dllcache\ntoskrnl.exe
- 2008-10-16 00:23 . 2012-04-11 13:55 2194816 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-10-16 00:23 . 2012-05-05 03:14 2028544 c:\windows\system32\dllcache\ntkrpamp.exe
- 2008-10-16 00:23 . 2012-04-11 13:55 2028544 c:\windows\system32\dllcache\ntkrpamp.exe
- 2008-10-16 00:23 . 2012-04-11 13:55 2071296 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-10-16 00:23 . 2012-05-05 03:14 2071296 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2008-10-16 00:23 . 2012-04-11 13:55 2150400 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-10-16 00:23 . 2012-05-05 03:14 2150400 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2004-08-17 13:49 . 2012-05-11 14:44 6007808 c:\windows\system32\dllcache\mshtml.dll
- 2007-12-14 11:22 . 2012-03-01 10:59 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2007-12-14 11:22 . 2012-05-11 14:44 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2012-03-20 03:23 . 2012-03-20 03:23 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2011-12-25 01:50 . 2011-12-25 01:50 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2012-03-20 03:23 . 2012-03-20 03:23 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2008-07-25 09:17 . 2008-07-25 09:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2012-01-31 02:46 . 2012-01-31 02:46 6385664 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp
+ 2012-04-26 00:32 . 2012-04-26 00:32 6385664 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp
+ 2012-04-25 17:32 . 2012-04-25 17:32 7069184 c:\windows\Installer\c274b83.msp
+ 2012-03-20 21:57 . 2012-03-20 21:57 6188544 c:\windows\Installer\c274b7a.msp
+ 2012-06-14 01:06 . 2012-03-01 10:59 1212416 c:\windows\ie8updates\KB2699988-IE8\urlmon.dll
+ 2012-06-14 01:06 . 2012-03-01 10:59 5978624 c:\windows\ie8updates\KB2699988-IE8\mshtml.dll
+ 2012-06-14 01:06 . 2012-03-01 10:59 2000384 c:\windows\ie8updates\KB2699988-IE8\iertutil.dll
+ 2008-10-16 00:23 . 2012-05-05 03:14 2194816 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2008-10-16 00:23 . 2012-04-11 13:55 2194816 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2008-10-16 00:23 . 2012-04-11 13:55 2028544 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-16 00:23 . 2012-05-05 03:14 2028544 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2008-10-16 00:23 . 2012-04-11 13:55 2071296 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-10-16 00:23 . 2012-05-05 03:14 2071296 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-10-16 00:23 . 2012-05-05 03:14 2150400 c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2008-10-16 00:23 . 2012-04-11 13:55 2150400 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2012-06-14 01:05 . 2012-06-14 01:05 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_b53af535\System.Windows.Forms.dll
+ 2012-06-14 01:06 . 2012-06-14 01:06 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_1e5866ca\System.Windows.Forms.dll
+ 2012-06-14 01:06 . 2012-06-14 01:06 2248704 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_941c2857\System.Drawing.dll
+ 2012-06-14 01:06 . 2012-06-14 01:06 1466368 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_f07f67b4\System.Design.dll
+ 2012-06-14 01:06 . 2012-06-14 01:06 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_cfa1bb4e\System.Design.dll
+ 2012-06-14 01:16 . 2012-06-14 01:16 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\bd5bd406670d483b82bd51249eee59e3\System.WorkflowServices.ni.dll
+ 2012-06-14 01:09 . 2012-06-14 01:09 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\77361ebe9ad8ff77cc9a8d7f8363eb05\System.Workflow.Runtime.ni.dll
+ 2012-06-14 01:16 . 2012-06-14 01:16 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\1c12dfa7826b331b243b7b45daf9904d\System.Workflow.ComponentModel.ni.dll
+ 2012-06-14 01:16 . 2012-06-14 01:16 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\514bf0e69e2c9fc8509cd23236057356\System.Workflow.Activities.ni.dll
+ 2012-06-14 01:06 . 2012-06-14 01:06 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e70343406253e43964f9fe1f42cfbd7c\System.Web.Services.ni.dll
+ 2012-06-14 01:16 . 2012-06-14 01:16 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\77f8cde07b131839f1841be702837e8e\System.Web.Mobile.ni.dll
+ 2012-06-14 01:16 . 2012-06-14 01:16 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\242b168aaca18197eca371ec269e23ac\System.Web.Extensions.ni.dll
+ 2012-06-14 01:13 . 2012-06-14 01:13 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\d380f1813e27c2a086e62f0218669d67\System.Printing.ni.dll
+ 2012-06-14 01:12 . 2012-06-14 01:12 1592320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
+ 2012-06-14 01:13 . 2012-06-14 01:13 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\7a53d68ad544f8e9edfdbd5a90a48fd3\System.Deployment.ni.dll
+ 2012-06-14 01:13 . 2012-06-14 01:13 2146304 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\443dd7f0b84c3de54b1a72be655e307c\ReachFramework.ni.dll
+ 2012-06-14 01:13 . 2012-06-14 01:13 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\48ddcafff1a5603fb3289e90330275c0\PresentationUI.ni.dll
+ 2012-06-14 01:15 . 2012-06-14 01:15 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359fd69eb60e9844ffd497e92345178c\Microsoft.VisualBasic.ni.dll
+ 2012-06-14 01:15 . 2012-06-14 01:15 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\4e463dcf2a03c71913a61b44c32e2389\Microsoft.Build.Tasks.ni.dll
+ 2012-06-14 01:15 . 2012-06-14 01:15 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\395b4a85c7941ac4dd9d1c6f5eb444c7\Microsoft.Build.Tasks.v3.5.ni.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-05-12 01:07 . 2012-05-12 01:07 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-02-16 02:08 . 2012-05-12 01:07 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-06-14 01:11 . 2012-06-14 01:11 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2007-12-14 11:00 . 2012-06-14 01:06 56731752 c:\windows\system32\MRT.exe
+ 2007-08-13 17:54 . 2012-05-11 18:14 11111424 c:\windows\system32\ieframe.dll
+ 2007-12-14 11:22 . 2012-05-11 18:14 11111424 c:\windows\system32\dllcache\ieframe.dll
+ 2012-06-14 01:06 . 2012-03-02 03:59 11082752 c:\windows\ie8updates\KB2699988-IE8\ieframe.dll
+ 2012-06-14 01:12 . 2012-06-14 01:12 12433920 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
+ 2012-06-14 01:14 . 2012-06-14 01:14 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
+ 2012-06-14 01:14 . 2012-06-14 01:14 10682368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\f73a8455f384e90f6925309336fece24\System.Design.ni.dll
+ 2012-06-14 01:13 . 2012-06-14 01:13 14329856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e4ecfaaf5417aceecb7fa8abddf06113\PresentationFramework.ni.dll
+ 2012-06-14 01:13 . 2012-06-14 01:13 12218368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f33e2a4d9b385234406fa2d662f78875\PresentationCore.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\documents and settings\Uživatel\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" [2011-12-23 137536]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2012-03-06 943504]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-03-06 21392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2005-01-01 847872]
"gemstrmw"="c:\windows\system32\gemstrmw.exe" [2003-08-29 24576]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8491008]
"nwiz"="nwiz.exe" [2007-10-04 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920]
"StatusClient 2.6"="c:\program files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe" [2004-02-27 61440]
"TomcatStartup 2.5"="c:\program files\Hewlett-Packard\Toolbox\hpbpsttp.exe" [2004-05-10 188416]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-12-09 225280]
"LogitechVideo[inspector]"="c:\program files\Logitech\Video\InstallHelper.exe" [2005-12-07 09:33 73728]
"LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2012-03-06 3508624]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Rychlé spuštění aplikace HP Image Zone.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]
Rychlý začátek s aplikací HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech Internet Handset.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech Internet Handset.lnk
backup=c:\windows\pss\Logitech Internet Handset.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant]
2005-12-07 09:26 489472 -c--a-w- c:\program files\Logitech\Video\CameraAssistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 --sh--w- c:\program files\Messenger\msmsgs.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 11:28 73728]
R3 NmPar;Unusable Parallel Port;c:\windows\system32\drivers\NmPar.sys [14.12.2007 18:07 80256]
R3 nmserial;PCI Serial Port;c:\windows\system32\drivers\NmSerial.sys [14.12.2007 18:07 70016]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29.4.2010 19:39 135664]
S2 ipcnhuyyxa;ipcnhuyyxa;"c:\docume~1\UIVATE~1\LOCALS~1\Temp\DATB2D6.tmp.exe" --SERVICE --> c:\docume~1\UIVATE~1\LOCALS~1\Temp\DATB2D6.tmp.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [10.5.2012 11:59 257224]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [30.3.2012 20:11 30312]
S3 GTwinUSB;GTwinUSB;c:\windows\system32\drivers\GTwinUSB.sys [20.12.2007 1:07 61776]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [29.4.2010 19:39 135664]
S3 itchfltr;iTouch Keyboard Filter;c:\windows\system32\drivers\itchfltr.sys [30.12.2007 5:39 11008]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [30.3.2012 20:11 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [30.3.2012 20:11 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [30.3.2012 20:11 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [30.3.2012 20:11 114280]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-10 08:01]
.
2012-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-29 17:39]
.
2012-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-29 17:39]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uInternet Settings,ProxyOverride = <local>
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
LSP: imon.dll
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
DPF: {1AE23F24-D3E4-4C57-8468-6618B9B8B70F} - hxxps://ib24.csob.cz/Comp/IcaSignerCZ.cab
DPF: {4ADC518E-B607-11D4-B395-0001020F4519} - hxxps://portal.ozp.cz/obj/Signer.cab
DPF: {4C3CEE0B-4F2F-44C3-9586-4368F3200143} - hxxp://download.ica.cz/icapki.cab
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/static/pages/ ... ?3,16,13,0
DPF: {F9740CE7-2A72-46DA-ACC3-E819FA57F3E1} - hxxps://portal1.vzp.cz/http://u-por2e.op99.vzp.cz/IISIPortal/d ... Signer.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll
HKLM-Explorer_Run-10616 - c:\docume~1\ALLUSE~1\LOCALS~1\Temp\msiehv.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-29 23:44
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(740)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
- - - - - - - > 'explorer.exe'(8924)
c:\program files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSCS.DLL
c:\windows\system32\msls31.dll
c:\windows\system32\nvwddi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
c:\windows\System32\SCardSvr.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Eset\nod32krn.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\RUNDLL32.EXE
c:\documents and settings\Uc:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
c:\windows\system32\rundll32.exe
c:\program files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
c:\program files\HP\Digital Imaging\bin\hpqimzone.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Celkový čas: 2012-06-29 23:52:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-06-29 21:51
ComboFix2.txt 2012-05-31 14:29
ComboFix3.txt 2010-11-01 11:07
ComboFix4.txt 2009-01-13 16:11
.
Před spuštěním: 8 621 371 392
Po spuštění: 8 821 252 096
.
- - End Of File - - FC8EAF3F9DD27573E68536D91EEF01E3

#6 Příspěvek od **JaRon** » 02 črc 2012 06:20

AV: Eset NOD32 Antivirus 2.0
nebudeme si nahovarat, ze tento AV je OK
odstran ho, nainstaluj vhodny AV a prescanuj nim PC

Palla · #7 Příspěvek od **Palla** » 04 črc 2012 03:03

Můžeš mi nějaký free doporučit.
Předem díky

#8 Příspěvek od **JaRon** » 04 črc 2012 07:01

z FREE AV mozem doporucit Aviru - (neinstaluj ASK Toolbar) prip. AVAST

VIRY.CZ

Vypínání PC

Vypínání PC

Re: Vypínání PC

Re: Vypínání PC

Re: Vypínání PC

Moc se pmlouvám za trochu odmlku, ale nějak jsem nestíhal

Re: Vypínání PC

Re: Vypínání PC

Re: Vypínání PC