Prosím o kontrolu logu. Rundll.exe vytěžuje procesor na 100%. Děkuji předem.
Log z RSIT:
Logfile of random's system information tool 1.08 (written by random/random)
Run by GuruI at 2011-05-12 02:35:24
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 169 GB (71%) free of 238 GB
Total RAM: 2046 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:35:40, on 12.5.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Totalcmd\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Downloads\nesetříděno\RSIT(1).exe
C:\Program Files\HiJackThis\GuruI.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKCU\..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlcdnet.asus.com/pub/ASUS/misc/d ... .2.5.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Printer Control - ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - C:\Windows\system32\PrintCtrl.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
--
End of file - 4530 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-11 61440]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-08-12 2215064]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-11-02 9808488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PeerBlock"=C:\Program Files\PeerBlock\peerblock.exe [2010-11-06 1866864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-05-12 02:33:52 ----D---- C:\rsit
2011-05-07 00:29:25 ----A---- C:\Windows\system32\adultpdf_Decrypt_reg.ini
2011-05-05 23:30:07 ----D---- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2011-05-04 04:47:10 ----D---- C:\Program Files\Agnitum
2011-05-04 03:08:13 ----A---- C:\Windows\unvise32.exe
2011-05-04 01:37:23 ----D---- C:\ProgramData\Kaspersky Lab
2011-05-04 00:14:28 ----AD---- C:\Windows\rundll16.exe
2011-05-04 00:14:28 ----AD---- C:\Windows\logo1_.exe
2011-05-03 06:20:34 ----D---- C:\TotalCommanderPortable
2011-05-03 06:19:04 ----D---- C:\Program Files\Totalcmd
2011-05-03 03:58:04 ----D---- C:\Program Files\Impact3DVD
2011-05-03 02:09:52 ----D---- C:\Program Files\WinRAR
2011-05-02 02:56:30 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2011-05-02 02:56:22 ----D---- C:\Program Files\DAEMON Tools Lite
2011-05-02 02:55:17 ----D---- C:\Users\GuruI\AppData\Roaming\DAEMON Tools Lite
2011-05-02 02:55:17 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-05-01 22:57:48 ----D---- C:\Program Files\Unlocker
2011-05-01 03:43:44 ----D---- C:\ProgramData\MultiCdView
2011-05-01 03:42:24 ----D---- C:\Program Files\Common Files\Multi
2011-04-30 03:12:37 ----D---- C:\Users\GuruI\AppData\Roaming\WinRAR
2011-04-29 23:51:52 ----A---- C:\Windows\system32\clean.vbs
2011-04-29 02:28:33 ----D---- C:\Windows\system32\logs
2011-04-29 01:37:02 ----D---- C:\Program Files\StahovaniZaSms.cz
2011-04-29 00:12:32 ----D---- C:\Windows\system32\Adobe
2011-04-28 23:34:16 ----D---- C:\ProgramData\OfflineCatalog
2011-04-28 05:33:37 ----A---- C:\Windows\system32\prevhost.exe
2011-04-28 05:33:31 ----A---- C:\Windows\system32\fsutil.exe
2011-04-28 05:33:31 ----A---- C:\Windows\system32\esent.dll
2011-04-28 05:33:31 ----A---- C:\Windows\system32\drivers\storport.sys
2011-04-28 05:33:31 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-04-28 05:33:31 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-04-28 05:33:31 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-04-28 05:33:31 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-04-28 05:33:31 ----A---- C:\Windows\system32\drivers\amdxata.sys
2011-04-28 05:33:31 ----A---- C:\Windows\system32\drivers\amdsata.sys
2011-04-28 05:33:30 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-04-28 05:32:41 ----A---- C:\Windows\system32\XpsPrint.dll
2011-04-28 05:32:26 ----A---- C:\Windows\explorer.exe
2011-04-28 05:24:20 ----A---- C:\Windows\system32\sp32w.dll
2011-04-28 05:22:44 ----A---- C:\Windows\system32\Skeylink.dll
2011-04-28 05:22:44 ----A---- C:\Windows\system32\Rockey4ND.dll
2011-04-28 05:22:44 ----A---- C:\Windows\system32\NrClient.dll
2011-04-28 05:22:44 ----A---- C:\Windows\system32\lttwn13n.dll
2011-04-28 05:22:44 ----A---- C:\Windows\system32\ltkrn13n.dll
2011-04-28 05:22:44 ----A---- C:\Windows\system32\ltimg13n.dll
2011-04-28 05:22:44 ----A---- C:\Windows\system32\ltfil13n.dll
2011-04-28 05:22:44 ----A---- C:\Windows\system32\ltefx13n.dll
2011-04-28 05:22:44 ----A---- C:\Windows\system32\LTDIS13n.dll
2011-04-28 05:22:44 ----A---- C:\Windows\system32\ltclr13n.dll
2011-04-28 05:22:44 ----A---- C:\Windows\system32\lftif13n.dll
2011-04-28 05:22:44 ----A---- C:\Windows\system32\lffax13n.dll
2011-04-28 05:22:44 ----A---- C:\Windows\system32\lfbmp13n.dll
2011-04-28 04:55:59 ----D---- C:\Program Files\Snapshot Viewer
2011-04-27 22:40:43 ----A---- C:\Windows\system32\drivers\hardlock.sys
2011-04-27 22:40:32 ----A---- C:\Windows\system32\hlvdd.dll
2011-04-27 21:12:42 ----D---- C:\ProgramData\organiser
2011-04-27 21:07:58 ----A---- C:\Windows\Crypkey.ini
2011-04-27 21:07:28 ----RA---- C:\Windows\Setup_ck.exe
2011-04-27 21:07:28 ----A---- C:\Windows\system32\Crypserv.exe
2011-04-27 21:07:28 ----A---- C:\Windows\system32\Ckldrv.sys
2011-04-27 21:07:28 ----A---- C:\Windows\Setup_ck.dll
2011-04-27 21:07:28 ----A---- C:\Windows\Ckrfresh.exe
2011-04-27 21:07:28 ----A---- C:\Windows\Ckconfig.exe
2011-04-27 21:05:27 ----HD---- C:\Program Files\Zero G Registry
2011-04-25 15:17:30 ----D---- C:\Program Files\Recuva
2011-04-21 03:01:09 ----SHD---- C:\Windows\system32\%APPDATA%
2011-04-15 00:42:50 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-04-14 20:50:46 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-14 20:50:46 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-14 20:50:46 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-14 20:50:44 ----A---- C:\Windows\system32\win32k.sys
2011-04-14 20:50:42 ----A---- C:\Windows\system32\atmlib.dll
2011-04-14 20:50:42 ----A---- C:\Windows\system32\atmfd.dll
2011-04-14 20:50:39 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-14 20:50:39 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-14 20:50:39 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-14 20:50:39 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-04-14 20:50:20 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-14 20:50:18 ----A---- C:\Windows\system32\mfc42.dll
2011-04-14 20:50:16 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-14 20:50:04 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-14 20:50:04 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-14 20:50:03 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-14 20:49:52 ----A---- C:\Windows\system32\FXSCOVER.exe
======List of files/folders modified in the last 1 months======
2011-05-12 02:35:28 ----D---- C:\Program Files\HiJackThis
2011-05-12 02:34:10 ----D---- C:\Windows\Prefetch
2011-05-12 02:33:42 ----D---- C:\Windows\Temp
2011-05-12 02:28:44 ----D---- C:\Program Files\ESET
2011-05-12 02:15:34 ----D---- C:\Program Files\PeerBlock
2011-05-12 02:09:36 ----D---- C:\Users\GuruI\AppData\Roaming\uTorrent
2011-05-12 01:55:11 ----SHD---- C:\System Volume Information
2011-05-11 21:12:31 ----D---- C:\Windows\system32\config
2011-05-11 15:52:10 ----AD---- C:\Windows\System32
2011-05-11 15:52:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-11 15:52:09 ----D---- C:\Windows\inf
2011-05-11 15:51:43 ----D---- C:\Windows\system32\catroot2
2011-05-11 15:51:43 ----D---- C:\Windows\system32\catroot
2011-05-11 01:38:51 ----D---- C:\Users\GuruI\AppData\Roaming\Download Manager
2011-05-09 15:52:35 ----RD---- C:\Program Files
2011-05-07 01:12:41 ----SD---- C:\Users\GuruI\AppData\Roaming\Microsoft
2011-05-06 00:53:30 ----D---- C:\Users\GuruI\AppData\Roaming\GHISLER
2011-05-05 17:46:44 ----D---- C:\Users\GuruI\AppData\Roaming\Winamp
2011-05-05 00:32:50 ----SHD---- C:\Windows\Installer
2011-05-05 00:32:47 ----D---- C:\Windows\winsxs
2011-05-04 22:34:50 ----D---- C:\Windows\registration
2011-05-04 21:34:40 ----HD---- C:\ProgramData
2011-05-04 21:34:39 ----D---- C:\Windows\system32\drivers
2011-05-04 21:34:39 ----D---- C:\Windows
2011-05-04 20:11:38 ----D---- C:\Windows\system32\wbem
2011-05-04 20:10:54 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-05-04 20:10:53 ----D---- C:\Windows\Tasks
2011-05-04 20:10:53 ----D---- C:\Windows\system32\NDF
2011-05-04 20:10:53 ----D---- C:\Windows\system32\DriverStore
2011-05-04 20:10:53 ----D---- C:\Users\GuruI\AppData\Roaming\LangSoft
2011-05-04 19:44:02 ----D---- C:\Windows\system32\wfp
2011-05-04 05:42:41 ----D---- C:\Users\GuruI\AppData\Roaming\Media Player Classic
2011-05-04 00:14:38 ----D---- C:\Windows\system32\drivers\etc
2011-05-04 00:12:23 ----A---- C:\Windows\win.ini
2011-05-03 23:43:54 ----D---- C:\Windows\debug
2011-05-03 23:41:25 ----D---- C:\Program Files\CCleaner
2011-05-02 23:31:20 ----RSD---- C:\Windows\Fonts
2011-05-02 23:23:53 ----D---- C:\Windows\system32\appmgmt
2011-05-02 23:23:51 ----D---- C:\Program Files\Common Files
2011-05-02 23:04:04 ----HD---- C:\Program Files\InstallShield Installation Information
2011-05-02 20:36:21 ----D---- C:\Windows\system
2011-05-02 00:02:21 ----D---- C:\Program Files\Common Files\microsoft shared
2011-04-30 00:19:04 ----D---- C:\Program Files\Mozilla Firefox
2011-04-29 23:50:08 ----D---- C:\Program Files\Mozilla Thunderbird
2011-04-29 14:12:14 ----D---- C:\Windows\rescache
2011-04-29 01:29:12 ----D---- C:\Windows\system32\cs-CZ
2011-04-29 01:29:12 ----D---- C:\Windows\AppPatch
2011-04-28 05:06:38 ----D---- C:\Windows\Help
2011-04-28 04:55:59 ----D---- C:\Program Files\Common Files\System
2011-04-28 04:55:58 ----D---- C:\Program Files\Microsoft Office
2011-04-27 22:40:33 ----D---- C:\Windows\system32\Setup
2011-04-27 21:19:23 ----D---- C:\Windows\system32\Tasks
2011-04-21 18:54:20 ----D---- C:\Program Files\Microsoft Silverlight
2011-04-18 15:46:44 ----A---- C:\Windows\system32\MRT.exe
2011-04-15 20:29:03 ----D---- C:\Windows\Microsoft.NET
2011-04-15 20:28:31 ----RSD---- C:\Windows\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2009-08-04 213024]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2010-11-28 170464]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2010-11-28 752128]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2010-11-28 600928]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-02 218688]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 NetworkX;NetworkX; C:\Windows\system32\ckldrv.sys [2008-08-22 21638]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2010-11-26 231248]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
R2 Hardlock;Hardlock; C:\Windows\system32\drivers\hardlock.sys [2006-11-22 693760]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2010-11-28 163232]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-11-02 3228712]
R3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2008-01-19 20992]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-23 43008]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 arusb_win7;Service For TP-LINK Wireless N Adapter; C:\Windows\system32\DRIVERS\arusb_win7.sys [2010-06-01 612352]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 ts_arusb;[CommView] Atheros Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\ts_arusb.sys [2010-10-08 1053288]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2010-09-23 780368]
R2 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2010-11-28 3975088]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 Crypkey License;Crypkey License; C:\Windows\system32\crypserv.exe [2008-05-08 122880]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2009-06-16 77824]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-10-27 1483072]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-08-12 33584]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-25 1343400]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
rundll.exe vytěžuje procesor na 100%
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: rundll.exe vytěžuje procesor na 100%
Zdravim a pekny den preji 
Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit
Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: rundll.exe vytěžuje procesor na 100%
info.txt logfile of random's system information tool 1.08 2011-05-12 02:34:20
======Uninstall list======
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Acronis True Image Home 2011-->MsiExec.exe /X{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10p_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CS5-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Reader 9.4.4 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A94000000001}
Canon ScanGear Starter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}\SETUP.EXE" -l0x5 anything
CanoScan Toolbox Ver4.9-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}\setup.exe" -l0x5 anything
Catalyst Control Center - Branding-->MsiExec.exe /I{8D7133DE-27D2-47E5-B248-4180278D32AA}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Combined Community Codec Pack 2010-10-10-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
DVDFab 8.0.6.8 (05/01/2011)-->"C:\Program Files\DVDFab 8\unins000.exe"
EVEREST Ultimate Edition v5.50-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Google Earth-->MsiExec.exe /X{6DB7AD00-F781-11DF-9EEF-001279CD8240}
HijackThis 2.0.2-->"D:\Downloads\nesetříděno\HijackThis.exe" /uninstall
Infix 4.11-->"C:\Program Files\Iceni\Infix4\unins000.exe"
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 24-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Media Player Classic - Home Cinema v1.5.0.2827-->"C:\Program Files\Combined Community Codec Pack\MPC\unins000.exe"
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Access 2000 SR-1 Runtime-->MsiExec.exe /I{004F0409-78E1-11D2-B60F-006097C998E7}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable - KB2467175-->MsiExec.exe /X{a0fe116e-9a8a-466f-aee0-625cb7c207e3}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
MozBackup 1.5.1-->C:\Program Files\MozBackup\Uninstall.exe
Mozilla Firefox 4.0.1 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (3.1.10)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
Mp3 Knife 3.2-->"C:\Program Files\Mp3 Knife\unins000.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 7 Ultra Edition-->MsiExec.exe /X{91C0B95B-B83A-4828-A775-BBE2DD421029}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OmniPage SE 2.0-->MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PeerBlock 1.1 (r518)-->"C:\Program Files\PeerBlock\unins000.exe"
Pro Evolution Soccer 6-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EBB794ED-D282-4334-92FB-254481EFF514} /l1033
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x5 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek PCI Fast Ethernet Controller Driver For Vista and Win7-->C:\Program Files\InstallShield Installation Information\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}\setup.exe -runfromtemp -removeonly
Recuva-->"C:\Program Files\Recuva\uninst.exe"
Room Arranger-->"C:\Program Files\Room Arranger\uninstall.exe"
Sada Compatibility Pack pro systém Office 2007-->MsiExec.exe /X{90120000-0020-0405-0000-0000000FF1CE}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
SopCast 3.2.9-->C:\Program Files\SopCast\uninst.exe
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
StahovaniZaSms.cz verze 1.2.2-->"C:\Program Files\StahovaniZaSms.cz\unins000.exe"
SuperMegaSpoof 2.0-->"C:\Program Files\MegaSpoof\unins000.exe"
Total Commander (Remove or Repair)-->C:\Program Files\Totalcmd\tcuninst.exe
TP-LINK Wireless Client Utility-->"C:\Program Files\InstallShield Installation Information\{5EF44D3A-E86E-434C-8418-71E277C565DF}\setup.exe" -runfromtemp -l0x0009 -removeonly
TrueCrypt-->"C:\Program Files\TrueCrypt\TrueCrypt Setup.exe" /u
TuneUp Utilities 2011-->C:\Program Files\TuneUp Utilities 2011\TUInstallHelper.exe --Trigger-Uninstall
Unlocker 1.8.8-->C:\Program Files\Unlocker\uninst.exe
Veetle TV 0.9.18-->C:\Program Files\Veetle\UninstallVeetleTV.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
=====HijackThis Backups=====
R3 - URLSearchHook: (no
======Uninstall list======
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Acronis True Image Home 2011-->MsiExec.exe /X{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10p_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CS5-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Reader 9.4.4 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A94000000001}
Canon ScanGear Starter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}\SETUP.EXE" -l0x5 anything
CanoScan Toolbox Ver4.9-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}\setup.exe" -l0x5 anything
Catalyst Control Center - Branding-->MsiExec.exe /I{8D7133DE-27D2-47E5-B248-4180278D32AA}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Combined Community Codec Pack 2010-10-10-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
DVDFab 8.0.6.8 (05/01/2011)-->"C:\Program Files\DVDFab 8\unins000.exe"
EVEREST Ultimate Edition v5.50-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
Google Earth-->MsiExec.exe /X{6DB7AD00-F781-11DF-9EEF-001279CD8240}
HijackThis 2.0.2-->"D:\Downloads\nesetříděno\HijackThis.exe" /uninstall
Infix 4.11-->"C:\Program Files\Iceni\Infix4\unins000.exe"
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 24-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Media Player Classic - Home Cinema v1.5.0.2827-->"C:\Program Files\Combined Community Codec Pack\MPC\unins000.exe"
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Access 2000 SR-1 Runtime-->MsiExec.exe /I{004F0409-78E1-11D2-B60F-006097C998E7}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable - KB2467175-->MsiExec.exe /X{a0fe116e-9a8a-466f-aee0-625cb7c207e3}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
MozBackup 1.5.1-->C:\Program Files\MozBackup\Uninstall.exe
Mozilla Firefox 4.0.1 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (3.1.10)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
Mp3 Knife 3.2-->"C:\Program Files\Mp3 Knife\unins000.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 7 Ultra Edition-->MsiExec.exe /X{91C0B95B-B83A-4828-A775-BBE2DD421029}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
OmniPage SE 2.0-->MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PeerBlock 1.1 (r518)-->"C:\Program Files\PeerBlock\unins000.exe"
Pro Evolution Soccer 6-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EBB794ED-D282-4334-92FB-254481EFF514} /l1033
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x5 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek PCI Fast Ethernet Controller Driver For Vista and Win7-->C:\Program Files\InstallShield Installation Information\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}\setup.exe -runfromtemp -removeonly
Recuva-->"C:\Program Files\Recuva\uninst.exe"
Room Arranger-->"C:\Program Files\Room Arranger\uninstall.exe"
Sada Compatibility Pack pro systém Office 2007-->MsiExec.exe /X{90120000-0020-0405-0000-0000000FF1CE}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
SopCast 3.2.9-->C:\Program Files\SopCast\uninst.exe
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
StahovaniZaSms.cz verze 1.2.2-->"C:\Program Files\StahovaniZaSms.cz\unins000.exe"
SuperMegaSpoof 2.0-->"C:\Program Files\MegaSpoof\unins000.exe"
Total Commander (Remove or Repair)-->C:\Program Files\Totalcmd\tcuninst.exe
TP-LINK Wireless Client Utility-->"C:\Program Files\InstallShield Installation Information\{5EF44D3A-E86E-434C-8418-71E277C565DF}\setup.exe" -runfromtemp -l0x0009 -removeonly
TrueCrypt-->"C:\Program Files\TrueCrypt\TrueCrypt Setup.exe" /u
TuneUp Utilities 2011-->C:\Program Files\TuneUp Utilities 2011\TUInstallHelper.exe --Trigger-Uninstall
Unlocker 1.8.8-->C:\Program Files\Unlocker\uninst.exe
Veetle TV 0.9.18-->C:\Program Files\Veetle\UninstallVeetleTV.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
=====HijackThis Backups=====
R3 - URLSearchHook: (no
Re: rundll.exe vytěžuje procesor na 100%
Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com
- Pokud ho havet blokuje, pouzijte jeden z nasledujicich
motji píše: Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe
Rkill SCR:
http://download.bleepingcomputer.com/grinler/rkill.scr
Rkill PIF:
http://download.bleepingcomputer.com/grinler/rkill.pif - Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
- Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
- RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
- Ted nerestartujte PC - prisli byste o ucinek RKillu
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: rundll.exe vytěžuje procesor na 100%
Tady je:
ComboFix 11-05-11.04 - GuruI 12.05.2011 18:19:41.1.1 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2046.1332 [GMT 2:00]
Spuštěný z: c:\users\GuruI\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - system32: deleted 12 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\totalcommanderportable\TotalCommanderPortable.exe
c:\users\GuruI\AppData\Roaming\inst.exe
c:\windows\system32\logs
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-12 do 2011-05-12 )))))))))))))))))))))))))))))))
.
.
2011-05-12 16:25 . 2011-05-12 16:26 -------- d-----w- c:\users\GuruI\AppData\Local\temp
2011-05-12 16:25 . 2011-05-12 16:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-12 00:33 . 2011-05-12 00:34 -------- d-----w- C:\rsit
2011-05-11 13:51 . 2011-03-25 02:58 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 13:51 . 2011-03-25 02:58 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 13:51 . 2011-03-25 02:57 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 13:51 . 2011-03-25 02:58 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 13:51 . 2011-03-25 02:57 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 13:51 . 2011-03-25 02:57 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-11 13:51 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-05-11 13:51 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-10 18:17 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4284BF1-ABAF-491F-9EDB-0450ED1BF856}\mpengine.dll
2011-05-05 21:30 . 2011-05-05 22:45 -------- d-----w- c:\program files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2011-05-04 02:47 . 2011-05-04 17:43 -------- d-----w- c:\program files\Agnitum
2011-05-04 01:08 . 1999-12-17 08:13 49664 ----a-w- c:\windows\unvise32.exe
2011-05-03 23:37 . 2011-05-03 23:37 -------- d-----w- c:\programdata\Kaspersky Lab
2011-05-03 22:14 . 2011-05-03 22:14 -------- d---a-w- c:\windows\rundll16.exe
2011-05-03 22:14 . 2011-05-03 22:14 -------- d---a-w- c:\windows\logo1_.exe
2011-05-03 04:20 . 2011-05-12 16:25 -------- d-----w- C:\TotalCommanderPortable
2011-05-03 04:19 . 2011-05-05 22:54 -------- d-----w- c:\program files\Totalcmd
2011-05-03 01:58 . 2011-05-03 21:21 -------- d-----w- c:\program files\Impact3DVD
2011-05-02 00:56 . 2011-05-02 00:56 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-05-02 00:56 . 2011-05-02 00:56 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-05-02 00:55 . 2011-05-02 01:28 -------- d-----w- c:\users\GuruI\AppData\Roaming\DAEMON Tools Lite
2011-05-02 00:55 . 2011-05-02 00:55 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-05-01 20:57 . 2011-05-01 21:00 -------- d-----w- c:\program files\Unlocker
2011-05-01 01:43 . 2011-05-02 21:23 -------- d-----w- c:\programdata\MultiCdView
2011-05-01 01:42 . 2011-05-02 21:24 -------- d-----w- c:\program files\Common Files\Multi
2011-04-29 23:16 . 2011-04-30 00:07 -------- d-----w- c:\users\GuruI\XFER
2011-04-29 21:51 . 2011-05-02 21:04 730 ----a-w- c:\windows\system32\clean.vbs
2011-04-28 23:37 . 2011-04-28 23:37 -------- d-----w- c:\program files\StahovaniZaSms.cz
2011-04-28 22:31 . 2009-04-07 10:01 1095248 ----a-w- c:\windows\system32\SftTree_IX86_U_50.ocx
2011-04-28 22:31 . 2009-09-29 12:10 1587520 ----a-w- c:\windows\system32\SftTree_IX86_U_65.ocx
2011-04-28 22:12 . 2010-06-01 02:58 -------- d-----w- c:\windows\system32\Adobe
2011-04-28 21:34 . 2011-04-28 21:35 -------- d-----w- c:\programdata\OfflineCatalog
2011-04-28 18:35 . 2008-04-15 20:13 208896 ------w- c:\windows\system32\UniBoxVB12.ocx
2011-04-28 18:35 . 2010-10-29 02:35 438272 ------w- c:\windows\system32\UniBox10.ocx
2011-04-28 18:35 . 2008-04-15 20:13 987136 ------w- c:\windows\system32\UniBox210.ocx
2011-04-28 03:33 . 2011-02-18 05:39 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-04-28 03:33 . 2011-03-11 05:39 148864 ----a-w- c:\windows\system32\drivers\storport.sys
2011-04-28 03:33 . 2011-03-11 05:39 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-04-28 03:33 . 2011-03-11 05:39 1211264 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-04-28 03:33 . 2011-03-11 05:39 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-04-28 03:33 . 2011-03-11 05:38 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-04-28 03:33 . 2011-03-11 05:38 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-04-28 03:33 . 2011-03-11 05:38 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-04-28 03:33 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\system32\esent.dll
2011-04-28 03:33 . 2011-03-11 05:31 74240 ----a-w- c:\windows\system32\fsutil.exe
2011-04-28 03:32 . 2011-03-12 11:23 870912 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-28 03:32 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\explorer.exe
2011-04-28 03:24 . 2011-03-12 07:00 2560 ----a-w- c:\windows\system32\sp32w.dll
2011-04-28 02:55 . 2011-04-28 02:55 -------- d-----w- c:\program files\Snapshot Viewer
2011-04-27 20:40 . 2006-11-22 08:01 693760 ----a-w- c:\windows\system32\drivers\hardlock.sys
2011-04-27 20:40 . 2011-04-27 20:40 191488 ----a-w- c:\windows\system32\hlvdd.dll
2011-04-27 19:12 . 2011-05-02 21:06 -------- d-----w- c:\programdata\organiser
2011-04-27 19:07 . 2008-08-22 20:14 21638 ----a-w- c:\windows\system32\Ckldrv.sys
2011-04-27 19:07 . 2008-05-07 23:29 122880 ----a-w- c:\windows\system32\Crypserv.exe
2011-04-27 19:07 . 1999-06-18 20:49 165888 ----a-w- c:\windows\Ckconfig.exe
2011-04-27 19:07 . 1996-05-03 16:21 27648 ----a-r- c:\windows\Setup_ck.exe
2011-04-27 19:07 . 1996-05-03 14:36 18432 ----a-w- c:\windows\Setup_ck.dll
2011-04-27 19:07 . 1995-07-04 17:33 11776 ----a-w- c:\windows\Ckrfresh.exe
2011-04-27 19:05 . 2011-04-27 19:10 -------- d--h--w- c:\program files\Zero G Registry
2011-04-27 19:04 . 2011-04-27 19:04 -------- d--h--w- c:\users\GuruI\InstallAnywhere
2011-04-25 13:17 . 2011-04-25 20:42 -------- d-----w- c:\program files\Recuva
2011-04-21 01:01 . 2011-04-21 01:01 -------- d-sh--w- c:\windows\system32\%APPDATA%
2011-04-14 22:42 . 2011-02-24 05:38 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-04-14 18:49 . 2011-02-12 05:35 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-04-14 01:39 . 2011-04-14 01:39 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-29 21:25 . 2011-03-29 21:25 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-03-29 21:25 . 2011-03-29 21:25 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-03-29 21:25 . 2011-03-29 21:25 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-03-29 21:25 . 2011-03-29 21:25 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-03-29 21:25 . 2011-03-29 21:25 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-03-29 21:25 . 2011-03-29 21:25 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-03-29 21:25 . 2011-03-29 21:25 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-29 21:25 . 2011-03-29 21:25 367104 ----a-w- c:\windows\system32\html.iec
2011-03-29 21:25 . 2011-03-29 21:25 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-03-29 21:25 . 2011-03-29 21:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-03-29 21:25 . 2011-03-29 21:25 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-03-29 21:25 . 2011-03-29 21:25 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-03-29 21:25 . 2011-03-29 21:25 161792 ----a-w- c:\windows\system32\msls31.dll
2011-03-29 21:25 . 2011-03-29 21:25 152064 ----a-w- c:\windows\system32\wextract.exe
2011-03-29 21:25 . 2011-03-29 21:25 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-03-29 21:25 . 2011-03-29 21:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-03-29 21:25 . 2011-03-29 21:25 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-03-29 21:25 . 2011-03-29 21:25 11776 ----a-w- c:\windows\system32\mshta.exe
2011-03-29 21:25 . 2011-03-29 21:25 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-03-29 21:25 . 2011-03-29 21:25 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-03-29 21:25 . 2011-03-29 21:25 101888 ----a-w- c:\windows\system32\admparse.dll
2011-03-29 19:43 . 2011-03-29 19:41 10014610 ----a-w- c:\windows\REGBK00.ZIP
2011-03-29 19:20 . 2011-03-29 19:20 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-03-29 19:20 . 2011-03-29 19:20 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-03-29 19:20 . 2011-03-29 19:20 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-02-24 00:26 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-02-19 06:30 . 2011-03-08 21:29 805376 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 06:30 . 2011-03-08 21:29 1076736 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 06:30 . 2011-03-08 21:29 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-04-29 22:19 . 2011-03-30 23:57 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PeerBlock"="c:\program files\PeerBlock\peerblock.exe" [2010-11-06 1866864]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-02 9808488]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\F:\0autocheck autochk *
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
"D3DOverrider"="c:\program files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\D3DOverriderWrapper.exe" /s
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 arusb_win7;Service For TP-LINK Wireless N Adapter;c:\windows\system32\DRIVERS\arusb_win7.sys [2010-06-01 612352]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 ts_arusb;[CommView] Atheros Wireless Network Adapter Service;c:\windows\system32\DRIVERS\ts_arusb.sys [2010-10-08 13:24 1053288]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-25 1343400]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [2010-11-28 752128]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-02 218688]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 afcdpsrv;Služba Acronis Nonstop Backup;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2010-11-28 3975088]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
S2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [2009-06-16 77824]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-10-27 1483072]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2010-11-28 163232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
.
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\users\GuruI\AppData\Roaming\Mozilla\Firefox\Profiles\iplvsnht.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-05-12 18:28:43
ComboFix-quarantined-files.txt 2011-05-12 16:28
.
Před spuštěním: Volných bajtů: 176 501 288 960
Po spuštění: Volných bajtů: 176 388 153 344
.
- - End Of File - - 6479494228A30058E3F4F7BEEDC93923
ComboFix 11-05-11.04 - GuruI 12.05.2011 18:19:41.1.1 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2046.1332 [GMT 2:00]
Spuštěný z: c:\users\GuruI\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - system32: deleted 12 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\totalcommanderportable\TotalCommanderPortable.exe
c:\users\GuruI\AppData\Roaming\inst.exe
c:\windows\system32\logs
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-12 do 2011-05-12 )))))))))))))))))))))))))))))))
.
.
2011-05-12 16:25 . 2011-05-12 16:26 -------- d-----w- c:\users\GuruI\AppData\Local\temp
2011-05-12 16:25 . 2011-05-12 16:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-12 00:33 . 2011-05-12 00:34 -------- d-----w- C:\rsit
2011-05-11 13:51 . 2011-03-25 02:58 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 13:51 . 2011-03-25 02:58 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 13:51 . 2011-03-25 02:57 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 13:51 . 2011-03-25 02:58 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 13:51 . 2011-03-25 02:57 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 13:51 . 2011-03-25 02:57 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-11 13:51 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-05-11 13:51 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-10 18:17 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4284BF1-ABAF-491F-9EDB-0450ED1BF856}\mpengine.dll
2011-05-05 21:30 . 2011-05-05 22:45 -------- d-----w- c:\program files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2011-05-04 02:47 . 2011-05-04 17:43 -------- d-----w- c:\program files\Agnitum
2011-05-04 01:08 . 1999-12-17 08:13 49664 ----a-w- c:\windows\unvise32.exe
2011-05-03 23:37 . 2011-05-03 23:37 -------- d-----w- c:\programdata\Kaspersky Lab
2011-05-03 22:14 . 2011-05-03 22:14 -------- d---a-w- c:\windows\rundll16.exe
2011-05-03 22:14 . 2011-05-03 22:14 -------- d---a-w- c:\windows\logo1_.exe
2011-05-03 04:20 . 2011-05-12 16:25 -------- d-----w- C:\TotalCommanderPortable
2011-05-03 04:19 . 2011-05-05 22:54 -------- d-----w- c:\program files\Totalcmd
2011-05-03 01:58 . 2011-05-03 21:21 -------- d-----w- c:\program files\Impact3DVD
2011-05-02 00:56 . 2011-05-02 00:56 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-05-02 00:56 . 2011-05-02 00:56 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-05-02 00:55 . 2011-05-02 01:28 -------- d-----w- c:\users\GuruI\AppData\Roaming\DAEMON Tools Lite
2011-05-02 00:55 . 2011-05-02 00:55 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-05-01 20:57 . 2011-05-01 21:00 -------- d-----w- c:\program files\Unlocker
2011-05-01 01:43 . 2011-05-02 21:23 -------- d-----w- c:\programdata\MultiCdView
2011-05-01 01:42 . 2011-05-02 21:24 -------- d-----w- c:\program files\Common Files\Multi
2011-04-29 23:16 . 2011-04-30 00:07 -------- d-----w- c:\users\GuruI\XFER
2011-04-29 21:51 . 2011-05-02 21:04 730 ----a-w- c:\windows\system32\clean.vbs
2011-04-28 23:37 . 2011-04-28 23:37 -------- d-----w- c:\program files\StahovaniZaSms.cz
2011-04-28 22:31 . 2009-04-07 10:01 1095248 ----a-w- c:\windows\system32\SftTree_IX86_U_50.ocx
2011-04-28 22:31 . 2009-09-29 12:10 1587520 ----a-w- c:\windows\system32\SftTree_IX86_U_65.ocx
2011-04-28 22:12 . 2010-06-01 02:58 -------- d-----w- c:\windows\system32\Adobe
2011-04-28 21:34 . 2011-04-28 21:35 -------- d-----w- c:\programdata\OfflineCatalog
2011-04-28 18:35 . 2008-04-15 20:13 208896 ------w- c:\windows\system32\UniBoxVB12.ocx
2011-04-28 18:35 . 2010-10-29 02:35 438272 ------w- c:\windows\system32\UniBox10.ocx
2011-04-28 18:35 . 2008-04-15 20:13 987136 ------w- c:\windows\system32\UniBox210.ocx
2011-04-28 03:33 . 2011-02-18 05:39 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-04-28 03:33 . 2011-03-11 05:39 148864 ----a-w- c:\windows\system32\drivers\storport.sys
2011-04-28 03:33 . 2011-03-11 05:39 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-04-28 03:33 . 2011-03-11 05:39 1211264 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-04-28 03:33 . 2011-03-11 05:39 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-04-28 03:33 . 2011-03-11 05:38 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-04-28 03:33 . 2011-03-11 05:38 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-04-28 03:33 . 2011-03-11 05:38 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-04-28 03:33 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\system32\esent.dll
2011-04-28 03:33 . 2011-03-11 05:31 74240 ----a-w- c:\windows\system32\fsutil.exe
2011-04-28 03:32 . 2011-03-12 11:23 870912 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-28 03:32 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\explorer.exe
2011-04-28 03:24 . 2011-03-12 07:00 2560 ----a-w- c:\windows\system32\sp32w.dll
2011-04-28 02:55 . 2011-04-28 02:55 -------- d-----w- c:\program files\Snapshot Viewer
2011-04-27 20:40 . 2006-11-22 08:01 693760 ----a-w- c:\windows\system32\drivers\hardlock.sys
2011-04-27 20:40 . 2011-04-27 20:40 191488 ----a-w- c:\windows\system32\hlvdd.dll
2011-04-27 19:12 . 2011-05-02 21:06 -------- d-----w- c:\programdata\organiser
2011-04-27 19:07 . 2008-08-22 20:14 21638 ----a-w- c:\windows\system32\Ckldrv.sys
2011-04-27 19:07 . 2008-05-07 23:29 122880 ----a-w- c:\windows\system32\Crypserv.exe
2011-04-27 19:07 . 1999-06-18 20:49 165888 ----a-w- c:\windows\Ckconfig.exe
2011-04-27 19:07 . 1996-05-03 16:21 27648 ----a-r- c:\windows\Setup_ck.exe
2011-04-27 19:07 . 1996-05-03 14:36 18432 ----a-w- c:\windows\Setup_ck.dll
2011-04-27 19:07 . 1995-07-04 17:33 11776 ----a-w- c:\windows\Ckrfresh.exe
2011-04-27 19:05 . 2011-04-27 19:10 -------- d--h--w- c:\program files\Zero G Registry
2011-04-27 19:04 . 2011-04-27 19:04 -------- d--h--w- c:\users\GuruI\InstallAnywhere
2011-04-25 13:17 . 2011-04-25 20:42 -------- d-----w- c:\program files\Recuva
2011-04-21 01:01 . 2011-04-21 01:01 -------- d-sh--w- c:\windows\system32\%APPDATA%
2011-04-14 22:42 . 2011-02-24 05:38 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-04-14 18:49 . 2011-02-12 05:35 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-04-14 01:39 . 2011-04-14 01:39 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-29 21:25 . 2011-03-29 21:25 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-03-29 21:25 . 2011-03-29 21:25 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-03-29 21:25 . 2011-03-29 21:25 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-03-29 21:25 . 2011-03-29 21:25 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-03-29 21:25 . 2011-03-29 21:25 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-03-29 21:25 . 2011-03-29 21:25 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-03-29 21:25 . 2011-03-29 21:25 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-29 21:25 . 2011-03-29 21:25 367104 ----a-w- c:\windows\system32\html.iec
2011-03-29 21:25 . 2011-03-29 21:25 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-03-29 21:25 . 2011-03-29 21:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-03-29 21:25 . 2011-03-29 21:25 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-03-29 21:25 . 2011-03-29 21:25 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-03-29 21:25 . 2011-03-29 21:25 161792 ----a-w- c:\windows\system32\msls31.dll
2011-03-29 21:25 . 2011-03-29 21:25 152064 ----a-w- c:\windows\system32\wextract.exe
2011-03-29 21:25 . 2011-03-29 21:25 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-03-29 21:25 . 2011-03-29 21:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-03-29 21:25 . 2011-03-29 21:25 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-03-29 21:25 . 2011-03-29 21:25 11776 ----a-w- c:\windows\system32\mshta.exe
2011-03-29 21:25 . 2011-03-29 21:25 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-03-29 21:25 . 2011-03-29 21:25 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-03-29 21:25 . 2011-03-29 21:25 101888 ----a-w- c:\windows\system32\admparse.dll
2011-03-29 19:43 . 2011-03-29 19:41 10014610 ----a-w- c:\windows\REGBK00.ZIP
2011-03-29 19:20 . 2011-03-29 19:20 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-03-29 19:20 . 2011-03-29 19:20 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-03-29 19:20 . 2011-03-29 19:20 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-02-24 00:26 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-02-19 06:30 . 2011-03-08 21:29 805376 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 06:30 . 2011-03-08 21:29 1076736 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 06:30 . 2011-03-08 21:29 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-04-29 22:19 . 2011-03-30 23:57 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PeerBlock"="c:\program files\PeerBlock\peerblock.exe" [2010-11-06 1866864]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-02 9808488]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\F:\0autocheck autochk *
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
"D3DOverrider"="c:\program files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\D3DOverriderWrapper.exe" /s
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 arusb_win7;Service For TP-LINK Wireless N Adapter;c:\windows\system32\DRIVERS\arusb_win7.sys [2010-06-01 612352]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 ts_arusb;[CommView] Atheros Wireless Network Adapter Service;c:\windows\system32\DRIVERS\ts_arusb.sys [2010-10-08 13:24 1053288]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-25 1343400]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [2010-11-28 752128]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-02 218688]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 afcdpsrv;Služba Acronis Nonstop Backup;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2010-11-28 3975088]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
S2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [2009-06-16 77824]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-10-27 1483072]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2010-11-28 163232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
.
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\users\GuruI\AppData\Roaming\Mozilla\Firefox\Profiles\iplvsnht.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-05-12 18:28:43
ComboFix-quarantined-files.txt 2011-05-12 16:28
.
Před spuštěním: Volných bajtů: 176 501 288 960
Po spuštění: Volných bajtů: 176 388 153 344
.
- - End Of File - - 6479494228A30058E3F4F7BEEDC93923
Re: rundll.exe vytěžuje procesor na 100%
PC se zdá v pořádku. Díky moc!
Re: rundll.exe vytěžuje procesor na 100%
Tak jeste uklidime 
Odinstalujte Combofix
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner (viz muj podpis)
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
Odinstalujte Combofix
- Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
- Napiste ComboFix /Uninstall
- Stisknete Enter
- Tohle smaze Combofix a jeho slozky
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?