Kontrola logu

Zpráva

aksula · #1 Příspěvek od **aksula** » 07 pro 2011 16:39

Dobry den, prosim o kontrolu logu, ntb je zabrzden a procesor je temer ze 100% neustale vyuzivan. Mockrat dekuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Tablet at 2011-12-07 16:19:15
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (25%) free of 15 GB
Total RAM: 487 MB (19% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:21:01, on 7.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\WINDOWS\system32\PROMon.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\NMSSvc.exe
C:\Program Files\Compaq\Compaq Q Menu\QICON.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tablet\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Tablet.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Compaq\Compaq Q Menu\QMENU.EXE
C:\WINDOWS\system32\drwtsn32.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://zoznam.sk/
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] rundll32 nview.dll,nViewLoadHook
O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [Compaq Q Menu] C:\Program Files\Compaq\Compaq Q Menu\QICON.EXE -QICON
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Zinio DLM] C:\Program Files\Zinio\ZDLM.exe /hide
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.1\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/sho ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\system32\NMSSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 6510 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TabletWizard"=C:\WINDOWS\help\SplshWrp.exe [2008-04-14 16384]
"TabletTip"=C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe [2008-04-14 271872]
"NvCplDaemon"=NvQTwk,NvCplDaemon initialize []
"nwiz"=rundll32 nview.dll,nViewLoadHook []
"PROMon.exe"=C:\WINDOWS\system32\PROMon.exe [2002-04-18 73728]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2002-10-08 87750]
"Cpqset"=C:\Program Files\HPQ\Default Settings\cpqset.exe [2002-12-12 176220]
"srmclean"=C:\Cpqs\Scom\srmclean.exe [2001-07-24 36864]
"Compaq Q Menu"=C:\Program Files\Compaq\Compaq Q Menu\QICON.EXE [2002-11-26 221184]
"Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Zinio DLM"=C:\Program Files\Zinio\ZDLM.exe /hide []
"ICQ"=C:\Program Files\ICQ7.1\ICQ.exe silent loginmode=4 []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\loginkey]
C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll [2008-04-14 47104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\TabBtnWL]
C:\WINDOWS\system32\TabBtnWL.dll [2002-08-29 11776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpgwlnotify]
C:\WINDOWS\system32\tpgwlnot.dll [2008-04-14 32256]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoActiveDesktop"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MIDI1"=SYNCOR11.DLL
"VIDC.MP42"=mpg4c32.dll
"VIDC.MPG4"=mpg4c32.dll

======List of files/folders created in the last 1 month======

2011-12-07 16:19:15 ----D---- C:\rsit
2011-12-07 16:13:03 ----A---- C:\WINDOWS\system32\WgaTray.exe
2011-12-07 16:13:03 ----A---- C:\WINDOWS\system32\WgaLogon.dll
2011-12-07 16:13:02 ----A---- C:\WINDOWS\system32\LegitCheckControl.dll
2011-12-07 15:09:51 ----D---- C:\Documents and Settings\Tablet\Application Data\Malwarebytes
2011-12-07 15:09:26 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2011-12-07 15:09:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-12-07 15:09:18 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-12-07 15:04:57 ----HD---- C:\WINDOWS\$NtUninstallKB975713$
2011-12-07 14:56:36 ----D---- C:\WINDOWS\Prefetch
2011-12-07 14:51:38 ----HD---- C:\WINDOWS\$NtUninstallKB961118$
2011-12-07 14:51:15 ----HD---- C:\WINDOWS\$NtUninstallKB950762$
2011-12-07 14:50:50 ----HD---- C:\WINDOWS\$NtUninstallKB971737$
2011-12-07 14:50:26 ----HD---- C:\WINDOWS\$NtUninstallKB970430$
2011-12-07 14:49:58 ----HD---- C:\WINDOWS\$NtUninstallKB980218$
2011-12-07 14:49:35 ----HD---- C:\WINDOWS\$NtUninstallKB2229593$
2011-12-07 14:49:13 ----HD---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-12-07 14:48:51 ----HD---- C:\WINDOWS\$NtUninstallKB946648$
2011-12-07 14:48:29 ----HD---- C:\WINDOWS\$NtUninstallKB952287$
2011-12-07 14:48:05 ----HD---- C:\WINDOWS\$NtUninstallKB978542$
2011-12-07 14:47:42 ----HD---- C:\WINDOWS\$NtUninstallKB979559$
2011-12-07 14:47:20 ----HD---- C:\WINDOWS\$NtUninstallKB979482$
2011-12-07 14:46:59 ----HD---- C:\WINDOWS\$NtUninstallKB958644$
2011-12-07 14:46:36 ----HD---- C:\WINDOWS\$NtUninstallKB923561$
2011-12-07 14:46:14 ----HD---- C:\WINDOWS\$NtUninstallKB975562$
2011-12-07 14:45:45 ----HD---- C:\WINDOWS\$NtUninstallKB982381$
2011-12-07 14:45:18 ----HD---- C:\WINDOWS\$NtUninstallKB968389$
2011-12-07 14:44:56 ----HD---- C:\WINDOWS\$NtUninstallKB975467$
2011-12-07 14:44:28 ----HD---- C:\WINDOWS\$NtUninstallKB956572$
2011-12-07 14:44:02 ----HD---- C:\WINDOWS\$NtUninstallKB973869$
2011-12-07 14:43:39 ----HD---- C:\WINDOWS\$NtUninstallKB973687$
2011-12-07 14:43:11 ----HD---- C:\WINDOWS\$NtUninstallKB950974$
2011-12-07 14:42:50 ----HD---- C:\WINDOWS\$NtUninstallKB960225$
2011-12-07 14:42:28 ----HD---- C:\WINDOWS\$NtUninstallKB975560$
2011-12-07 14:42:07 ----HD---- C:\WINDOWS\$NtUninstallKB960803$
2011-12-07 14:41:45 ----HD---- C:\WINDOWS\$NtUninstallKB956803$
2011-12-07 14:41:24 ----HD---- C:\WINDOWS\$NtUninstallKB971468$
2011-12-07 14:40:58 ----HD---- C:\WINDOWS\$NtUninstallKB979683$
2011-12-07 14:40:36 ----HD---- C:\WINDOWS\$NtUninstallKB980232$
2011-12-07 14:40:12 ----HD---- C:\WINDOWS\$NtUninstallKB955759$
2011-12-07 14:39:51 ----HD---- C:\WINDOWS\$NtUninstallKB972270$
2011-12-07 14:39:29 ----HD---- C:\WINDOWS\$NtUninstallKB956844$
2011-12-07 14:39:06 ----HD---- C:\WINDOWS\$NtUninstallKB975561$
2011-12-07 14:38:43 ----HD---- C:\WINDOWS\$NtUninstallKB973354$
2011-12-07 14:38:16 ----HD---- C:\WINDOWS\$NtUninstallKB951066$
2011-12-07 14:37:54 ----HD---- C:\WINDOWS\$NtUninstallKB956802$
2011-12-07 14:37:32 ----HD---- C:\WINDOWS\$NtUninstallKB952954$
2011-12-07 14:37:07 ----HD---- C:\WINDOWS\$NtUninstallKB959426$
2011-12-07 14:36:45 ----HD---- C:\WINDOWS\$NtUninstallKB960859$
2011-12-07 14:36:22 ----HD---- C:\WINDOWS\$NtUninstallKB974318$
2011-12-07 14:36:01 ----HD---- C:\WINDOWS\$NtUninstallKB969059$
2011-12-07 14:35:38 ----HD---- C:\WINDOWS\$NtUninstallKB978037$
2011-12-07 14:35:18 ----HD---- C:\WINDOWS\$NtUninstallKB971657$
2011-12-07 14:34:55 ----HD---- C:\WINDOWS\$NtUninstallKB978338$
2011-12-07 14:34:32 ----HD---- C:\WINDOWS\$NtUninstallKB977914$
2011-12-07 14:34:10 ----HD---- C:\WINDOWS\$NtUninstallKB974112$
2011-12-07 14:33:48 ----HD---- C:\WINDOWS\$NtUninstallKB961501$
2011-12-07 14:33:24 ----HD---- C:\WINDOWS\$NtUninstallKB951748$
2011-12-07 14:33:02 ----HD---- C:\WINDOWS\$NtUninstallKB975025$
2011-12-07 14:32:38 ----HD---- C:\WINDOWS\$NtUninstallKB952004$
2011-12-07 14:32:16 ----HD---- C:\WINDOWS\$NtUninstallKB974571$
2011-12-07 14:31:54 ----HD---- C:\WINDOWS\$NtUninstallKB973507$
2011-12-07 14:31:27 ----HD---- C:\WINDOWS\$NtUninstallKB970238$
2011-12-07 14:31:01 ----HD---- C:\WINDOWS\$NtUninstallKB967715$
2011-12-07 14:30:39 ----HD---- C:\WINDOWS\$NtUninstallKB978706$
2011-12-07 14:30:14 ----HD---- C:\WINDOWS\$NtUninstallKB973815$
2011-12-07 14:29:52 ----HD---- C:\WINDOWS\$NtUninstallKB969947$
2011-12-07 14:29:30 ----HD---- C:\WINDOWS\$NtUninstallKB974392$
2011-12-07 14:29:09 ----HD---- C:\WINDOWS\$NtUninstallKB978601$
2011-12-07 14:28:43 ----HD---- C:\WINDOWS\$NtUninstallKB979309$
2011-12-07 14:18:21 ----A---- C:\WINDOWS\setuplog.txt
2011-12-07 14:13:39 ----D---- C:\WINDOWS\system32\scripting
2011-12-07 14:13:37 ----D---- C:\WINDOWS\l2schemas
2011-12-07 14:13:34 ----D---- C:\WINDOWS\system32\en
2011-12-07 14:13:34 ----D---- C:\WINDOWS\system32\bits
2011-12-07 14:01:59 ----D---- C:\WINDOWS\network diagnostic
2011-12-07 13:46:27 ----HD---- C:\WINDOWS\$NtServicePackUninstall$
2011-11-28 20:46:26 ----SHD---- C:\FOUND.000

======List of files/folders modified in the last 1 month======

2011-12-07 16:00:30 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-12-07 15:49:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-12-07 15:02:10 ----A---- C:\WINDOWS\WINCMD.INI
2011-12-07 15:00:32 ----A---- C:\WINDOWS\OEWABLog.txt
2011-12-07 14:52:12 ----A---- C:\WINDOWS\imsins.BAK
2011-11-29 15:08:26 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2011-11-28 19:01:24 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-11-09 06:01:12 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 ClntMgmt.sys;ClntMgmt.sys; C:\WINDOWS\System32\Drivers\ClntMgmt.sys [2002-04-26 54304]
R1 Crusoe;Transmeta Crusoe Processor Driver; C:\WINDOWS\system32\DRIVERS\crusoe.sys [2008-04-13 36736]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-08-22 98752]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2002-10-08 1140192]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2002-06-05 139776]
R3 FinePnt;FinePoint Innovations Serial HID Driver; C:\WINDOWS\system32\DRIVERS\FpHidDrv.sys [2002-09-28 14464]
R3 HBtnKey;Compaq Tablet PC Key Buttons HID Driver; C:\WINDOWS\system32\DRIVERS\CPQBttn.sys [2002-06-26 9600]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 NMSCFG;NIC Management Service Configuration Driver; \??\C:\WINDOWS\system32\drivers\NMSCFG.SYS []
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2003-01-31 931770]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-10-11 518720]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 CWL200WLAN;Compaq 802.11b WLAN Mini-PCI; C:\WINDOWS\system32\DRIVERS\cwl200.sys [2003-01-22 74112]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-07-11 101120]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\ac97via.sys [2004-08-03 84480]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 NMSSvc;Intel(R) NMS; C:\WINDOWS\system32\NMSSvc.exe [2002-05-03 1118208]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2003-01-31 61440]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-07-15 45056]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-16 136176]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-16 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 07 pro 2011 17:58

Zdravím!
Dvouklikem na soubor C:\Program Files\trend micro\Tablet.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R3 - URLSearchHook: (no name) - - (no file)
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/sho ... wflash.cab

a klikněte na >Fix checked<. Restartujte PC. Dál bych doporučil vyčistit PC od balastu CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 .

aksula · #3 Příspěvek od **aksula** » 07 pro 2011 20:30

Děkuji za odpověď, vše jsem provedl dle pokynů a vypadá to, že se ntb zrychlil a procesor už není tolik vytížen. Chtěl bych se ještě zeptat, zda-li je jinak log v pořádku nebo je potřeba provést ještě nějaké další kroky? Děkuji

#4 Příspěvek od **Rudy** » 07 pro 2011 20:46

Log je jinak OK. Nemáte-li nějaký další problém, mělo by to být vše.

aksula · #5 Příspěvek od **aksula** » 07 pro 2011 20:50

Mockrát tedy děkuji

#6 Příspěvek od **Rudy** » 07 pro 2011 20:52

Nemáte zač!

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu