Prosím o kontrolu logu!

Zpráva

klim11 · #1 Příspěvek od **klim11** » 23 bře 2012 16:15

zdravím,jen prevence.
Ps.:občas net zamrzne nebo i spadne-jinak nic jiného!
posílám log RSIT!

Logfile of random's system information tool 1.09 (written by random/random)
Run by Libas at 2012-03-23 16:05:24
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 446 GB (94%) free of 477 GB
Total RAM: 3071 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:05:34, on 23.3.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Libas\Desktop\RSIT.exe
C:\Program Files\trend micro\Libas.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe

--
End of file - 1922 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Libas\AppData\Roaming\Mozilla\Firefox\Profiles\q4c7qiz7.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2011-12-18 73360]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2011-11-03 738944]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-03-23 16:05:26 ----D---- C:\Program Files\trend micro
2012-03-23 16:05:24 ----D---- C:\rsit
2012-03-23 15:55:56 ----ASH---- C:\hiberfil.sys
2012-03-23 15:44:19 ----D---- C:\Windows\system32\drivers\etc
2012-03-21 15:32:15 ----SD---- C:\32788R22FWJFW
2012-03-21 15:25:21 ----SHD---- C:\$RECYCLE.BIN
2012-03-20 13:44:18 ----A---- C:\Windows\system32\RegistryDefragBootTime.exe
2012-03-20 13:28:56 ----D---- C:\ProgramData\IObit
2012-03-20 13:05:18 ----D---- C:\Program Files\Microsoft Security Client
2012-03-17 15:59:22 ----D---- C:\Windows\Minidump
2012-03-14 08:23:45 ----A---- C:\Windows\system32\win32k.sys
2012-03-14 08:23:44 ----A---- C:\Windows\system32\DWrite.dll
2012-03-14 08:23:44 ----A---- C:\Windows\system32\d3d10_1core.dll
2012-03-14 08:23:43 ----A---- C:\Windows\system32\d3d10warp.dll
2012-03-14 08:23:43 ----A---- C:\Windows\system32\d3d10_1.dll
2012-03-14 08:23:43 ----A---- C:\Windows\system32\d2d1.dll
2012-03-14 08:23:42 ----A---- C:\Windows\system32\rdpencom.dll
2012-03-14 08:23:42 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-03-13 10:33:46 ----D---- C:\ProgramData\Sun
2012-03-13 10:33:45 ----D---- C:\Program Files\Common Files\Java
2012-03-13 10:33:36 ----A---- C:\Windows\system32\npdeployJava1.dll
2012-03-13 10:33:36 ----A---- C:\Windows\system32\deployJava1.dll
2012-03-13 10:30:55 ----D---- C:\Program Files\FileHippo.com
2012-03-13 10:19:58 ----D---- C:\Users\Libas\AppData\Roaming\Mozilla
2012-03-12 14:22:17 ----D---- C:\Users\Libas\AppData\Roaming\ChessBase
2012-03-12 14:18:02 ----D---- C:\ProgramData\ChessBase
2012-03-12 14:18:02 ----D---- C:\Program Files\ChessBase
2012-03-12 14:18:02 ----D---- C:\Program Files\Common Files\ChessBase
2012-03-12 14:12:48 ----D---- C:\ProgramData\DAEMON Tools Lite
2012-03-07 20:05:26 ----D---- C:\ProgramData\ManiaPlanet
2012-03-07 20:05:26 ----D---- C:\Program Files\ManiaPlanet

======List of files/folders modified in the last 1 month======

2012-03-23 16:05:26 ----RD---- C:\Program Files
2012-03-23 16:05:22 ----D---- C:\Windows\Temp
2012-03-23 16:03:11 ----D---- C:\Windows\System32
2012-03-23 16:03:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-23 16:03:10 ----D---- C:\Windows\inf
2012-03-23 16:02:59 ----D---- C:\Windows\system32\drivers
2012-03-23 15:59:34 ----D---- C:\Windows\SoftwareDistribution
2012-03-23 15:58:48 ----D---- C:\Windows
2012-03-23 15:57:41 ----D---- C:\Windows\Prefetch
2012-03-21 17:45:21 ----D---- C:\Windows\AppPatch
2012-03-21 16:48:43 ----SHD---- C:\System Volume Information
2012-03-21 15:47:52 ----D---- C:\Windows\system32\LogFiles
2012-03-21 15:32:39 ----D---- C:\Windows\ERDNT
2012-03-21 15:23:13 ----N---- C:\Windows\system.ini
2012-03-21 15:20:21 ----D---- C:\Program Files\Common Files
2012-03-20 17:55:50 ----D---- C:\ProgramData\TrackMania
2012-03-20 14:00:28 ----D---- C:\Windows\system32\config
2012-03-20 13:59:49 ----D---- C:\Boot
2012-03-20 13:56:21 ----D---- C:\Windows\system32\catroot
2012-03-20 13:52:11 ----D---- C:\Windows\system32\Tasks
2012-03-20 13:28:56 ----HD---- C:\ProgramData
2012-03-20 13:05:39 ----SHD---- C:\Windows\Installer
2012-03-20 09:06:30 ----D---- C:\Windows\system32\catroot2
2012-03-17 15:45:50 ----HD---- C:\Windows\system32\GroupPolicy
2012-03-14 10:52:33 ----D---- C:\Program Files\Mozilla Firefox
2012-03-14 08:37:50 ----D---- C:\Windows\winsxs
2012-03-14 08:33:55 ----D---- C:\Windows\Debug
2012-03-14 08:24:03 ----A---- C:\Windows\system32\mrt.exe
2012-03-14 08:23:48 ----D---- C:\Program Files\Windows Mail
2012-03-13 10:37:05 ----D---- C:\Program Files\WinRAR
2012-03-13 10:37:05 ----D---- C:\Program Files\Microsoft Silverlight
2012-03-13 10:33:26 ----A---- C:\Windows\system32\javaws.exe
2012-03-13 10:33:26 ----A---- C:\Windows\system32\javaw.exe
2012-03-13 10:33:26 ----A---- C:\Windows\system32\java.exe
2012-03-13 10:33:24 ----D---- C:\Program Files\Java
2012-03-13 10:06:48 ----D---- C:\ProgramData\Skype
2012-03-12 14:25:30 ----D---- C:\Windows\Logs
2012-03-12 14:19:28 ----RSD---- C:\Windows\Fonts
2012-03-08 11:37:29 ----D---- C:\Windows\Tasks
2012-03-08 11:37:28 ----D---- C:\Program Files\Glary Utilities
2012-03-03 11:41:04 ----D---- C:\Users\Libas\AppData\Roaming\GlarySoft
2012-03-03 09:32:24 ----D---- C:\ProgramData\CanonIJPLM
2012-03-02 12:29:36 ----D---- C:\Windows\system32\WDI
2012-02-29 12:45:18 ----D---- C:\Program Files\CCleaner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2011-05-07 451160]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2011-11-03 27016]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-03-14 2427392]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-12-13 3921448]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 Ph3xIB32;Philips 713x VU PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2011-09-14 313120]
S3 catchme;catchme; \??\C:\Users\Libas\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2011-11-03 497280]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2011-12-18 2420616]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S4 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-03-14 569344]
S4 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 23 bře 2012 19:06

Také zdravím!
Log vypadá OK. Vyčistěte PC od balastu CCleanerem: http://forum.viry.cz/viewtopic.php?f=46&t=7478 .

klim11 · #3 Příspěvek od **klim11** » 26 bře 2012 14:11

moc dík za kontrolu.

#4 Příspěvek od **Rudy** » 26 bře 2012 17:02

Nemáte zač!

VIRY.CZ

Prosím o kontrolu logu!

Prosím o kontrolu logu!

Re: Prosím o kontrolu logu!

Re: Prosím o kontrolu logu!

Re: Prosím o kontrolu logu!