Rychlá prevence!

[klim11]

Zdravím...
Mohl bych poprosit o shlédnutí mého logu,předem moc děkuji.

RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by libas at 2013-08-22 12:12:54
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 408 GB (94%) free of 435 GB
Total RAM: 3071 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:13:22, on 22.8.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16502)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Comodo\COMODO Internet Security\cis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\libas\Desktop\RSIT.exe
C:\Program Files\trend micro\libas.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe

--
End of file - 1934 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-07-08 1464536]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-08-22 12:12:55 ----D---- C:\Program Files\trend micro
2013-08-22 12:12:54 ----D---- C:\rsit
2013-08-22 11:49:57 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-08-21 17:21:35 ----ASH---- C:\hiberfil.sys
2013-08-18 13:44:22 ----D---- C:\ProgramData\VS Revo Group
2013-08-18 13:44:22 ----A---- C:\Windows\system32\drivers\revoflt.sys
2013-08-18 13:42:51 ----D---- C:\Program Files\VS Revo Group
2013-08-18 13:29:12 ----D---- C:\Users\libas\AppData\Roaming\URSoft
2013-08-18 13:29:12 ----AD---- C:\ProgramData\TEMP
2013-08-16 01:58:10 ----SHD---- C:\Recovery
2013-08-15 12:47:24 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2013-08-15 12:47:19 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2013-08-15 10:39:27 ----A---- C:\Windows\system32\WNASPI32.DLL
2013-08-15 10:39:27 ----A---- C:\Windows\system32\drivers\ASPI32.SYS
2013-08-13 20:31:56 ----A---- C:\Windows\system32\mshtmled.dll
2013-08-13 20:31:55 ----A---- C:\Windows\system32\vbscript.dll
2013-08-13 20:31:55 ----A---- C:\Windows\system32\ieui.dll
2013-08-13 20:31:54 ----A---- C:\Windows\system32\wininet.dll
2013-08-13 20:31:54 ----A---- C:\Windows\system32\msfeeds.dll
2013-08-13 20:31:54 ----A---- C:\Windows\system32\jsproxy.dll
2013-08-13 20:31:54 ----A---- C:\Windows\system32\jscript.dll
2013-08-13 20:31:54 ----A---- C:\Windows\system32\ieUnatt.exe
2013-08-13 20:31:53 ----A---- C:\Windows\system32\url.dll
2013-08-13 20:31:53 ----A---- C:\Windows\system32\jscript9.dll
2013-08-13 20:31:53 ----A---- C:\Windows\system32\iertutil.dll
2013-08-13 20:31:52 ----A---- C:\Windows\system32\urlmon.dll
2013-08-13 20:31:52 ----A---- C:\Windows\system32\ieframe.dll
2013-08-13 20:31:51 ----A---- C:\Windows\system32\mshtml.dll
2013-08-13 20:31:09 ----A---- C:\Windows\system32\wintrust.dll
2013-08-13 20:31:09 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-13 20:31:09 ----A---- C:\Windows\system32\crypt32.dll
2013-08-13 20:31:08 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-13 20:31:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-08-13 20:31:05 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-08-13 20:31:05 ----A---- C:\Windows\system32\ntdll.dll
2013-08-13 20:31:04 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-08-13 20:30:38 ----A---- C:\Windows\system32\icaapi.dll
2013-08-13 20:30:38 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-13 20:30:30 ----A---- C:\Windows\system32\tzres.dll
2013-08-13 20:30:28 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-13 10:52:55 ----D---- C:\Program Files\PokerStars
2013-08-11 14:34:01 ----SHD---- C:\$RECYCLE.BIN
2013-08-11 14:29:22 ----D---- C:\Windows\temp
2013-08-11 14:13:15 ----D---- C:\Windows\erdnt
2013-08-04 18:41:19 ----D---- C:\Program Files\Defraggler
2013-07-30 12:17:32 ----A---- C:\Windows\system32\gcapi_dll.dll
2013-07-29 10:29:15 ----DC---- C:\Windows\system32\DRVSTORE
2013-07-25 14:07:10 ----D---- C:\ProgramData\StarApp
2013-07-23 16:14:34 ----D---- C:\Users\libas\AppData\Roaming\OpenOffice
2013-07-23 16:13:57 ----D---- C:\Program Files\OpenOffice 4

======List of files/folders modified in the last 1 month======

2013-08-22 12:13:06 ----D---- C:\Windows\Prefetch
2013-08-22 12:12:55 ----RD---- C:\Program Files
2013-08-22 12:07:12 ----D---- C:\Windows\rescache
2013-08-22 11:54:34 ----D---- C:\Windows\System32
2013-08-22 11:54:34 ----D---- C:\Windows\inf
2013-08-22 11:54:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-22 08:39:58 ----D---- C:\Windows\winsxs
2013-08-22 07:59:49 ----D---- C:\Windows\system32\cs-CZ
2013-08-21 18:20:26 ----D---- C:\Windows\system32\WDI
2013-08-21 17:24:41 ----D---- C:\Windows\SoftwareDistribution
2013-08-21 17:23:54 ----D---- C:\Windows
2013-08-21 13:07:01 ----D---- C:\Users\libas\AppData\Roaming\vlc
2013-08-18 14:02:24 ----D---- C:\Windows\Logs
2013-08-18 13:47:25 ----D---- C:\Windows\system32\catroot2
2013-08-18 13:44:25 ----D---- C:\Windows\system32\drivers
2013-08-18 13:44:22 ----D---- C:\ProgramData
2013-08-18 13:35:42 ----SHD---- C:\Windows\Installer
2013-08-15 21:08:52 ----SHD---- C:\Boot
2013-08-15 15:22:34 ----D---- C:\Windows\system32\catroot
2013-08-15 12:18:49 ----SD---- C:\Users\libas\AppData\Roaming\Microsoft
2013-08-15 11:16:19 ----D---- C:\Program Files\Common Files
2013-08-14 20:31:26 ----D---- C:\Windows\Registration
2013-08-14 19:15:39 ----D---- C:\ProgramData\TrackMania
2013-08-14 13:00:31 ----D---- C:\Windows\Microsoft.NET
2013-08-14 13:00:28 ----RSD---- C:\Windows\assembly
2013-08-13 20:49:15 ----D---- C:\Windows\Debug
2013-08-13 20:47:46 ----D---- C:\Windows\system32\MRT
2013-08-13 20:46:15 ----A---- C:\Windows\system32\mrt.exe
2013-08-13 20:34:09 ----D---- C:\Windows\system32\migration
2013-08-13 20:34:09 ----D---- C:\Program Files\Internet Explorer
2013-08-11 14:37:09 ----SHD---- C:\System Volume Information
2013-08-11 14:33:51 ----D---- C:\Windows\system32\restore
2013-08-11 14:24:26 ----N---- C:\Windows\system.ini
2013-08-11 14:24:14 ----D---- C:\Windows\system32\drivers\etc
2013-08-11 14:18:53 ----D---- C:\Windows\AppPatch
2013-07-28 18:33:57 ----D---- C:\Windows\system32\Tasks
2013-07-28 18:33:57 ----D---- C:\Program Files\CCleaner
2013-07-26 16:38:45 ----D---- C:\Windows\pss
2013-07-23 16:14:04 ----RSD---- C:\Windows\Fonts
2013-07-23 10:06:16 ----D---- C:\Windows\system32\LogFiles

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2013-06-18 20072]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2013-07-08 583448]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2013-06-18 43216]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2013-06-18 85464]
R2 Aspi32;Aspi32; C:\Windows\System32\drivers\aspi32.sys [2002-07-17 16877]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-19 3240400]
R3 Ph3xIB32;Philips 713x VU PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2012-01-25 313120]
S3 catchme;catchme; \??\C:\Users\libas\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2013-07-04 104720]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2013-07-04 84752]
S3 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys []
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-07-08 4801304]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-06-18 127192]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]

-----------------EOF-----------------

[Rudy]

Zdravím!
Log vypadá OK.

[klim11]

Díky.!!! Přeji, ať se dovolená a počasí vydaří.

[Rudy]

Děkuji za přání a vy nemáte zač!