Prosim o kontrolu

[Linux]

Zdravim,

Dostal sa mi do rúk sestrin NTB. Stazovala sa ze je dosť pomaly a tak by som chcel vediet či to nespôsobuje nejaký vírus. Pridávam RSIT Log.

Dakujem.


Logfile of random's system information tool 1.08 (written by random/random)
Run by UserXP at 2011-06-03 14:31:28
Microsoft Windows XP Professional Service Pack 2
System drive C: has 937 MB (25%) free of 4 GB
Total RAM: 503 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:31:40, on 3.6.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Asus\EeePC ACPI\AsTray.exe
C:\Program Files\Asus\EeePC ACPI\AsAcpiSvr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\program files\avira\antivir desktop\avcenter.exe
C:\Program Files\Avira\AntiVir Desktop\avscan.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Documents and Settings\UserXP\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\UserXP.exe

O4 - HKLM\..\Run: [AsusTray] C:\Program Files\Asus\EeePC ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\Asus\EeePC ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

--
End of file - 2776 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"AsusTray"=C:\Program Files\Asus\EeePC ACPI\AsTray.exe [2007-09-28 77824]
"AsusACPIServer"=C:\Program Files\Asus\EeePC ACPI\AsAcpiSvr.exe [2007-10-02 450560]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-09-22 104984]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-09-22 121368]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-09-22 100888]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-09-04 16841216]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-08-04 1826816]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-04 69632]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-08-18 102400]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-11-29 281768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-10-08 155648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=181
"NoDriveAutoRun"=0xE0FFFF03

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2011-06-03 14:29:00 ----D---- C:\Program Files\trend micro
2011-06-03 14:28:59 ----D---- C:\rsit
2011-05-08 21:53:43 ----D---- C:\WINDOWS\system32\appmgmt

======List of files/folders modified in the last 1 months======

2011-06-03 14:29:54 ----D---- C:\WINDOWS\Prefetch
2011-06-03 14:29:00 ----RD---- C:\Program Files
2011-06-03 14:24:11 ----SHD---- C:\System Volume Information
2011-06-03 14:22:38 ----D---- C:\WINDOWS\system32\NtmsData
2011-06-03 14:16:49 ----D---- C:\WINDOWS\Registration
2011-06-03 14:09:23 ----D---- C:\Program Files\Mozilla Firefox
2011-06-03 13:59:49 ----D---- C:\WINDOWS\system32\CatRoot2
2011-06-03 13:58:51 ----D---- C:\WINDOWS\Temp
2011-06-02 15:58:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-05-08 22:08:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-05-08 21:56:43 ----D---- C:\WINDOWS
2011-05-08 21:53:43 ----D---- C:\WINDOWS\system32
2011-05-08 21:53:42 ----SHD---- C:\WINDOWS\Installer
2011-05-08 21:53:40 ----RD---- C:\Program Files\Skype
2011-05-08 18:33:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2011-05-08 137656]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-11-29 61960]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-06 546976]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2007-07-26 11264]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2006-10-08 1181824]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-09-06 4611072]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-08-18 212704]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-05-08 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-05-08 136360]

-----------------EOF-----------------

[Danstahr]

Zdravím,
večer na to mrknu.

[Danstahr]

Dobrý večer,

log vypadá čistý.

Doporučení :

Aktualizovat systém i IE (i když se nepoužívá).
System drive C: has 937 MB (25%) free of 4 GB 4 GB na systém je docela málo, doporučoval bych zvětšit systémovou partition.
Můžeme povypínat programy, které se zbytečně spouštějí při startu a mohou degradovat výkon, máte zájem

[Linux]

zväčšiť systémovú Patríciu nepôjde je to totiž malý eepc od asus, na systém je vyhradených iba 4Gb + je tam ešte prídavná 8GB SD karta to je vše

čo sa týka vypínania programov, áno záujem by bol chcel som to urobiť sám ale sú tam veci ktoré vôbec nepoznám takže som to radšej nechal tak...

[Danstahr]

Kdybyste něco postrádal, stačí říct a hodíme to zpátky.

Na stránce http://tinyurl.com/653f7oz vložte do okna následující skript a potvrďte tlačítkem OK. Stažený soubor spusťte a potvrďte přidání do registru.

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""=-
"AsusTray"=-
"IgfxTray"=-
"HotKeysCmds"=-
"Persistence"=-

Poté restartujte PC a vložte nový log.