Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Počítač je zpomalený po vyzkoušení HDD
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: http://forum.viry.cz/viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: http://forum.viry.cz/viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.
Počítač je zpomalený po vyzkoušení HDD
Zdravim všechny, chtěl bych se zeptat, mám problém s PC, po zapojení 3. HDD na PATA (který jsem chtěl vyzkoušet) se mi počítač zpomalil a po jeho odpojení je stále zpomalený. Disk načítá strašně dlouho všechny možné aplikace i OS se načítá strašně dlouho. Co s tím? Poraďte prosím.
-
Rudy
- Site Admin
- Příspěvky: 119359
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Počítač je zpomalený po vyzkoušení HDD
Zdravím!
Zkusíme tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .
Zkusíme tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Počítač je zpomalený po vyzkoušení HDD
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Filip (administrator) on FILIP-PC on 16-03-2014 19:43:44
Running from C:\Users\Filip\Desktop
Windows 7 Ultimate (X64) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) X:\Program Files\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) X:\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Piriform Ltd) C:\Program Files\Defraggler\Defraggler64.exe
(Mozilla Corporation) X:\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [1923640 2009-10-07] (ESET)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-1330902678-333504010-4275633657-1000\...\Run: [AlcoholAutomount] - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe [203928 2009-04-24] (Alcohol Soft Development Team)
HKU\S-1-5-21-1330902678-333504010-4275633657-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1330902678-333504010-4275633657-1000\...\Run: [Steam] - X:\Program Files\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-1330902678-333504010-4275633657-1000\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3598680 2014-01-31] (Electronic Arts)
HKU\S-1-5-21-1330902678-333504010-4275633657-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_43_Plugin.exe [840072 2014-01-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-1330902678-333504010-4275633657-1000\...\MountPoints2: {efb9267c-7f92-11e3-ab0f-806e6f6e6963} - D:\Autorun.exe
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.89.1.2 193.85.214.17
FireFox:
========
FF ProfilePath: C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\9ok0xkrl.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: DownThemAll! - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\9ok0xkrl.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-01-19]
FF StartMenuInternet: FIREFOX.EXE - X:\Mozilla Firefox\firefox.exe
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [23296 2009-10-07] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [472280 2009-10-07] (ESET)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-01-31] ()
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [44944 2009-10-07] (ESET)
R1 easdrv; C:\Windows\System32\DRIVERS\easdrv.sys [54232 2009-10-07] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82536 2009-10-07] (ESET)
R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [33608 2009-10-07] (ESET)
R1 epfwtdi; C:\Windows\System32\DRIVERS\epfwtdi.sys [68616 2009-10-07] (ESET)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2014-01-18] ()
U3 ap4aqf5r; C:\Windows\System32\Drivers\ap4aqf5r.sys [0 ] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-16 19:43 - 2014-03-16 19:44 - 00009116 _____ () C:\Users\Filip\Desktop\FRST.txt
2014-03-16 19:43 - 2014-03-16 19:43 - 00000000 ____D () C:\FRST
2014-03-16 19:39 - 2014-03-13 04:38 - 02157056 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe
2014-03-16 19:39 - 2013-12-05 16:07 - 00112640 _____ (forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe
2014-03-16 18:15 - 2014-02-25 20:32 - 00000000 ____D () C:\Users\Filip\Desktop\Electronic Super Joy OST
2014-03-16 17:59 - 2014-02-25 21:15 - 177654958 _____ () C:\Users\Filip\Downloads\Electronic-Super-Joy-OST.rar
2014-03-16 16:45 - 2010-09-20 13:05 - 06664704 _____ (Hazar & Co.) C:\Users\Filip\Desktop\RemoveWAT.exe
2014-03-15 14:27 - 2014-03-16 16:49 - 00000168 _____ () C:\Windows\setupact.log
2014-03-15 14:27 - 2014-03-15 14:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-15 13:30 - 2014-03-16 16:55 - 00000000 ____D () C:\Program Files\Defraggler
2014-03-15 13:30 - 2014-03-16 08:23 - 00001768 _____ () C:\Users\Filip\Desktop\Defraggler.lnk
2014-02-24 17:47 - 2014-03-15 12:48 - 00000000 ____D () C:\Windows\Minidump
2014-02-16 12:02 - 2014-02-16 12:02 - 00000000 ____D () C:\Users\Filip\AppData\Local\Blizzard Entertainment
==================== One Month Modified Files and Folders =======
2014-03-16 19:44 - 2014-03-16 19:43 - 00009116 _____ () C:\Users\Filip\Desktop\FRST.txt
2014-03-16 19:43 - 2014-03-16 19:43 - 00000000 ____D () C:\FRST
2014-03-16 16:56 - 2009-07-14 05:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-16 16:56 - 2009-07-14 05:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-16 16:55 - 2014-03-15 13:30 - 00000000 ____D () C:\Program Files\Defraggler
2014-03-16 16:49 - 2014-03-15 14:27 - 00000168 _____ () C:\Windows\setupact.log
2014-03-16 16:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-16 16:47 - 2014-01-17 17:21 - 00366282 _____ () C:\Windows\WindowsUpdate.log
2014-03-16 16:46 - 2009-07-14 00:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2014-03-16 16:46 - 2009-07-14 00:52 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-03-16 16:46 - 2009-07-14 00:38 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-03-16 16:46 - 2009-07-14 00:36 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2014-03-16 16:46 - 2009-07-14 00:24 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-03-16 08:23 - 2014-03-15 13:30 - 00001768 _____ () C:\Users\Filip\Desktop\Defraggler.lnk
2014-03-15 18:10 - 2009-07-14 16:18 - 00665706 _____ () C:\Windows\system32\perfh005.dat
2014-03-15 18:10 - 2009-07-14 16:18 - 00139402 _____ () C:\Windows\system32\perfc005.dat
2014-03-15 18:10 - 2009-07-14 06:13 - 01575230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-15 14:27 - 2014-03-15 14:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-15 13:26 - 2014-01-18 12:44 - 00000000 ____D () C:\Users\Filip\Desktop\Hry
2014-03-15 12:48 - 2014-02-24 17:47 - 00000000 ____D () C:\Windows\Minidump
2014-03-14 21:45 - 2014-01-18 12:04 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\.minecraft
2014-03-14 15:56 - 2014-01-18 17:40 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\Skype
2014-03-13 04:38 - 2014-03-16 19:39 - 02157056 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe
2014-03-10 15:27 - 2014-01-18 17:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-04 22:03 - 2014-01-18 11:30 - 00001974 _____ () C:\Users\Filip\Desktop\Software.lnk
2014-02-27 20:05 - 2014-01-31 16:50 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-02-25 21:15 - 2014-03-16 17:59 - 177654958 _____ () C:\Users\Filip\Downloads\Electronic-Super-Joy-OST.rar
2014-02-25 20:32 - 2014-03-16 18:15 - 00000000 ____D () C:\Users\Filip\Desktop\Electronic Super Joy OST
2014-02-24 17:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-02-17 17:52 - 2014-02-05 14:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 12:02 - 2014-02-16 12:02 - 00000000 ____D () C:\Users\Filip\AppData\Local\Blizzard Entertainment
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Smart Security 3.0 (Enabled - Up to date) {CB0F8167-5331-BA19-698E-64816B6801A5}
AS: ESET Smart Security 3.0 (Enabled - Up to date) {706E6083-750B-B597-533E-5FF310EF4B18}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Enabled) {F3340042-195E-BB41-42D1-CDB495BB46DE}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Filip\Desktop" je 218 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Filip (administrator) on FILIP-PC on 16-03-2014 19:43:44
Running from C:\Users\Filip\Desktop
Windows 7 Ultimate (X64) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) X:\Program Files\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) X:\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Piriform Ltd) C:\Program Files\Defraggler\Defraggler64.exe
(Mozilla Corporation) X:\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [1923640 2009-10-07] (ESET)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-1330902678-333504010-4275633657-1000\...\Run: [AlcoholAutomount] - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe [203928 2009-04-24] (Alcohol Soft Development Team)
HKU\S-1-5-21-1330902678-333504010-4275633657-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1330902678-333504010-4275633657-1000\...\Run: [Steam] - X:\Program Files\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-1330902678-333504010-4275633657-1000\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3598680 2014-01-31] (Electronic Arts)
HKU\S-1-5-21-1330902678-333504010-4275633657-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_43_Plugin.exe [840072 2014-01-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-1330902678-333504010-4275633657-1000\...\MountPoints2: {efb9267c-7f92-11e3-ab0f-806e6f6e6963} - D:\Autorun.exe
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.89.1.2 193.85.214.17
FireFox:
========
FF ProfilePath: C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\9ok0xkrl.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: DownThemAll! - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\9ok0xkrl.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-01-19]
FF StartMenuInternet: FIREFOX.EXE - X:\Mozilla Firefox\firefox.exe
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [23296 2009-10-07] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [472280 2009-10-07] (ESET)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-01-31] ()
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [44944 2009-10-07] (ESET)
R1 easdrv; C:\Windows\System32\DRIVERS\easdrv.sys [54232 2009-10-07] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82536 2009-10-07] (ESET)
R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [33608 2009-10-07] (ESET)
R1 epfwtdi; C:\Windows\System32\DRIVERS\epfwtdi.sys [68616 2009-10-07] (ESET)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2014-01-18] ()
U3 ap4aqf5r; C:\Windows\System32\Drivers\ap4aqf5r.sys [0 ] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-16 19:43 - 2014-03-16 19:44 - 00009116 _____ () C:\Users\Filip\Desktop\FRST.txt
2014-03-16 19:43 - 2014-03-16 19:43 - 00000000 ____D () C:\FRST
2014-03-16 19:39 - 2014-03-13 04:38 - 02157056 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe
2014-03-16 19:39 - 2013-12-05 16:07 - 00112640 _____ (forum.viry.cz) C:\Users\Filip\Desktop\FRSTLauncher.exe
2014-03-16 18:15 - 2014-02-25 20:32 - 00000000 ____D () C:\Users\Filip\Desktop\Electronic Super Joy OST
2014-03-16 17:59 - 2014-02-25 21:15 - 177654958 _____ () C:\Users\Filip\Downloads\Electronic-Super-Joy-OST.rar
2014-03-16 16:45 - 2010-09-20 13:05 - 06664704 _____ (Hazar & Co.) C:\Users\Filip\Desktop\RemoveWAT.exe
2014-03-15 14:27 - 2014-03-16 16:49 - 00000168 _____ () C:\Windows\setupact.log
2014-03-15 14:27 - 2014-03-15 14:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-15 13:30 - 2014-03-16 16:55 - 00000000 ____D () C:\Program Files\Defraggler
2014-03-15 13:30 - 2014-03-16 08:23 - 00001768 _____ () C:\Users\Filip\Desktop\Defraggler.lnk
2014-02-24 17:47 - 2014-03-15 12:48 - 00000000 ____D () C:\Windows\Minidump
2014-02-16 12:02 - 2014-02-16 12:02 - 00000000 ____D () C:\Users\Filip\AppData\Local\Blizzard Entertainment
==================== One Month Modified Files and Folders =======
2014-03-16 19:44 - 2014-03-16 19:43 - 00009116 _____ () C:\Users\Filip\Desktop\FRST.txt
2014-03-16 19:43 - 2014-03-16 19:43 - 00000000 ____D () C:\FRST
2014-03-16 16:56 - 2009-07-14 05:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-16 16:56 - 2009-07-14 05:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-16 16:55 - 2014-03-15 13:30 - 00000000 ____D () C:\Program Files\Defraggler
2014-03-16 16:49 - 2014-03-15 14:27 - 00000168 _____ () C:\Windows\setupact.log
2014-03-16 16:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-16 16:47 - 2014-01-17 17:21 - 00366282 _____ () C:\Windows\WindowsUpdate.log
2014-03-16 16:46 - 2009-07-14 00:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2014-03-16 16:46 - 2009-07-14 00:52 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-03-16 16:46 - 2009-07-14 00:38 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-03-16 16:46 - 2009-07-14 00:36 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2014-03-16 16:46 - 2009-07-14 00:24 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-03-16 08:23 - 2014-03-15 13:30 - 00001768 _____ () C:\Users\Filip\Desktop\Defraggler.lnk
2014-03-15 18:10 - 2009-07-14 16:18 - 00665706 _____ () C:\Windows\system32\perfh005.dat
2014-03-15 18:10 - 2009-07-14 16:18 - 00139402 _____ () C:\Windows\system32\perfc005.dat
2014-03-15 18:10 - 2009-07-14 06:13 - 01575230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-15 14:27 - 2014-03-15 14:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-15 13:26 - 2014-01-18 12:44 - 00000000 ____D () C:\Users\Filip\Desktop\Hry
2014-03-15 12:48 - 2014-02-24 17:47 - 00000000 ____D () C:\Windows\Minidump
2014-03-14 21:45 - 2014-01-18 12:04 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\.minecraft
2014-03-14 15:56 - 2014-01-18 17:40 - 00000000 ____D () C:\Users\Filip\AppData\Roaming\Skype
2014-03-13 04:38 - 2014-03-16 19:39 - 02157056 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe
2014-03-10 15:27 - 2014-01-18 17:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-04 22:03 - 2014-01-18 11:30 - 00001974 _____ () C:\Users\Filip\Desktop\Software.lnk
2014-02-27 20:05 - 2014-01-31 16:50 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-02-25 21:15 - 2014-03-16 17:59 - 177654958 _____ () C:\Users\Filip\Downloads\Electronic-Super-Joy-OST.rar
2014-02-25 20:32 - 2014-03-16 18:15 - 00000000 ____D () C:\Users\Filip\Desktop\Electronic Super Joy OST
2014-02-24 17:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-02-17 17:52 - 2014-02-05 14:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 12:02 - 2014-02-16 12:02 - 00000000 ____D () C:\Users\Filip\AppData\Local\Blizzard Entertainment
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Smart Security 3.0 (Enabled - Up to date) {CB0F8167-5331-BA19-698E-64816B6801A5}
AS: ESET Smart Security 3.0 (Enabled - Up to date) {706E6083-750B-B597-533E-5FF310EF4B18}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Enabled) {F3340042-195E-BB41-42D1-CDB495BB46DE}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Filip\Desktop" je 218 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 119359
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Počítač je zpomalený po vyzkoušení HDD
Jak je na tom váš oper. systém s legalitou?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Počítač je zpomalený po vyzkoušení HDD
Ten je OK, s tím problém není. To spíš ty disky, přemejšlím jestli přeinstalovat OS nebo něco jiného právě udělat..
Re: Počítač je zpomalený po vyzkoušení HDD
Zdravim 
Omlouvam se kolegovi za vstup
Prominte, ale system, ktery ma "legalitu OK" dle meho nepotrebuje nastroj na odstraneni upozorneni na nelegalni system, ktery jste tam pouzil 
Omlouvam se kolegovi za vstup Prominte, ale system, ktery ma "legalitu OK" dle meho nepotrebuje nastroj na odstraneni upozorneni na nelegalni system, ktery jste tam pouzil "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?