Zasekávání PC - programy neodpovídájí

[emalc]

Zdravím ve sváteční nepracovní den
Mám problém s jedním PC na opravu, před 14 dní byla udělaná čistá instalace, nicméně uživatel je jakýsi kutil, nyní se počítač často zasekává, je pomalý a sem tam programy neopovídají třeba 30 sekund než se vše zase rozjete.

Níže log z DDS.

Díky

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16476
Run by Domací at 9:06:04 on 2013-05-01
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2048.1038 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Windows\system32\schtasks.exe
C:\Windows\system32\conhost.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Windows\system32\sppsvc.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\SoftwareDistribution\Download\Install\Silverlight.exe
c:\4b56c59836c0442df5d3bdcb\install.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\Installer\MSI8EA5.tmp
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Microsoft Silverlight\5.1.10411.0\coregen.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www1.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=2C5F000ACD122D21
uURLSearchHooks: SimilarWeb: {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - c:\program files\similarweb\SimilarWeb.dll
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mURLSearchHooks: SimilarWeb: {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - c:\program files\similarweb\SimilarWeb.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
TB: SimilarWeb: {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - c:\program files\similarweb\SimilarWeb.dll
EB: SimilarWeb: {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - c:\program files\similarweb\SimilarWeb.dll
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [Hoolapp Android] "c:\users\domac~1\appdata\roaming\hoolap~1\Hoolapp.exe" /Minimized
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {5D06ED6E-DA78-4486-A246-B131A2C39807} - {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - c:\program files\similarweb\SimilarWeb.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{BA9789C1-0C21-401D-845D-11DEAF55EC20} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
AppInit_DLLs= c:\progra~2\browse~1\261249~1.132\{c16c1~1\browse~1.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 validation.sls.microsoft.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\domací\appdata\roaming\mozilla\firefox\profiles\zg08m6gs.default\
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2013-3-28 242240]
R2 BrowserProtect;BrowserProtect;c:\programdata\browserprotect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-4-21 2787280]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-1-20 100328]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 ovt530;Webcam Deluxe;c:\windows\system32\drivers\ov530vid.sys [2013-3-28 161792]
.
=============== Created Last 30 ================
.
2013-05-01 07:06:05 -------- d-----w- c:\users\domacý\appdata\local\Microsoft
2013-05-01 07:04:18 -------- d-----w- C:\4b56c59836c0442df5d3bdcb
2013-05-01 06:25:54 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2013-05-01 06:25:54 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2013-05-01 06:25:54 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-05-01 06:25:41 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2013-04-30 23:14:27 7450888 ----a-w- c:\program files\common files\windows live\.cache\6e303ae91ce45f847\bingbarsetup.exe
2013-04-30 23:12:05 15712 ----a-w- c:\program files\common files\windows live\.cache\20e5df4b1ce45f839\MeshBetaRemover.exe
2013-04-30 23:08:04 537432 ----a-w- c:\program files\common files\windows live\.cache\8ce928f71ce45f72b\DXSETUP.exe
2013-04-30 23:08:04 1801048 ----a-w- c:\program files\common files\windows live\.cache\8ce928f71ce45f72b\dsetup32.dll
2013-04-30 23:08:03 89944 ----a-w- c:\program files\common files\windows live\.cache\8ce928f71ce45f72b\DSETUP.dll
2013-04-30 23:07:54 94040 ----a-w- c:\program files\common files\windows live\.cache\8248cdd51ce45f72a\DSETUP.dll
2013-04-30 23:07:54 525656 ----a-w- c:\program files\common files\windows live\.cache\8248cdd51ce45f72a\DXSETUP.exe
2013-04-30 23:07:54 1691480 ----a-w- c:\program files\common files\windows live\.cache\8248cdd51ce45f72a\dsetup32.dll
2013-04-30 23:03:29 6260088 ----a-w- c:\program files\common files\windows live\.cache\e733579d1ce45f617\Silverlight.4.0.exe
2013-04-30 22:56:23 -------- d-----w- c:\program files\common files\Windows Live
2013-04-30 21:46:40 740840 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{d7969706-be6a-3969-4e8a-8d1950080139}\GapaEngine.dll
2013-04-30 15:43:29 195816 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-30 14:53:21 6906960 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{00a62802-ccf5-407d-baea-7068aaf9b110}\mpengine.dll
2013-04-30 14:50:18 -------- d-----w- c:\windows\system32\searchplugins
2013-04-30 14:50:18 -------- d-----w- c:\windows\system32\Extensions
2013-04-30 14:49:07 -------- d-----w- c:\windows\system32\Wat
2013-04-30 04:08:49 757376 ----a-w- c:\program files\internet explorer\iexplore.exe
2013-04-30 04:08:49 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-04-30 04:08:44 387584 ----a-w- c:\program files\internet explorer\jsdbgui.dll
2013-04-30 04:08:40 678912 ----a-w- c:\program files\internet explorer\iedvtool.dll
2013-04-30 04:08:40 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-30 03:59:25 1210728 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-30 03:59:20 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-04-30 03:58:15 3958120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-30 03:58:15 3902312 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-30 03:58:14 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-30 03:58:14 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-30 03:57:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-04-30 03:57:13 2691072 ----a-w- c:\windows\system32\mstscax.dll
2013-04-30 03:57:12 131072 ----a-w- c:\windows\system32\aaclient.dll
2013-04-30 03:57:10 36864 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-29 19:41:45 6906960 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-04-29 18:49:07 -------- d-sh--w- C:\found.000
2013-04-24 16:13:12 740840 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\nisbackup\gapaengine.dll
2013-04-24 16:13:09 706640 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{04123437-5b98-4e62-8699-e46fe9e97f13}\gapaengine.dll
2013-04-21 19:42:09 -------- d-----w- c:\program files\Optimizer Pro
2013-04-21 19:41:52 -------- d-----w- c:\programdata\BrowserProtect
2013-04-21 19:41:17 -------- d-----w- c:\users\domací\appdata\roaming\Babylon
2013-04-21 19:41:17 -------- d-----w- c:\programdata\Babylon
2013-04-21 19:39:27 -------- d-----w- c:\program files\DAEMON Tools Lite
2013-04-15 13:04:40 26520 ----a-w- c:\program files\mozilla firefox\plugin-hang-ui.exe
2013-04-09 19:27:22 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2013-04-09 19:27:20 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2013-04-09 19:26:49 -------- d-----w- c:\program files\Winamp Detect
2013-04-09 19:26:29 -------- d-----w- c:\program files\common files\PX Storage Engine
2013-04-09 19:26:21 -------- d-----w- c:\users\domací\appdata\roaming\Winamp
2013-04-09 19:24:40 -------- d-----w- c:\users\domací\appdata\roaming\Canneverbe Limited
2013-04-09 19:22:22 -------- d-----w- c:\programdata\Canneverbe Limited
2013-04-08 14:11:12 -------- d-----w- c:\windows\system32\EventProviders
2013-04-08 14:10:59 -------- d-----w- C:\7193ce61e7ca88de80b5
2013-04-08 13:34:59 802304 ----a-w- c:\windows\system32\FntCache.dll
2013-04-07 19:46:39 -------- d--h--w- c:\windows\PIF
2013-04-06 13:26:27 -------- d-----w- c:\program files\Elaborate Bytes
2013-04-06 13:00:57 -------- d-----w- c:\programdata\SimilarWeb
2013-04-06 13:00:49 -------- d-----w- c:\program files\SimilarWeb
2013-04-06 13:00:46 466008 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-04-06 13:00:42 -------- d-----w- c:\users\domací\appdata\roaming\SimilarWeb
2013-04-06 13:00:29 -------- d-----w- c:\program files\SimilarSites
2013-04-05 19:46:02 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-05 19:46:02 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-01 17:32:46 -------- d-----w- c:\users\domací\appdata\roaming\Skype
2013-04-01 17:32:34 -------- d-----r- c:\program files\Skype
.
==================== Find3M ====================
.
2013-04-30 14:50:09 409088 ----a-w- c:\windows\system32\systemcpl.dll
2013-04-30 14:50:09 13824 ----a-w- c:\windows\system32\slwga.dll
2013-04-30 14:50:07 811520 ----a-w- c:\windows\system32\user32.dll
2013-04-15 04:48:14 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-15 04:48:12 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-02 10:33:22 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-03-28 16:15:00 319488 ----a-w- c:\windows\HideWin.exe
2013-03-28 12:36:40 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-02-22 03:38:00 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-02-22 03:34:17 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-22 03:34:03 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-02-22 03:31:46 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 9:08:53,67 ===============

[vyosek]

Zdravim

To mate nejaky servsi nebo si tim privydelavate nebo jak?? Ze pisete, ze mate PC na opravu

Tu cistou instalaci jste tam provadel vy?

[emalc]

Servis nemám. Instalaci prováděl uživatel. Nějaká rada?

[vyosek]

Bohuzel rada nebude, jelikoz dle logu je windows evidentne nelegalni a pravidla fora hovori jasne

Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.)

[emalc]

Zajímavé, bojuje se tu proti virům nebo proti nelegálnímu softwaru?

Mimo to Microsoft Security Essentials našel 2 infikované soubory, které jsou nyní smazané, ale problém přetrvává.

[vyosek]

Bojuje se tu proti virum za splneni predem danych podminek, mezi kterymi je i mimojine legalni system...

[emalc]

vyosek: Tak díky moc za pomoc, určitě se tu zase někdy stavím, je tu opravdu přínos sem chodit.

[vyosek]

Pekny den

A na zaklade Pravidla o zamykani temat