Pomalé PC, Win 7

Zpráva

Loik · #1 Příspěvek od **Loik** » 12 bře 2014 20:26

Dobrý večer,

prosím o kontrolu. Počítač je až nápadně pomalý. Je možné, že je už prostě staré "železo", nejvíc mu dává zabrat více tabů v Chrome. Pokud existuje nějaká utilita na zjištění funkčnosti Hardware - budu rád za tip.
Windows 7, Chrome, AV - MSE.

Děkuju

Log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-03-2014
Ran by Lukas (administrator) on LUKAS-MSI on 12-03-2014 20:23:05
Running from C:\Users\Lukas\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Lukas\Desktop\FRSTLauncher (1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-889490555-4007745136-3589104967-1001\...\Run: [Google Update] - C:\Users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-18] (Google Inc.)
HKU\S-1-5-21-889490555-4007745136-3589104967-1001\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-889490555-4007745136-3589104967-1001\...\Run: [55423CE9088522421F6D30D30B6126C0494804E3._service_run] - C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe [866632 2014-02-02] (Google Inc.)
HKU\S-1-5-21-889490555-4007745136-3589104967-1001\...\Run: [GoogleChromeAutoLaunch_B6C7B4C7C18B76F63DA55B9EF3CCA3DA] - C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe [866632 2014-02-02] (Google Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR Plugin: (Shockwave Flash) - C:\Users\Lukas\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Lukas\AppData\Local\Google\Chrome\Application\32.0.1700.107\gcswf32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Lukas\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Lukas\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Google Update) - C:\Users\Lukas\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (Google Translate) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2012-08-18]
CHR Extension: (SEO Profesional Toolbar) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\adecfhccdknoobplgempjhbojlbpahhn [2012-08-18]
CHR Extension: (Mr. Bounce) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajfdmocmkakkkbgcoifcenchgkokpecl [2012-08-18]
CHR Extension: (Angry Birds) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2012-08-18]
CHR Extension: (Disk Google) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-10-17]
CHR Extension: (Bookmark Sentry (scanner)) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdglbbcbmgnimogcmcdenggkpdmihlga [2013-03-07]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2012-09-12]
CHR Extension: (YouTube) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-08-18]
CHR Extension: (History 2) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahejgbbfgmlmjgdjlibphdjeldhagkp [2012-08-18]
CHR Extension: (Adblock Plus) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-08-18]
CHR Extension: (Vyhledávání Google) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-08-18]
CHR Extension: (Gmelius) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dheionainndbbpoacpnopgmnihkcmnkl [2013-03-07]
CHR Extension: (Gmail Offline Sync Optimizer) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dncjnngcblhgeeocnhmmihpanahkjbmi [2014-03-11]
CHR Extension: (Gmail Offline) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2012-12-20]
CHR Extension: (Kalendář Google) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2012-08-18]
CHR Extension: (Smartr Inbox for Gmail) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gakklmehjhhdfjjgnmpkjoemjmeomnli [2013-11-23]
CHR Extension: (AdBlock) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-08-18]
CHR Extension: (Checker Plus for Google Calendar™) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkhggnncdpfibdhinjiegagmopldibha [2012-08-18]
CHR Extension: (Allow Right-Click) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hompjdfbfmmmgflfjdlnkohcplmboaeo [2013-05-28]
CHR Extension: (Google Tasks Offline (Unofficial)) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jekhpicinnaamcmadbipjejafgkjdokh [2014-03-11]
CHR Extension: (Downloads) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb [2012-08-18]
CHR Extension: (eBay Extension for Google Chrome™) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2014-03-03]
CHR Extension: (Chromium Wheel Smooth Scroller) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb [2013-06-10]
CHR Extension: (Smooth Gestures) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld [2013-03-19]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2013-08-22]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2012-08-18]
CHR Extension: (Peněženka Google) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2012-08-18]
CHR Extension: (Better History) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb [2012-08-18]
CHR Extension: (ColorPick Eyedropper) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2012-08-18]
CHR Extension: (Collabim) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\oinjknlpcckmnnjpodcifmifeghabelo [2013-11-07]
CHR Extension: (Kontrola Kalendáře Google (od společnosti Google)) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhcbgokankfmjafalglpofmolfopek [2012-08-18]
CHR Extension: (Gmail) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-08-18]
CHR Extension: (Elegantní záložky) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnbmhmngmdppipkoognikjonljicbhnl [2013-03-07]
CHR Extension: (DriveConverter) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnijkabgdodbjffhlmbnhlccpkfappil [2013-01-04]
CHR Extension: (Streak for Gmail) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2014-03-03]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-11-16] (Advanced Micro Devices, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2012-03-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2012-03-02] (LG Electronics Inc.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-03-07] (Google Inc)
S3 androidusb; C:\Windows\System32\Drivers\lgandadb.sys [31744 2010-08-02] (Google Inc)
S3 CXSONORA; C:\Windows\System32\drivers\A885VCap64.sys [780160 2009-06-03] (AVerMedia TECHNOLOGIES, Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [29672 2012-12-03] (REALiX(tm))
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [164864 2012-02-15] (ITE )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2012-03-02] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2012-03-02] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2012-03-02] (LG Electronics Inc.)
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-12 20:23 - 2014-03-12 20:23 - 00014643 _____ () C:\Users\Lukas\Desktop\FRST.txt
2014-03-12 20:21 - 2014-03-12 20:21 - 00112640 _____ (forum.viry.cz) C:\Users\Lukas\Desktop\FRSTLauncher (1).exe
2014-03-12 20:20 - 2014-03-12 20:23 - 00000000 ____D () C:\FRST
2014-03-12 20:16 - 2014-03-12 20:17 - 02157056 _____ (Farbar) C:\Users\Lukas\Desktop\FRST64.exe
2014-03-11 21:28 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-11 21:28 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-11 21:22 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-11 21:22 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-11 21:22 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-11 21:22 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-11 21:22 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-11 21:22 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-11 21:22 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-11 21:22 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-11 21:22 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-11 21:22 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-11 21:22 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-11 21:22 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-11 21:22 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-11 21:22 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-11 21:22 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-11 21:22 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-11 21:22 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-11 21:22 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-11 21:22 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-11 21:22 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-11 21:22 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-11 21:22 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-11 21:22 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-11 21:22 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-11 21:22 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-11 21:22 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-11 21:22 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-11 21:22 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-11 21:22 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-11 21:22 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-11 21:22 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-11 21:22 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-11 21:22 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-11 21:22 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-11 21:22 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-11 21:22 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-11 21:22 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-11 21:22 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-11 21:22 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-03 08:33 - 2014-03-03 08:33 - 00001317 _____ () C:\Users\Lukas\AppData\Local\recently-used.xbel
2014-03-03 08:19 - 2014-03-03 08:20 - 00000000 ____D () C:\Program Files (x86)\GUMA8CC.tmp
2014-03-03 08:19 - 2014-03-03 08:19 - 49940480 _____ () C:\Program Files (x86)\GUTA988.tmp
2014-02-14 15:18 - 2014-02-14 15:18 - 00558624 _____ () C:\Windows\Minidump\021414-54023-01.dmp

==================== One Month Modified Files and Folders =======

2014-03-12 20:23 - 2014-03-12 20:23 - 00014643 _____ () C:\Users\Lukas\Desktop\FRST.txt
2014-03-12 20:23 - 2014-03-12 20:20 - 00000000 ____D () C:\FRST
2014-03-12 20:21 - 2014-03-12 20:21 - 00112640 _____ (forum.viry.cz) C:\Users\Lukas\Desktop\FRSTLauncher (1).exe
2014-03-12 20:17 - 2014-03-12 20:16 - 02157056 _____ (Farbar) C:\Users\Lukas\Desktop\FRST64.exe
2014-03-12 20:08 - 2012-10-19 17:45 - 00000000 ___RD () C:\Users\Lukas\Disk Google
2014-03-12 19:58 - 2012-10-19 17:43 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-12 19:57 - 2012-08-18 22:36 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-889490555-4007745136-3589104967-1001UA.job
2014-03-12 19:51 - 2012-08-18 22:13 - 01706087 _____ () C:\Windows\WindowsUpdate.log
2014-03-12 19:48 - 2013-04-01 18:01 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-12 19:36 - 2009-07-14 05:45 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-12 19:36 - 2009-07-14 05:45 - 00014224 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-12 19:21 - 2012-10-19 17:43 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-12 19:20 - 2014-01-22 11:04 - 00006121 _____ () C:\Windows\setupact.log
2014-03-12 19:20 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-11 22:03 - 2012-08-18 22:36 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-889490555-4007745136-3589104967-1001Core.job
2014-03-11 21:54 - 2009-07-14 16:18 - 00631526 _____ () C:\Windows\system32\perfh005.dat
2014-03-11 21:54 - 2009-07-14 16:18 - 00122148 _____ () C:\Windows\system32\perfc005.dat
2014-03-11 21:54 - 2009-07-14 06:13 - 01490796 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-11 21:52 - 2012-10-19 17:43 - 00003946 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-11 21:52 - 2012-10-19 17:43 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-11 21:51 - 2012-08-18 22:36 - 00003932 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-889490555-4007745136-3589104967-1001UA
2014-03-11 21:51 - 2012-08-18 22:36 - 00003536 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-889490555-4007745136-3589104967-1001Core
2014-03-11 21:49 - 2013-04-01 18:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 21:49 - 2013-04-01 18:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 21:49 - 2013-04-01 18:01 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 21:43 - 2013-04-04 12:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-11 21:38 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-03-03 08:33 - 2014-03-03 08:33 - 00001317 _____ () C:\Users\Lukas\AppData\Local\recently-used.xbel
2014-03-03 08:20 - 2014-03-03 08:19 - 00000000 ____D () C:\Program Files (x86)\GUMA8CC.tmp
2014-03-03 08:19 - 2014-03-03 08:19 - 49940480 _____ () C:\Program Files (x86)\GUTA988.tmp
2014-02-14 15:27 - 2013-07-11 07:50 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Mozilla
2014-02-14 15:18 - 2014-02-14 15:18 - 00558624 _____ () C:\Windows\Minidump\021414-54023-01.dmp
2014-02-14 15:18 - 2012-12-30 20:36 - 00000000 ____D () C:\Windows\Minidump
2014-02-14 15:18 - 2009-07-14 06:08 - 00032628 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-14 15:17 - 2013-08-30 18:28 - 271545881 ____N () C:\Windows\MEMORY.DMP

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-889490555-4007745136-3589104967-1001Core.job => C:\Users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-889490555-4007745136-3589104967-1001UA.job => C:\Users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Lukas\Desktop" je 2369 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#2 Příspěvek od **Rudy** » 12 bře 2014 21:09

Zdravím!
Jak je na tom váš oper. systém s legalitou?

Loik · #3 Příspěvek od **Loik** » 12 bře 2014 23:40

Dobrý den,

žiji v domnění, že mám systém legální. Máte podezření, že něco není v pořádku?

#4 Příspěvek od **Rudy** » 13 bře 2014 17:36

Jistě. Jinak bych se neptal.

Loik · #5 Příspěvek od **Loik** » 13 bře 2014 18:26

A co mohu udělat pro to, abychom to zjistili, případně abychom mohli pokračovat v čištění PC? Systém mi byl za úplatu nainstalován několik let nazpět. Vlastním DVD, ale nikdy jsem jej nepotřeboval. Mohu se pokusit toho pána kontaktovat, ale nejsem si jist co přesně zpochybnit.

#6 Příspěvek od **Rudy** » 13 bře 2014 19:36

Dejte logy OTM:

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

musím vás upozornit, že pokud se prokáže, že je váš OS opravdu nelegální, nebideme v kontrole pokračovat. Viz pravidla: http://forum.viry.cz/viewtopic.php?f=12&t=115512 .

Loik · #7 Příspěvek od **Loik** » 22 bře 2014 10:32

Dobrý den,

omlouvám se za zpoždění. Notebook už je spíš na konzumaci internetu a jiných médií. Pokud zjistíme, že systém není legální - pokusím se ho nahradit za Ubuntu.

OTL se spustí, cca hodinu probíhá kontrola až do vyskočení chybového hlášení (něco ve smyslu:) "Cannot create cmd.bat on desktop". Potom se již OTL nehne z místa a logy nevytvoří. Zkusil jsem 2x se stejným výsledkem.

#8 Příspěvek od **Rudy** » 22 bře 2014 11:20

Tak ho nahraďte a máte po problému. Logy, které od vás žádám mají dvojí význam. Jednak podrobně zjistím, jaké svinstvo se tam nalézá a posléze ho vyčistím a s tím svinstvem mi jeden z logů potvrdí, či vyvrátí legalitu systému. Řešit jakýkoli nelegální OS je v rozporu s našimi pravidly.

Loik · #9 Příspěvek od **Loik** » 15 dub 2014 09:51

Významu logů rozumím, vytvořit je však není možné. Na potvrzení či vyvrácení Vašeho podezření na legalitu systému jsem byl sám zvědavý. Stále věřím, že je systém legální.

Zdá se, že jste přesvědčen o marnosti dalšího pokračování. Díky za Váš čas

#10 Příspěvek od **Márty84** » 15 dub 2014 10:11

Zdravim a omlouvam se za vstup

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

VIRY.CZ

Pomalé PC, Win 7

Pomalé PC, Win 7

Re: Pomalé PC, Win 7

Re: Pomalé PC, Win 7

Re: Pomalé PC, Win 7

Re: Pomalé PC, Win 7

Re: Pomalé PC, Win 7

Re: Pomalé PC, Win 7

Re: Pomalé PC, Win 7

Re: Pomalé PC, Win 7

Re: Pomalé PC, Win 7