Prosim o kontrolu logu

[Márty84]

Wise Care som odinstaloval - o nieco je pc rychlejsi. Zaujimave, ze ked som ho instaloval, tak vdaka nemu bol o nieco rychlejsi

Proto ho tu nedoporucujeme. Je hrozne nevyzpytatelny a nekdy muze fakt pomoct a nekdy posle system do vecnych lovist

Tak veru Operu by som rad preinstaloval, ale nechcem stratit tie zalozky a aj hesla... Ktory spolahlivy program doporucite? Mam Operu 30.

Operu jsem nikdy nemel, takze nemuzu doporucit spolehlivy program na zalohovani. Co nevyzkousim na vlastni kuzi, nehodnotim-
Bohuzel i vetsina skeneru se Opere venuje jen okrajove, nebo dokonce vubec, cili ji nemuzu procistit skriptem. Nemuzu mazat neco, co nevidim



Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte ComboFix.
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[Gabo]

Vdaka za odpovede pohladam na fore, pripadne sa opytam vo Vsehochuti, aky odporucaju na zalohovaci program na Operu.

ComboFix 15-06-18.01 - Gabriel 19.06.2015 17:03:22.1.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1021.526 [GMT 2:00]
Running from: c:\documents and settings\Gabriel\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\admin\WINDOWS
c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
c:\documents and settings\All Users.WINDOWS\Application Data\TEMP\RAIDTest
c:\documents and settings\Gabriel\Application Data\0ad
c:\documents and settings\Gabriel\Application Data\0ad\config\user.cfg
C:\install.exe
c:\program files\readme.txt
c:\windows\iun6002.exe
c:\windows\system32\MUI\041b\tourstart.exe
.
.
((((((((((((((((((((((((( Files Created from 2015-05-19 to 2015-06-19 )))))))))))))))))))))))))))))))
.
.
2015-06-18 18:30 . 2015-06-18 18:30 -------- d-----w- C:\_OTL
2015-06-17 12:10 . 2015-06-17 12:10 512 ----a-w- C:\PhysicalMBR.bin
2015-06-13 06:50 . 2015-06-13 07:49 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2015-06-06 12:27 . 2015-06-06 12:27 -------- d-sh--w- c:\documents and settings\LocalService.NT AUTHORITY\IETldCache
2015-06-06 11:25 . 2015-06-06 11:25 -------- d-----w- c:\documents and settings\Gabriel\Local Settings\Application Data\FreemakeVideoConverter
2015-06-06 11:24 . 2015-06-18 18:18 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Freemake
2015-06-06 11:23 . 2015-06-18 18:17 -------- d-----w- c:\program files\Freemake
2015-06-06 11:16 . 2015-06-06 11:17 -------- d-----w- c:\documents and settings\Gabriel\Application Data\tiger-k
2015-06-06 11:16 . 2015-06-06 11:16 -------- d-----w- c:\documents and settings\Gabriel\Application Data\Leawo
2015-06-06 11:16 . 2015-06-06 11:16 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Leawo
2015-06-06 11:13 . 2011-03-02 10:43 175616 ----a-w- c:\windows\system32\unrar.dll
2015-06-06 11:12 . 2012-01-09 09:34 139264 ----a-w- c:\windows\system32\xvid.ax
2015-05-31 18:16 . 2015-05-31 18:16 -------- d-----w- C:\Fraps
2015-05-29 16:03 . 2015-05-29 16:03 -------- d-----w- c:\documents and settings\Gabriel\Local Settings\Application Data\PassMark
2015-05-29 16:03 . 2015-05-29 16:03 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Passmark
2015-05-29 15:41 . 2015-06-12 19:57 -------- d-----w- c:\program files\CPUID
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-10 18:41 . 2015-04-23 20:29 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-06-10 18:41 . 2015-04-23 20:29 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-05-14 07:55 . 2015-05-06 08:50 13264 ----a-w- c:\windows\WiseHDInfo32.dll
2015-05-10 10:56 . 2015-05-10 10:56 57888 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2015-05-10 10:56 . 2015-05-10 10:56 209048 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-05-10 10:56 . 2015-05-10 10:56 49904 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-05-10 10:56 . 2015-05-10 10:56 427992 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-05-10 10:56 . 2015-05-10 10:56 74976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-05-10 10:56 . 2015-05-10 10:56 55200 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2015-05-10 10:56 . 2015-05-10 10:56 24144 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-05-10 10:56 . 2015-05-10 10:56 291312 ----a-w- c:\windows\system32\aswBoot.exe
2015-05-10 10:56 . 2015-05-10 10:56 43112 ----a-w- c:\windows\avastSS.scr
2015-05-10 10:56 . 2015-05-10 10:56 787760 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-05-02 12:29 . 2015-05-02 12:29 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2015-04-23 17:48 . 2014-08-09 21:44 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-04-23 17:48 . 2014-08-09 21:44 146432 ----a-w- c:\windows\system32\javacpl.cpl
2004-06-22 07:04 . 2004-06-22 07:04 70656 ----a-w- c:\program files\msvcirt.dll
2004-06-22 07:04 . 2004-06-22 07:04 49212 ----a-w- c:\program files\hpzjvp01.dll
2004-06-22 07:04 . 2004-06-22 07:04 442425 ----a-w- c:\program files\hpzjpp01.dll
2004-06-22 07:04 . 2004-06-22 07:04 290873 ----a-w- c:\program files\hpzjut01.dll
2004-06-22 07:04 . 2004-06-22 07:04 26768 ----a-w- c:\program files\usbhub.sys
2004-06-22 07:04 . 2004-06-22 07:04 254005 ----a-w- c:\program files\msvcrt.dll
2004-06-22 07:04 . 2004-06-22 07:04 22608 ----a-w- c:\program files\usbprint.sys
2004-06-22 07:04 . 2004-06-22 07:04 200704 ----a-w- c:\program files\hpzpnp10.dll
2004-06-22 07:04 . 2004-06-22 07:04 176128 ----a-w- c:\program files\hpzscr10.dll
2004-06-22 07:04 . 2004-06-22 07:04 12288 ----a-w- c:\program files\usbmon.dll
2004-06-22 07:04 . 2004-06-22 07:04 28722 ----a-w- c:\program files\hpzjlog.dll
2004-06-22 07:04 . 2004-06-22 07:04 270336 ----a-w- c:\program files\hpzglu10.exe
2004-06-22 07:04 . 2004-06-22 07:04 270336 ----a-w- c:\program files\hpzc3212.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-05-10 10:56 645144 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\documents and settings\Gabriel\Application Data\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\documents and settings\Gabriel\Application Data\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\documents and settings\Gabriel\Application Data\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\documents and settings\Gabriel\Application Data\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-01-15 15:59 577864 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-01-15 15:59 577864 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-01-15 15:59 577864 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-01-15 15:59 577864 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-01-15 15:59 577864 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DT PHL"="c:\program files\Common Files\Portrait Displays\Shared\DT_startup.exe" [2009-10-08 86016]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-15 98304]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-04-10 413696]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-05-12 5515496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PivotSoftware]
2009-03-03 09:42 694824 ----a-w- c:\program files\Portrait Displays\Pivot Software\wpCtrl.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Documents and Settings\\Gabriel\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Mafia II\\pc\\mafia2.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Steam\\bin\\steamwebhelper.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"86:TCP"= 86:TCP:BroadCam Video Streaming Server TCP/IP Port
"1935:TCP"= 1935:TCP:BroadCam Video Streaming Server Flash Video Server
"4100:UDP"= 4100:UDP:uPNP Router Control Port
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [10.5.2015 12:56 49904]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [10.5.2015 12:56 209048]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [10.5.2015 12:56 787760]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10.5.2015 12:56 427992]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22.7.2011 18:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.7.2011 23:55 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [23.7.2014 1:47 142648]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [10.5.2015 12:56 24144]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [10.5.2015 12:56 74976]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [1.5.2015 16:20 244392]
R2 PdiService;Portrait Displays SDK Service;c:\program files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [5.8.2013 12:15 109168]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [19.12.2014 9:38 93040]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [5.8.2013 17:17 99856]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [18.9.2012 15:31 27632]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys --> c:\windows\system32\drivers\anvsnddrv.sys [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [15.4.2013 22:25 83168]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2.5.2015 14:29 23456]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [13.6.2015 8:50 40776]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [15.4.2013 22:25 181344]
S3 WiseHDInfo;WiseHDInfo;c:\windows\WiseHDInfo32.dll [6.5.2015 10:50 13264]
.
Contents of the 'Scheduled Tasks' folder
.
2015-06-19 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-10 10:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-06-19 17:13
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\HID\Vid_0458&Pid_003a\6&18734cf5&0&0000\LogConf]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\HID\Vid_e0ff&Pid_0005&MI_00\7&e6e3aa1&0&0000\LogConf]
@DACL=(02 0000)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(692)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Completion time: 2015-06-19 17:17:07
ComboFix-quarantined-files.txt 2015-06-19 15:16
.
Pre-Run: 70 090 985 472 bytes free
Post-Run: 70 039 908 352 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 78B9379B3B254FAA7F26A3AC0AC52CB1
8F558EB6672622401DA993E1E865C861

[Márty84]

Zkusil bych odinstalovat SuperAntiSpyware. Krom toho, ze muze byt v kolizi s Avastem, zere dost systemovych prostredku. Nebo to tak aspon bylo, kdyz jsem ho naposled mel


Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\HID\Vid_0458&Pid_003a\6&18734cf5&0&0000\LogConf]
[HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\HID\Vid_e0ff&Pid_0005&MI_00\7&e6e3aa1&0&0000\LogConf]

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[Gabo]

SuperAntiSpyware som odinstaloval

Tu je log ComboFix:

ComboFix 15-06-18.01 - Gabriel 20.06.2015 11:57:39.2.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1021.688 [GMT 2:00]
Running from: c:\documents and settings\Gabriel\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Gabriel\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Files Created from 2015-05-20 to 2015-06-20 )))))))))))))))))))))))))))))))
.
.
2015-06-18 18:30 . 2015-06-18 18:30 -------- d-----w- C:\_OTL
2015-06-17 12:10 . 2015-06-17 12:10 512 ----a-w- C:\PhysicalMBR.bin
2015-06-13 06:50 . 2015-06-13 07:49 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2015-06-06 12:27 . 2015-06-06 12:27 -------- d-sh--w- c:\documents and settings\LocalService.NT AUTHORITY\IETldCache
2015-06-06 11:25 . 2015-06-06 11:25 -------- d-----w- c:\documents and settings\Gabriel\Local Settings\Application Data\FreemakeVideoConverter
2015-06-06 11:24 . 2015-06-18 18:18 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Freemake
2015-06-06 11:23 . 2015-06-18 18:17 -------- d-----w- c:\program files\Freemake
2015-06-06 11:16 . 2015-06-06 11:17 -------- d-----w- c:\documents and settings\Gabriel\Application Data\tiger-k
2015-06-06 11:16 . 2015-06-06 11:16 -------- d-----w- c:\documents and settings\Gabriel\Application Data\Leawo
2015-06-06 11:16 . 2015-06-06 11:16 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Leawo
2015-06-06 11:13 . 2011-03-02 10:43 175616 ----a-w- c:\windows\system32\unrar.dll
2015-06-06 11:12 . 2012-01-09 09:34 139264 ----a-w- c:\windows\system32\xvid.ax
2015-05-31 18:16 . 2015-05-31 18:16 -------- d-----w- C:\Fraps
2015-05-29 16:03 . 2015-05-29 16:03 -------- d-----w- c:\documents and settings\Gabriel\Local Settings\Application Data\PassMark
2015-05-29 16:03 . 2015-05-29 16:03 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Passmark
2015-05-29 15:41 . 2015-06-12 19:57 -------- d-----w- c:\program files\CPUID
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-10 18:41 . 2015-04-23 20:29 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-06-10 18:41 . 2015-04-23 20:29 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-05-14 07:55 . 2015-05-06 08:50 13264 ----a-w- c:\windows\WiseHDInfo32.dll
2015-05-10 10:56 . 2015-05-10 10:56 57888 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2015-05-10 10:56 . 2015-05-10 10:56 209048 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-05-10 10:56 . 2015-05-10 10:56 49904 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-05-10 10:56 . 2015-05-10 10:56 427992 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-05-10 10:56 . 2015-05-10 10:56 74976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-05-10 10:56 . 2015-05-10 10:56 55200 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2015-05-10 10:56 . 2015-05-10 10:56 24144 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-05-10 10:56 . 2015-05-10 10:56 291312 ----a-w- c:\windows\system32\aswBoot.exe
2015-05-10 10:56 . 2015-05-10 10:56 43112 ----a-w- c:\windows\avastSS.scr
2015-05-10 10:56 . 2015-05-10 10:56 787760 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-05-02 12:29 . 2015-05-02 12:29 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2015-04-23 17:48 . 2014-08-09 21:44 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-04-23 17:48 . 2014-08-09 21:44 146432 ----a-w- c:\windows\system32\javacpl.cpl
2004-06-22 07:04 . 2004-06-22 07:04 70656 ----a-w- c:\program files\msvcirt.dll
2004-06-22 07:04 . 2004-06-22 07:04 49212 ----a-w- c:\program files\hpzjvp01.dll
2004-06-22 07:04 . 2004-06-22 07:04 442425 ----a-w- c:\program files\hpzjpp01.dll
2004-06-22 07:04 . 2004-06-22 07:04 290873 ----a-w- c:\program files\hpzjut01.dll
2004-06-22 07:04 . 2004-06-22 07:04 26768 ----a-w- c:\program files\usbhub.sys
2004-06-22 07:04 . 2004-06-22 07:04 254005 ----a-w- c:\program files\msvcrt.dll
2004-06-22 07:04 . 2004-06-22 07:04 22608 ----a-w- c:\program files\usbprint.sys
2004-06-22 07:04 . 2004-06-22 07:04 200704 ----a-w- c:\program files\hpzpnp10.dll
2004-06-22 07:04 . 2004-06-22 07:04 176128 ----a-w- c:\program files\hpzscr10.dll
2004-06-22 07:04 . 2004-06-22 07:04 12288 ----a-w- c:\program files\usbmon.dll
2004-06-22 07:04 . 2004-06-22 07:04 28722 ----a-w- c:\program files\hpzjlog.dll
2004-06-22 07:04 . 2004-06-22 07:04 270336 ----a-w- c:\program files\hpzglu10.exe
2004-06-22 07:04 . 2004-06-22 07:04 270336 ----a-w- c:\program files\hpzc3212.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-05-10 10:56 645144 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\documents and settings\Gabriel\Application Data\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\documents and settings\Gabriel\Application Data\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\documents and settings\Gabriel\Application Data\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\documents and settings\Gabriel\Application Data\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-01-15 15:59 577864 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-01-15 15:59 577864 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-01-15 15:59 577864 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-01-15 15:59 577864 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-01-15 15:59 577864 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DT PHL"="c:\program files\Common Files\Portrait Displays\Shared\DT_startup.exe" [2009-10-08 86016]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-15 98304]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-04-10 413696]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-05-12 5515496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PivotSoftware]
2009-03-03 09:42 694824 ----a-w- c:\program files\Portrait Displays\Pivot Software\wpCtrl.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Documents and Settings\\Gabriel\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Mafia II\\pc\\mafia2.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Steam\\bin\\steamwebhelper.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"86:TCP"= 86:TCP:BroadCam Video Streaming Server TCP/IP Port
"1935:TCP"= 1935:TCP:BroadCam Video Streaming Server Flash Video Server
"4100:UDP"= 4100:UDP:uPNP Router Control Port
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [10.5.2015 12:56 49904]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [10.5.2015 12:56 209048]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [10.5.2015 12:56 787760]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10.5.2015 12:56 427992]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [10.5.2015 12:56 24144]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [10.5.2015 12:56 74976]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [1.5.2015 16:20 244392]
R2 PdiService;Portrait Displays SDK Service;c:\program files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [5.8.2013 12:15 109168]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [19.12.2014 9:38 93040]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [5.8.2013 17:17 99856]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [18.9.2012 15:31 27632]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys --> c:\windows\system32\drivers\anvsnddrv.sys [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [15.4.2013 22:25 83168]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2.5.2015 14:29 23456]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [13.6.2015 8:50 40776]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [15.4.2013 22:25 181344]
S3 WiseHDInfo;WiseHDInfo;c:\windows\WiseHDInfo32.dll [6.5.2015 10:50 13264]
.
Contents of the 'Scheduled Tasks' folder
.
2015-06-20 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-10 10:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.0.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-06-20 12:09
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(696)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\windows\system32\CLBCATQ.DLL
.
- - - - - - - > 'explorer.exe'(2992)
c:\windows\system32\WININET.dll
c:\documents and settings\Gabriel\Application Data\Dropbox\bin\DropboxExt.22.dll
c:\program files\Google\Drive\googledrivesync32.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Portrait Displays\Shared\DTSRVC.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Completion time: 2015-06-20 12:13:25 - machine was rebooted
ComboFix-quarantined-files.txt 2015-06-20 10:13
ComboFix2.txt 2015-06-19 15:17
.
Pre-Run: 70 015 037 440 bytes free
Post-Run: 31 adresárov, 70 102 859 776 voľných bajtov
.
- - End Of File - - 9779DB08FEADBB2C26371CDA86B2F4F8
8F558EB6672622401DA993E1E865C861

[Márty84]

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Nastala nejaka zmena?

[Gabo]

Pc ide o poznanie lepsie, aj ked nejaku zavratnu rychlost uz ocakavat od neho nemozem. VELKA VDAKA za pomoc Márty !

[Márty84]

Pc ide o poznanie lepsie, aj ked nejaku zavratnu rychlost uz ocakavat od neho nemozem.

No potreboval by uz trosku zmodernizovat Trocha RAMky navic by nezaskodila


Nemate zac!

Mejte se a treba zase nekdy