Kontrola CF

[JaRon]

diiik kolegovi za zaskok
1. polozky najdene v MBAM zmaz - ide uz len o pozostatok minulosti
2. zopakuj akciu s CFScriptom - novy:

Kód: Vybrat vše

Driver::
gtermddo

File::
C:\WINDOWS\system32\drivers\gtermddo.sys 

log vloz

[Johny.XXX]

Zde je Log----------------------------------------------------------------------------------------------------------------------------------------------------------ComboFix 12-04-16.02 - Owner 18.04.2012 12:15:22.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.767.443 [GMT 2:00]
Spuštěný z: c:\documents and settings\Owner\Dokumenty\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Owner\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\windows\system32\drivers\gtermddo.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\install.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GTERMDDO
-------\Service_gtermddo
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-18 do 2012-04-18 )))))))))))))))))))))))))))))))
.
.
2012-04-18 01:02 . 2012-04-18 01:02 -------- d-----w- c:\program files\Carambis
2012-04-17 22:00 . 2012-04-17 22:00 -------- d-----w- c:\windows\syswow64
2012-04-17 21:26 . 2012-04-17 21:26 -------- d-----w- c:\program files\Analog Devices
2012-04-17 21:26 . 2004-12-08 14:16 49152 ----a-w- c:\windows\system32\DSndUp.exe
2012-04-17 21:26 . 2002-04-17 12:05 45056 ----a-w- c:\windows\system32\CleanUp.exe
2012-04-17 15:56 . 2012-04-17 15:56 -------- d-----w- c:\program files\Lavalys
2012-04-17 15:01 . 2012-04-17 15:01 -------- d-----w- c:\documents and settings\Owner\Local Settings\Data aplikací\CRE
2012-04-17 13:29 . 2012-04-17 13:32 -------- d-----w- c:\documents and settings\Owner\Data aplikací\AIMP
2012-04-17 13:28 . 2012-04-17 13:33 -------- d-----w- c:\program files\AIMP2
2012-04-17 12:37 . 2012-04-17 12:37 -------- d-----w- c:\documents and settings\Owner\Data aplikací\Malwarebytes
2012-04-17 12:37 . 2012-04-17 12:37 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-04-17 12:37 . 2012-04-17 12:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-17 12:37 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-17 12:09 . 2011-03-04 19:44 59888 ------w- c:\windows\system32\pxwma.dll
2012-04-17 11:29 . 2012-04-17 11:29 -------- d-----w- c:\documents and settings\Owner\Data aplikací\BSplayer
2012-04-17 08:06 . 2012-04-17 08:06 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-17 07:38 . 2012-04-17 19:11 -------- d-----w- c:\program files\trend micro
2012-04-17 07:38 . 2012-04-17 07:39 -------- d-----w- C:\rsit
2012-04-16 23:05 . 2012-04-16 23:05 -------- d-----w- c:\documents and settings\All Users\Oblíbené položky
2012-04-09 19:22 . 2012-04-14 13:34 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-07 19:42 . 2012-04-07 19:43 -------- d-----w- C:\6f997e1f41da20ee1f3d5544a21ee556
2012-04-01 10:18 . 2012-04-01 10:18 -------- d-----w- c:\documents and settings\Owner\AppData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-14 13:34 . 2011-10-05 19:37 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-13 17:02 . 2012-03-13 17:03 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-03-13 17:02 . 2010-06-27 19:06 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-07 00:15 . 2011-10-30 14:14 41184 ----a-w- c:\windows\avastSS.scr
2012-03-07 00:15 . 2011-10-30 14:14 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-07 00:03 . 2011-10-30 14:15 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:03 . 2011-10-30 14:15 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-07 00:02 . 2011-10-30 14:15 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-03-07 00:01 . 2011-10-30 14:15 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-07 00:01 . 2011-10-30 14:15 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-03-07 00:01 . 2011-10-30 14:15 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-03-07 00:01 . 2011-10-30 14:15 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-06 23:58 . 2011-10-30 14:15 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-03-01 10:59 . 2004-08-18 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 10:59 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 10:59 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2009-03-26 11:03 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 14:10 . 2004-08-18 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 12:17 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-02-09 13:13 . 2012-03-13 20:50 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2012-02-09 13:13 . 2012-03-13 20:53 28992 ----a-w- c:\windows\system32\uxtuneup.dll
2012-02-03 09:57 . 2009-03-26 11:03 1860096 ----a-w- c:\windows\system32\win32k.sys
2011-12-21 07:39 . 2012-01-11 11:24 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\prxtbfre0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2011-05-09 09:49 176936 ----a-w- c:\program files\free-downloads.net\prxtbfre0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\prxtbfre0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\prxtbfre0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Facebook Update"="c:\documents and settings\owner\local settings\data aplikací\facebook\update\facebookupdate.exe" [2012-03-24 137536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8491008]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920]
"nwiz"="nwiz.exe" [2007-10-04 1626112]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-07-02 198160]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143872]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"VirtualDesk"="c:\program files\tweaknow powerpack 2011\virdesk.exe" [2011-02-24 6089576]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"ALi5289"="c:\program files\ULI5289\ALi5289.exe" [2005-03-10 405504]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"=
"c:\\Program Files\\Metin2\\metin2.bin"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Documents and Settings\\Owner\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 m5289;m5289;c:\windows\system32\drivers\m5289.sys [27.4.2007 10:56 52480]
R0 pe3apasb;Made Man Environment Driver (pe3apasb);c:\windows\system32\drivers\pe3apasb.sys [13.11.2007 14:25 65136]
R0 ps7apasb;Made Man Synchronization Driver (ps7apasb);c:\windows\system32\drivers\ps7apasb.sys [13.11.2007 14:24 68728]
R0 uliagpkx;ULi AGP Bus Filter Driver;c:\windows\system32\drivers\AGPKX.SYS [27.4.2007 10:56 45056]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [30.10.2011 16:15 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [30.10.2011 16:15 337880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [30.10.2011 16:15 20696]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [13.3.2012 21:17 820568]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [17.4.2012 14:37 654408]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [9.2.2012 15:13 1529152]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [17.10.2011 16:54 232512]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [17.4.2012 14:37 22344]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [14.10.2007 14:08 47360]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [1.2.2012 14:24 10064]
R3 ULI5261XP;ULi M526X Ethernet NT Driver;c:\windows\system32\drivers\ULILAN51.SYS [27.4.2007 10:56 28672]
S2 pr2apasb;Made Man Drivers Auto Removal (pr2apasb);c:\windows\system32\pr2apasb.exe svc --> c:\windows\system32\pr2apasb.exe svc [?]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [9.4.2012 21:22 253088]
S3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [13.3.2012 21:17 239600]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys --> c:\windows\system32\DRIVERS\ewdcsc.sys [?]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?]
S3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [13.3.2012 21:17 30368]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\DRIVERS\snp325.sys --> c:\windows\system32\DRIVERS\snp325.sys [?]
S3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [13.3.2012 21:17 16080]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [18.8.2004 14:00 14336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 13:34]
.
2012-04-18 c:\windows\Tasks\User_Feed_Synchronization-{120CFF7D-641A-4868-9954-13E6FCED0684}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
2012-04-18 c:\windows\Tasks\User_Feed_Synchronization-{52D0369D-0EC1-425D-ABC0-9C10E334C4C7}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
2012-04-17 c:\windows\Tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_DREZI-5D963DE92_Owner.job
- c:\windows\system32\mobsync.exe [2004-08-18 06:52]
.
2012-04-17 c:\windows\Tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_ÚPŮÚŮ_Owner.job
- c:\windows\system32\mobsync.exe [2004-08-18 06:52]
.
.
------- Doplňkový sken -------
.
uLocal Page =
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2776682
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uDefault_Search_URL = hxxp://search.qip.ru
mLocal Page =
mStart Page = hxxp://www.taazu.com/
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://search.qip.ru
uSearchURL,(Default) = hxxp://search.qip.ru/search?query=%s&from=IE
IE: &Winamp Toolbar Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Download with &Shareaza - c:\program files\BearShare MP3\Plugins\RazaWebHook.dll/3000
IE: {{3015DB92-158E-4b77-9020-85C8E311FBB5}
IE: {{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D}
Trusted Zone: kuaiche.com\software
TCP: DhcpNameServer = 188.122.222.222 188.122.222.223
FF - ProfilePath - c:\documents and settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\1o8lc42f.default\
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe
MSConfigStartUp-SoundMax - c:\program files\analog devices\soundmax\smax4.exe
AddRemove-ULi LAN Driver - c:\windows\syswow64\UnLAN.EXE
AddRemove-ULi M5289 SATA Controller Driver - c:\windows\syswow64\unM5289.EXE
AddRemove-{EC16B64A-38A7-4D7D-BA2E-671ED441304F} - c:\windows\syswow64\UnAGP.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-18 12:31
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-725345543-412668190-1417001333-1003\Software\SecuROM\License information*]
"datasecu"=hex:96,e6,f0,38,7b,39,fb,d3,78,61,0c,9d,52,2d,d4,db,6a,59,70,9f,9b,
31,c0,39,39,e1,54,5a,45,1e,f1,b4,51,c4,8f,c5,bf,00,f4,36,b2,00,73,d6,10,09,\
"rkeysecu"=hex:1c,76,53,ec,c3,cc,b5,db,fa,59,b9,15,be,f8,5a,f7
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1084)
c:\windows\system32\msi.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\System32\snmp.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-04-18 12:39:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-04-18 10:39
ComboFix2.txt 2012-04-17 11:58
ComboFix3.txt 2012-04-16 23:54
.
Před spuštěním: Volných bajtů: 44 113 858 560
Po spuštění: Volných bajtů: 44 200 378 368
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[Boot Loader]
Timeout=2
Default=c:\$win_nt$.~bt\BOOTSECT.DAT
[Operating Systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
c:\$win_nt$.~bt\BOOTSECT.DAT="Instalace systému Windows"
.
- - End Of File - - 72AD4673B7F3D6FB3F86B56F8089C250

[JaRon]

konecne cisto

[Johny.XXX]

Počítač se mi zdá stále pomalý,zasekaný...není to ono...Co doporučujete dál ?Díky

[JaRon]

odinstalovat TuneUp Utilities 2012
+
citat:
TFC http://oldtimer.geekstogo.com/TFC.exe
• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte
+
defragmentacia disku

[Johny.XXX]

Ten Tune Up sem chtěl odinstalovat už dávno ale nějak to nejde,když dám přidat nebo odebrat programy tak ho v seznamu nenajdu.A v programu files ve složkách žádný uinstall není

[JaRon]

pouzi CFScript:

Kód: Vybrat vše

Driver::
TuneUpUtilitiesDrv

Folder::
c:\program files\TuneUp Utilities 2012

potom vycisti registre s CCleanerom

[Johny.XXX]

TFC se spustí ale po chvíli zase zmizí to je celé,skoušel jsem to víckrát ale nepomohlo,registr v CCleaner smazany,Tune Up take smazany

[JaRon]

je este nejaky problem

[Johny.XXX]

Zatim je to v pohodě,jen mám problém se zvukem zkoušl jsem nainstalovat ovladače ale ten nejduležitější SoundMax mi nainstalovat nejde.Můžete mi nějak poradit nebo to mám skusit jinde?Díky

[JaRon]

rado sa stalo
skus v sekcii http://forum.viry.cz/viewforum.php?f=54
napis typ MB, ZK a OS