prosim preventivka

Zpráva

SpeedEX · #1 Příspěvek od **SpeedEX** » 30 bře 2011 14:13

Prosím o zkontrolování. Občas mi PC fakt blbne.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Ťululum at 2011-03-30 15:07:56
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 13 GB (11%) free of 117 GB
Total RAM: 511 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:08:04, on 30.3.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\sstray.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\QipGuard\QipGuard.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Ťululum.PC-FRANTISEK\Local Settings\Temporary Internet Files\Content.IE5\J7BR5B1U\RSIT[1].exe
C:\Program Files\trend micro\Ťululum.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data

aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Microsoft\Internet

Explorer\qstatsrv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Microsoft\Internet

Explorer\qipsearchbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program

Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google

Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet

Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet

Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 8233 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll [2010-09-27 48080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-09-27 140752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2002-01-07 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27 1250696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2002-01-07 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2002-01-07 297648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nForce Tray Options"=sstray.exe /r []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2003-05-02 4640768]
"nwiz"=nwiz.exe /install []
"Share-to-Web Namespace Daemon"=C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-17 69632]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-03-28 1910152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"NvMediaCenter"=C:\WINDOWS\system32\NVMCTRAY.DLL [2003-05-02 49152]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"QIP Internet Guardian"=C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\QipGuard\QipGuard.exe [2010-09-27 190928]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"NexonEULauncher"= []
"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2002-01-07 2984856]
"KPeerNexonEU"=C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [2002-01-21 438272]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]

C:\Documents and Settings\Ťululum.PC-FRANTISEK\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_D

ownloader_Engine"
"C:\Documents and Settings\All Users.WINDOWS\Data aplikací\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users.WINDOWS\Data

aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

======List of files/folders created in the last 1 months======

2011-03-30 15:07:57 ----D---- C:\Program Files\trend micro
2011-03-30 15:07:56 ----D---- C:\rsit
2011-03-30 06:46:58 ----D---- C:\Program Files\LogMeIn Hamachi
2011-03-26 04:01:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2011-03-26 04:01:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-03-26 04:01:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$

======List of files/folders modified in the last 1 months======

2011-03-30 15:07:57 ----RD---- C:\Program Files
2011-03-30 15:07:47 ----D---- C:\WINDOWS\Prefetch
2011-03-30 15:06:29 ----D---- C:\WINDOWS\Temp
2011-03-30 15:06:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-03-30 14:10:05 ----D---- C:\WINDOWS\system32\drivers
2011-03-30 14:09:57 ----D---- C:\Program Files\Metin2
2011-03-30 06:47:10 ----SHD---- C:\WINDOWS\Installer
2011-03-30 06:47:08 ----SHD---- C:\Config.Msi
2011-03-30 06:47:00 ----D---- C:\WINDOWS\system32\CatRoot2
2011-03-29 06:40:13 ----D---- C:\WINDOWS\system32
2011-03-29 06:40:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-03-28 21:54:15 ----D---- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Skype
2011-03-26 15:31:44 ----D---- C:\WINDOWS
2011-03-26 04:01:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-03-26 04:01:46 ----A---- C:\WINDOWS\imsins.BAK
2011-03-26 04:00:53 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2002-09-06 13568]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-10-04 691696]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2010-10-03 82380]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 DumaNT;NVIDIA Stereo Helper Service; C:\WINDOWS\system32\DRIVERS\dumant.sys [2002-11-18 399700]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-04-14 1897408]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2003-04-08 29696]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2003-04-08 282880]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-14 20992]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 an6m7lfj;an6m7lfj; C:\WINDOWS\system32\drivers\an6m7lfj.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-11-27 80896]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-19 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-19 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-19 24832]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 1242504]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-03 136176]
S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2003-05-02 69632]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

[2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

[2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-10-03 182768]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

[2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 30 bře 2011 15:04

Zdravim a pekny den preji

Nevidim tam zadny antivir, jaky pouzivate

Pokud zadny tak si tam dejte napriklad Avast free nebo MSE

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5 az 10 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

SpeedEX · #3 Příspěvek od **SpeedEX** » 30 bře 2011 15:39

řekl bych, že žádny

EXTRAS.TXTOTL Extras logfile created on: 30.3.2011 16:24:52 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Ťululum.PC-FRANTISEK\Dokumenty
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 357,00 Mb Available Physical Memory | 70,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 114,48 Gb Total Space | 12,38 Gb Free Space | 10,82% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Ťululum | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"56430:TCP" = 56430:TCP:*:Enabled:Pando Media Booster
"56430:UDP" = 56430:UDP:*:Enabled:Pando Media Booster
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"58168:TCP" = 58168:TCP:*:Enabled:Pando Media Booster
"58168:UDP" = 58168:UDP:*:Enabled:Pando Media Booster
"56430:TCP" = 56430:TCP:*:Enabled:Pando Media Booster
"56430:UDP" = 56430:UDP:*:Enabled:Pando Media Booster
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine -- ()
"C:\Documents and Settings\All Users.WINDOWS\Data aplikací\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users.WINDOWS\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{23170F69-40C1-2701-0465-000001000000}" = 7-Zip 4.65
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi
"{590D4F8F-98FE-47FA-AC2B-3F22FDCF7C09}" = ShareIns
"{5C85747A-91B6-4233-AAF8-063506D0FF4F}" = LG United Mobile Drivers
"{6F7ECD56-E224-4263-9B7E-158E5CECC43B}" = HP Photo and Imaging 2.1 - Scanjet 2400 Series
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7471B8D9-9023-4C48-A254-48E48C1A66D4}" = Men of War
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}" = OpenOffice.org 3.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1" = FlatOut2
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1" = Odinstalovat LG PC Suite III
"{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}" = LG USB Modem Drivers
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"7-Zip" = 7-Zip 4.65
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Atf" = Atf Profi
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"hp deskjet 5100 series_Driver" = hp deskjet 5100 series
"ICQToolbar" = ICQ Toolbar
"ie8" = Windows Internet Explorer 8
"LogMeIn Hamachi" = LogMeIn Hamachi
"Metin2_is1" = Metin2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"NVIDIA Audio Driver" = NVIDIA Audio Driver
"NVIDIAnForce" = NVIDIA Ovladače nForce pro Windows 2000/XP
"NVIDIAStereo" = NVIDIA Windows 95/98/ME/2000/XP Stereo Drivers
"SSUtils" = NVIDIA nForce Utilities
"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1343024091-746137067-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP Infium" = QIP Infium 3.0.9040
"QipGuard" = QIP Internet Guardian

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6.1.2002 14:54:02 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Chybující aplikace metin2.bin, verze 0.0.0.0, chybující modul metin2.bin,
verze 0.0.0.0, adresa chyby 0x00186c8f.

Error - 8.1.2002 16:17:30 | Computer Name = PC | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

[ System Events ]
Error - 3.1.2002 10:44:21 | Computer Name = PC | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort1 neodpovídá v periodě časového limitu.

Error - 4.1.2002 14:03:55 | Computer Name = PC | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort1 neodpovídá v periodě časového limitu.

Error - 31.12.2001 19:04:08 | Computer Name = PC | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.

Error - 1.1.2002 2:29:49 | Computer Name = PC | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort1 neodpovídá v periodě časového limitu.

Error - 1.1.2002 6:56:03 | Computer Name = PC | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort1 neodpovídá v periodě časového limitu.

Error - 2.1.2002 19:04:09 | Computer Name = PC | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.

Error - 4.1.2002 19:04:11 | Computer Name = PC | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.

Error - 6.1.2002 12:33:43 | Computer Name = PC | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort1 neodpovídá v periodě časového limitu.

Error - 6.1.2002 19:04:12 | Computer Name = PC | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.

Error - 6.1.2002 19:15:47 | Computer Name = PC | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort1 neodpovídá v periodě časového limitu.

< End of report >

OTL.txt
OTL logfile created on: 30.3.2011 16:24:52 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Ťululum.PC-FRANTISEK\Dokumenty
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 357,00 Mb Available Physical Memory | 70,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 114,48 Gb Total Space | 12,38 Gb Free Space | 10,82% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Ťululum | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.03.30 16:23:25 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Dokumenty\OTL.exe
PRC - [2011.03.30 15:05:55 | 001,064,960 | ---- | M] () -- C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
PRC - [2011.03.28 15:41:14 | 001,910,152 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.03.28 15:41:12 | 001,242,504 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2010.10.25 18:37:10 | 002,631,638 | ---- | M] () -- C:\Program Files\Metin2\metin2.bin
PRC - [2010.09.27 13:26:54 | 000,190,928 | ---- | M] () -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\QipGuard\QipGuard.exe
PRC - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2008.10.05 15:01:26 | 007,430,144 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2008.10.05 15:01:24 | 007,434,240 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.08.18 01:00:00 | 001,434,112 | ---- | M] (Lavalys, Inc.) -- C:\Program Files\Lavalys\EVEREST Home Edition\everest.bin
PRC - [2002.12.05 06:23:26 | 000,073,728 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\sstray.exe
PRC - [2002.04.17 10:49:16 | 000,077,824 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
PRC - [2002.04.17 10:42:56 | 000,069,632 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

========== Modules (SafeList) ==========

MOD - [2011.03.30 16:23:25 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Dokumenty\OTL.exe
MOD - [2010.08.23 18:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008.04.14 14:00:00 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.03.28 15:41:12 | 001,242,504 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)

========== Driver Services (SafeList) ==========

DRV - [2010.10.04 16:20:39 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.10.03 17:18:26 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2010.02.03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.11.19 18:09:10 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008.11.19 18:09:08 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008.11.19 18:09:08 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008.04.14 00:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2005.08.18 01:00:00 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt -- (EverestDriver)
DRV - [2003.04.08 02:28:00 | 000,282,880 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2003.04.08 02:28:00 | 000,029,696 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2002.11.27 13:52:00 | 000,080,896 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2002.11.18 14:29:26 | 000,399,700 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dumant.sys -- (DumaNT)
DRV - [2002.09.06 05:24:00 | 000,013,568 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1343024091-746137067-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-1343024091-746137067-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1343024091-746137067-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1343024091-746137067-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1343024091-746137067-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1343024091-746137067-1417001333-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1343024091-746137067-1417001333-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1343024091-746137067-1417001333-1004\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-1343024091-746137067-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="

[2010.10.04 20:48:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions
[2010.10.04 20:48:59 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2010.10.04 20:49:14 | 000,000,000 | ---D | M] ("QipCounter") -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\QipCounter@qip.ru
[2010.06.21 17:35:24 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\icqplugin.xml
[2010.10.04 20:49:14 | 000,002,062 | ---- | M] () -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\qip-search.xml
[2010.10.01 23:05:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.03.29 21:45:02 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.09.27 06:15:03 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.27 06:15:03 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.27 06:15:03 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.27 06:15:04 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.27 06:15:04 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (QipLI Class) - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll (TODO: <Company name>)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [nForce Tray Options] C:\WINDOWS\System32\sstray.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
O4 - HKU\S-1-5-21-1343024091-746137067-1417001333-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1343024091-746137067-1417001333-1004..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1343024091-746137067-1417001333-1004..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKU\S-1-5-21-1343024091-746137067-1417001333-1004..\Run: [NexonEULauncher] File not found
O4 - HKU\S-1-5-21-1343024091-746137067-1417001333-1004..\Run: [NvMediaCenter] C:\WINDOWS\System32\NVMCTRAY.DLL (NVIDIA Corporation)
O4 - HKU\S-1-5-21-1343024091-746137067-1417001333-1004..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-1343024091-746137067-1417001333-1004..\Run: [QIP Internet Guardian] C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\QipGuard\QipGuard.exe ()
O4 - Startup: C:\Documents and Settings\Ťululum.PC-FRANTISEK\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1343024091-746137067-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Ťululum.PC-FRANTISEK\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ťululum.PC-FRANTISEK\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.10.03 16:57:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{e5e8d060-d104-11df-8d49-0050bf4ea4cb}\Shell - "" = AutoRun
O33 - MountPoints2\{e5e8d060-d104-11df-8d49-0050bf4ea4cb}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (32664708049797120)

========== Files/Folders - Created Within 7 Days ==========

[2011.03.30 16:23:24 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Dokumenty\OTL.exe
[2011.03.30 15:07:57 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.03.30 15:07:56 | 000,000,000 | ---D | C] -- C:\rsit
[2011.03.30 06:46:58 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011.03.30 06:46:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\11
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2011.03.30 16:24:01 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.03.30 16:23:25 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Dokumenty\OTL.exe
[2011.03.30 15:05:54 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.30 15:05:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.03.30 15:05:45 | 536,403,968 | -HS- | M] () -- C:\hiberfil.sys
[2011.03.29 06:40:13 | 000,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.03.29 06:40:13 | 000,437,558 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.03.29 06:40:13 | 000,082,372 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.03.29 06:40:13 | 000,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.03.29 06:37:55 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.03.28 20:40:54 | 089,398,696 | ---- | M] () -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Dokumenty\avast.exe
[2011.03.26 04:01:46 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.03.28 20:40:37 | 089,398,696 | ---- | C] () -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Dokumenty\avast.exe
[2010.10.07 14:15:04 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.10.04 16:25:19 | 000,000,531 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010.10.03 18:03:10 | 000,000,278 | ---- | C] () -- C:\WINDOWS\hpqcopy.INI
[2010.10.03 17:21:14 | 000,010,192 | ---- | C] () -- C:\WINDOWS\hpdj5100.ini
[2010.10.03 17:10:41 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\memtest.dll
[2010.10.03 17:10:41 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\msiuins.exe
[2010.10.03 17:10:40 | 000,036,644 | R--- | C] () -- C:\WINDOWS\System32\drivers\vgauti.sys
[2010.10.03 17:10:40 | 000,036,644 | R--- | C] () -- C:\WINDOWS\System32\drivers\msicpl.sys
[2010.10.03 17:09:17 | 000,018,253 | R--- | C] () -- C:\WINDOWS\System32\ssnvfx.ini
[2010.10.03 17:07:47 | 000,001,024 | R--- | C] () -- C:\WINDOWS\System32\drivers\jedih2rx.bin
[2010.10.03 17:07:47 | 000,000,122 | R--- | C] () -- C:\WINDOWS\System32\drivers\ramsed.bin
[2010.10.03 17:01:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.10.03 16:54:24 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.04.14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008.04.14 14:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2008.04.14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008.04.14 14:00:00 | 000,441,124 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008.04.14 14:00:00 | 000,437,558 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2008.04.14 14:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2008.04.14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008.04.14 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2008.04.14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008.04.14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2008.04.14 14:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2008.04.14 14:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2008.04.14 14:00:00 | 000,082,372 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2008.04.14 14:00:00 | 000,071,060 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008.04.14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008.04.14 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2008.04.14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008.04.14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008.04.14 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008.04.14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008.04.14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002.11.18 14:29:28 | 000,368,640 | ---- | C] () -- C:\WINDOWS\System32\nvimage.dll
[2002.11.18 14:29:28 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\nvstreg.exe
[2002.11.18 14:29:28 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\stereoi.dll
[2002.01.27 13:40:09 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Local Settings\Data aplikací\fusioncache.dat
[2002.01.16 14:10:03 | 000,000,139 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2002.01.12 09:36:55 | 000,000,045 | -H-- | C] () -- C:\WINDOWS\dsez6132.dat
[2002.01.11 10:21:08 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2002.01.01 02:31:50 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002.01.01 02:30:18 | 000,114,176 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== LOP Check ==========

[2008.10.23 09:21:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alawar Stargaze
[2002.01.05 09:35:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2002.01.01 10:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2009.11.14 09:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Enkord
[2002.01.01 14:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2002.01.01 13:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MSScanAppDataDir
[2008.10.16 20:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2002.01.01 10:52:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2009.03.07 17:28:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\VirtualFarm
[2010.10.04 16:20:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\DAEMON Tools Lite
[2010.10.04 14:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Enkord
[2010.12.26 20:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ICQ
[2010.10.16 08:27:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\NexonEU
[2002.01.20 03:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\PMB Files
[2010.08.28 18:20:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jarouš\Data aplikací\Atari
[2010.09.19 09:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jarouš\Data aplikací\AVG9
[2002.01.01 22:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jarouš\Data aplikací\DAEMON Tools Lite
[2010.06.09 08:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jarouš\Data aplikací\ICQ
[2010.07.21 12:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jarouš\Data aplikací\Leadertech
[2010.06.09 08:32:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jarouš\Data aplikací\LG Electronics
[2010.07.17 00:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jarouš\Data aplikací\Mumble
[2010.03.27 07:39:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jarouš\Data aplikací\Složka odesílání Share-to-Web
[2010.06.09 20:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jarouš\Data aplikací\TeamViewer
[2002.01.02 02:10:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jarouš\Data aplikací\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[2008.10.30 19:07:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jirik\Data aplikací\DAEMON Tools
[2002.01.01 17:41:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jirik\Data aplikací\Gearbox Software
[2002.01.01 14:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jirik\Data aplikací\ICQ
[2002.01.01 00:15:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jirik\Data aplikací\Just Cause
[2008.05.30 17:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jirik\Data aplikací\kantaris
[2002.01.03 00:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jirik\Data aplikací\Nokia Multimedia Player
[2008.10.24 17:02:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jirik\Data aplikací\PC Suite
[2008.10.24 17:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jirik\Data aplikací\Složka odesílání Share-to-Web
[2010.03.26 18:14:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jirka\Data aplikací\Složka odesílání Share-to-Web
[2010.05.01 19:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum\Data aplikací\ICQ
[2010.06.08 18:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum\Data aplikací\LG Electronics
[2010.03.26 18:02:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum\Data aplikací\Složka odesílání Share-to-Web
[2010.04.01 21:50:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum\Data aplikací\TeamViewer
[2011.02.16 19:01:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\CoSoSys
[2010.10.04 16:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\DAEMON Tools Lite
[2002.01.08 05:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\ICQ
[2002.01.17 08:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\LG Electronics
[2010.10.06 19:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\OpenOffice.org
[2010.10.04 20:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\QipGuard
[2010.10.03 17:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Složka odesílání Share-to-Web
[2010.10.16 19:37:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\TeamViewer
[2011.02.13 13:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\wargaming.net
[2002.01.17 08:27:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\{D94BA408-F110-488B-A65E-3AE7945F79E6}

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"NvMediaCenter" = RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit -- [2008.04.14 14:00:00 | 000,033,280 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"QIP Internet Guardian" = C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\QipGuard\QipGuard.exe -- [2010.09.27 13:26:54 | 000,190,928 | ---- | M] ()
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 09:52:38 | 001,695,232 | ---- | M] (Microsoft Corporation)
"NexonEULauncher" =
"Pando Media Booster" = C:\Program Files\Pando Networks\Media Booster\PMB.exe -- [2002.01.07 12:48:58 | 002,984,856 | ---- | M] ()
"KPeerNexonEU" = C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe -- [2002.01.21 02:40:32 | 000,438,272 | ---- | M] (NEXON Inc.)
"ICQ" = "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4 -- [2011.01.05 10:18:50 | 000,133,432 | ---- | M] (ICQ, LLC.)

< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2002.01.21 02:40:12 | 000,524,288 | ---- | M] (Nexon) -- C:\CAE_Downloader.exe
[2002.01.05 11:51:27 | 000,339,609 | ---- | M] (Gameforge 4D ) -- C:\Downloader_Metin2_cz.exe
[2010.10.04 16:20:07 | 009,591,104 | ---- | M] (DT Soft Ltd.) -- C:\DTLite4356-0091.exe
[2002.01.20 04:08:28 | 005,545,640 | ---- | M] (GamersFirst) -- C:\GamersFirst_LIVE!_Setup_EN.exe
[2010.10.03 20:37:41 | 017,013,088 | ---- | M] (Microsoft Corporation) -- C:\IE8.exe
[2010.10.04 20:48:47 | 008,045,000 | ---- | M] (QIP.ru ) -- C:\INFIUM.exe
[2002.01.17 08:27:07 | 058,010,352 | ---- | M] (LG Electronics ) -- C:\LGPCSuiteIII_Setup.exe
[2010.10.16 12:37:49 | 628,723,908 | ---- | M] (Gameforge 4D GmbH ) -- C:\Metin2_CZ_20100505.exe
[2010.10.10 19:07:38 | 110,763,256 | ---- | M] () -- C:\office.exe
[2010.10.06 19:30:05 | 117,907,918 | ---- | M] () -- C:\OOo_3.0.0_081005_Win32Intel_install_cs.exe
[2010.10.16 18:57:52 | 003,241,784 | ---- | M] () -- C:\pr1_403_uk.exe
[2010.10.03 21:13:22 | 000,842,972 | ---- | M] () -- C:\SC4RHD_CZ_RC2.exe
[2010.10.07 14:07:36 | 000,947,592 | ---- | M] (Skype Technologies S.A.) -- C:\SkypeSetup.exe
[2010.10.16 19:36:50 | 003,953,448 | ---- | M] (TeamViewer GmbH) -- C:\TeamViewer.exe
[2010.10.23 19:41:54 | 002,139,086 | ---- | M] () -- C:\winrar_4.6_full[1].exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.10.03 21:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Adobe
[2011.02.16 19:01:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\CoSoSys
[2010.10.04 16:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\DAEMON Tools Lite
[2010.10.03 21:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Google
[2010.10.16 17:12:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Hamachi
[2010.10.21 06:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Help
[2002.01.08 05:55:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\ICQ
[2010.10.03 17:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Identities
[2002.01.17 08:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\LG Electronics
[2010.10.03 21:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Macromedia
[2002.01.27 15:06:25 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Microsoft
[2010.10.04 20:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Mozilla
[2010.10.06 19:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\OpenOffice.org
[2010.10.04 20:49:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\QipGuard
[2011.03.28 21:54:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Skype
[2011.03.28 17:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\skypePM
[2010.10.03 17:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Složka odesílání Share-to-Web
[2010.10.16 19:37:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\TeamViewer
[2011.02.13 13:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\wargaming.net
[2010.10.06 18:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\WinRAR
[2002.01.17 08:27:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\{D94BA408-F110-488B-A65E-3AE7945F79E6}

< %APPDATA%\*.exe /s >
[2010.04.01 15:51:28 | 000,032,768 | ---- | M] ((주)테크노니아) -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\LG Electronics\LG PC Suite III\UpdateHelper.exe
[2010.09.27 13:26:54 | 000,190,928 | ---- | M] () -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\QipGuard\QipGuard.exe

< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0036\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.10.04 16:20:39 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2002.01.01 02:29:23 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2002.01.01 02:29:23 | 001,069,056 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2002.01.01 02:29:23 | 000,487,424 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.03.29 06:40:13 | 000,082,372 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2011.03.29 06:40:13 | 000,071,060 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.03.29 06:40:13 | 000,437,558 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2011.03.29 06:40:13 | 000,441,124 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2011.03.29 06:40:11 | 001,046,954 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2011.03.29 06:37:55 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< End of report >

#4 Příspěvek od **vyosek** » 30 bře 2011 18:47

Nainstalujte tam tedy ten Avast

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
IE - HKU\S-1-5-21-1343024091-746137067-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-1343024091-746137067-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1343024091-746137067-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1343024091-746137067-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1343024091-746137067-1417001333-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1343024091-746137067-1417001333-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1343024091-746137067-1417001333-1004\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
[2010.10.04 20:48:59 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2010.10.04 20:49:14 | 000,000,000 | ---D | M] ("QipCounter") -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\extensions\QipCounter@qip.ru
[2010.06.21 17:35:24 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\icqplugin.xml
[2010.10.04 20:49:14 | 000,002,062 | ---- | M] () -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\searchplugins\qip-search.xml
O2 - BHO: (QipLI Class) - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll (TODO: <Company name>)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O33 - MountPoints2\{e5e8d060-d104-11df-8d49-0050bf4ea4cb}\Shell - "" = AutoRun
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2002.01.02 02:10:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jarouš\Data aplikací\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[2002.01.17 08:27:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\{D94BA408-F110-488B-A65E-3AE7945F79E6}

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"QIP Internet Guardian"=-
"MSMSGS"=-
"NexonEULauncher"=-
"ICQ"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"KernelFaultCheck"=-
 
:files
C:\Program Files\ICQ6Toolbar
C:\Documents and Settings\Ťululum.PC-FRANTISEK\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

VIRY.CZ

prosim preventivka

prosim preventivka

Re: prosim preventivka

Re: prosim preventivka

Re: prosim preventivka