Systém se hroutí, prosím o radu

[motji]

Ještě se prosím mrkněte do této složky, co tam je
C:\avrescue

[notasss]

Ok,,,a bude to všechno, nebo se u mě ještě pár prasáren najde?

[motji]

Bohužel tam pořád něco je

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
@Alternate Data Stream - 48 bytes -> C:\Documents and Settings\All Users\DRM:مايكروسوفت
3 - HKU\S-1-5-21-842925246-1177238915-725345543-1003\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-842925246-1177238915-725345543-1003\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-842925246-1177238915-725345543-1003\..\Toolbar\WebBrowser: (no name) - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - No CLSID value found.
IE - HKU\S-1-5-21-842925246-1177238915-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-842925246-1177238915-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-842925246-1177238915-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-842925246-1177238915-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKU\S-1-5-21-842925246-1177238915-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-842925246-1177238915-725345543-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-842925246-1177238915-725345543-1003\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Fl\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-842925246-1177238915-725345543-1003\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - Reg Error: Value error. File not found
DRV - File not found [Kernel | Disabled | Running] -- C:\WINDOWS\System32\DRIVERS\epfwtdir.sys -- (epfwtdir)
DRV - File not found [Kernel | Disabled | Running] -- C:\WINDOWS\System32\DRIVERS\ehdrv.sys -- (ehdrv)
DRV - File not found [File_System | Disabled | Running] -- C:\WINDOWS\System32\DRIVERS\eamon.sys -- (eamon)

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
c:\documents and settings\Fl\local settings\Temp\*.* /s
C:\WINDOWS\*.tmp /s
C:\Documents and Settings\Fl\Local Settings\Data aplikací\JockerSoft
C:\WINDOWS\Speeditup Free
C:\Documents and Settings\Fl\Data aplikací\.googlewebacchosts
C:\Documents and Settings\Fl\Dokumenty\ResHacker.ini
C:\Documents and Settings\All Users\Data aplikací\Alwil Software
C:\Documents and Settings\All Users\Data aplikací\.zreglib
C:\Documents and Settings\All Users\Data aplikací\nrqarzkn.tdg
C:\Documents and Settings\All Users\Data aplikací\mtbjfghn.xbe
C:\Documents and Settings\Fl\Data aplikací\install
C:\Documents and Settings\Fl\Data aplikací\jkgbkhjkv.bat
C:\WINDOWS\Jjehia.exe
C:\WINDOWS\System32\drivers\wugcpivq.sys

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=-

:services
wugcpivq

:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde



Tento program znáte, používáte?
C:\Program Files\kdisk.co.kr\kdisk(normal)\KAutoUP.exe

[notasss]

:\Program Files\kdisk.co.kr\kdisk(normal)\KAutoUP.exe - NEZNÁM

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
ADS C:\Documents and Settings\All Users\DRM:مايكروسوفت deleted successfully.
Registry value HKEY_USERS\S-1-5-21-842925246-1177238915-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_USERS\S-1-5-21-842925246-1177238915-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF}\ not found.
HKU\S-1-5-21-842925246-1177238915-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-842925246-1177238915-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-842925246-1177238915-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-842925246-1177238915-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-842925246-1177238915-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-842925246-1177238915-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-842925246-1177238915-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Documents and Settings\Fl\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-842925246-1177238915-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Error: No service named epfwtdir was found to stop!
Service\Driver key epfwtdir not found.
File C:\WINDOWS\System32\DRIVERS\epfwtdir.sys not found.
Error: No service named ehdrv was found to stop!
Service\Driver key ehdrv not found.
File C:\WINDOWS\System32\DRIVERS\ehdrv.sys not found.
Error: No service named eamon was found to stop!
Service\Driver key eamon not found.
File C:\WINDOWS\System32\DRIVERS\eamon.sys not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\documents and settings\Fl\local settings\Temp\41bE.tmp moved successfully.
c:\documents and settings\Fl\local settings\Temp\a14f_appcompat.txt moved successfully.
c:\documents and settings\Fl\local settings\Temp\CFGDA0.tmp moved successfully.
c:\documents and settings\Fl\local settings\Temp\cis13.tmp moved successfully.
c:\documents and settings\Fl\local settings\Temp\cis247.tmp moved successfully.
c:\documents and settings\Fl\local settings\Temp\cis2D.tmp moved successfully.
c:\documents and settings\Fl\local settings\Temp\dd_netfx20MSI1B2F.txt moved successfully.
c:\documents and settings\Fl\local settings\Temp\dd_netfx20UI1B2F.txt moved successfully.
c:\documents and settings\Fl\local settings\Temp\dw.log moved successfully.
c:\documents and settings\Fl\local settings\Temp\log.txt moved successfully.
c:\documents and settings\Fl\local settings\Temp\PdnSetupNgenInstall.log moved successfully.
c:\documents and settings\Fl\local settings\Temp\setD9C.tmp moved successfully.
c:\documents and settings\Fl\local settings\Temp\VWL1E.tmp moved successfully.
c:\documents and settings\Fl\local settings\Temp\w547F.tmp moved successfully.
c:\documents and settings\Fl\local settings\Temp\zi39FE.tmp moved successfully.
c:\documents and settings\Fl\local settings\Temp\~DF62F8.tmp moved successfully.
c:\documents and settings\Fl\local settings\Temp\~DFAA48.tmp moved successfully.
c:\documents and settings\Fl\local settings\Temp\~gu-ver.dat moved successfully.
c:\documents and settings\Fl\local settings\Temp\.xray\C_74a6bf56.xc moved successfully.
c:\documents and settings\Fl\local settings\Temp\~nsu.tmp\Au_.exe moved successfully.
c:\documents and settings\Fl\local settings\Temp\Cookies\index.dat moved successfully.
c:\documents and settings\Fl\local settings\Temp\History\History.IE5\desktop.ini moved successfully.
c:\documents and settings\Fl\local settings\Temp\History\History.IE5\index.dat moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin- moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin-clientLogin moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin-crossdomain-1.xml moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin-crossdomain-2.xml moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin-crossdomain.xml moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin-fetchEvents moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin-fetchEvents-1 moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin-fetchEvents-2 moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin-fetchEvents-3 moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin-fetchEvents-4 moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin-fetchEvents-5 moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin-fetchEvents-6 moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin-fetchEvents-7 moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin-fetchEvents-8 moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin-fetchEvents-9 moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin-locale_cs-cz.txt moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin-settings.php moved successfully.
c:\documents and settings\Fl\local settings\Temp\plugtmp\plugin-startSession moved successfully.
c:\documents and settings\Fl\local settings\Temp\Temporary Internet Files\Content.IE5\desktop.ini moved successfully.
c:\documents and settings\Fl\local settings\Temp\Temporary Internet Files\Content.IE5\index.dat moved successfully.
c:\documents and settings\Fl\local settings\Temp\Temporary Internet Files\Content.IE5\5B35THNN\desktop.ini moved successfully.
c:\documents and settings\Fl\local settings\Temp\Temporary Internet Files\Content.IE5\5B35THNN\wnews-pro[1].htm moved successfully.
c:\documents and settings\Fl\local settings\Temp\Temporary Internet Files\Content.IE5\LL4WBVNY\desktop.ini moved successfully.
c:\documents and settings\Fl\local settings\Temp\Temporary Internet Files\Content.IE5\W16RKTIB\desktop.ini moved successfully.
c:\documents and settings\Fl\local settings\Temp\Temporary Internet Files\Content.IE5\WZUZUV0L\awc3check[1].upt moved successfully.
c:\documents and settings\Fl\local settings\Temp\Temporary Internet Files\Content.IE5\WZUZUV0L\desktop.ini moved successfully.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP239.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2FF.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3B8.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6BC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP84D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP84E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP87A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8DB.tmp folder moved successfully.
C:\WINDOWS\CSC\csc1.tmp moved successfully.
C:\WINDOWS\Installer\MSI1F7.tmp moved successfully.
C:\WINDOWS\Installer\MSI2BD.tmp moved successfully.
C:\WINDOWS\Installer\MSI383.tmp moved successfully.
C:\WINDOWS\Installer\MSI3E5.tmp moved successfully.
C:\WINDOWS\Installer\MSI3E6.tmp moved successfully.
C:\WINDOWS\Installer\MSI40D.tmp moved successfully.
C:\WINDOWS\Installer\MSI42D.tmp moved successfully.
C:\Documents and Settings\Fl\Local Settings\Data aplikací\JockerSoft\StartupDelayer.exe_Url_gcqxmlpqsjjansxae31herljfn3f5s2z\2.0.4.0 folder moved successfully.
C:\Documents and Settings\Fl\Local Settings\Data aplikací\JockerSoft\StartupDelayer.exe_Url_gcqxmlpqsjjansxae31herljfn3f5s2z folder moved successfully.
C:\Documents and Settings\Fl\Local Settings\Data aplikací\JockerSoft folder moved successfully.
C:\WINDOWS\Speeditup Free folder moved successfully.
C:\Documents and Settings\Fl\Data aplikací\.googlewebacchosts moved successfully.
C:\Documents and Settings\Fl\Dokumenty\ResHacker.ini moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Alwil Software\Avast5\log folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Alwil Software\Avast5 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Alwil Software folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\.zreglib moved successfully.
C:\Documents and Settings\All Users\Data aplikací\nrqarzkn.tdg moved successfully.
C:\Documents and Settings\All Users\Data aplikací\mtbjfghn.xbe moved successfully.
C:\Documents and Settings\Fl\Data aplikací\install moved successfully.
C:\Documents and Settings\Fl\Data aplikací\jkgbkhjkv.bat moved successfully.
C:\WINDOWS\Jjehia.exe moved successfully.
File\Folder C:\WINDOWS\System32\drivers\wugcpivq.sys not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
========== SERVICES/DRIVERS ==========
Error: No service named wugcpivq was found to stop!
Service\Driver key wugcpivq not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.FLEKER
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 3548674 bytes
->Opera cache emptied: 25160 bytes
->Flash cache emptied: 348 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Fl
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 146623180 bytes
->Google Chrome cache emptied: 5837168 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->FireFox cache emptied: 2282309 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32520 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 151,00 mb


[EMPTYFLASH]

User: Administrator

User: Administrator.FLEKER
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: Fl
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: postgres

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 12162010_134809

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[notasss]

Ještě mě teď napadla taková věc, jak jsme mluvili otěch zbytcích na mém PC. Říkal jsem si, kdybych pustil virtualPC a naistaloval windows a pak porovnal složky v ve virtuálním PPC a mojem PC, mohl bych tak mít přehled o tom, které programy soubory jsou důležité a které mohu smazat. Lze to takhle provézt, nebo je to velký risk?

[motji]

Ten program nepoužíváte? Opravdu?
:\Program Files\kdisk.co.kr\kdisk(normal)\KAutoUP.exe

Já Vám odpovím večer, ted tu jen prolétám

[notasss]

no, nepouzivam prototze nevim co to je

[notasss]

A ještě bych měl dotaz na comodo, potřeboval bych nějak povolit port 7895. Sem tam si zahrejeme s kolegou pár starších her přes internet a nyní pro něj nejsem vidět. V keriu se mě to ptalo, comodo to asi automaticky blokuje. Poradíte?

[motji]

Ten program zkuste odinstalovat přes Revo uninstaler a složku smažte.
c:\Program Files\kdisk.co.kr

Ještě mě teď napadla taková věc, jak jsme mluvili otěch zbytcích na mém PC. Říkal jsem si, kdybych pustil virtualPC a naistaloval windows a pak porovnal složky v ve virtuálním PPC a mojem PC, mohl bych tak mít přehled o tom, které programy soubory jsou důležité a které mohu smazat. Lze to takhle provézt, nebo je to velký risk?

To nevím, nikdy jsem to nezkoušela.
Spíš bych se podívala třeba přes ccleaner - nástroje - odinstalovat, které programy nepoužíváte a chtěl by jste odstranit. Když tak mi je napište.

[notasss]

Dobře, kdyžtak napíšu, zatím vše funguje tak to nechám ležet tam kde to je. Toť tedy vše? Můj PC už žádné viry nehlásí, takže to vypadá že ano. Na ulici se říká na shledanou, v rádiu na slyšenou, já říkám, na další zavirovanou. Díky moc, za pomoc, dlužím vám život .

[motji]

A ještě bych měl dotaz na comodo, potřeboval bych nějak povolit port 7895. Sem tam si zahrejeme s kolegou pár starších her přes internet a nyní pro něj nejsem vidět. V keriu se mě to ptalo, comodo to asi automaticky blokuje. Poradíte?

Na to Vám sem pošlu kolegu, Comodo nemám, tkaže nedokážu poradit

Jinak není zač, kdyby byly nějaké problémy, ozvěte se