VIRY.CZ

Jste se do toho nejak zamotala, vlozte ten novy skript, dam vam ho sem znovu a kliknete na Opravit

:otl
SRV - [2011.07.25 16:16:37 | 000,256,000 | ---- | M] () [Auto | Running] -- C:\Windows\sysdriver32.exe -- (srvsysdriver32)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ppcb&s={searchTerms}&f=4
IE - HKU\S-1-5-21-134749277-38998122-1694357166-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSEH
IE - HKU\S-1-5-21-134749277-38998122-1694357166-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-134749277-38998122-1694357166-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ppcb
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.3.0244
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..keyword.URL: "http://start.facemoods.com/results.php?f=5&a=ppcb&q="
[2011.05.09 08:07:07 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Terez\AppData\Roaming\Mozilla\Firefox\Profiles\o11wdm2r.default\extensions\DTToolbar@toolbarnet.com
[2010.11.30 15:54:45 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Terez\AppData\Roaming\Mozilla\Firefox\Profiles\o11wdm2r.default\extensions\ffxtlbr@Facemoods.com
[2010.07.13 16:02:02 | 000,002,059 | ---- | M] () -- C:\Users\Terez\AppData\Roaming\Mozilla\Firefox\Profiles\o11wdm2r.default\searchplugins\daemon-search.xml
[2010.10.26 17:57:38 | 000,002,036 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchppcb.xml
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [18057473-loader2.exe] File not found
O4 - HKLM..\Run: [4759496.exe] C:\Windows\Temp\4759496.exe ()
O4 - HKLM..\Run: [63009422-loader2.exe] C:\Users\Terez\AppData\Local\Temp\63009422-loader2.exe ()
O4 - HKLM..\Run: [836238.exe] C:\Users\Terez\AppData\Local\Temp\836238.exe ()
O4 - HKLM..\Run: [8559526.exe] C:\Users\Terez\AppData\Local\Temp\8559526.exe ()
O4 - HKLM..\Run: [8747021.exe] File not found
O4 - HKLM..\Run: [89562825-loader2.exe] File not found
O4 - HKLM..\Run: [9144587.exe] C:\Users\Terez\AppData\Local\Temp\9144587.exe ()
O4 - HKLM..\Run: [9546946.exe] C:\Windows\TEMP\9546946.exe ()
O4 - HKLM..\Run: [l1rezerv.exe] C:\Windows\l1rezerv.exe ()
O4 - HKLM..\Run: [sysdriver32.exe] C:\Windows\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\Windows\sysdriver32_.exe ()
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\Windows\update.tray-7-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] C:\Windows\update.tray-15-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [WinampAgent] File not found
O4 - HKLM..\Run: [wxpdrv] C:\Windows\services32.exe ()
O4 - HKU\S-1-5-21-134749277-38998122-1694357166-1000..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O31 - SafeBoot: AlternateShell - services32.exe
[2011.07.20 16:22:39 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-15-0-lnk
[2011.07.20 16:22:39 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-15-0
[2011.07.20 16:20:39 | 000,000,000 | ---D | C] -- C:\Windows\ufa
[2011.07.20 16:20:39 | 000,000,000 | ---D | C] -- C:\Windows\rpcminer
[2011.07.20 16:20:39 | 000,000,000 | ---D | C] -- C:\Windows\phoenix
[2011.07.20 16:20:24 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011.07.20 16:19:53 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011.07.20 16:11:12 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011.07.20 16:09:04 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011.07.20 16:09:01 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0-lnk
[2011.07.20 16:09:01 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Terez\Desktop\*.tmp files -> C:\Users\Terez\Desktop\*.tmp -> ]
[2011.07.25 16:16:37 | 000,256,000 | ---- | M] () -- C:\Windows\sysdriver32_.exe
[2011.07.25 16:16:37 | 000,256,000 | ---- | M] () -- C:\Windows\sysdriver32.exe
[2011.07.24 18:56:58 | 000,232,960 | ---- | M] () -- C:\Windows\l1rezerv.exe
[2011.07.20 16:25:03 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
[2011.07.20 16:21:08 | 000,114,176 | ---- | M] () -- C:\Windows\systemup.exe
[2011.07.20 16:20:38 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar
[2011.07.20 16:20:38 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar
[2011.07.20 16:20:38 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011.07.20 16:20:38 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar
[2011.07.20 16:20:21 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011.07.20 15:57:03 | 001,147,392 | ---- | M] () -- C:\Windows\services32.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[5 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f1eb035a88c96e55f04cb025e02ae297\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f1eb035a88c96e55f04cb025e02ae297\*.tmp -> ]

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"=-
"NokiaMServer"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"QuickTime Task"=-
"iTunesHelper"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
"DAEMON Tools Lite"=-
""=-
"NokiaOviSuite2"=-

:files
C:\Windows\update.tray-7-0
C:\Windows\update.tray-15-0
C:\Windows\update.2
C:\Program Files (x86)\DAEMON Tools Toolbar
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

All processes killed
========== OTL ==========
Error: No service named srvsysdriver32 was found to stop!
Service\Driver key srvsysdriver32 not found.
File C:\Windows\sysdriver32.exe not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKU\S-1-5-21-134749277-38998122-1694357166-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-134749277-38998122-1694357166-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-134749277-38998122-1694357166-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: DTToolbar@toolbarnet.com:1.1.3.0244 removed from extensions.enabledItems
Prefs.js: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42 removed from extensions.enabledItems
Prefs.js: ffxtlbr@Facemoods.com:1.2.0 removed from extensions.enabledItems
Prefs.js: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 removed from extensions.enabledItems
Prefs.js: "http://start.facemoods.com/results.php?f=5&a=ppcb&q=" removed from keyword.URL
Folder C:\Users\Terez\AppData\Roaming\Mozilla\Firefox\Profiles\o11wdm2r.default\extensions\DTToolbar@toolbarnet.com\ not found.
Folder C:\Users\Terez\AppData\Roaming\Mozilla\Firefox\Profiles\o11wdm2r.default\extensions\ffxtlbr@Facemoods.com\ not found.
File C:\Users\Terez\AppData\Roaming\Mozilla\Firefox\Profiles\o11wdm2r.default\searchplugins\daemon-search.xml not found.
File C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchppcb.xml not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\18057473-loader2.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\4759496.exe not found.
File C:\Windows\Temp\4759496.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\63009422-loader2.exe not found.
File C:\Users\Terez\AppData\Local\Temp\63009422-loader2.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\836238.exe not found.
File C:\Users\Terez\AppData\Local\Temp\836238.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8559526.exe not found.
File C:\Users\Terez\AppData\Local\Temp\8559526.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8747021.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\89562825-loader2.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\9144587.exe not found.
File C:\Users\Terez\AppData\Local\Temp\9144587.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\9546946.exe not found.
File C:\Windows\TEMP\9546946.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\l1rezerv.exe not found.
File C:\Windows\l1rezerv.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32.exe not found.
File C:\Windows\sysdriver32.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32_.exe not found.
File C:\Windows\sysdriver32_.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico0 not found.
File C:\Windows\update.tray-7-0\svchost.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico1 not found.
File C:\Windows\update.tray-15-0\svchost.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico2 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico3 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico4 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\wxpdrv not found.
File C:\Windows\services32.exe not found.
Registry value HKEY_USERS\S-1-5-21-134749277-38998122-1694357166-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD}\ not found.
File {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}\ not found.
File {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0}\ not found.
File {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}\ not found.
File {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\\AlternateShell not found.
Folder C:\Windows\update.tray-15-0-lnk\ not found.
Folder C:\Windows\update.tray-15-0\ not found.
Folder C:\Windows\ufa\ not found.
Folder C:\Windows\rpcminer\ not found.
Folder C:\Windows\phoenix\ not found.
Folder C:\Windows\update.2\ not found.
Folder C:\Windows\update.5.0\ not found.
Folder C:\Windows\av_ico\ not found.
Folder C:\Windows\update.1\ not found.
Folder C:\Windows\update.tray-7-0-lnk\ not found.
Folder C:\Windows\update.tray-7-0\ not found.
File/Folder C:\Windows\*.tmp not found.
File/Folder C:\Users\Terez\Desktop\*.tmp not found.
File C:\Windows\sysdriver32_.exe not found.
File C:\Windows\sysdriver32.exe not found.
File C:\Windows\l1rezerv.exe not found.
File C:\Windows\loader2.exe_ok not found.
File C:\Windows\systemup.exe not found.
File C:\Windows\phoenix.rar not found.
File C:\Windows\rpcminer.rar not found.
File C:\Windows\unrar.exe not found.
File C:\Windows\ufa.rar not found.
File C:\Windows\geoiplist.rar not found.
File C:\Windows\services32.exe not found.
File/Folder C:\Windows\*.tmp not found.
File/Folder C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp not found.
File/Folder C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp not found.
File/Folder C:\Windows\Installer\*.tmp not found.
File/Folder C:\Windows\SoftwareDistribution\Download\f1eb035a88c96e55f04cb025e02ae297\*.tmp not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaMServer not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaOviSuite2 not found.
========== FILES ==========
File\Folder C:\Windows\update.tray-7-0 not found.
File\Folder C:\Windows\update.tray-15-0 not found.
File\Folder C:\Windows\update.2 not found.
File\Folder C:\Program Files (x86)\DAEMON Tools Toolbar not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Terez
->Temp folder emptied: 155503 bytes
->Temporary Internet Files folder emptied: 15657861 bytes
->FireFox cache emptied: 6408488 bytes
->Google Chrome cache emptied: 856432 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9808 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 22,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Terez
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.26.1 log created on 07252011_235816

Files\Folders moved on Reboot...
C:\Users\Terez\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Terez\AppData\Local\Temp\SafeQClientUI.log moved successfully.
C:\Users\Terez\AppData\Local\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D12}.tlb moved successfully.
File\Folder C:\Users\Terez\AppData\Local\Temp\~DF68A7ED4F4F6F0A2C.TMP not found!
File\Folder C:\Users\Terez\AppData\Local\Temp\~DF6DBBE56C80645118.TMP not found!
File\Folder C:\Users\Terez\AppData\Local\Temp\~DFC712613714DBFB9A.TMP not found!
File\Folder C:\Users\Terez\AppData\Local\Temp\~DFF65C16AC650C59B2.TMP not found!
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y0LO9P99\folderScreen[1].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y0LO9P99\morestories[1].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TENAODZV\11[1].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TENAODZV\11[2].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TENAODZV\ai[8].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TENAODZV\ai[9].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8PAV8UV\afr[2].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8PAV8UV\emptyScreen[1].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8PAV8UV\facebook_com[1].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8PAV8UV\framesetScreen[1].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8PAV8UV\framesetScreen[2].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8PAV8UV\morestories[1].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8PAV8UV\morestories[2].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8PAV8UV\morestories[3].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B455LFPY\emptyScreen[1].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B455LFPY\facebook_com[1].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B455LFPY\folderScreen[1].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B455LFPY\morestories[1].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B455LFPY\morestories[2].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B455LFPY\viewtopic[1].htm moved successfully.
C:\Users\Terez\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\Windows\temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D12}.tlb moved successfully.

Registry entries deleted on Reboot...

vyborne

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

Provedte aktualizaci - treti zalozka
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

OTC jsem provedla, ale u toho druhého programu Malwerebytes mi ukazuje, že je databáze starší než 238 dní a když dám aktualizace, zobrazí se: Došlo k chybě, prosím oznamte kód chyby našemu týmu podpory. PROGRAM_ERROR_UPDATING_(12004, 0, WinnHttpOpen)

Zkusime tedy neco jineho

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

tak jsem na to možná přišla

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Verze databáze: 5214

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

26.7.2011 0:51:07
mbam-log-2011-07-26 (00-50-55).txt

Typ kontroly: Rychlý test
Testované objekty: 153983
Uplynulý čas: 2 minut, 46 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 3
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\Users\Terez\local settings\temporary internet files\Content.IE5\4WC4U7OD\skypesetupfull[1].exe (Spyware.Banker) -> No action taken.

Sikovna

c:\Users\Terez\local settings\temporary internet files\Content.IE5\4WC4U7OD\skypesetupfull[1].exe nemazte, ostatni ano. Pak udelejte jeste uplny sken

Tak scanning snad hotov. Posílám log. Je normální, že mi nefunguje mozzila a skype?

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Verze databáze: 5214

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

26.7.2011 22:58:48
mbam-log-2011-07-26 (22-58-42).txt

Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 298847
Uplynulý čas: 43 minut, 28 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\Users\Terez\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\4WC4U7OD\skypesetupfull[1].exe (Spyware.Banker) -> No action taken.

Aplikujte nyni tedy ten ComboFix, asi je tam nekde neco dalsiho...

Po aplikovani mi bohuzel nejde spustit pocitac vubec. pri zapnuti se zobrazi: v systemu windows nelze pocitac automaticky opravit. ................... kliknutim na tlacitko dokoncit ukoncete program a vypnete pocitac.......... zobrazit podrobnosti o diagnostice a oprave.......... zobrazit moznosti obnoveni systemu a podpory........... at udelam cokoliv, pocitac nenabehne..

A kdyz budete mackat F8 a zvolite posledni znama funckni konfigurace

Nebo pak jeste zbyva oprava pres instalacni DVD - navod zde http://viry.cz/forum/viewtopic.php?f=46&t=106339

ani posledni znama konfigurace nefunguje. zkusim tedy ta instalacni dvd. moc vam dekuji za pomoc

Pak napiste ci pomohla...

VIRY.CZ

Facebook vir, prosím o pomoc. Jde o zmíněný nový vir

Re: Facebook vir, prosím o pomoc. Jde o zmíněný nový vir

Re: Facebook vir, prosím o pomoc. Jde o zmíněný nový vir

Re: Facebook vir, prosím o pomoc. Jde o zmíněný nový vir

Re: Facebook vir, prosím o pomoc. Jde o zmíněný nový vir

Re: Facebook vir, prosím o pomoc. Jde o zmíněný nový vir

Re: Facebook vir, prosím o pomoc. Jde o zmíněný nový vir

Re: Facebook vir, prosím o pomoc. Jde o zmíněný nový vir

Re: Facebook vir, prosím o pomoc. Jde o zmíněný nový vir

Re: Facebook vir, prosím o pomoc. Jde o zmíněný nový vir

Re: Facebook vir, prosím o pomoc. Jde o zmíněný nový vir

Re: Facebook vir, prosím o pomoc. Jde o zmíněný nový vir

Re: Facebook vir, prosím o pomoc. Jde o zmíněný nový vir

Re: Facebook vir, prosím o pomoc. Jde o zmíněný nový vir