Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {5DAEA674-C52D-42AF-9ACF-8BF71DF7F20A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{5DAEA674-C52D-42AF-9ACF-8BF71DF7F20A}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
IE - HKCU\..\SearchScopes\{88793E65-D281-4832-B320-BC046ED96FD3}: "URL" = http://www.mysearchresults.com/search?c=2402&t=01&q={searchTerms}
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.17 21:47:48 | 000,000,000 | ---D | M]
[2013.05.16 19:38:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zdeněk\AppData\Roaming\Mozilla\Extensions
[2013.05.17 23:55:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\bfylnjfq.default\extensions
[2013.05.14 21:18:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profilesbfylnjfq.default\extensions
[2013.05.14 21:18:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profilesbfylnjfq.default\extensions\staged
[2013.05.17 23:55:02 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\bfylnjfq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.05.17 19:21:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.05.17 19:21:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.05.17 19:21:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013.05.17 19:21:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash5/cabs/swflash.cab (Shockwave Flash Object)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2013.05.17 21:54:08 | 000,631,276 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.05.17 21:54:08 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.17 21:54:08 | 000,121,930 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.05.17 21:54:08 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Users\Zdeněk\AppData\Local\{0B1E1B97-5B20-45C6-8683-39F28D65D44D}
C:\Users\Zdeněk\AppData\Local\{83AD7B67-CED0-4555-A434-E1019F80D405}
C:\Users\Zdeněk\AppData\Local\{CC554719-87A4-49EA-A0DB-4B3F09FEC973}
C:\Qoobox
C:\Users\Zdeněk\AppData\Local\{6D6617D8-A542-4D0B-8CF8-F861778E71BA}
C:\Users\Zdeněk\AppData\Local\{BB2FF27F-862D-48E6-B190-397FB3E86A8C}
C:\Users\Zdeněk\AppData\Local\{CB3EDB11-365C-48AC-8058-B5DFD2A8819B}
C:\Users\Zdeněk\AppData\Local\{C259576F-D9BD-40C0-8D56-BA7C1FB5C774}
C:\Users\Zdeněk\AppData\Local\{78583126-80A0-4F84-B7BF-99BB4E9EC497}
C:\Users\Zdeněk\AppData\Local\{7D218343-E79A-4056-A561-7727DD217547}
C:\Users\Zdeněk\AppData\Local\{22AD1BF0-25E1-4E30-8D9E-F1F5384CCF6B}
C:\Users\Zdeněk\AppData\Local\{A84ABCB8-789D-4A4F-9397-433F04A84AA1}
C:\Users\Zdeněk\AppData\Local\{5342F893-406F-4251-8653-2AE7D0BE814A}
C:\Users\Zdeněk\AppData\Local\{3AEFD1D5-6690-4FD3-8D3B-87F7D0CFCBEA}
C:\Users\Zdeněk\AppData\Local\{9703A734-66F6-4F71-AD4D-022060B41910}
C:\Users\Zdeněk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Windows\SysWow64\ezsidmv.dat
%systemroot%\prefetch\*.*
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\Windows\pslabeler.ini
C:\Windows\calcpslab.ini
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
