Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.00000&barid={EC3E52C5-663F-11E2-BE89-DC85DE37970C}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.00000&barid={EC3E52C5-663F-11E2-BE89-DC85DE37970C}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{A3F1DE75-B86E-41F6-B841-FF436C22EF92}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.00000&barid={EC3E52C5-663F-11E2-BE89-DC85DE37970C}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&st=6&barid={EC3E52C5-663F-11E2-BE89-DC85DE37970C}
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
CHR - homepage: http://searchab.com/?aff=7&uid=429e1d5a ... 85de37970c
CHR - default_search_provider: search_url = http://searchab.com/?aff=7&uid=429e1d5a ... e37970c&q={searchTerms}
CHR - homepage: http://searchab.com/?aff=7&uid=429e1d5a ... 85de37970c
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL
CHR - Extension: MagniPic = C:\Users\Lukin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhmjhamkiinjlkdemicofoodpjmkilno\1\
CHR - Extension: MagniPic = C:\Users\Lukin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhjbmbfijdmomkakjldeffhcjgkphmhb\1\
CHR - Extension: MagniPic = C:\Users\Lukin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjiakhbmmmkmpgafodpkohbkhcpcbkoe\1\
CHR - Extension: MagniPic = C:\Users\Lukin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdneioikkhdnmaaicibcpmoapajlcali\1\
CHR - Extension: MagniPic = C:\Users\Lukin\AppData\Local\Google\Chrome\User Data\Default\Extensions\igcconhakmcenogikjelkcmpogfhdcmk\1\
CHR - Extension: SweetIM for Facebook = C:\Users\Lukin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Lukin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\
CHR - Extension: MagniPic = C:\Users\Lukin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfgdkkomdckpodgoilgmihopmjcoogjn\1\
CHR - Extension: MagniPic = C:\Users\Lukin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhmjhamkiinjlkdemicofoodpjmkilno\1\
CHR - Extension: MagniPic = C:\Users\Lukin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhjbmbfijdmomkakjldeffhcjgkphmhb\1\
CHR - Extension: MagniPic = C:\Users\Lukin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjiakhbmmmkmpgafodpkohbkhcpcbkoe\1\
CHR - Extension: MagniPic = C:\Users\Lukin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdneioikkhdnmaaicibcpmoapajlcali\1\
CHR - Extension: MagniPic = C:\Users\Lukin\AppData\Local\Google\Chrome\User Data\Default\Extensions\igcconhakmcenogikjelkcmpogfhdcmk\1\
CHR - Extension: SweetIM for Facebook = C:\Users\Lukin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: SweetPacks Chrome Extension = C:\Users\Lukin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\
CHR - Extension: MagniPic = C:\Users\Lukin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfgdkkomdckpodgoilgmihopmjcoogjn\1\
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2013/03/03 10:09:15 | 000,727,488 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013/03/03 10:09:15 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/03 10:09:15 | 000,148,006 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013/03/03 10:09:15 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\ProgramData\Kaspersky Lab
C:\Windows\SysNative\drivers\NISx64
C:\Program Files (x86)\Common Files\Symantec Shared
C:\Users\Lukin\Documents\Symantec
C:\Program Files\Symantec
C:\Windows\SysNative\drivers\NISx64
C:\Program Files (x86)\Norton Internet Security
C:\ProgramData\Norton
C:\ProgramData\NortonInstaller
C:\Program Files (x86)\NortonInstaller
C:\Windows\SysWow64\AK083E209605E394C.lie
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Aktualizuj javu:
Java SE Runtime Environment 7
Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\Windows\Fix_V4.exe
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.cmd
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/