Aktualizuj javu:
Java SE Runtime Environment 7
Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (SkypeUpdate) -- C:\Documents and Settings\Uživatel\Plocha\Updater\Updater.exe File not found
DRV - (WDICA) -- File not found
DRV - (RT61) -- system32\DRIVERS\RT61.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (MRESP50a64) -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS File not found
DRV - (MRENDIS5) -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS File not found
DRV - (MREMPR5) -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS File not found
DRV - (MREMP50a64) -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS File not found
DRV - (GMSIPCI) -- D:\INSTALL\GMSIPCI.SYS File not found
DRV - (EagleNT) -- C:\WINDOWS\system32\drivers\EagleNT.sys File not found
DRV - (ah6of2mi) -- File not found
DRV - (85015418) -- C:\WINDOWS\system32\drivers\85015418.sys (Kaspersky Lab ZAO)
DRV - (81103332) -- C:\WINDOWS\system32\drivers\81103332.sys (Kaspersky Lab ZAO)
DRV - (71417817) -- C:\WINDOWS\system32\drivers\71417817.sys (Kaspersky Lab ZAO)
DRV - (07436340) -- C:\WINDOWS\system32\drivers\07436340.sys (Kaspersky Lab ZAO)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=5cde5efe000000000000004f6a0956fb&tlver=1.4.19.19&affID=16553
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss ... ffID=16553
IE - HKCU\..\SearchScopes,DefaultScope = {1F096B29-E9DA-4D64-8D63-936BE7762CC5}
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com.anonymize-me ... 663D34&st={searchTerms}&clid=f62c1090-fe7a-4f3f-9c8f-cb367272cc5c&pid=murb&k=0
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = [String data over 1000 bytes]
IE - HKCU\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com.anonymize-me.de/ ... 333038&st={searchTerms}&clid=f62c1090-fe7a-4f3f-9c8f-cb367272cc5c&pid=murb&k=0
IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=5cde5efe000000000000004f6a0956fb&tlver=1.4.19.19&affID=16553
IE - HKCU\..\SearchScopes\{39ACE242-0B79-4E45-9FD0-1F0E2E10634E}: "URL" = http://search.ebay.de.anonymize-me.de/? ... 2E6465&st={searchTerms}&clid=f62c1090-fe7a-4f3f-9c8f-cb367272cc5c&pid=murb&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com.anonymize-me.de/? ... 5F6373&st={searchTerms}&clid=f62c1090-fe7a-4f3f-9c8f-cb367272cc5c&pid=murb&k=0
IE - HKCU\..\SearchScopes\{6B130CE3-AAB2-4F5E-A940-D4ADAB90731D}: "URL" = http://www.myvideo.de.anonymize-me.de/? ... 2E6465&st={searchTerms}&clid=f62c1090-fe7a-4f3f-9c8f-cb367272cc5c&pid=murb&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{7F1E7FCA-B394-4386-8594-9E2230098AB2}: "URL" = http://www.pricerunner.de.anonymize-me. ... 2E6465&st={searchTerms}&clid=f62c1090-fe7a-4f3f-9c8f-cb367272cc5c&pid=murb&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{81724270-A9C3-4439-97E8-78818BA10E2E}: "URL" = http://www.otto.de.anonymize-me.de/?to= ... 2E6465&st={searchTerms}&clid=f62c1090-fe7a-4f3f-9c8f-cb367272cc5c&pid=murb&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{88AAA531-FBE6-46BF-AE1F-630CFE167F8A}: "URL" = http://www.dealio.com.anonymize-me.de/? ... 6D737D&st={searchTerms}&clid=f62c1090-fe7a-4f3f-9c8f-cb367272cc5c&pid=murb&k=0
IE - HKCU\..\SearchScopes\{A15563C9-D42D-45F3-B2FD-BC544C14A2CD}: "URL" = http://de.wikipedia.org.anonymize-me.de ... 6F7267&st={searchTerms}&clid=f62c1090-fe7a-4f3f-9c8f-cb367272cc5c&pid=murb&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com.anonymize- ... 6D737D&st={searchTerms}&clid=f62c1090-fe7a-4f3f-9c8f-cb367272cc5c&pid=murb&k=0
IE - HKCU\..\SearchScopes\{BE9654C9-9D79-42ec-B55A-3CAEB12DBF58}: "URL" = http://www.icq.com.anonymize-me.de/?ano ... 6F7364&st={searchTerms}&clid=f62c1090-fe7a-4f3f-9c8f-cb367272cc5c&pid=murb&k=0
IE - HKCU\..\SearchScopes\{BF124126-0EAB-4ACF-ACFC-39746CEF143F}: "URL" = http://www.amazon.de.anonymize-me.de/?t ... 2E6465&st={searchTerms}&clid=f62c1090-fe7a-4f3f-9c8f-cb367272cc5c&pid=murb&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{C25C2B08-4A46-4B4E-A3FD-4AFC34E1C608}: "URL" = http://search.yahoo.com.anonymize-me.de ... 6D737D&st={searchTerms}&clid=f62c1090-fe7a-4f3f-9c8f-cb367272cc5c&pid=murb&k=0
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "4shared Web Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:15.0.1
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:0.0.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.18
[2008.11.29 19:05:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Extensions
[2008.11.29 19:05:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2012.08.28 12:50:14 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\fpsniba6.default\extensions\ffxtlbr@babylon.com
[2012.01.23 21:50:19 | 000,002,785 | ---- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\fpsniba6.default\searchplugins\askcom.xml
[2011.11.10 18:12:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.08.27 20:26:17 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
O1 HOSTS File: ([2012.08.17 12:53:51 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll File not found
O4 - HKLM..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSecurityTab = 1
O4 - Startup: C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Po spuštění\_uninst_07436340.lnk = C:\Documents and Settings\Uživatel\Local Settings\Temp\_uninst_07436340.bat ()
O4 - Startup: C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Po spuštění\_uninst_71417817.lnk = C:\Documents and Settings\Uživatel\Local Settings\Temp\_uninst_71417817.bat ()
O4 - Startup: C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Po spuštění\_uninst_81103332.lnk = C:\Documents and Settings\Uživatel\Local Settings\Temp\_uninst_81103332.bat ()
O4 - Startup: C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Po spuštění\_uninst_85015418.lnk = C:\Documents and Settings\Uživatel\Local Settings\Temp\_uninst_85015418.bat ()
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
@Alternate Data Stream - 512 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0295CBF7
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\WINDOWS\System32\drivers\71417817.sys
C:\WINDOWS\System32\drivers\85015418.sys
C:\WINDOWS\System32\drivers\81103332.sys
C:\WINDOWS\System32\drivers\07436340.sys
C:\Documents and Settings\Uživatel\Data aplikací\BabylonToolbar
C:\Program Files\BabylonToolbar
C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Po spuštění\_uninst_71417817.lnk
C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Po spuštění\_uninst_85015418.lnk
C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Po spuštění\_uninst_81103332.lnk
C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Po spuštění\_uninst_07436340.lnk
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\System32\d3d9caps.dat
:Reg
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\WINDOWS\System32\DiagFunc.dll
C:\WINDOWS\System32\DiagFunc.ini
C:\WINDOWS\VMSnap23.exe
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
