MyCity » Ambulanta -> Arhiva Ambulante » Problem sa startsear.info

Problem sa startsear.info

Napisano na dan: 22.2.2012

Problem sa startsear.info

Sledeća strana

Pagination

Odgovori

bojovnik Poslao: 22 Feb 2012 20:58 Idi na vrh
offline bojovnik Građanin Pridružio: 28 Maj 2010 Poruke: 46	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pozdrav ljudi! Od prije nekoliko tjedana kao homepage u Firefoxu mi se pojavila startsear.info stranica te mi se od tada računalo znatno usporilo i počelo grijati. Ovu stranicu ne mogu promjeniti i to je prilično iritantno, a osim toga može biti dosta opasno. Ovaj zločudni softver sam pokušavao ukloniti sa raznim antivirusnim programima i za uklanjanje zločudnih softvera (AVG, Spyware doctor, PC Health Advisor,...) ali nisam nikako uspio. Koristim ADSL internet. Molio bih pomoć ako mi možete pomoći. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 6.0.2900.5512 Run by Dunjich at 20:38:44 on 2012-02-21 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.317 [GMT 1:00] . AV: AVG Anti-Virus Enabled/Updated {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe C:\WINDOWS\System32\svchost.exe -k eapsvcs svchost.exe C:\WINDOWS\System32\svchost.exe -k dot3svc C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Internet Explorer\explorer_update.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Webshots\3.1.5.7617\webshots.scr C:\Program Files\Mozilla Firefox\bin\firefox.exe C:\WINDOWS\system32\agrsmsvc.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe svchost.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe C:\WINDOWS\system32\wscntfy.exe C:\Core Temp.exe C:\Program Files\TeamViewer\Version6\TeamViewer.exe c:\program files\teamviewer\version6\TeamViewer_Desktop.exe C:\Program Files\TeamViewer\Version6\tv_w32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://startsear.info mStart Page = hxxp://startsear.info uURLSearchHooks: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll mURLSearchHooks: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll BHO: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL BHO: QUICKfind BHO Object: {c08df07a-3e49-4e25-9ab0-d3882835f153} - c:\progra~1\idm\quickf~1\plugins\IEHelp.dll TB: BS.Player ControlBar: {2c688203-7eb3-4327-9995-1cb417ba23f9} - c:\program files\bs.player controlbar\BSToolbar.dll TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File TB: {C17590D2-ECB4-4B15-8820-F58798DCC118} - No File EB: Groove Folder Synchronization: {2a541ae1-5bf6-4665-a8a3-cfa9672e4291} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [WinampAgent] c:\program files\winamp\winampa.exe mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [Explorer Update] "c:\program files\internet explorer\explorer_update.exe" mRunOnce: [AvgUninstallURL] cmd.exe /c start avg.com/ww.special-uninstallation-feedb.....er=9.0.872 dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\dunjich\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\docume~1\dunjich\startm~1\programs\startup\webshots.lnk - c:\program files\webshots\3.1.5.7617\Launcher.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{76E0C0B5-0BEC-4748-827E-9BF4B500EE17} : DhcpNameServer = 192.168.1.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: avgrsstarter - avgrsstx.dll Notify: igfxcui - igfxdev.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\dunjich\application data\mozilla\firefox\profiles\0gofcvzx.default\ FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://startsear.info FF - prefs.js: keyword.URL - hxxp://www.google.hr FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Fast Dial: fastdial@telega.phpnet.us - %profile%\extensions\fastdial@telega.phpnet.us FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg8\Firefox . ============= SERVICES / DRIVERS =============== . R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2011-1-8 12552] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2011-1-8 335240] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2011-1-8 27784] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2011-1-8 108552] R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2011-1-8 297752] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2012\TuneUpUtilitiesService32.exe [2011-12-14 1514304] R3 ALSysIO;ALSysIO;\??\c:\docume~1\dunjich\locals~1\temp\alsysio.sys --> c:\docume~1\dunjich\locals~1\temp\ALSysIO.sys [?] R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2011-11-27 27632] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2011-12-12 10064] S2 AGCoreService;AG Core Services;c:\program files\agi\core\4.2.0.10754\AGCoreService.exe [2012-1-18 20480] . =============== Created Last 30 ================ . 2012-02-19 16:34:02 -------- d-----w- c:\documents and settings\dunjich\application data\SpeedyPC Software 2012-02-19 16:33:54 -------- d-----w- c:\documents and settings\all users\application data\SpeedyPC Software 2012-02-19 10:52:27 -------- d-----w- c:\documents and settings\dunjich\application data\ParetoLogic 2012-02-19 10:52:27 -------- d-----w- c:\documents and settings\dunjich\application data\DriverCure 2012-02-19 10:52:17 -------- d-----w- c:\documents and settings\all users\application data\ParetoLogic 2012-02-19 10:21:04 -------- d-----w- c:\documents and settings\dunjich\application data\Malwarebytes 2012-02-19 10:20:56 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-02-19 09:06:00 -------- d-----w- c:\windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP 2012-02-19 08:59:18 -------- d-----w- c:\documents and settings\dunjich\application data\IObit 2012-01-22 19:42:23 -------- d-----w- C:\sh4ldr 2012-01-22 19:42:23 -------- d-----w- c:\program files\Enigma Software Group 2012-01-22 19:41:34 -------- d-----w- c:\windows\1C7CC8E2CFCF41E6A8637C7A45CE8A78.TMP 2012-01-22 19:41:20 -------- d-----w- c:\program files\common files\Wise Installation Wizard . ==================== Find3M ==================== . 2011-12-14 11:47:06 31552 ----a-w- c:\windows\system32\TURegOpt.exe . ============= FINISH: 20:40:03,65 =============== mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

Fil Poslao: 22 Feb 2012 21:38 Idi na vrh
offline Fil Legendarni građanin Pridružio: 11 Jun 2009 Poruke: 16586	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi program OTL sa donjeg linka na Desktop: OTL download Klikni na dati link i u prozoru koji se otvori, klikni na dugme Save; kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati datoteku, odaberi Desktop i klikni na dugme Save. Dvoklikom pokreni OTL; klikni na dugme Run Scan; po završetku skeniranja, izveštaj će se otvoriti u programu Notepad (napomena: izveštaj će automatski biti sačuvan na Desktopu kao OTL.Txt) . Priloži izveštaj OTL.Txt uz poruku korišćenjem opcije Prikači fajl.

Profil

bojovnik Poslao: 23 Feb 2012 18:51 Idi na vrh
offline bojovnik Građanin Pridružio: 28 Maj 2010 Poruke: 46	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: ?OTL logfile created on: 23.2.2012 18:17:33 - Run 1 OTL by OldTimer - Version 3.2.33.2 Folder = D:\s C diska\My Documents\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 0000041A \| Country: Croatia \| Language: HRV \| Date Format: d.M.yyyy 1015,23 Mb Total Physical Memory \| 297,47 Mb Available Physical Memory \| 29,30% Memory free 2,39 Gb Paging File \| 1,78 Gb Available in Paging File \| 74,72% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 36,62 Gb Total Space \| 25,27 Gb Free Space \| 68,99% Space Free \| Partition Type: NTFS Drive D: \| 75,16 Gb Total Space \| 24,63 Gb Free Space \| 32,77% Space Free \| Partition Type: NTFS Computer Name: DUNJA \| User Name: Dunjich \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.02.23 18:15:53 \| 000,583,680 \| ---- \| M] (OldTimer Tools) -- D:\s C diska\My Documents\Downloads\OTL.exe PRC - [2012.02.21 20:33:11 \| 000,912,344 \| ---- \| M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012.01.11 03:19:31 \| 006,110,435 \| -HS- \| M] () -- C:\Program Files\Internet Explorer\explorer_update.exe PRC - [2012.01.11 02:21:43 \| 001,046,528 \| -HS- \| M] () -- C:\Program Files\Mozilla Firefox\bin\firefox.exe PRC - [2011.12.14 12:47:02 \| 001,212,224 \| ---- \| M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe PRC - [2011.12.14 12:47:00 \| 001,514,304 \| ---- \| M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe PRC - [2011.12.14 12:46:56 \| 000,459,584 \| ---- \| M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TUDefragBackend32.exe PRC - [2011.12.14 12:45:38 \| 000,546,624 \| ---- \| M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\OneClick.exe PRC - [2011.10.17 19:11:13 \| 002,042,208 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe PRC - [2011.04.15 10:43:21 \| 002,038,648 \| ---- \| M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version6\TeamViewer_Desktop.exe PRC - [2011.04.15 10:43:20 \| 007,797,112 \| ---- \| M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer.exe PRC - [2011.04.15 10:14:11 \| 000,108,408 \| ---- \| M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\tv_w32.exe PRC - [2011.01.09 10:14:02 \| 000,297,752 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe PRC - [2011.01.08 19:17:17 \| 000,486,680 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe PRC - [2011.01.08 19:17:14 \| 000,595,736 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe PRC - [2011.01.08 19:17:11 \| 000,832,792 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgam.exe PRC - [2010.10.03 01:13:42 \| 000,470,544 \| ---- \| M] () -- C:\Core Temp.exe PRC - [2009.12.08 12:38:16 \| 003,474,848 \| ---- \| M] (Webshots.com) -- C:\Program Files\Webshots\3.1.5.7617\Webshots.scr PRC - [2008.04.14 04:42:20 \| 001,033,728 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008.03.18 11:27:12 \| 000,013,312 \| ---- \| M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe PRC - [2007.05.14 23:22:22 \| 000,035,328 \| ---- \| M] () -- C:\Program Files\Winamp\winampa.exe PRC - [2006.06.01 12:32:12 \| 000,094,208 \| ---- \| M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2001.11.01 18:47:17 \| 000,196,608 \| ---- \| M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe ========== Modules (No Company Name) ========== MOD - [2012.02.21 20:33:12 \| 001,014,744 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\js3250.dll MOD - [2012.01.11 03:19:31 \| 006,110,435 \| -HS- \| M] () -- C:\Program Files\Internet Explorer\explorer_update.exe MOD - [2012.01.11 02:21:43 \| 001,046,528 \| -HS- \| M] () -- C:\Program Files\Mozilla Firefox\bin\firefox.exe MOD - [2011.12.12 19:25:42 \| 013,420,352 \| ---- \| M] () -- C:\Program Files\TuneUp Utilities 2012\libcef.dll MOD - [2010.10.03 01:13:42 \| 000,470,544 \| ---- \| M] () -- C:\Core Temp.exe MOD - [2010.01.27 02:07:32 \| 003,884,312 \| ---- \| M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll MOD - [2009.11.05 07:39:40 \| 000,087,552 \| ---- \| M] () -- C:\WINDOWS\system32\cpwmon2k.dll MOD - [2008.04.14 04:42:00 \| 000,014,336 \| ---- \| M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008.04.14 04:41:52 \| 000,059,904 \| ---- \| M] () -- C:\WINDOWS\system32\devenum.dll MOD - [2007.05.14 23:22:22 \| 000,035,328 \| ---- \| M] () -- C:\Program Files\Winamp\winampa.exe ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled \| Stopped] -- -- (HidServ) SRV - [2011.12.14 12:47:00 \| 001,514,304 \| ---- \| M] (TuneUp Software) [Auto \| Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2011.01.09 10:14:02 \| 000,297,752 \| ---- \| M] (AVG Technologies CZ, s.r.o.) [Auto \| Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd) SRV - [2010.06.29 07:04:18 \| 000,020,480 \| ---- \| M] (AG Interactive) [Auto \| Stopped] -- C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe -- (AGCoreService) SRV - [2008.03.18 11:27:12 \| 000,013,312 \| ---- \| M] (Agere Systems) [Auto \| Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel \| On_Demand \| Running] -- -- (ALSysIO) DRV - [2011.12.12 19:31:38 \| 000,010,064 \| ---- \| M] (TuneUp Software) [Kernel \| On_Demand \| Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2011.01.08 19:17:17 \| 000,335,240 \| ---- \| M] (AVG Technologies CZ, s.r.o.) [Kernel \| System \| Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86) DRV - [2011.01.08 19:17:17 \| 000,027,784 \| ---- \| M] (AVG Technologies CZ, s.r.o.) [File_System \| System \| Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2011.01.08 19:17:15 \| 000,108,552 \| ---- \| M] (AVG Technologies CZ, s.r.o.) [Kernel \| System \| Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX) DRV - [2011.01.08 19:17:11 \| 000,012,552 \| ---- \| M] (AVG Technologies CZ, s.r.o.) [File_System \| Boot \| Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86) DRV - [2010.12.09 16:03:42 \| 000,027,632 \| ---- \| M] (Sony Ericsson Mobile Communications) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri) DRV - [2010.04.29 07:31:54 \| 000,691,696 \| ---- \| M] (Duplex Secure Ltd.) [Kernel \| Disabled \| Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2010.04.28 22:58:11 \| 001,391,104 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2008.03.21 11:13:00 \| 001,203,776 \| ---- \| M] (Agere Systems) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2007.06.18 16:12:04 \| 000,016,768 \| ---- \| M] (Hewlett-Packard Development Company, L.P.) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2006.09.24 14:28:46 \| 000,005,248 \| ---- \| M] (Windows (R) 2000 DDK provider) [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan) DRV - [2005.09.19 13:24:10 \| 000,009,344 \| ---- \| M] (Hewlett-Packard Development Company, L.P.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey) DRV - [1996.04.03 20:33:26 \| 000,005,248 \| ---- \| M] () [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = startsear.info IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = startsear.info IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search" FF - prefs.js..browser.search.defaulturl: "http://flvdirect.iamwired.net/websearch.php?src=tops&search=" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://startsear.info" FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b2 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429 FF - prefs.js..keyword.URL: "http://www.google.hr" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2011.01.09 10:15:08 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.21 20:33:26 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.21 20:33:26 \| 000,000,000 \| ---D \| M] [2010.04.29 07:26:44 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Documents and Settings\Dunjich\Application Data\Mozilla\Extensions [2012.02.22 19:50:21 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Documents and Settings\Dunjich\Application Data\Mozilla\Firefox\Profiles\0gofcvzx.default\extensions [2010.08.05 16:03:26 \| 000,000,000 \| ---D \| M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dunjich\Application Data\Mozilla\Firefox\Profiles\0gofcvzx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.08.05 16:03:24 \| 000,000,000 \| ---D \| M] (Fast Dial) -- C:\Documents and Settings\Dunjich\Application Data\Mozilla\Firefox\Profiles\0gofcvzx.default\extensions\fastdial@telega.phpnet.us [2012.02.23 17:40:10 \| 000,002,105 \| ---- \| M] () -- C:\Documents and Settings\Dunjich\Application Data\Mozilla\Firefox\Profiles\0gofcvzx.default\searchplugins\google.xml [2010.04.29 07:26:24 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011.01.09 10:15:08 \| 000,000,000 \| ---D \| M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG8\FIREFOX O1 HOSTS File: ([2010.06.10 09:34:19 \| 000,000,027 \| ---- \| M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM) O3 - HKLM\..\Toolbar: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll () O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [Explorer Update] C:\Program Files\Internet Explorer\explorer_update.exe () O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\Dunjich\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\3.1.5.7617\Launcher.exe (Webshots.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{76E0C0B5-0BEC-4748-827E-9BF4B500EE17}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dunjich\Application Data\Webshots\The Webshots Desktop\Webshots Wallpaper.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.04.28 22:28:26 \| 000,000,000 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{0882a88c-a720-11e0-bb26-001a73ae4a90}\Shell\AutoRun\command - "" = mojih/prijatelja.exe O33 - MountPoints2\{0882a88c-a720-11e0-bb26-001a73ae4a90}\Shell\Explore\command - "" = mojih/prijatelja.exe O33 - MountPoints2\{0882a88c-a720-11e0-bb26-001a73ae4a90}\Shell\Open\command - "" = mojih/prijatelja.exe O34 - HKLM BootExecute: (autocheck autochk ) O35 - HKLM\..comfile [open] -- "%1" % O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.02.21 16:19:04 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Dunjich\Desktop\6.c - project work [2012.02.19 18:45:54 \| 000,000,000 \| R--D \| C] -- D:\s C diska\My Documents\My Videos [2012.02.19 18:45:54 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Dunjich\Start Menu\Programs\Administrative Tools [2012.02.19 17:34:02 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Dunjich\Application Data\SpeedyPC Software [2012.02.19 17:33:54 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC Software [2012.02.19 17:08:44 \| 000,000,000 \| ---D \| C] -- D:\s C diska\My Documents\Webshots Data [2012.02.19 16:52:03 \| 000,000,000 \| R--D \| C] -- D:\s C diska\My Documents\My Pictures [2012.02.19 16:52:03 \| 000,000,000 \| R--D \| C] -- D:\s C diska\My Documents\My Music [2012.02.19 16:52:03 \| 000,000,000 \| ---D \| C] -- D:\s C diska\My Documents\MOBILedit! [2012.02.19 16:52:03 \| 000,000,000 \| ---D \| C] -- D:\s C diska\My Documents\Downloads [2012.02.19 16:52:02 \| 000,000,000 \| ---D \| C] -- D:\s C diska\My Documents\OneNote Notebooks [2012.02.19 16:51:57 \| 000,000,000 \| ---D \| C] -- D:\s C diska\My Documents\SafeNet Sentinel [2012.02.19 11:52:27 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Dunjich\Application Data\ParetoLogic [2012.02.19 11:52:27 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Dunjich\Application Data\DriverCure [2012.02.19 11:52:17 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic [2012.02.19 11:21:04 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Dunjich\Application Data\Malwarebytes [2012.02.19 11:20:56 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2012.02.19 10:00:26 \| 000,000,000 \| -HSD \| C] -- C:\Config.Msi [2012.02.19 09:59:18 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Dunjich\Application Data\IObit [5 C:\WINDOWS\.tmp files -> C:\WINDOWS\.tmp -> ] [1 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.02.23 17:37:58 \| 000,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2012.02.23 06:58:40 \| 090,469,906 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2012.02.20 19:56:11 \| 000,002,206 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.dbl [2012.02.19 18:45:32 \| 000,000,777 \| ---- \| M] () -- C:\Documents and Settings\Dunjich\Start Menu\Programs\Startup\Webshots.lnk [2012.02.19 17:46:44 \| 000,269,392 \| ---- \| M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.02.19 11:56:48 \| 000,435,828 \| ---- \| M] () -- C:\WINDOWS\System32\perfh009.dat [2012.02.19 11:56:48 \| 000,068,558 \| ---- \| M] () -- C:\WINDOWS\System32\perfc009.dat [2012.02.14 05:50:29 \| 000,225,280 \| ---- \| M] () -- C:\Documents and Settings\Dunjich\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [5 C:\WINDOWS\.tmp files -> C:\WINDOWS\.tmp -> ] [1 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ] ========== Files Created - No Company Name ========== [2010.07.08 19:13:14 \| 000,000,038 \| ---- \| C] () -- C:\WINDOWS\AviSplitter.INI [2010.06.18 16:58:28 \| 000,001,024 \| ---- \| C] () -- C:\WINDOWS\System32\grcauth2.dll [2010.06.18 16:58:28 \| 000,001,024 \| ---- \| C] () -- C:\WINDOWS\System32\grcauth1.dll [2010.06.18 16:58:28 \| 000,000,100 \| ---- \| C] () -- C:\WINDOWS\System32\prsgrc.dll [2010.06.18 16:56:57 \| 000,001,025 \| ---- \| C] () -- C:\WINDOWS\System32\sysprs7.dll [2010.06.18 16:56:57 \| 000,000,205 \| ---- \| C] () -- C:\WINDOWS\System32\lsprst7.dll [2010.05.02 21:36:22 \| 000,000,069 \| ---- \| C] () -- C:\WINDOWS\NeroDigital.ini [2010.05.02 21:33:33 \| 000,225,280 \| ---- \| C] () -- C:\Documents and Settings\Dunjich\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.04.29 08:35:00 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\mozregistry.dat [2010.04.29 08:31:50 \| 000,087,552 \| ---- \| C] () -- C:\WINDOWS\System32\cpwmon2k.dll [2010.04.29 07:26:39 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\nsreg.dat [2010.04.29 07:24:14 \| 000,165,376 \| ---- \| C] () -- C:\WINDOWS\System32\unrar.dll [2010.04.29 00:16:34 \| 000,004,161 \| ---- \| C] () -- C:\WINDOWS\ODBCINST.INI [2010.04.29 00:15:11 \| 000,269,392 \| ---- \| C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.04.28 22:51:39 \| 001,174,000 \| ---- \| C] () -- C:\WINDOWS\System32\igmedkrn.dll [2010.04.28 22:51:39 \| 000,147,456 \| ---- \| C] () -- C:\WINDOWS\System32\igfxCoIn_v4873.dll [2010.04.28 22:51:39 \| 000,104,636 \| ---- \| C] () -- C:\WINDOWS\System32\igmedcompkrn.dll [2010.04.28 22:31:03 \| 000,002,048 \| --S- \| C] () -- C:\WINDOWS\bootstat.dat [2010.04.28 22:25:03 \| 000,021,640 \| ---- \| C] () -- C:\WINDOWS\System32\emptyregdb.dat < End of report > mycity.rs/must-login.png

Profil

Fil Poslao: 23 Feb 2012 20:39 Idi na vrh
offline Fil Legendarni građanin Pridružio: 11 Jun 2009 Poruke: 16586	1Ovo se svidja korisniku: TwinHeadedEagle Registruj se da bi pohvalio/la poruku! Ponovo pokreni program OTL dvoklikom na ikonicu; U beli okvir prozora gde piše Custom Scans/Fixes iskopiraj sledeći tekst: :OTL MOD - [2012.01.11 03:19:31 \| 006,110,435 \| -HS- \| M] () -- C:\Program Files\Internet Explorer\explorer_update.exe MOD - [2012.01.11 02:21:43 \| 001,046,528 \| -HS- \| M] () -- C:\Program Files\Mozilla Firefox\bin\firefox.exe IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.info IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.info FF - prefs.js..browser.search.defaulturl: "http://flvdirect.iamwired.net/websearch.php?src=tops&search=" FF - prefs.js..browser.startup.homepage: "http://startsear.info" O4 - HKLM\..\Run: [Explorer Update] C:\Program Files\Internet Explorer\explorer_update.exe () O33 - MountPoints2\{0882a88c-a720-11e0-bb26-001a73ae4a90}\Shell\AutoRun\command - "" = mojih/prijatelja.exe O33 - MountPoints2\{0882a88c-a720-11e0-bb26-001a73ae4a90}\Shell\Explore\command - "" = mojih/prijatelja.exe O33 - MountPoints2\{0882a88c-a720-11e0-bb26-001a73ae4a90}\Shell\Open\command - "" = mojih/prijatelja.exe :files C:\Program Files\Internet Explorer\explorer_update.exe C:\Program Files\Mozilla Firefox\bin\firefox.exe :Commands [purity] [EmptyTemp] [Reboot] Klikni na dugme Run Fix; Izveštaj (Log) koji dobiješ iskopiraj ovde u poruci. Preko Start --> Control Panel --> Add/Remove programs deinstaliraj sve nepotrebne aplikacije i toolbarove. Deinstalacijom možeš postići bolje performanse računara, kao i performanse i stabilnost browsera koje koristiš. Okači svež OTL log po uputstvu iz moje prethodne poruke Javi kakvo je stanje na računaru. Je li bolje?

Profil

bojovnik Poslao: 25 Feb 2012 15:08 Idi na vrh
offline bojovnik Građanin Pridružio: 28 Maj 2010 Poruke: 46	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: All processes killed ========== OTL ========== HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page\| /E : value set successfully! HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page\| /E : value set successfully! Prefs.js: "http://flvdirect.iamwired.net/websearch.php?src=tops&search=" removed from browser.search.defaulturl Prefs.js: "http://startsear.info" removed from browser.startup.homepage Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found. C:\Program Files\Internet Explorer\explorer_update.exe moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0882a88c-a720-11e0-bb26-001a73ae4a90}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0882a88c-a720-11e0-bb26-001a73ae4a90}\ not found. File mojih/prijatelja.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0882a88c-a720-11e0-bb26-001a73ae4a90}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0882a88c-a720-11e0-bb26-001a73ae4a90}\ not found. File mojih/prijatelja.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0882a88c-a720-11e0-bb26-001a73ae4a90}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0882a88c-a720-11e0-bb26-001a73ae4a90}\ not found. File mojih/prijatelja.exe not found. ========== FILES ========== File\Folder C:\Program Files\Internet Explorer\explorer_update.exe not found. C:\Program Files\Mozilla Firefox\bin\firefox.exe moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Dunjich ->Temp folder emptied: 2859674 bytes ->Temporary Internet Files folder emptied: 4829820 bytes ->FireFox cache emptied: 57372230 bytes ->Flash cache emptied: 42029 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 5321091 bytes %systemroot%\System32 .tmp files removed: 2577 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 50666 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 67,00 mb OTL by OldTimer - Version 3.2.33.2 log created on 02252012_142023 Files\Folders moved on Reboot... Registry entries deleted on Reboot... Još prije sam ubio sve nepotrebne programe koji mi ne trebaju i toolbare tako da sad ni nemam sta uklanjati više. mycity.rs/must-login.png Računalo radi manje više isto jedino što mu je sad potrebno skoro 10ak minuta da se digne sustav i to je tako počelo prije dan dva... ---- OTL logfile created on: 25.2.2012 14:34:56 - Run 2 OTL by OldTimer - Version 3.2.33.2 Folder = D:\s C diska\My Documents\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 0000041A \| Country: Croatia \| Language: HRV \| Date Format: d.M.yyyy 1015,23 Mb Total Physical Memory \| 384,73 Mb Available Physical Memory \| 37,90% Memory free 2,39 Gb Paging File \| 1,85 Gb Available in Paging File \| 77,69% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 36,62 Gb Total Space \| 25,38 Gb Free Space \| 69,29% Space Free \| Partition Type: NTFS Drive D: \| 75,16 Gb Total Space \| 25,31 Gb Free Space \| 33,67% Space Free \| Partition Type: NTFS Computer Name: DUNJA \| User Name: Dunjich \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.02.23 18:15:53 \| 000,583,680 \| ---- \| M] (OldTimer Tools) -- D:\s C diska\My Documents\Downloads\OTL.exe PRC - [2012.02.21 20:33:11 \| 000,912,344 \| ---- \| M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011.12.14 12:47:02 \| 001,212,224 \| ---- \| M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe PRC - [2011.12.14 12:47:00 \| 001,514,304 \| ---- \| M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe PRC - [2011.10.17 19:11:13 \| 002,042,208 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe PRC - [2011.01.09 10:14:02 \| 000,297,752 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe PRC - [2011.01.08 19:17:17 \| 000,486,680 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe PRC - [2011.01.08 19:17:14 \| 000,595,736 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe PRC - [2011.01.08 19:17:11 \| 000,832,792 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgam.exe PRC - [2010.06.29 07:04:18 \| 000,020,480 \| ---- \| M] (AG Interactive) -- C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe PRC - [2009.12.08 12:38:16 \| 003,474,848 \| ---- \| M] (Webshots.com) -- C:\Program Files\Webshots\3.1.5.7617\Webshots.scr PRC - [2008.04.14 04:42:20 \| 001,033,728 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008.03.18 11:27:12 \| 000,013,312 \| ---- \| M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe PRC - [2007.05.14 23:22:22 \| 000,035,328 \| ---- \| M] () -- C:\Program Files\Winamp\winampa.exe PRC - [2006.06.01 12:32:12 \| 000,094,208 \| ---- \| M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2001.11.01 18:47:17 \| 000,196,608 \| ---- \| M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe ========== Modules (No Company Name) ========== MOD - [2012.02.21 20:33:12 \| 001,014,744 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\js3250.dll MOD - [2010.05.02 20:41:08 \| 000,212,992 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\1f61bccb700d687775cf778dd77752e9\System.ServiceProcess.ni.dll MOD - [2010.05.02 20:40:57 \| 000,141,312 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\443e3a85c491b2de4a2ac654cb957484\System.Configuration.Install.ni.dll MOD - [2010.05.02 20:40:55 \| 000,627,712 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.ni.dll MOD - [2010.05.02 20:39:36 \| 000,971,264 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\7c743462baccf29b3567b0e3ec9ac134\System.Configuration.ni.dll MOD - [2010.05.02 20:12:11 \| 005,450,752 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\5913d3f81e77194ec833991b1047a532\System.Xml.ni.dll MOD - [2010.05.02 20:10:07 \| 007,868,416 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll MOD - [2010.05.02 20:09:55 \| 011,486,720 \| ---- \| M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll MOD - [2010.01.27 02:07:32 \| 003,884,312 \| ---- \| M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll MOD - [2009.11.05 07:39:40 \| 000,087,552 \| ---- \| M] () -- C:\WINDOWS\system32\cpwmon2k.dll MOD - [2007.05.14 23:22:22 \| 000,035,328 \| ---- \| M] () -- C:\Program Files\Winamp\winampa.exe ========== Win32 Services (SafeList) ========== SRV - File not found [Disabled \| Stopped] -- -- (HidServ) SRV - [2011.12.14 12:47:00 \| 001,514,304 \| ---- \| M] (TuneUp Software) [Auto \| Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2011.01.09 10:14:02 \| 000,297,752 \| ---- \| M] (AVG Technologies CZ, s.r.o.) [Auto \| Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd) SRV - [2010.06.29 07:04:18 \| 000,020,480 \| ---- \| M] (AG Interactive) [Auto \| Running] -- C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe -- (AGCoreService) SRV - [2008.03.18 11:27:12 \| 000,013,312 \| ---- \| M] (Agere Systems) [Auto \| Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio) ========== Driver Services (SafeList) ========== DRV - [2011.12.12 19:31:38 \| 000,010,064 \| ---- \| M] (TuneUp Software) [Kernel \| On_Demand \| Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2011.01.08 19:17:17 \| 000,335,240 \| ---- \| M] (AVG Technologies CZ, s.r.o.) [Kernel \| System \| Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86) DRV - [2011.01.08 19:17:17 \| 000,027,784 \| ---- \| M] (AVG Technologies CZ, s.r.o.) [File_System \| System \| Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2011.01.08 19:17:15 \| 000,108,552 \| ---- \| M] (AVG Technologies CZ, s.r.o.) [Kernel \| System \| Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX) DRV - [2011.01.08 19:17:11 \| 000,012,552 \| ---- \| M] (AVG Technologies CZ, s.r.o.) [File_System \| Boot \| Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86) DRV - [2010.12.09 16:03:42 \| 000,027,632 \| ---- \| M] (Sony Ericsson Mobile Communications) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri) DRV - [2010.04.29 07:31:54 \| 000,691,696 \| ---- \| M] (Duplex Secure Ltd.) [Kernel \| Disabled \| Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2010.04.28 22:58:11 \| 001,391,104 \| ---- \| M] (Broadcom Corporation) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2008.03.21 11:13:00 \| 001,203,776 \| ---- \| M] (Agere Systems) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2007.06.18 16:12:04 \| 000,016,768 \| ---- \| M] (Hewlett-Packard Development Company, L.P.) [Kernel \| On_Demand \| Stopped] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2006.09.24 14:28:46 \| 000,005,248 \| ---- \| M] (Windows (R) 2000 DDK provider) [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan) DRV - [2005.09.19 13:24:10 \| 000,009,344 \| ---- \| M] (Hewlett-Packard Development Company, L.P.) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey) DRV - [1996.04.03 20:33:26 \| 000,005,248 \| ---- \| M] () [Kernel \| Boot \| Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "" FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b2 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429 FF - prefs.js..keyword.URL: "http://www.google.hr" FF - prefs.js..browser.startup.homepage: "http://startsear.info" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://startsear.info" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://startsear.info" FF - prefs.js..browser.search.selectedEngine: "Google" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2011.01.09 10:15:08 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.21 20:33:26 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.21 20:33:26 \| 000,000,000 \| ---D \| M] [2010.04.29 07:26:44 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Documents and Settings\Dunjich\Application Data\Mozilla\Extensions [2012.02.22 19:50:21 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Documents and Settings\Dunjich\Application Data\Mozilla\Firefox\Profiles\0gofcvzx.default\extensions [2010.08.05 16:03:26 \| 000,000,000 \| ---D \| M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dunjich\Application Data\Mozilla\Firefox\Profiles\0gofcvzx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.08.05 16:03:24 \| 000,000,000 \| ---D \| M] (Fast Dial) -- C:\Documents and Settings\Dunjich\Application Data\Mozilla\Firefox\Profiles\0gofcvzx.default\extensions\fastdial@telega.phpnet.us [2012.02.25 14:13:27 \| 000,002,105 \| ---- \| M] () -- C:\Documents and Settings\Dunjich\Application Data\Mozilla\Firefox\Profiles\0gofcvzx.default\searchplugins\google.xml [2010.04.29 07:26:24 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011.01.09 10:15:08 \| 000,000,000 \| ---D \| M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG8\FIREFOX O1 HOSTS File: ([2010.06.10 09:34:19 \| 000,000,027 \| ---- \| M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM) O3 - HKLM\..\Toolbar: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll () O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [Explorer Update] "C:\Program Files\Internet Explorer\explorer_update.exe" File not found O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\Dunjich\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\3.1.5.7617\Launcher.exe (Webshots.com) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{76E0C0B5-0BEC-4748-827E-9BF4B500EE17}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Dunjich\Application Data\Webshots\The Webshots Desktop\Webshots Wallpaper.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.04.28 22:28:26 \| 000,000,000 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk ) O35 - HKLM\..comfile [open] -- "%1" % O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.02.23 21:46:28 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Dunjich\Desktop\popravljanje računala [2012.02.21 16:19:04 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Dunjich\Desktop\6.c - project work [2012.02.19 18:45:54 \| 000,000,000 \| R--D \| C] -- D:\s C diska\My Documents\My Videos [2012.02.19 18:45:54 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Dunjich\Start Menu\Programs\Administrative Tools [2012.02.19 17:34:02 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Dunjich\Application Data\SpeedyPC Software [2012.02.19 17:33:54 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC Software [2012.02.19 17:08:44 \| 000,000,000 \| ---D \| C] -- D:\s C diska\My Documents\Webshots Data [2012.02.19 16:52:03 \| 000,000,000 \| R--D \| C] -- D:\s C diska\My Documents\My Pictures [2012.02.19 16:52:03 \| 000,000,000 \| R--D \| C] -- D:\s C diska\My Documents\My Music [2012.02.19 16:52:03 \| 000,000,000 \| ---D \| C] -- D:\s C diska\My Documents\MOBILedit! [2012.02.19 16:52:03 \| 000,000,000 \| ---D \| C] -- D:\s C diska\My Documents\Downloads [2012.02.19 16:52:02 \| 000,000,000 \| ---D \| C] -- D:\s C diska\My Documents\OneNote Notebooks [2012.02.19 16:51:57 \| 000,000,000 \| ---D \| C] -- D:\s C diska\My Documents\SafeNet Sentinel [2012.02.19 11:52:27 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Dunjich\Application Data\ParetoLogic [2012.02.19 11:52:27 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Dunjich\Application Data\DriverCure [2012.02.19 11:52:17 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic [2012.02.19 11:21:04 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Dunjich\Application Data\Malwarebytes [2012.02.19 11:20:56 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2012.02.19 10:00:26 \| 000,000,000 \| -HSD \| C] -- C:\Config.Msi [2012.02.19 09:59:18 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Dunjich\Application Data\IObit ========== Files - Modified Within 30 Days ========== [2012.02.25 14:23:23 \| 000,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2012.02.23 06:58:40 \| 090,469,906 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2012.02.20 19:56:11 \| 000,002,206 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.dbl [2012.02.19 18:45:32 \| 000,000,777 \| ---- \| M] () -- C:\Documents and Settings\Dunjich\Start Menu\Programs\Startup\Webshots.lnk [2012.02.19 17:46:44 \| 000,269,392 \| ---- \| M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.02.19 11:56:48 \| 000,435,828 \| ---- \| M] () -- C:\WINDOWS\System32\perfh009.dat [2012.02.19 11:56:48 \| 000,068,558 \| ---- \| M] () -- C:\WINDOWS\System32\perfc009.dat [2012.02.14 05:50:29 \| 000,225,280 \| ---- \| M] () -- C:\Documents and Settings\Dunjich\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== Files Created - No Company Name ========== [2010.07.08 19:13:14 \| 000,000,038 \| ---- \| C] () -- C:\WINDOWS\AviSplitter.INI [2010.06.18 16:58:28 \| 000,001,024 \| ---- \| C] () -- C:\WINDOWS\System32\grcauth2.dll [2010.06.18 16:58:28 \| 000,001,024 \| ---- \| C] () -- C:\WINDOWS\System32\grcauth1.dll [2010.06.18 16:58:28 \| 000,000,100 \| ---- \| C] () -- C:\WINDOWS\System32\prsgrc.dll [2010.06.18 16:56:57 \| 000,001,025 \| ---- \| C] () -- C:\WINDOWS\System32\sysprs7.dll [2010.06.18 16:56:57 \| 000,000,205 \| ---- \| C] () -- C:\WINDOWS\System32\lsprst7.dll [2010.05.02 21:36:22 \| 000,000,069 \| ---- \| C] () -- C:\WINDOWS\NeroDigital.ini [2010.05.02 21:33:33 \| 000,225,280 \| ---- \| C] () -- C:\Documents and Settings\Dunjich\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.04.29 08:35:00 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\mozregistry.dat [2010.04.29 08:31:50 \| 000,087,552 \| ---- \| C] () -- C:\WINDOWS\System32\cpwmon2k.dll [2010.04.29 07:26:39 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\nsreg.dat [2010.04.29 07:24:14 \| 000,165,376 \| ---- \| C] () -- C:\WINDOWS\System32\unrar.dll [2010.04.29 00:16:34 \| 000,004,161 \| ---- \| C] () -- C:\WINDOWS\ODBCINST.INI [2010.04.29 00:15:11 \| 000,269,392 \| ---- \| C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.04.28 22:51:39 \| 001,174,000 \| ---- \| C] () -- C:\WINDOWS\System32\igmedkrn.dll [2010.04.28 22:51:39 \| 000,147,456 \| ---- \| C] () -- C:\WINDOWS\System32\igfxCoIn_v4873.dll [2010.04.28 22:51:39 \| 000,104,636 \| ---- \| C] () -- C:\WINDOWS\System32\igmedcompkrn.dll [2010.04.28 22:31:03 \| 000,002,048 \| --S- \| C] () -- C:\WINDOWS\bootstat.dat [2010.04.28 22:25:03 \| 000,021,640 \| ---- \| C] () -- C:\WINDOWS\System32\emptyregdb.dat < End of report >

Profil

Fil Poslao: 25 Feb 2012 16:25 Idi na vrh
offline Fil Legendarni građanin Pridružio: 11 Jun 2009 Poruke: 16586	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, imaš li više problema sa startsear? Da li se referenca ka njemu pojavljuje dok radiš na računaru (kao homepage ili slično)? Ponovo pokreni program OTL dvoklikom na ikonicu; U beli okvir prozora gde piše Custom Scans/Fixes iskopiraj sledeći tekst: `:OTL FF - prefs.js..browser.startup.homepage: "http://startsear.info" :Commands [Reboot]` Klikni na dugme Run Fix; Izveštaj (Log) koji dobiješ iskopiraj ovde u poruci. Otvori Firefox i kucaj: about:config, i pritisni taster Enter. Klikni na dugme "I'll be careful", ukoliko se pojavi. Unutar liste podešavanja ukloni sve reference na "startsear", ukoliko ih bude bilo. Sekcija Filter može biti od pomoći da brzo nađeš te unose vezane "homepage" i tragove "startsear". Dvostrukim klikom na neku stavku možeš da promeniš vrednost te stavke. Napiši da li je bilo potrebe da se nešto menja i šta si promenio. Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka: http://www.besttechie.net/tools/mbam-setup.exe Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije: Update Malwarebytes' Anti-Malware; Launch Malwarebytes Anti-Malware; a zatim klikni Finish. Nakon završenog ažuriranja program će se pokrenuti. Izaberi opciju Perform Quick Scan i klikni Scan. Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected. Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu. Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti. Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open). Preuzmi USBNoRisk na Desktop i pokreni ga dvostrukim klikom na ikonicu programa. - Sačekaj par sekundi dok program izvrši uvodno skeniranje. - Ubacuj redom sve USB memorijske uređaje u USB slot i svaki zadrži u slotu po 10 sekundi. Ukoliko imaš više uređaja za proveru, onda na parčetu papira vodi evidenciju kojim redom su ubacivani, jer će nam kasnije trebati taj podatak. - Kada završiš sa svim uređajima, klikni desni taster miša na sred prozora programa i odaberi opciju Save scrambled log. To će automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum. Objašnjenje: u USB memorijske uređaje spadaju svi oni uređaji koji po priključivanju na računar dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uređaji itd.

Profil

bojovnik Poslao: 25 Feb 2012 20:49 Idi na vrh
offline bojovnik Građanin Pridružio: 28 Maj 2010 Poruke: 46	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Startsear je u potpunosti nestao i s njime više nema problema. Međutim sad mi je računalo užasno sporo i treba mu jako dugo da se digne sustav (ovakvo stanje nije bilo prije par dana). Kod upisivanja about:config u Firefox nisam našao ništa vezano za startsear tako da nisam ništa ni uklanjao. Kod skeniranja sa Malwarebytes Anti-Malware nije bilo nikakvih detektovanih malwera. ========== OTL ========== Prefs.js: "http://startsear.info" removed from browser.startup.homepage ========== COMMANDS ========== OTL by OldTimer - Version 3.2.33.2 log created on 02252012_185843 Malwarebytes Anti-Malware (Trial) 1.60.1.1000 malwarebytes.org Database version: v2012.02.25.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 6.0.2900.5512 Dunjich :: DUNJA [administrator] Protection: Disabled 25.2.2012 20:23:15 mbam-log-2012-02-25 (20-23-15).txt Scan type: Quick scan Scan options enabled: Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken \| PUP \| PUM Scan options disabled: P2P Objects scanned: 168312 Time elapsed: 15 minute(s), 33 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) USBNoRisk 2.7 (28 December 2010) by bobby Started at 25.2.2012 20:40:08 Searching for connected USB Mass storage... ---------------------------------------- ======================================== Searching for other storage... ---------------------------------------- D: {dc2f4e56-5318-11df-b60e-806d6172696f} C: {dc2f4e58-5318-11df-b60e-806d6172696f} ======================================== Scanning fixed storage... ---------------------------------------- No blocked files found on C: No autorun.inf files found on C: No mountpoint found for C: No mountpoint found for dc2f4e58-5318-11df-b60e-806d6172696f No Desktop.ini files found on C: ---------------------------------------- No blocked files found on D: No autorun.inf files found on D: No mountpoint found for D: No mountpoint found for dc2f4e56-5318-11df-b60e-806d6172696f No Desktop.ini files found on D: ---------------------------------------- ======================================== Initial scan finished! ======================================== New device connected at 25.2.2012 20:41:02 Scanning for connected USB mass storage... ---------------------------------------- F: {6a4550ae-66a5-11df-b821-001a4b6afc58} Added F: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on F: ---------------------------------------- No autorun.inf files found on F: No mountpoint found for 6a4550ae-66a5-11df-b821-001a4b6afc58 ---------------------------------------- No Desktop.ini files found on F: ---------------------------------------- No mimics found on drive F: ---------------------------------------- No .lnk/.pif/.com/.scr files found on drive F: ======================================== ======================================== Removed F: ======================================== New device connected at 25.2.2012 20:41:20 Scanning for connected USB mass storage... ---------------------------------------- F: {8e66fc60-7494-11df-b87d-001a73ae4a90} Added F: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on F: ---------------------------------------- No autorun.inf files found on F: No mountpoint found for 8e66fc60-7494-11df-b87d-001a73ae4a90 ---------------------------------------- No Desktop.ini files found on F: ---------------------------------------- No mimics found on drive F: ---------------------------------------- No .lnk/.pif/.com/.scr files found on drive F: ======================================== ======================================== Removed F: ========================================

Profil

Fil Poslao: 25 Feb 2012 21:08 Idi na vrh
offline Fil Legendarni građanin Pridružio: 11 Jun 2009 Poruke: 16586	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Računar je čist što se tiče malicioznih programa. Za probleme optimizacije brzine računara, otvori temu u Windows potforumu. Ponovo pokreni OTL i klikni na opciju CleanUp. Neophodno je isključiti i ponovo uključiti System Restore. To možeš uraditi po sledećem uputstvu: http://www.mycity.rs/MyCity-Laboratorija/Kako-iskl.....sta-7.html Možeš obrisati i USBNoRisk. Preporučujem ti da koristiš program MCShield za zaštitu USB memorijskih uređaja. Program možeš preuzeti sa OVOG linka. Nakon instalacije programa, priključi USB memorijske uređaje, i oni će biti skenirani. Na kraju skeniranja ćeš dobiti izveštaj da je uređaj čist ili obaveštenje o uklonjenom malware-u. Takođe, poseti ovu temu da vidiš da li ti je pretraživač ranjiv i instaliraš ažurirane komponente http://www.mycity.rs/Propusti-i-azuriranja/Testira.....anjiv.html

Profil

bojovnik Poslao: 26 Feb 2012 11:18 Idi na vrh
offline bojovnik Građanin Pridružio: 28 Maj 2010 Poruke: 46	1Ovo se svidja korisniku: ThePhilosopher Registruj se da bi pohvalio/la poruku! E hvala ti na pomoći. Najbitnije je da računar više nije zaražen, a ovo sa sporošću ćemo već nekako riješiti. Pretraživač mi je bilo potrebno ažurirati. Hvala puno još jednom. Pozdrav!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problem sa startsear.info

Ko je trenutno na forumu

Ukupno su 1107 korisnika na forumu :: 38 registrovanih, 4 sakrivenih i 1065 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., antonije64, Areal84, babaroga, Bobrock1, bokisha253, crnitrn, dankisha, deLacy, delrey, dushan, FOX, hooraay, Karla, Koridor 11, Kriglord, Krvava Devetka, Lieutenant, Mercury, Milos ZA, milutin134, MrNo, nebkv, Oscar, pein, procesor, raptorsi, rasok, Srky Boy, Srle993, stegonosa, Tores, Trpe Grozni, Valter071, vladulns, Webb, wolf431, yrraf

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by