malwarebytes deektovao viruse

• 1Ovo se svidja korisniku: mcrule
  
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 21 Maj 2012 17:41

pozdrav!

kako mi je malware detektovao viruse, pomoc mi je potrebna u brisanju istih.
ovo je log, a sad cu da uradim po pravilima ambulante i da postavim logove drugih programa.


mycity.rs/must-login.png

Dopuna: 21 Maj 2012 17:50

vajrles mi je internet i sad ukljucim komp instaliran nekakav program knowledge...sinoc ne vidjoh da je ista instalirano!!!!!!!

dds:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 6.0.2900.5512
Run by mir at 17:44:21 on 2012-05-21
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1790.1336 [GMT 2:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bigseekpro.com/accmeware/{D8649EE8-3F74-4762-BAC7-AF6A22662DFA}
uSearch Page =
uSearch Bar =
mStart Page = hxxp://www.bigseekpro.com/accmeware/{D8649EE8-3F74-4762-BAC7-AF6A22662DFA}
uInternet Settings,ProxyOverride = *.local
mSearchAssistant =
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [LaunchAp] c:\program files\launch manager\LaunchAp.exe
mRun: [HotkeyApp] c:\program files\launch manager\HotkeyApp.exe
mRun: [LMgrVolOSD] c:\program files\launch manager\OSD.exe
mRun: [LMgrOSD] c:\program files\launch manager\OSDCtrl.exe
mRun: [Wbutton] "c:\program files\launch manager\Wbutton.exe"
mRun: [CtrlVol] c:\program files\launch manager\CtrlVol.exe
mRun: [Alcmtr] ALCMTR.EXE
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
IE: Nach Microsoft E&xel exportieren - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 212.186.211.21 195.34.133.21
TCP: Interfaces\{2B11AB81-E419-4483-8E03-F5E6B1104DB0} : DhcpNameServer = 212.186.211.21 195.34.133.21
Notify: AtiExtEvent - Ati2evxx.dll
LSA: Notification Packages = scecli scecli
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\mir\application data\mozilla\firefox\profiles\btszqpyl.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - plugin: c:\documents and settings\mir\application data\mozilla\firefox\profiles\btszqpyl.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S1 mailKmd;mailKmd; [x]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-1 257696]
S3 libusb0;LibUsb-Win32 - Kernel Driver 07/07/2009, 0.1.12.2;c:\windows\system32\drivers\libusb0.sys [2012-3-17 28160]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-13 129976]
.
=============== Created Last 30 ================
.
2012-05-19 16:34:55 -------- d-----w- c:\documents and settings\mir\application data\FLAC to MP3 Converter
2012-05-19 16:34:36 -------- d-----w- c:\documents and settings\mir\application data\Toolbar4
2012-05-19 16:34:28 -------- d-----w- c:\program files\FLAC to MP3 Converter
2012-05-14 04:36:59 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-05-14 04:36:59 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2012-05-14 04:35:28 -------- d-----w- c:\program files\iPod
2012-05-14 04:35:10 -------- d-----w- c:\program files\iTunes
2012-05-14 04:34:31 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-05-14 04:34:31 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-05-14 04:34:07 -------- d-----w- c:\program files\Bonjour
2012-05-14 04:11:51 -------- d-----w- c:\documents and settings\mir\application data\Malwarebytes
2012-05-14 04:11:40 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-05-14 04:11:39 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-14 04:11:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-05-13 18:40:18 -------- d-----w- c:\windows\SxsCaPendDel
2012-05-13 16:59:22 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-05-13 16:59:21 157352 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe
2012-05-13 16:59:21 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe
.
==================== Find3M ====================
.
2012-05-10 17:14:13 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-10 17:14:13 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-10 16:30:38 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-03-10 16:30:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-28 06:57:10 545 ----a-w- c:\windows\UC.PIF
2012-02-28 06:57:10 545 ----a-w- c:\windows\RAR.PIF
2012-02-28 06:57:10 545 ----a-w- c:\windows\PKZIP.PIF
2012-02-28 06:57:10 545 ----a-w- c:\windows\PKUNZIP.PIF
2012-02-28 06:57:10 545 ----a-w- c:\windows\NOCLOSE.PIF
2012-02-28 06:57:10 545 ----a-w- c:\windows\LHA.PIF
2012-02-28 06:57:10 545 ----a-w- c:\windows\ARJ.PIF
.
============= FINISH: 17:44:42.00 ===============

mycity.rs/must-login.png

• 1Ovo se svidja korisniku: mcrule
  
  Registruj se da bi pohvalio/la poruku!

Pozdrav ramzesV

Isprati detaljno uputsva za otvaranje teme. Fale GMER1,GMER2.GMER3 logovi ili RootRepeal log.

NIx Car(AMF Tim)

• 1Ovo se svidja korisniku: mcrule
  
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 21 Maj 2012 19:42

znam, znam stize i to ubrzo (nadam se)!!

Dopuna: 21 Maj 2012 20:47

Gmer logovi:


mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

Dopuna: 21 Maj 2012 20:47

OTL:

OTL logfile created on: 21.05.2012 8:44:06 PM - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Documents and Settings\mir\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd.MM.yyyy

1.75 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 56.91% Memory free
3.60 Gb Paging File | 3.03 Gb Available in Paging File | 84.12% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 16.77 Gb Free Space | 22.51% Space Free | Partition Type: NTFS
Drive F: | 1862.98 Gb Total Space | 1155.95 Gb Free Space | 62.05% Space Free | Partition Type: NTFS

Computer Name: MIKI | User Name: mir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.05.21 20:43:12 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mir\Desktop\OTL.exe
PRC - [2012.05.21 17:51:09 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\mir\Desktop\4ugkoidc.exe
PRC - [2012.05.13 18:59:20 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.02.28 08:57:10 | 003,737,000 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\totalcmd\TOTALCMD.EXE
PRC - [2008.04.14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.01.02 19:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005.07.28 12:08:34 | 000,057,344 | ---- | M] (Wistron) -- C:\Program Files\Launch Manager\HotkeyApp.exe
PRC - [2005.07.25 14:36:40 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe
PRC - [2005.07.25 14:34:28 | 000,081,920 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
PRC - [2005.07.25 11:45:00 | 000,241,664 | ---- | M] () -- C:\Program Files\Launch Manager\OSDCtrl.exe
PRC - [2005.03.16 14:52:02 | 000,204,800 | ---- | M] (Wistron) -- C:\Program Files\Launch Manager\OSD.exe


========== Modules (No Company Name) ==========

MOD - [2012.05.21 17:51:09 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\mir\Desktop\4ugkoidc.exe
MOD - [2012.05.13 18:59:20 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.05.04 19:35:06 | 008,797,856 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012.03.10 17:50:27 | 003,379,200 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_69ab25aa\mscorlib.dll
MOD - [2012.03.10 17:50:21 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_b7803dc0\system.drawing.dll
MOD - [2012.03.10 17:50:14 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_8080ffcb\system.xml.dll
MOD - [2012.03.10 17:50:06 | 003,014,656 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_5ae39a25\system.windows.forms.dll
MOD - [2012.03.10 17:49:45 | 001,953,792 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_02d15e77\system.dll
MOD - [2012.03.10 17:49:34 | 001,224,704 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012.03.10 17:49:33 | 001,257,472 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2012.03.10 17:49:32 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2012.03.10 17:49:31 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2012.03.10 17:49:31 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2012.03.10 17:49:30 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012.03.10 17:49:29 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2012.03.09 23:01:00 | 000,968,704 | ---- | M] () -- C:\Documents and Settings\mir\Application Data\Mozilla\Firefox\Profiles\btszqpyl.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
MOD - [2012.02.20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008.04.14 06:42:04 | 001,288,192 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008.04.14 06:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2005.10.19 12:17:58 | 000,073,728 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll
MOD - [2005.07.25 14:36:40 | 000,032,768 | ---- | M] () -- C:\Program Files\Launch Manager\LaunchAp.exe
MOD - [2005.07.25 14:34:28 | 000,081,920 | ---- | M] () -- C:\Program Files\Launch Manager\WButton.exe
MOD - [2005.07.25 11:45:00 | 000,241,664 | ---- | M] () -- C:\Program Files\Launch Manager\OSDCtrl.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.05.13 18:59:21 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.10 19:14:13 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\Wbutton.sys -- (Wbutton)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\mir\LOCALS~1\Temp\pxtdypod.sys -- (pxtdypod)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\mir\LOCALS~1\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (mailKmd)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2009.07.07 10:53:04 | 000,028,160 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\libusb0.sys -- (libusb0)
DRV - [2008.05.06 17:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2006.05.16 18:32:58 | 004,275,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.03.09 00:49:20 | 001,506,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.02.27 06:46:20 | 000,081,408 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005.11.16 21:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005.11.10 04:51:38 | 000,854,404 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2005.11.01 19:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005.11.01 18:54:50 | 000,051,584 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005.09.15 01:49:52 | 000,468,768 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003.04.28 12:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\HOTKEY.sys -- (Hotkey)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = bigseekpro.com/accmeware/{D8649EE8-3F74-4762-BAC7-AF6A22662DFA}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = bigseekpro.com/accmeware/{D8649EE8-3F74-4762-BAC7-AF6A22662DFA}
IE - HKCU\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = bigseekpro.com/search/browser/accmeware/{D8649EE8-3F74-4762-BAC7-AF6A22662DFA}?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fbphotozoom@installdaddy.com: C:\Program Files\fbphotozoom\fbphotozoom13.xpi [2012.03.10 20:08:28 | 000,102,233 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.13 18:59:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.05.13 21:01:36 | 000,000,000 | ---D | M]

[2012.03.10 18:31:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mir\Application Data\Mozilla\Extensions
[2012.05.21 16:38:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mir\Application Data\Mozilla\Firefox\Profiles\btszqpyl.default\extensions
[2012.03.17 14:23:12 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\mir\Application Data\Mozilla\Firefox\Profiles\btszqpyl.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012.03.16 23:21:59 | 000,000,000 | ---D | M] (German Dictionary, extended for Austria) -- C:\Documents and Settings\mir\Application Data\Mozilla\Firefox\Profiles\btszqpyl.default\extensions\de-AT@dictionaries.addons.mozilla.org
[2012.03.10 19:04:08 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\mir\Application Data\Mozilla\Firefox\Profiles\btszqpyl.default\extensions\support@lastpass.com
[2012.03.10 18:31:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.03.10 18:54:13 | 000,275,540 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\MIR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\BTSZQPYL.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI
[2012.03.10 20:08:28 | 000,102,233 | ---- | M] () (No name found) -- C:\PROGRAM FILES\FBPHOTOZOOM\FBPHOTOZOOM13.XPI
[2012.05.13 18:59:21 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.11.12 12:25:00 | 000,076,288 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2012.02.16 12:42:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.16 12:42:53 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe (Wistron)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe ()
O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2B11AB81-E419-4483-8E03-F5E6B1104DB0}: DhcpNameServer = 212.186.211.21 195.34.133.21
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.03.10 17:35:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012.05.21 20:43:09 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\mir\Desktop\OTL.exe
[2012.05.21 17:44:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\mir\My Documents\My Videos
[2012.05.21 17:44:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2012.05.21 17:44:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\mir\Start Menu\Programs\Administrative Tools
[2012.05.21 17:42:54 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\mir\Desktop\dds.scr
[2012.05.19 22:01:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Garmin
[2012.05.19 18:34:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mir\Application Data\FLAC to MP3 Converter
[2012.05.19 18:34:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mir\Application Data\Toolbar4
[2012.05.19 18:34:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FLAC to MP3 Converter
[2012.05.19 18:34:28 | 000,000,000 | ---D | C] -- C:\Program Files\FLAC to MP3 Converter
[2012.05.19 18:33:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mir\Application Data\WinRAR
[2012.05.16 20:38:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2012.05.14 06:37:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2012.05.14 06:36:59 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2012.05.14 06:35:28 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.05.14 06:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.05.14 06:34:42 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2012.05.14 06:34:31 | 004,547,944 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2012.05.14 06:34:07 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.05.14 06:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012.05.14 06:11:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mir\Application Data\Malwarebytes
[2012.05.14 06:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.05.14 06:11:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012.05.14 06:11:39 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.05.14 06:11:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.05.13 20:59:42 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012.05.13 20:40:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2012.05.13 18:59:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.05.13 18:59:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012.05.03 20:04:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mir\Desktop\vaulation
[2012.04.26 22:28:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mir\Start Menu\Programs\Microsoft Press
[2012.04.26 22:28:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mir\My Documents\Microsoft Press
[34 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[149 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.05.21 20:43:12 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mir\Desktop\OTL.exe
[2012.05.21 20:35:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.05.21 17:51:09 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\mir\Desktop\4ugkoidc.exe
[2012.05.21 17:42:56 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\mir\Desktop\dds.scr
[2012.05.21 16:49:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.05.20 11:24:45 | 000,036,352 | ---- | M] () -- C:\Documents and Settings\mir\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.19 13:36:21 | 010,635,664 | ---- | M] () -- C:\Documents and Settings\mir\Desktop\51-robbie-williams-angels.mp3
[2012.05.17 11:51:25 | 000,002,425 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Foxit Phantom.lnk
[2012.05.16 20:38:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012.05.11 20:24:57 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.05.10 19:14:13 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.05.10 19:14:13 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.05.08 18:53:12 | 000,488,591 | ---- | M] () -- C:\Documents and Settings\mir\Desktop\B101Cd01.pdf
[2012.05.04 20:17:25 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2012.04.29 20:21:34 | 000,001,128 | ---- | M] () -- C:\Documents and Settings\mir\Desktop\Shortcut to s4_1.lnk
[2012.04.23 22:12:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[34 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[149 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.05.21 17:51:08 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\mir\Desktop\4ugkoidc.exe
[2012.05.19 13:35:51 | 010,635,664 | ---- | C] () -- C:\Documents and Settings\mir\Desktop\51-robbie-williams-angels.mp3
[2012.05.14 06:34:45 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012.05.14 06:34:43 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2012.05.11 20:24:57 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.05.08 18:54:26 | 000,488,591 | ---- | C] () -- C:\Documents and Settings\mir\Desktop\B101Cd01.pdf
[2012.05.04 20:17:25 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2012.04.29 20:21:34 | 000,001,128 | ---- | C] () -- C:\Documents and Settings\mir\Desktop\Shortcut to s4_1.lnk
[2012.04.01 13:56:49 | 000,026,084 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012.03.10 19:42:35 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\mir\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.03.10 18:22:27 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.03.10 18:21:02 | 000,137,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.03.10 18:12:05 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\mir\Local Settings\Application Data\fusioncache.dat
[2012.03.10 18:07:48 | 000,124,376 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2012.03.10 18:04:17 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2012.03.10 18:04:17 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012.03.10 18:00:21 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56spn.dll
[2012.03.10 18:00:21 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56itl.dll
[2012.03.10 18:00:21 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56eng.dll
[2012.03.10 18:00:21 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56ger.dll
[2012.03.10 18:00:21 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56fra.dll
[2012.03.10 18:00:21 | 000,053,248 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll
[2012.03.10 18:00:20 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56brz.dll
[2012.03.10 18:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56cht.dll
[2012.03.10 18:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56chs.dll
[2012.03.10 17:54:49 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2012.03.10 17:52:52 | 000,009,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\HOTKEY.sys
[2012.03.10 17:44:12 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.03.10 17:39:36 | 000,001,038 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2012.03.10 17:32:11 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

< End of report >

mycity.rs/must-login.png

• 1Ovo se svidja korisniku: mcrule
  
  Registruj se da bi pohvalio/la poruku!

@ramzesV Izvini sto si cekala.

Malwarebytes je detektovao malware i uklonio ga je. Ostaje nam jos samo da potucemo neke zaostale ostatke...


Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst:


:OTL
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/accmeware/{D8649EE8-3F74-4762-BAC7-AF6A22662DFA}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/accmeware/{D8649EE8-3F74-4762-BAC7-AF6A22662DFA}
IE - HKCU\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/accmeware/{D8649EE8-3F74-4762-BAC7-AF6A22662DFA}?q={searchTerms}

:files
C:\Documents and Settings\mir\Application Data\Toolbar4

:Commands
[emptytemp]
[emptyflash]
[emptyjava]
[Reboot]


Klikni taster Run Fix;


Log koji dobiješ iskopiraj ovde u poruci.
Reci mi kako ti sad radi kompjuter.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

koliko vremenski dugo sve to traje, jer kod mene gotovo sat vremena od kad sam kliknula na run fix i nista se ne desava?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Traje veoma kratko a potom trazi restart.

Obrisi taj OTL , preuzmi svez OTL i pokreni ga i ponovo isprati uputstvo za script.
Izmenio sam gornji script.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

sorry, bila na nekom putu, sad dosla.
ok radi...
evo log:

All processes killed
========== OTL ==========
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ not found.
========== FILES ==========
C:\Documents and Settings\mir\Application Data\Toolbar4 folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: mir
->Temp folder emptied: 191708994 bytes
->Temporary Internet Files folder emptied: 60669912 bytes
->Java cache emptied: 30393 bytes
->FireFox cache emptied: 44373862 bytes
->Flash cache emptied: 3260 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 619521 bytes

%systemdrive% .tmp files removed: 325911076 bytes
%systemroot% .tmp files removed: 2551211 bytes
%systemroot%\System32 .tmp files removed: 43457881 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 65536 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 595968 bytes

Total Files Cleaned = 639.00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: mir
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: LocalService

User: mir
->Java cache emptied: 0 bytes

User: NetworkService

Total Java Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.46.0 log created on 06042012_185846

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Bravo, to je to. Rekao bih da je problem resen? Ima li nekih problema u radu?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

nema, mozda malo brze radi.

hvala na pomoci!!!

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nema na cemu.

Ponovo pokreni OTL i klikni na CleanUp!. Ovo ce uninstallirati OTL.
Takodje, mozes obrisati koriscene alate. To je to