Elektroda.pl
Elektroda.pl
X

Wyszukiwarki naszych partnerów

Wyszukaj w ofercie 200 tys. produktów TME
Europejski lider sprzedaży techniki i elektroniki.
Proszę, dodaj wyjątek elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Prośba o sprawdzenie loga OTL - findamo jako strona startowa

Jorgeos 02 Lip 2012 15:28 1060 1
  • #1 02 Lip 2012 15:28
    Jorgeos
    Poziom 11  

    Witam, mam problem, mianowicie po zainstalowaniu bliżej nieokreślonego programu jako strona startowa ustawiła się "findamo.com" i wyszukiwarka babylon, bardzo proszę o sprawdzenie loga i pomoc w ogarnięciu tego ustrojstwa.

    Z góry dzięki

    log w załączniku

  • #2 02 Lip 2012 15:49
    Kolobos
    Spec od komputerów

    Do aktualizacji:
    Java -> www.java.com
    Mozilla Firefox (3.6)

    Odinstaluj:
    SweetIM for Messenger 3.6
    bProtector for Windows
    Google Toolbar for Internet Explorer
    SweetPacks Toolbar for Internet Explorer 4.6
    HiJackThis
    BabylonObjectInstaller
    VirtualDJ Toolbar
    Adobe Reader 6.0 CE, zmien na Foxit: ninite.com/foxit/
    Update Manager for SweetPacks 1.0
    Browsers Protector
    Contextual Tool Extrafind
    Softonic toolbar on IE and Chrome
    StartSearch Toolbar 1.3
    V9 HomeTool
    XfireXO Toolbar
    VirtualDJ Toolbar Updater

    Na przyszlosc uwazaj przy instalacji programow i nie instaluj "dodatkow" typu paski. Bezmyslne klikanie "Dalej" bez czytania owocuje masa paskow oraz zmana strony startowej.

    Wykonaj skrypt w OTL:

    :OTL
    PRC - [2012-06-02 11:58:57 | 001,441,784 | ---- | M] (bProtector) -- C:\ProgramData\bProtectorForWindows\2.0.392.106\bProtect.exe
    PRC - [2012-04-09 17:43:42 | 001,557,160 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
    PRC - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files\Browsers Protector\regmon32.exe
    SRV - [2012-06-02 11:58:57 | 001,441,784 | ---- | M] (bProtector) [Auto | Running] -- C:\ProgramData\bProtectorForWindows\2.0.392.106\bProtect.exe -- (bProtector)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva397.sys -- (XDva397)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva394.sys -- (XDva394)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva392.sys -- (XDva392)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva391.sys -- (XDva391)
    DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a4o0fp80)
    IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi0.dll (Conduit Ltd.)
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157
    IE - HKLM\..\SearchScopes\{C0502914-F360-4BBB-89FB-AEF9377916EB}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=4f58f009-7dc2-11e1-9424-002522724532&q={searchTerms}
    IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi0.dll (Conduit Ltd.)
    IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    IE - HKCU\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    IE - HKCU\..\SearchScopes\{2A912C83-1B5B-4637-B9BD-40912F781CB4}: "URL" = http://search.softonic.com/MON00084/tb_v1?q={searchTerms}&SearchSource=4&cc=




    IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.findamo.com/search.html?ch=10&q={searchTerms}
    IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
    IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157
    IE - HKCU\..\SearchScopes\{C0502914-F360-4BBB-89FB-AEF9377916EB}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=4f58f009-7dc2-11e1-9424-002522724532&q={searchTerms}
    FF - prefs.js..browser.search.defaultenginename: "Search The Web"
    FF - prefs.js..browser.search.order.1: "Search The Web"
    FF - prefs.js..browser.search.selectedEngine: "Search The Web"
    FF - prefs.js..browser.startup.homepage: "http://www.findamo.com?ch=10"
    FF - prefs.js..keyword.URL: "http://www.findamo.com/search.html?ch=10&q="
    [2012-07-02 12:16:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
    [2012-01-02 11:48:42 | 000,083,456 | ---- | M] (StartSearch ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
    [2012-06-02 17:20:55 | 000,002,415 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml
    O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi0.dll (Conduit Ltd.)
    O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\softonic\1.5.11.5\bh\softonic.dll (Softonic.com)
    O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
    O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\softonic\1.5.11.5\softonicTlbr.dll (Softonic.com)
    O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi0.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files\XfireXO\prxtbXfi0.dll (Conduit Ltd.)
    O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
    O4 - HKLM..\Run: [Browsers Protector] C:\Program Files\Browsers Protector\regmon32.exe ()
    O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
    O4 - HKCU..\Run: [hlprox] C:\Files\svchost1.exe ()
    O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe File not found
    O20 - AppInit_DLLs: (c:\progra~2\bprote~1\20392~1.106\protec~1.dll) - c:\ProgramData\bProtectorForWindows\2.0.392.106\protector.dll ()
    [2012-07-02 12:15:56 | 000,000,000 | ---D | C] -- C:\Users\Renatilda\AppData\Roaming\Babylon
    [2012-07-02 12:15:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
    [2011-12-27 17:24:24 | 002,161,160 | ---- | C] (DownVision ) -- C:\Users\Renatilda\AppData\Local\setup.exe
    [2012-07-02 12:14:10 | 000,864,368 | ---- | M] (Babylon Ltd.) -- C:\Users\Renatilda\Desktop\MyBabylonTB.exe
    [2011-12-27 17:24:11 | 000,460,624 | ---- | C] () -- C:\Users\Renatilda\AppData\Local\promo.exe

 Szukaj w ofercie
Zamknij 
Wyszukaj w ofercie 200 tys. produktów TME