Mislim da mam viruse proverite

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Zdravo
Komp mi mnogo sporo radi, sporo ičitava sve i na chrome i mozili.
Nisam pokusavao nista, imam 10mb/s internet ADSL.
64 Bit-a Windows 8.1

https://www.mycity.rs/must-login.png

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015
Ran by Korisnik (administrator) on GPC on 26-04-2015 21:51:12
Running from C:\Users\Korisnik\Desktop
Loaded Profiles: Korisnik (Available profiles: Korisnik)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Aztec Media Inc) C:\Program Files (x86)\Assets Manager\smdmf\SmdmFService.exe
() C:\Program Files (x86)\SoftwareUpdater\Upd4terSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\ModernMix\MMix_64.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hotger) C:\Users\Korisnik\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe
(Pay By Ads LTD) C:\Users\Korisnik\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe
(LOL Replay) C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\allgenius\bin\utilallgenius.exe
() C:\Program Files (x86)\allgenius\bin\allgenius.BrowserAdapter.exe
() C:\Program Files (x86)\allgenius\bin\allgenius.BrowserAdapter64.exe
() C:\Program Files (x86)\allgenius\bin\allgenius.PurBrowse64.exe
() C:\Program Files (x86)\allgenius\bin\allgenius.expext.exe
() C:\Program Files (x86)\allgenius\bin\allgenius.BOASHelper.exe
() C:\Program Files (x86)\allgenius\updateallgenius.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\allgenius\bin\allgenius.BOASPRT.exe
() C:\Program Files (x86)\allgenius\bin\allgenius.BOAS.exe
() C:\Program Files (x86)\allgenius\bin\allgenius.BOASPRT.exe
() C:\Program Files (x86)\allgenius\bin\allgenius.BOAS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() C:\Program Files (x86)\allgenius\bin\allgenius.BOASPRT.exe
() C:\Program Files (x86)\allgenius\bin\allgenius.BOAS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
() C:\Program Files (x86)\allgenius\bin\allgenius.BOASPRT.exe
() C:\Program Files (x86)\allgenius\bin\allgenius.BOAS.exe
() C:\Program Files (x86)\allgenius\bin\allgenius.BOASPRT.exe
() C:\Program Files (x86)\allgenius\bin\allgenius.BOAS.exe
() C:\Program Files (x86)\allgenius\bin\allgenius.BOASPRT.exe
() C:\Program Files (x86)\allgenius\bin\allgenius.BOAS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [676608 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2014-10-08] (Power Software Ltd)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKU\S-1-5-21-2177694863-1165799517-708535938-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-2177694863-1165799517-708535938-1001\...\Run: [LightShot] => C:\Users\Korisnik\AppData\Local\Skillbrains\lightshot\Lightshot.exe
HKU\S-1-5-21-2177694863-1165799517-708535938-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2177694863-1165799517-708535938-1001\...\Run: [Flvto Youtube Downloader] => C:\Users\Korisnik\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe [493568 2014-11-26] (Hotger)
HKU\S-1-5-21-2177694863-1165799517-708535938-1001\...\Run: [Yahoo! Search] => C:\Users\Korisnik\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe [644352 2015-03-28] (Pay By Ads LTD)
HKU\S-1-5-21-2177694863-1165799517-708535938-1001\...\MountPoints2: {36706a4c-a32e-11e4-829a-74d4353c2744} - "G:\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B04 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
AppInit_DLLs: C:\Users\Korisnik\AppData\Local\Linkey\IEEXTE~1\iedll64.dll => C:\Users\Korisnik\AppData\Local\Linkey\IEExtension\iedll64.dll [202256 2014-08-31] (Aztec Media Inc)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\Users\Korisnik\AppData\Local\Linkey\IEEXTE~1\iedll.dll => C:\Users\Korisnik\AppData\Local\Linkey\IEExtension\iedll.dll [175632 2014-08-31] (Aztec Media Inc)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk [2015-03-05]
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2177694863-1165799517-708535938-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?fr=hp-ddc-bd&type=pr__alt__ddc_dsssyc_bd_com
HKU\S-1-5-21-2177694863-1165799517-708535938-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://services.freshy.com/general/newhometab.php?.....&guid={2745BBAA-08AA-46AC-937E-C24CA555EB14}&i=
HKU\S-1-5-21-2177694863-1165799517-708535938-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-2177694863-1165799517-708535938-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
URLSearchHook: HKLM-x32 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Korisnik\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll (ClientConnect Ltd.)
URLSearchHook: HKLM-x32 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Korisnik\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll (ClientConnect Ltd.)
URLSearchHook: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Korisnik\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll (ClientConnect Ltd.)
URLSearchHook: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Korisnik\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll (ClientConnect Ltd.)
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?sid=503&a.....=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?sid=503&a.....=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> DefaultScope {FD873C50-ADB4-4993-BFC1-EF02A214F6AB} URL = http://q.search-simple.com/?affID=pr_f766fed2-5e78-4d9e-80e9-efe38b317eda&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> OldSearch URL = http://search.findwide.com/serp?guid={2745BBAA-08AA-46AC-937E-C24CA555EB14}&action=default_search&k={searchTerms}
SearchScopes: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3.....613&q={searchTerms}&SSPV=21820TB_sp_ie
SearchScopes: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?sid=503&a.....=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> {BE93C7EE-15A9-4983-9B06-5247FF287952} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11147
SearchScopes: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> {EC8F2212-5608-4334-8CA2-DE2B01C3AF3C} URL = http://q.search-simple.com/?affID=na&q={searchTerms}&r=558
SearchScopes: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> {FD873C50-ADB4-4993-BFC1-EF02A214F6AB} URL = http://q.search-simple.com/?affID=pr_f766fed2-5e78-4d9e-80e9-efe38b317eda&q={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Linkey -> {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} -> C:\Users\Korisnik\AppData\Local\Linkey\IEExtension\iedll64.dll [2014-08-31] (Aztec Media Inc)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: BS Player ControlBar B Toolbar -> {31264a33-a653-46c4-af49-1232c59a7da5} -> C:\Users\Korisnik\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll [2014-09-30] (ClientConnect Ltd.)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Linkey -> {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} -> C:\Users\Korisnik\AppData\Local\Linkey\IEExtension\iedll.dll [2014-08-31] (Aztec Media Inc)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-08] (Oracle Corporation)
BHO-x32: allgenius 1.0.0.7 -> {963e8e8b-052d-46d7-abe6-6728f612ae99} -> C:\Program Files (x86)\allgenius\allgeniusBHO.dll [2015-01-27] (allgenius)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-08] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - FindWide Toolbar - {D1F32541-DDD0-4E75-8B40-616DF9FAE031} - C:\Program Files (x86)\TNT2\Profiles\11147\passport64.dll [2014-12-10] (Freshy.com)
Toolbar: HKLM - BS Player ControlBar B Toolbar - {31264A33-A653-46C4-AF49-1232C59A7DA5} - C:\Users\Korisnik\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll [2014-09-30] (ClientConnect Ltd.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - FindWide Toolbar - {D1F32541-DDD0-4E75-8B40-616DF9FAE031} - C:\Program Files (x86)\TNT2\Profiles\11147\passport.dll [2014-12-10] (Freshy.com)
Toolbar: HKLM-x32 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Korisnik\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll [2014-09-30] (ClientConnect Ltd.)
Toolbar: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> FindWide Toolbar - {D1F32541-DDD0-4E75-8B40-616DF9FAE031} - C:\Program Files (x86)\TNT2\Profiles\11147\passport64.dll [2014-12-10] (Freshy.com)
Toolbar: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> BS Player ControlBar B Toolbar - {31264A33-A653-46C4-AF49-1232C59A7DA5} - C:\Users\Korisnik\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll [2014-09-30] (ClientConnect Ltd.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\gsn47igj.default
FF NewTab: hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=688_pr__alt__ddc_dsssyctab_bd_com
FF DefaultSearchEngine: Yahoo! Search
FF SelectedSearchEngine: Yahoo! Search
FF Homepage: hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=688_pr__alt__ddc_dsssyc_bd_com
FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=688_pr__alt__ddc_dss_bd_com&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-2177694863-1165799517-708535938-1001: @tnt2npapi.com/Plugin -> C:\Users\Korisnik\AppData\Local\TNT2\2.0.0.1895\npTNT2.dll [2014-12-10] (Freshy.com)
FF SearchPlugin: C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\gsn47igj.default\searchplugins\search-simple.xml [2015-04-02]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pogodakyu.xml [2015-03-27]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vokabular.xml [2015-03-27]
FF Extension: allgenius 1.0.1 - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\gsn47igj.default\Extensions\{8ebc28a2-0eec-4503-8299-d9ab3df68568}.xpi [2015-04-02]

Chrome:
=======
CHR RestoreOnStartup: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=688_pr__alt__ddc_dsssyc_bd_com"
CHR StartupUrls: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=688_pr__alt__ddc_dsssyc_bd_com"
CHR DefaultSearchKeyword: Default -> yahoo.com
CHR DefaultNewTabURL: Default -> http://search.yahoo.com/?fr=hp-ddc-bd-tab&type=pr__alt__ddc_dsssyctab_bd_com
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-10]
CHR Extension: (Google Docs) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-10]
CHR Extension: (Google Drive) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-10]
CHR Extension: (YouTube) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-10]
CHR Extension: (Google Search) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-10]
CHR Extension: (Google Sheets) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-10]
CHR Extension: (allgenius) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkocnnamhmabjdkhkeibknmdpljfmbmp [2014-12-10]
CHR Extension: (Bookmark Manager) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (Skype Click to Call) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-11-21]
CHR Extension: (Google Wallet) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-10]
CHR Extension: (Gmail) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-10]
CHR HKLM-x32\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - C:\Users\Korisnik\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx [2014-12-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ModernMix; C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe [74864 2013-02-28] (Stardock Software, Inc)
R2 SmdmFService; C:\Program Files (x86)\Assets Manager\smdmf\SmdmFService.exe [3570704 2015-01-28] (Aztec Media Inc)
R2 SrvUpdater; C:\Program Files (x86)\SoftwareUpdater\Upd4terSrv.exe [196096 2014-12-11] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R2 Update allgenius; C:\Program Files (x86)\allgenius\updateallgenius.exe [410856 2015-04-26] ()
R2 Util allgenius; C:\Program Files (x86)\allgenius\bin\utilallgenius.exe [410856 2015-04-26] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-04-24] (Advanced Micro Devices)
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files (x86)\Assets Manager\smdmf\x64\smdmfmgrc3.cfg [45968 2015-01-28] (Aztec Media Inc)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R1 {1bdc2c72-ee9f-4712-bc8d-9e9f957080e2}Gw64; C:\Windows\System32\drivers\{1bdc2c72-ee9f-4712-bc8d-9e9f957080e2}Gw64.sys [48832 2014-12-13] (StdLib)
R1 {20028c4e-ef35-4336-a227-afedf096d2a7}Gw64; C:\Windows\System32\drivers\{20028c4e-ef35-4336-a227-afedf096d2a7}Gw64.sys [48832 2014-12-30] (StdLib)
R1 {2edd21db-764b-43cd-81b6-eef43c26704a}Gw64; C:\Windows\System32\drivers\{2edd21db-764b-43cd-81b6-eef43c26704a}Gw64.sys [48832 2014-12-18] (StdLib)
R1 {458639bd-68ee-4273-bbab-5c062f563d3b}Gw64; C:\Windows\System32\drivers\{458639bd-68ee-4273-bbab-5c062f563d3b}Gw64.sys [48832 2014-12-24] (StdLib)
R1 {645cdede-1bea-456e-9de9-65f184313502}Gw64; C:\Windows\System32\drivers\{645cdede-1bea-456e-9de9-65f184313502}Gw64.sys [48832 2014-12-09] (StdLib)
R1 {64ffc04b-3304-4dd9-a15c-6a0b789ab072}Gw64; C:\Windows\System32\drivers\{64ffc04b-3304-4dd9-a15c-6a0b789ab072}Gw64.sys [48832 2015-01-06] (StdLib)
R1 {8ebc28a2-0eec-4503-8299-d9ab3df68568}Gw64; C:\Windows\System32\drivers\{8ebc28a2-0eec-4503-8299-d9ab3df68568}Gw64.sys [48832 2015-01-08] (StdLib)
R1 {918d73e6-344e-4cbd-99f6-1e688461e49b}Gw64; C:\Windows\System32\drivers\{918d73e6-344e-4cbd-99f6-1e688461e49b}Gw64.sys [48832 2015-01-03] (StdLib)
R1 {d2016952-a5e4-488e-bc66-1499bf686a8a}Gw64; C:\Windows\System32\drivers\{d2016952-a5e4-488e-bc66-1499bf686a8a}Gw64.sys [48832 2014-12-16] (StdLib)
R1 {f51668dd-f93c-4fee-a9fd-55c8481780d4}Gw64; C:\Windows\System32\drivers\{f51668dd-f93c-4fee-a9fd-55c8481780d4}Gw64.sys [48832 2014-12-28] (StdLib)
R1 {f5598bc7-a9c4-4bd0-8ca5-3b6319e94b10}Gw64; C:\Windows\System32\drivers\{f5598bc7-a9c4-4bd0-8ca5-3b6319e94b10}Gw64.sys [48832 2014-12-22] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)



https://www.mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nemaš viruse niti bilo kakvu drugu vrstu malwarea već sam ogomilu adwarea. Jest da je generisani FRST.txt izvještaj nekompletan, ali ...


Korak 1

Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe:

allgenius
BS Player ControlBar B Toolbar for IE
Findwide Toolbar
Settings Manager
SoftwareUpdater
Yahoo! Search



Korak 2

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.


CloseProcesses:
HKU\S-1-5-21-2177694863-1165799517-708535938-1001\...\Run: [Yahoo! Search] => C:\Users\Korisnik\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe [644352 2015-03-28] (Pay By Ads LTD)
HKU\S-1-5-21-2177694863-1165799517-708535938-1001\...\MountPoints2: {36706a4c-a32e-11e4-829a-74d4353c2744} - "G:\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B04 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
AppInit_DLLs: C:\Users\Korisnik\AppData\Local\Linkey\IEEXTE~1\iedll64.dll => C:\Users\Korisnik\AppData\Local\Linkey\IEExtension\iedll64.dll [202256 2014-08-31] (Aztec Media Inc)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\Users\Korisnik\AppData\Local\Linkey\IEEXTE~1\iedll.dll => C:\Users\Korisnik\AppData\Local\Linkey\IEExtension\iedll.dll [175632 2014-08-31] (Aztec Media Inc)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2177694863-1165799517-708535938-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://services.freshy.com/general/newhometab.php?.....&guid={2745BBAA-08AA-46AC-937E-C24CA555EB14}&i=
HKU\S-1-5-21-2177694863-1165799517-708535938-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://services.freshy.com/general/newhometab.php?.....&guid={2745BBAA-08AA-46AC-937E-C24CA555EB14}&i=
URLSearchHook: HKLM-x32 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Korisnik\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll (ClientConnect Ltd.)
URLSearchHook: HKLM-x32 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Korisnik\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll (ClientConnect Ltd.)
URLSearchHook: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Korisnik\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll (ClientConnect Ltd.)
URLSearchHook: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Korisnik\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll (ClientConnect Ltd.)
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?sid=503&a.....=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?sid=503&a.....=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> DefaultScope {FD873C50-ADB4-4993-BFC1-EF02A214F6AB} URL = http://q.search-simple.com/?affID=pr_f766fed2-5e78-4d9e-80e9-efe38b317eda&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> OldSearch URL = http://search.findwide.com/serp?guid={2745BBAA-08AA-46AC-937E-C24CA555EB14}&action=default_search&k={searchTerms}
SearchScopes: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3.....613&q={searchTerms}&SSPV=21820TB_sp_ie
SearchScopes: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?sid=503&a.....=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> {EC8F2212-5608-4334-8CA2-DE2B01C3AF3C} URL = http://q.search-simple.com/?affID=na&q={searchTerms}&r=558
SearchScopes: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> {FD873C50-ADB4-4993-BFC1-EF02A214F6AB} URL = http://q.search-simple.com/?affID=pr_f766fed2-5e78-4d9e-80e9-efe38b317eda&q={searchTerms}
BHO: Linkey -> {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} -> C:\Users\Korisnik\AppData\Local\Linkey\IEExtension\iedll64.dll [2014-08-31] (Aztec Media Inc)
BHO-x32: BS Player ControlBar B Toolbar -> {31264a33-a653-46c4-af49-1232c59a7da5} -> C:\Users\Korisnik\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll [2014-09-30] (ClientConnect Ltd.)
BHO-x32: Linkey -> {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} -> C:\Users\Korisnik\AppData\Local\Linkey\IEExtension\iedll.dll [2014-08-31] (Aztec Media Inc)
BHO-x32: allgenius 1.0.0.7 -> {963e8e8b-052d-46d7-abe6-6728f612ae99} -> C:\Program Files (x86)\allgenius\allgeniusBHO.dll [2015-01-27] (allgenius)
Toolbar: HKLM - FindWide Toolbar - {D1F32541-DDD0-4E75-8B40-616DF9FAE031} - C:\Program Files (x86)\TNT2\Profiles\11147\passport64.dll [2014-12-10] (Freshy.com)
Toolbar: HKLM - BS Player ControlBar B Toolbar - {31264A33-A653-46C4-AF49-1232C59A7DA5} - C:\Users\Korisnik\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll [2014-09-30] (ClientConnect Ltd.)
Toolbar: HKLM-x32 - FindWide Toolbar - {D1F32541-DDD0-4E75-8B40-616DF9FAE031} - C:\Program Files (x86)\TNT2\Profiles\11147\passport.dll [2014-12-10] (Freshy.com)
Toolbar: HKLM-x32 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Korisnik\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll [2014-09-30] (ClientConnect Ltd.)
Toolbar: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> FindWide Toolbar - {D1F32541-DDD0-4E75-8B40-616DF9FAE031} - C:\Program Files (x86)\TNT2\Profiles\11147\passport64.dll [2014-12-10] (Freshy.com)
Toolbar: HKU\S-1-5-21-2177694863-1165799517-708535938-1001 -> BS Player ControlBar B Toolbar - {31264A33-A653-46C4-AF49-1232C59A7DA5} - C:\Users\Korisnik\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll [2014-09-30] (ClientConnect Ltd.)
FF Plugin HKU\S-1-5-21-2177694863-1165799517-708535938-1001: @tnt2npapi.com/Plugin -> C:\Users\Korisnik\AppData\Local\TNT2\2.0.0.1895\npTNT2.dll [2014-12-10] (Freshy.com)
FF Extension: allgenius 1.0.1 - C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\gsn47igj.default\Extensions\{8ebc28a2-0eec-4503-8299-d9ab3df68568}.xpi [2015-04-02]
CHR Extension: (allgenius) - C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkocnnamhmabjdkhkeibknmdpljfmbmp [2014-12-10]
CHR HKLM-x32\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - C:\Users\Korisnik\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx [2014-12-27]
R2 SrvUpdater; C:\Program Files (x86)\SoftwareUpdater\Upd4terSrv.exe [196096 2014-12-11] () [File not signed]
R2 Update allgenius; C:\Program Files (x86)\allgenius\updateallgenius.exe [410856 2015-04-26] ()
R2 Util allgenius; C:\Program Files (x86)\allgenius\bin\utilallgenius.exe [410856 2015-04-26] ()
R1 {1bdc2c72-ee9f-4712-bc8d-9e9f957080e2}Gw64; C:\Windows\System32\drivers\{1bdc2c72-ee9f-4712-bc8d-9e9f957080e2}Gw64.sys [48832 2014-12-13] (StdLib)
R1 {20028c4e-ef35-4336-a227-afedf096d2a7}Gw64; C:\Windows\System32\drivers\{20028c4e-ef35-4336-a227-afedf096d2a7}Gw64.sys [48832 2014-12-30] (StdLib)
R1 {2edd21db-764b-43cd-81b6-eef43c26704a}Gw64; C:\Windows\System32\drivers\{2edd21db-764b-43cd-81b6-eef43c26704a}Gw64.sys [48832 2014-12-18] (StdLib)
R1 {458639bd-68ee-4273-bbab-5c062f563d3b}Gw64; C:\Windows\System32\drivers\{458639bd-68ee-4273-bbab-5c062f563d3b}Gw64.sys [48832 2014-12-24] (StdLib)
R1 {645cdede-1bea-456e-9de9-65f184313502}Gw64; C:\Windows\System32\drivers\{645cdede-1bea-456e-9de9-65f184313502}Gw64.sys [48832 2014-12-09] (StdLib)
R1 {64ffc04b-3304-4dd9-a15c-6a0b789ab072}Gw64; C:\Windows\System32\drivers\{64ffc04b-3304-4dd9-a15c-6a0b789ab072}Gw64.sys [48832 2015-01-06] (StdLib)
R1 {8ebc28a2-0eec-4503-8299-d9ab3df68568}Gw64; C:\Windows\System32\drivers\{8ebc28a2-0eec-4503-8299-d9ab3df68568}Gw64.sys [48832 2015-01-08] (StdLib)
R1 {918d73e6-344e-4cbd-99f6-1e688461e49b}Gw64; C:\Windows\System32\drivers\{918d73e6-344e-4cbd-99f6-1e688461e49b}Gw64.sys [48832 2015-01-03] (StdLib)
R1 {d2016952-a5e4-488e-bc66-1499bf686a8a}Gw64; C:\Windows\System32\drivers\{d2016952-a5e4-488e-bc66-1499bf686a8a}Gw64.sys [48832 2014-12-16] (StdLib)
R1 {f51668dd-f93c-4fee-a9fd-55c8481780d4}Gw64; C:\Windows\System32\drivers\{f51668dd-f93c-4fee-a9fd-55c8481780d4}Gw64.sys [48832 2014-12-28] (StdLib)
R1 {f5598bc7-a9c4-4bd0-8ca5-3b6319e94b10}Gw64; C:\Windows\System32\drivers\{f5598bc7-a9c4-4bd0-8ca5-3b6319e94b10}Gw64.sys [48832 2014-12-22] (StdLib)
Task: {695226BE-7264-43D5-95D3-B6642AC1F15C} - System32\Tasks\Yahoo! Search => C:\Users\Korisnik\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrlte.exe [2015-03-28] (Pay By Ads LTD) <==== ATTENTION
Task: {7968C4BF-62B7-4770-B7A0-E0C00A781CA8} - System32\Tasks\Yahoo! Search Updater => C:\Users\Korisnik\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.25.0\dsrsetup.exe [2015-03-28] (Pay By Ads LTD) <==== ATTENTION
C:\Program Files (x86)\SoftwareUpdater
C:\Users\Korisnik\AppData\Local\Pay-By-Ads
C:\Program Files (x86)\LOLReplay
C:\Program Files (x86)\allgenius
C:\Users\Korisnik\AppData\Local\Linkey
C:\Program Files (x86)\SearchProtect\SearchProtect
C:\Users\Korisnik\AppData\LocalLow\BS_Player_ControlBar_B
C:\Program Files (x86)\TNT2
C:\Windows\System32\drivers\{1bdc2c72-ee9f-4712-bc8d-9e9f957080e2}Gw64.sys
C:\Windows\System32\drivers\{20028c4e-ef35-4336-a227-afedf096d2a7}Gw64.sys
C:\Windows\System32\drivers\{2edd21db-764b-43cd-81b6-eef43c26704a}Gw64.sys
C:\Windows\System32\drivers\{458639bd-68ee-4273-bbab-5c062f563d3b}Gw64.sys
C:\Windows\System32\drivers\{645cdede-1bea-456e-9de9-65f184313502}Gw64.sys
C:\Windows\System32\drivers\{64ffc04b-3304-4dd9-a15c-6a0b789ab072}Gw64.sys
C:\Windows\System32\drivers\{8ebc28a2-0eec-4503-8299-d9ab3df68568}Gw64.sys
C:\Windows\System32\drivers\{918d73e6-344e-4cbd-99f6-1e688461e49b}Gw64.sys
C:\Windows\System32\drivers\{d2016952-a5e4-488e-bc66-1499bf686a8a}Gw64.sys
C:\Windows\System32\drivers\{f51668dd-f93c-4fee-a9fd-55c8481780d4}Gw64.sys
C:\Windows\System32\drivers\{f5598bc7-a9c4-4bd0-8ca5-3b6319e94b10}Gw64.sys
EmptyTemp:


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).




Korak 3

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
u EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Cleaning i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK
Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"
Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Hocu, nego zaboravi da kazem, on ucitava stranicu po 2,3,4min, to je ono najgore što se dešava. Ok odradicu.