provera kompa sumnja na brdo virusa

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 28 Jul 2015 8:39

Juce se pojavio plavi ekran.sporo podize sistem ..... Ako mogu promeniti Norton ,mislim kako ga izbrisati i instalirati Aviru free...
Hvala unapred i veliki pozdrav


mycity.rs/must-login.png

Dopuna: 28 Jul 2015 8:40

mycity.rs/must-login.png

sScan result of Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
Ran by Vlada (administrator) on VLADA-PC (28-07-2015 09:34:47)
Running from C:\Users\Vlada\Desktop
Loaded Profiles: Vlada (Available Profiles: Vlada)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(simplitec GmbH) C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
(Yahoo! Inc) C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Users\Vlada\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Vlada\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Vlada\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Vlada\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Vlada\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Vlada\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-11-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [YSearchProtection] => C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-23] (Yahoo! Inc)
HKU\S-1-5-21-1408496568-1244426443-3786980584-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-1408496568-1244426443-3786980584-1000\...\Run: [Search Protection] => C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-23] (Yahoo! Inc)
HKU\S-1-5-21-1408496568-1244426443-3786980584-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8202008 2015-04-08] (Piriform Ltd)
HKU\S-1-5-21-1408496568-1244426443-3786980584-1000\...\Run: [Google Update] => C:\Users\Vlada\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-02] (Google Inc.)
AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll => c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll File not found
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File not found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-02-08]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-1408496568-1244426443-3786980584-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = start.funmoods.com/?f=1&a=fmtgl&chn.....=164499088
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = ph.yahoo.com/?fr=mkg029
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = ph.yahoo.com/?fr=mkg029
HKU\S-1-5-21-1408496568-1244426443-3786980584-1000\Software\Microsoft\Internet Explorer\Main,Start Page = bing.com/?pc=U303
HKU\S-1-5-21-1408496568-1244426443-3786980584-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp
HKU\S-1-5-21-1408496568-1244426443-3786980584-1000\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = search.babylon.com/?babsrc=HP_Prot
HKU\S-1-5-21-1408496568-1244426443-3786980584-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = google.com/
ph.yahoo.com/?fr=mkg029
URLSearchHook: HKU\S-1-5-21-1408496568-1244426443-3786980584-1000 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = start.funmoods.com/results.php?f=4&q={searchTerms}&a=stonicrow&chnl=stonicrow&cd=2XzuyEtN2Y1L1Qzu0FyE0E0CtAzzzz0D0BtAzztC0FyEyD0EtN0D0Tzu0CtBtAtDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=225272061
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b}
SearchScopes: HKLM-x32 -> {417A3850-35F2-6FCF-D47F-366563475ACF} URL = search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = start.funmoods.com/results.php?f=4&q={searchTerms}&a=stonicrow&chnl=stonicrow&cd=2XzuyEtN2Y1L1Qzu0FyE0E0CtAzzzz0D0BtAzztC0FyEyD0EtN0D0Tzu0CtBtAtDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=225272061
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-1408496568-1244426443-3786980584-1000 -> DefaultScope {417A3850-35F2-6FCF-D47F-366563475ACF} URL = bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1408496568-1244426443-3786980584-1000 -> Backup.Old.DefaultScope {B28C967B-97D4-47B6-82A7-F4BF647C973D}
SearchScopes: HKU\S-1-5-21-1408496568-1244426443-3786980584-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1408496568-1244426443-3786980584-1000 -> {417A3850-35F2-6FCF-D47F-366563475ACF} URL = bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1408496568-1244426443-3786980584-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=US&ver=20&locale=en_US&gct=sb&qsrc=2869
SearchScopes: HKU\S-1-5-21-1408496568-1244426443-3786980584-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-1408496568-1244426443-3786980584-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = ph.search.yahoo.com/search?p={searchTerms}&fr=mkg028
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-15] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-01-22] (DVDVideoSoft Ltd.)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated)
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Funmoods Helper Object -> {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Softonic Helper Object -> {E87806B5-E908-45FD-AF5E-957D83E58E68} -> No File
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-01-22] (DVDVideoSoft Ltd.)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28] (Yahoo! Inc)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-15] (Google Inc.)
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKLM-x32 - Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No File
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15] (Google Inc.)
Toolbar: HKU\S-1-5-21-1408496568-1244426443-3786980584-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-1408496568-1244426443-3786980584-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-1408496568-1244426443-3786980584-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-15] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 212.200.191.166 212.200.190.166
Tcpip\..\Interfaces\{3CC7250A-9EE8-48EF-94B5-155AF12BE6CA}: [DhcpNameServer] 212.200.191.166 212.200.190.166
Tcpip\..\Interfaces\{6C7BD247-7FB8-46C1-A654-46EBF3ADC792}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\cmczmkko.default
FF DefaultSearchEngine: Yahoo
FF DefaultSearchUrl: hxxp://ph.search.yahoo.com/search?fr=mkg030&p=
FF SearchEngineOrder.1: Delta Search
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://www.google.rs/
FF Keyword.URL: hxxp://ph.search.yahoo.com/search?ei=UTF-8&fr=ytff-msgr&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-06] ()
FF Plugin-x32: @gobit.com/GobitGamesPlayer -> C:\Program Files (x86)\GoBit Games\BrowserPlugin\npgobitgamesplugin.dll [2008-08-04] ( )
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1408496568-1244426443-3786980584-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Vlada\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-1408496568-1244426443-3786980584-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Vlada\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF user.js: detected! => C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\cmczmkko.default\user.js [2014-05-12]
FF SearchPlugin: C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\cmczmkko.default\searchplugins\bingp.xml [2015-03-08]
FF SearchPlugin: C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\cmczmkko.default\searchplugins\BrowserProtect.xml [2013-05-12]
FF SearchPlugin: C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\cmczmkko.default\searchplugins\delta.xml [2013-05-12]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2013-01-02]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\cmczmkko.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-06-23]
FF Extension: Adblock Plus - C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\cmczmkko.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-23]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.4.0.13\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.4.0.13\coFFPlgn [2015-07-28]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-02-08]
FF HKU\S-1-5-21-1408496568-1244426443-3786980584-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-1408496568-1244426443-3786980584-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-02-15]

Chrome:
=======
CHR Profile: C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Ask Search) - C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl [2015-07-04]
CHR Extension: (iLivid) - C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2015-07-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Vlada\AppData\Local\funmoods.crx [2012-08-18]
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Vlada\AppData\Local\funmoods-speeddial.crx [2012-08-18]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-19]
CHR HKU\S-1-5-21-1408496568-1244426443-3786980584-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Vlada\AppData\Local\funmoods.crx [2012-08-18]
CHR HKU\S-1-5-21-1408496568-1244426443-3786980584-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Vlada\AppData\Local\funmoods-speeddial.crx [2012-08-18]
CHR HKU\S-1-5-21-1408496568-1244426443-3786980584-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1408496568-1244426443-3786980584-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-02-15]
CHR HKLM-x32\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Vlada\AppData\Local\funmoods.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Vlada\AppData\Local\funmoods-speeddial.crx [2012-08-18]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Vlada\AppData\Roaming\BabSolution\CR\delta1.crx [2013-05-12]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jplinpmadfkdgipabgcdchbdikologlh] - C:\Program Files (x86)\1ClickDownload\1click12.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-19]
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit16.crx [2013-08-08]
CHR HKLM-x32\...\Chrome\Extension: [plmlpkfpkijnlijgalnjaacllnjmoamo] - C:\Users\Vlada\AppData\Local\Temp\ccex.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files (x86)\1ClickDownload\oneclickdownloader11.crx [Not Found]
StartMenuInternet: Google Chrome - C:\Users\Vlada\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2012-04-13] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-07-04] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94208 2013-09-24] (Advanced Micro Devices) [File not signed]
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.4.0.13\Definitions\BASHDefs\20140718.001\BHDrvx64.sys [1530160 2014-07-03] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-07-29] (Symantec Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] () [File not signed]
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.4.0.13\Definitions\IPSDefs\20140729.001\IDSvia64.sys [525016 2014-07-29] (Symantec Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.4.0.13\Definitions\VirusDefs\20140730.003\ENG64.SYS [126040 2014-07-29] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.4.0.13\Definitions\VirusDefs\20140730.003\EX64.SYS [2099288 2014-07-29] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-07-30] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-28 09:34 - 2015-07-28 09:35 - 00026266 _____ C:\Users\Vlada\Desktop\FRST.txt
2015-07-28 09:33 - 2015-07-28 09:34 - 00000000 ____D C:\FRST
2015-07-28 09:25 - 2015-07-28 09:25 - 02146816 _____ (Farbar) C:\Users\Vlada\Desktop\FRST64.exe
2015-07-28 09:24 - 2015-07-28 09:24 - 00000000 _____ C:\Users\Vlada\Desktop\New Text Document.txt
2015-07-26 16:45 - 2015-07-26 16:45 - 00378072 _____ (GoBit Games ) C:\Users\Vlada\Downloads\GoBitPluginSetup_v5 (1).exe
2015-07-26 16:45 - 2015-07-26 16:45 - 00000000 ____D C:\Program Files (x86)\GoBit Games
2015-07-21 21:40 - 2015-07-21 21:53 - 808962590 _____ C:\Users\Vlada\Downloads\DOBULIMA.rar
2015-07-19 11:23 - 2015-07-19 11:23 - 04273797 _____ C:\Users\Vlada\Downloads\Zavrsni Diplomski - Tatjana Radojevic Stomatoloski frakultet Pancevo.pptx
2015-07-19 10:45 - 2015-07-19 10:45 - 04188847 _____ C:\Users\Vlada\Downloads\Diplomski rad Tatjana Radojevic Stomatoloski fakultet Pancevo (1).pptx
2015-07-15 11:16 - 2015-07-22 09:11 - 00001852 _____ C:\Windows\PFRO.log
2015-07-13 22:54 - 2015-07-13 22:54 - 04273797 _____ C:\Users\Vlada\Downloads\Diplomski - 10.pptx
2015-07-12 20:27 - 2015-07-12 20:27 - 02856375 _____ C:\Users\Vlada\Downloads\Parodontopatija.wmv.mp4
2015-07-05 21:44 - 2015-07-05 21:44 - 02820096 _____ C:\Users\Vlada\Downloads\SEMINARSKI-RAD.ppt
2015-07-05 19:57 - 2015-07-05 19:57 - 00000000 ____D C:\Users\Vlada\AppData\Roaming\Media Player Classic
2015-07-05 16:47 - 2015-07-28 08:42 - 00022139 _____ C:\Windows\WindowsUpdate.log
2015-07-05 13:27 - 2015-07-28 09:28 - 00009522 _____ C:\Windows\setupact.log
2015-07-05 13:27 - 2015-07-05 13:27 - 00000000 _____ C:\Windows\setuperr.log
2015-07-04 21:53 - 2015-07-04 21:54 - 41128904 _____ C:\Users\Vlada\Downloads\Firefox Setup 39.0 (1).exe
2015-07-04 21:52 - 2015-07-04 21:53 - 41128904 _____ C:\Users\Vlada\Downloads\Firefox Setup 39.0.exe
2015-07-04 21:52 - 2015-07-04 21:53 - 40326904 _____ C:\Users\Vlada\Downloads\Firefox-Setup-38-0-5_EN (1).exe
2015-07-04 20:02 - 2015-07-04 20:02 - 00007579 _____ C:\Users\Vlada\Desktop\YouTube to mp3 Converter.html
2015-07-04 20:01 - 2015-07-04 20:02 - 00000000 ____D C:\Users\Vlada\Desktop\YouTube to mp3 Converter_files
2015-07-04 20:00 - 2015-07-04 20:00 - 00021182 _____ C:\Users\Vlada\Desktop\MP3Juices - Free MP3 Downloads.html
2015-07-04 20:00 - 2015-07-04 20:00 - 00000000 ____D C:\Users\Vlada\Desktop\MP3Juices - Free MP3 Downloads_files

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-28 09:33 - 2015-06-17 14:44 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-28 09:33 - 2009-07-14 07:13 - 00782218 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-28 09:28 - 2014-09-15 14:22 - 00000414 _____ C:\Windows\Tasks\Power Suite (Tray).job
2015-07-28 09:28 - 2012-09-23 12:00 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-28 09:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-28 09:25 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-28 09:25 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-28 08:40 - 2012-09-23 12:00 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-27 20:49 - 2012-07-02 09:16 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1408496568-1244426443-3786980584-1000UA.job
2015-07-27 20:49 - 2012-07-02 09:16 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1408496568-1244426443-3786980584-1000Core.job
2015-07-26 17:14 - 2009-07-14 07:08 - 00032626 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-26 16:44 - 2014-11-04 18:42 - 00000000 ____D C:\Users\Vlada\Desktop\tanja 5 godina
2015-07-25 17:29 - 2012-03-05 08:48 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{3F799A3D-4C8B-4612-B35D-B28B8EF0973C}
2015-07-25 13:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-22 08:17 - 2012-07-16 17:25 - 00000000 ____D C:\Users\Vlada\AppData\Roaming\Skype
2015-07-22 08:15 - 2015-03-08 23:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-22 08:15 - 2012-07-16 17:25 - 00000000 ____D C:\ProgramData\Skype
2015-07-15 22:33 - 2015-06-17 14:44 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 22:33 - 2012-09-23 12:00 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 22:33 - 2012-01-14 19:37 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 21:35 - 2012-09-23 12:00 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 21:35 - 2012-09-23 12:00 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 20:44 - 2012-07-02 09:16 - 00003882 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1408496568-1244426443-3786980584-1000UA
2015-07-15 20:44 - 2012-07-02 09:16 - 00003486 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1408496568-1244426443-3786980584-1000Core
2015-07-14 14:30 - 2014-09-15 14:18 - 00003830 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1410783524
2015-07-14 14:30 - 2014-09-15 14:18 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-05 07:12 - 2015-06-23 18:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-04 21:54 - 2012-01-14 19:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-29 10:05 - 2014-02-08 15:42 - 00000000 ____D C:\Users\Vlada\AppData\Roaming\HpUpdate

==================== Files in the root of some directories =======

2013-02-22 21:28 - 2013-02-09 23:55 - 0114176 _____ () C:\Users\Vlada\AppData\Roaming\BabMaint.exe
2013-09-21 17:57 - 2014-01-06 18:54 - 0000136 _____ () C:\Users\Vlada\AppData\Roaming\WB.CFG
2012-11-18 17:38 - 2012-11-18 17:38 - 0003584 _____ () C:\Users\Vlada\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-26 21:59 - 2013-12-26 22:01 - 0003072 _____ () C:\Users\Vlada\AppData\Local\file__0.localstorage
2012-08-18 11:33 - 2012-08-22 14:58 - 0384844 _____ () C:\Users\Vlada\AppData\Local\funmoods-speeddial.crx
2012-08-18 11:32 - 2012-08-22 14:58 - 0031465 _____ () C:\Users\Vlada\AppData\Local\funmoods.crx
2015-06-23 19:48 - 2015-06-23 19:48 - 0000017 _____ () C:\Users\Vlada\AppData\Local\resmon.resmoncfg
2012-01-14 20:15 - 2012-01-14 20:15 - 0017408 _____ () C:\Users\Vlada\AppData\Local\WebpageIcons.db
2014-10-26 23:16 - 2014-10-26 23:16 - 0000000 _____ () C:\Users\Vlada\AppData\Local\{D08BFBEF-1BF6-498E-AFD9-247C54A15773}
2014-02-08 15:35 - 2014-02-08 18:59 - 0000865 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Vlada\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-23 13:05

==================== End of log ============================

• 1Ovo se svidja korisniku: cilitis
  
  Registruj se da bi pohvalio/la poruku!

Zdravo,

deinstaliraj:
Yahoo! Search Protection

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:


CreateRestorePoint:
Task: {1E389A49-BB97-4416-B2FB-24C04476353E} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe <==== ATTENTION
Task: {66D591B3-FEB2-46C1-A3E1-CD005D9DB041} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {BA82AA29-B1BF-4ACD-B9A9-BE5E4485FBF6} - System32\Tasks\DTReg => C:\Users\Vlada\AppData\Roaming\defaulttab\defaulttab\DTReg.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Windows\MSI Package Builder 4 Professional.xml:MSI_Package_Builder
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\Vlada:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Vlada\Application Data:gs5sys
AlternateDataStreams: C:\Users\Vlada\Cookies:gs5sys
AlternateDataStreams: C:\Users\Vlada\Local Settings:gs5sys
AlternateDataStreams: C:\Users\Vlada\Templates:gs5sys
AlternateDataStreams: C:\Users\Vlada\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Vlada\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\Vlada\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\Vlada\AppData\Local\Application Data:gs5sys
AlternateDataStreams: C:\Users\Vlada\AppData\Local\History:gs5sys
AlternateDataStreams: C:\Users\Vlada\Documents\desktop.ini:gs5sys
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-1408496568-1244426443-3786980584-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM-x32\...\Run: [] => [X]
AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll => c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll File not found
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File not found
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=fmtgl&chn.....=164499088
HKU\S-1-5-21-1408496568-1244426443-3786980584-1000\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://search.babylon.com/?babsrc=HP_Prot
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=stonicrow&chnl=stonicrow&cd=2XzuyEtN2Y1L1Qzu0FyE0E0CtAzzzz0D0BtAzztC0FyEyD0EtN0D0Tzu0CtBtAtDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=225272061
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b}
SearchScopes: HKLM-x32 -> {417A3850-35F2-6FCF-D47F-366563475ACF} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=stonicrow&chnl=stonicrow&cd=2XzuyEtN2Y1L1Qzu0FyE0E0CtAzzzz0D0BtAzztC0FyEyD0EtN0D0Tzu0CtBtAtDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=225272061
SearchScopes: HKU\S-1-5-21-1408496568-1244426443-3786980584-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=US&ver=20&locale=en_US&gct=sb&qsrc=2869
SearchScopes: HKU\S-1-5-21-1408496568-1244426443-3786980584-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-1408496568-1244426443-3786980584-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://ph.search.yahoo.com/search?p={searchTerms}&fr=mkg028
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> No File
BHO-x32: Funmoods Helper Object -> {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -> No File
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKLM-x32 - Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No File
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKU\S-1-5-21-1408496568-1244426443-3786980584-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-1408496568-1244426443-3786980584-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
FF user.js: detected! => C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\cmczmkko.default\user.js [2014-05-12]
FF SearchPlugin: C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\cmczmkko.default\searchplugins\bingp.xml [2015-03-08]
FF SearchPlugin: C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\cmczmkko.default\searchplugins\BrowserProtect.xml [2013-05-12]
FF SearchPlugin: C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\cmczmkko.default\searchplugins\delta.xml [2013-05-12]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2013-01-02]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
CHR Extension: (Ask Search) - C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl [2015-07-04]
FF DefaultSearchEngine: Yahoo
FF DefaultSearchUrl: hxxp://ph.search.yahoo.com/search?fr=mkg030&p=
FF SearchEngineOrder.1: Delta Search
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Yahoo
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

-----------

Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"
Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 28 Jul 2015 12:53

Hvala samo mi pomozite oko kako deinstalirati Yahoo! Search Protection

Dopuna: 28 Jul 2015 14:19

mycity.rs/must-login.png

• 2Ovo se svidja korisnicima: cilitis, sasa76
  
  Registruj se da bi pohvalio/la poruku!

Ako ga ne vidis u Control Panelu, resicemo to kasnije. Ako ga vidis, onda tako.

------

Postavi mi AdwCleaner logove.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

pocne da skenira i stane AdwCleaner .da li on dugo radi tj da li mu treba vise vremena .radio je 20 min i nista ako treba vide vremena da zavrsui ok sacekacu

• 1Ovo se svidja korisniku: cilitis
  
  Registruj se da bi pohvalio/la poruku!

Tesko da mu treba toliko, ali ostavi ga, da probas da odradi skeniranje, jedno pola sata. Ako ne uspes, javi, pa cemo videti nesto drugo.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 28 Jul 2015 15:38

ok hvala sad cu ga ponovo pokrenuti pa javim

Dopuna: 28 Jul 2015 15:46

mycity.rs/must-login.png

Dopuna: 28 Jul 2015 15:47

sad je odradio posle restarta

# AdwCleaner v4.208 - Logfile created 28/07/2015 at 16:40:07
# Updated 09/07/2015 by Xplode
# Database : 2015-07-26.2 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Vlada - VLADA-PC
# Running from : C:\Users\Vlada\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\optimizerpro1
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\simplitec
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Yahoo! Companion
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\BrowserCompanion
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ExpressFiles
Folder Deleted : C:\Program Files (x86)\FilesFrog Update Checker
Folder Deleted : C:\Program Files (x86)\Gophoto.it
Folder Deleted : C:\Program Files (x86)\simplitec
Folder Deleted : C:\Program Files (x86)\WinZip Registry Optimizer
Folder Deleted : C:\Program Files (x86)\Coupons
Folder Deleted : C:\Program Files (x86)\VideoDownloadConverter_4zEI
Folder Deleted : C:\Windows\SysWOW64\dfrg
Folder Deleted : C:\Program Files\Babylon
Folder Deleted : C:\Users\Vlada\AppData\Local\apn
Folder Deleted : C:\Users\Vlada\AppData\Local\Conduit
Folder Deleted : C:\Users\Vlada\AppData\Local\genienext
Folder Deleted : C:\Users\Vlada\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Vlada\AppData\LocalLow\Application Updater
Folder Deleted : C:\Users\Vlada\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Vlada\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Vlada\AppData\LocalLow\Delta
Folder Deleted : C:\Users\Vlada\AppData\LocalLow\Funmoods
Folder Deleted : C:\Users\Vlada\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Vlada\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Vlada\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\Vlada\AppData\LocalLow\tuvaro
Folder Deleted : C:\Users\Vlada\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Vlada\AppData\Roaming\BrowserCompanion
Folder Deleted : C:\Users\Vlada\AppData\Roaming\DealPly
Folder Deleted : C:\Users\Vlada\AppData\Roaming\ExpressFiles
Folder Deleted : C:\Users\Vlada\AppData\Roaming\file scout
Folder Deleted : C:\Users\Vlada\AppData\Roaming\Funmoods
Folder Deleted : C:\Users\Vlada\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Vlada\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Vlada\AppData\Roaming\Softonic
Folder Deleted : C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Deleted : C:\Users\Vlada\Documents\Mobogenie
File Deleted : C:\END
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Vlada\daemonprocess.txt
File Deleted : C:\Users\Vlada\AppData\Local\funmoods.crx
File Deleted : C:\Users\Vlada\AppData\Local\funmoods-speeddial.crx
File Deleted : C:\Users\Vlada\AppData\Roaming\BabMaint.exe
File Deleted : C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\cmczmkko.default\defaulttab.config
File Deleted : C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\cmczmkko.default\invalidprefs.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
File Deleted : C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\bprotector web data

***** [ Scheduled tasks ] *****

Task Deleted : Power Suite
Task Deleted : Power Suite (Tray)

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje
Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Search Protection]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\f
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\oneclick
Key Deleted : HKLM\SOFTWARE\Classes\oneclickmg
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\SDP
Key Deleted : HKCU\Software\5355d78be238e914
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5CB02877-EFBC-4317-B608-9E24B11BAB40}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F001652-AF51-45C6-B029-86E0265A1851}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5CB02877-EFBC-4317-B608-9E24B11BAB40}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F001652-AF51-45C6-B029-86E0265A1851}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{96A25A24-2E87-4374-8A50-CC6F943FCE4D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95734BDE-B702-45B9-86E5-27676729F904}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D0482C8E-BAEA-4943-911A-B661060F56A7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BABSOLUTION
Key Deleted : HKCU\Software\Babylon
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Blabbers
Key Deleted : HKCU\Software\BrowserCompanion
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\Funmoods
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\ExpressFiles
Key Deleted : HKLM\SOFTWARE\Funmoods
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\simplitec
Key Deleted : HKLM\SOFTWARE\Softonic
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Vittalia
Key Deleted : HKLM\SOFTWARE\VideoDownloadConverter_4zEI
Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
Key Deleted : HKU\.DEFAULT\Software\BABSOLUTION
Key Deleted : HKU\.DEFAULT\Software\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\simplitec POWER SUITE_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.0
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.7601.17514

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs]

-\\ Mozilla Firefox v39.0 (x86 en-US)

[cmczmkko.default\prefs.js] - Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\12.2.5.32");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultthis.engineName", "DVDVideoSoftTB Customized Web Search");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.admin", false);
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.id", "8c9bf45e000000000000f4ec388db381");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15572");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q=");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.6.4.6");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.6.4.6");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112855&tt=3412_5");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "8c9bf45e000000000000f4ec388db381");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "8c9bf45e000000000000f4ec388db381");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15501");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.612:09:29");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.autoRvrt", "false");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.dfltSrch", true);
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.dnsErr", true);
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.hmpg", true);
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=13&cc=&mi=8c9bf45e000000000000f4ec388db381&toi=16065");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.hpOld0", "hxxp://isearch.babylon.com/?affID=119776&tt=gc_&babsrc=HP_ss_Btisdt3&mntrId=8C9BF4EC388DB381");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=2&cc=&mi=8c9bf45e000000000000f4ec388db381&toi=16065&q=");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.newTab", true);
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF00176/tb_v1/?SearchSource=15&cc=&mi=8c9bf45e000000000000f4ec388db381&toi=16065");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.rvrt", "false");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.aflt", "fmtgl");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.autoRvrt", false);
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.cntry", "RS");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.cv", "cv5");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.dfltLng", "");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.dfltSrch", true);
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.dnsErr", true);
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.envrmnt", "production");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.excTlbr", false);
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.hdrMd5", "F0B273A30C5DDF609761A8B1D896DC75");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.hmpg", true);
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1Qzu0FyE0E0CtAzzzz0D0BtAzztC0FyEyD0EtN0D0Tzu0CtBtAyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=164499088")[...]
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.id", "F4EC388DB381F45E");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.instlDay", "15574");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.instlRef", "fmtgl");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.isdcmntcmplt", true);
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2214:58:56");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.newTab", true);
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1Qzu0FyE0E0CtAzzzz0D0BtAzztC0FyEyD0EtN0D0Tzu0CtBtAyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=164499088[...]
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.pnu_base", "{\"newVrsn\":\"255\",\"lastVrsn\":\"255\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.prdct", "funmoods");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.sg", "none");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.smplGrp", "none");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.srchPrvdr", "Search");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.tlbrId", "base");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/?f=3&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1Qzu0FyE0E0CtAzzzz0D0BtAzztC0FyEyD0EtN0D0Tzu0CtBtAyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1644990[...]
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2214:58:56");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.newTab", true);
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2214:58:56");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.tuvaro.hmpgUrl", "hxxp://tuvaro.com/ws/?source=9e9471a2&tbp=homepage&toolbarid=base&u=8c9bf45e000000000000f4ec388db381");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.tuvaro.hpOld0", "hxxp://search.babylon.com/?affID=114656&tt=0113_8&babsrc=HP_ss&mntrId=8c9bf45e000000000000f4ec388db381");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.tuvaro.kw_url", "hxxp://tuvaro.com/ws/?source=9e9471a2&tbp=url&toolbarid=base&u=8c9bf45e000000000000f4ec388db381&q=");
[cmczmkko.default\prefs.js] - Line Deleted : user_pref("extensions.tuvaro.tlbrSrchUrl", "hxxp://tuvaro.com/ws/?source=9e9471a2&tbp=main&toolbarid=base&u=8c9bf45e000000000000f4ec388db381&q=");

-\\ Google Chrome v

[C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Vlada\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

-\\ Comodo Dragon v

[C:\Users\Vlada\AppData\Local\Comodo\Dragon\User Data\Default\Preferences] - Deleted [Extension] : cmaiofennmphjldldcpphcechfnnohja
[C:\Users\Vlada\AppData\Local\Comodo\Dragon\User Data\Default\Preferences] - Deleted [Extension] : aaaalipaokhkccgmgkdglfinfnfhflko

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R2].txt - [42242 bytes] - [28/07/2015 15:43:17]
AdwCleaner[R3].txt - [42237 bytes] - [28/07/2015 16:39:27]
AdwCleaner[S0].txt - [42227 bytes] - [28/07/2015 16:40:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [42287 bytes] ##########

• 1Ovo se svidja korisniku: cilitis
  
  Registruj se da bi pohvalio/la poruku!

Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop.

Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:

autoclean;
emptyclsid;
emptyfolderscheck;delete
emptyalltemp;


Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Kopiraj sadrzaj tog loga u poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi instalaciju za Malwarebytes Anti-Malware (MBAM) ver.2.0 i instaliraj aplikaciju.
Dvoklik na mbam-setup.exe i prati uputstva za instalaciju. Instalacija je klasicna, "Next > I Agree . . > Next > Install" princip. Po zavrsenoj instalaciji, klikni Finish.
Napomena: 14 dana besplatna trail verzija je pre-selektovana. Mozes decekirati ovu opciju ako zelis.

- Po prvom pokretanju, MBAM ce zapoceti "Update" u nameri da preuzme najsvezije definicije.
Ili ... klik na 'Update Now >>' link ili dugme radi preuzimanja svezih definicija.

• Konfigurisati skener; Na 'Settings' tabu, Detection and Protection podesiti sledece opcije:
1. pod-tab Detection Options, cekirati kucicu za 'Scan for rootkits';
2. pod-tab Non-Malware Protection, za 'PUP detections', prostarati se da je selektovana 'Threat detections as malware' opcija.



• Izvrsiti 'Threat Scan';
Klik na Scan tab, zatim na 'Scan Now >>' da bi izvrsio skeniranje.
Ukoliko MBAM prijavi da je 'update' dostupan, klik na 'Update Now' a potom nastaviti do skeniranja.
Obavestenje: kod nekih teskih infekcija, moguce je dobiti sledecu poruku "Could not load DDA driver". U tom slucaju, klik Yes na tu poruku, dopustiti ucitavanje drajvera po restartu racunara, dozvoliti restart.
Potom, nastaviti sa ostatkom instrukcija.

• Po zavrsenom skeniranju, klik na Apply Action dugme ukoliko je pretnja detektovana. Sacekati da program zatrazi restart!
- Klik na Yes na poruku koja govori da ce se sistem restartovati.



• Postaviti izvestaj (export-ovati logfile) na uvid;
Ponovo pokrenuti MBAM, klik na History tab > Application Logs. Dvoklik na 'Scan Log' koji pokazuje vreme i datum upravo izvrsenog skeniranja.
1. U novom prozoru klik na 'Export' dugme, pa izabrati 'Text file (*.txt)';
2. Kada se pojavi Save File dialog, izabrati da se log sacuva na Desktop.
U tom istom prozoru, dole pod File name: upisi 'mbam' kao naziv izvestaja i klikni dugme Save.

- Po dobijenoj poruci ("Your file has been successfully exported") izvestaj koji si nazvao kao 'mbam' bice sacuvan na Desktop.



Okaci mbam.txt uz poruku koristeci opciju Prikači fajl.

-----------

Preuzmi Junkware Removal Tool ( JRT ) i sacuvaj ga na desktop.

zatvori browser i ostale pokrenute programe;
Jel potrebno navesti napomenu za duzinu scana? Da postavim ovaj PG ili nema potrebe za tim?

Privremeno deaktiviraj zastitni softver (Uputstvo);

dvoklikom na ikonicu ( )pokreni program JRT;

Kod obavestenja "press any key" pritisnuti bilo koji taster i alat ce zapoceti skeniranje.
Napomena: u ovisnosti od sistemske specifikacije vreme skeniranja u nekim slucajevima moze da potraje.

Kada zavrsi otvorice se log sa izvestajem koji ce biti sacuvan na desktopu pod nazivom JRT.txt

Kopiraj sadrzaj tog loga u temu.