Iskacuci prozori i spor rad racunara

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Pozdrav,
Problem se manifestuje koristenjem browsera(Google chrome) kada god kliknem iskacu prozori nekog reklamnog sadrzaja,takodje kada je u pitanju skidanje putem browsera dosta je sporo,u mnogo slucajeva cak nece da se skine zeljeni fajl.Sto se tice rada racunara mimo browsera i to ide dosta sporo cesto neki program nece ni da se otvori ili dosta kasni.
Problem se ispoljava 10 meseci.

Nisam pokusavao sam da resim ovaj problem.

Racunar je star 6 godina.
Brzina interneta je 6Mb/s.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by FatmaCako (administrator) on FATMACAKO-PC (05-01-2016 11:06:53)
Running from C:\Users\FatmaCako\Downloads
Loaded Profiles: FatmaCako (Available Profiles: FatmaCako)
Platform: Windows 7 Ultimate (X64) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Bandoo Media Inc.) C:\Users\FatmaCako\AppData\Local\iLivid\iLivid.exe
(BitTorrent Inc.) C:\Users\FatmaCako\AppData\Roaming\uTorrent\uTorrent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Pay By Ads LTD) C:\Users\FatmaCako\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrlte.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(BitTorrent Inc.) C:\Users\FatmaCako\AppData\Roaming\uTorrent\updates\3.4.6_41562\utorrentie.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(BitTorrent Inc.) C:\Users\FatmaCako\AppData\Roaming\uTorrent\updates\3.4.6_41562\utorrentie.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TorchMedia Inc.) C:\Users\FatmaCako\AppData\Local\Torch\Update\TorchCrashHandler.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\PacFunction\bin\utilPacFunction.exe
() C:\Program Files (x86)\PacFunction\bin\PacFunction.PurBrowse64.exe
() C:\Program Files (x86)\PacFunction\bin\PacFunction.BrowserAdapter.exe
() C:\Program Files (x86)\PacFunction\bin\PacFunction.BrowserAdapter64.exe
() C:\Program Files (x86)\PacFunction\bin\PacFunction.expext.exe
() C:\Program Files (x86)\PacFunction\updatePacFunction.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1502424 2013-07-08] (COMODO)
HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-02] (Adobe Systems Incorporated)
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [607744 2013-07-15] (MyCity)
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\...\Run: [iLivid] => C:\Users\FatmaCako\AppData\Local\iLivid\iLivid.exe [7913472 2014-05-25] (Bandoo Media Inc.)
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\...\Run: [uTorrent] => C:\Users\FatmaCako\AppData\Roaming\uTorrent\uTorrent.exe [2087448 2015-12-18] (BitTorrent Inc.)
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\...\Run: [GoogleChromeAutoLaunch_A8790CC3A18CB9DE7942264E1AAB2C4A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-12-11] (Google Inc.)
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\...\Run: [Yahoo! Search] => C:\Users\FatmaCako\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrlte.exe [660736 2015-09-21] (Pay By Ads LTD)
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2013-08-30] (AVAST Software)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{553FD4A3-2D6F-4DA4-9526-1BE1A3C02FC7}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{553FD4A3-2D6F-4DA4-9526-1BE1A3C02FC7}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-21-1047535193-2599728610-4175363373-1001 -> DefaultScope {3B57D039-55C6-48A3-9849-4374F3779313} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1047535193-2599728610-4175363373-1001 -> OldSearch URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-21-1047535193-2599728610-4175363373-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&babsrc=SP_ss&mntrId=B4C4002421A6B653&affID=128403&tsp=5195
SearchScopes: HKU\S-1-5-21-1047535193-2599728610-4175363373-1001 -> {2758E768-D627-42E3-9D52-3FB282CD1C98} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&r=740
SearchScopes: HKU\S-1-5-21-1047535193-2599728610-4175363373-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-21-1047535193-2599728610-4175363373-1001 -> {3B57D039-55C6-48A3-9849-4374F3779313} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1047535193-2599728610-4175363373-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110511131190} -> No File
BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30] (AVAST Software)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Flv2PC -> {1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} -> C:\Program Files (x86)\FLV2PC\flv2pc_ie.dll => No File
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: No Name -> {3d86a75b-cb6b-4764-885d-ca6336f04ba2} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30] (AVAST Software)
BHO-x32: PacFunction 1.0.0.7 -> {9aa72d95-59d7-4421-a02c-f93a1187a165} -> C:\Program Files (x86)\PacFunction\PacFunctionBHO.dll => No File
BHO-x32: Rich Media Downloader -> {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: buenosearch Helper Object -> {F1C81E40-2485-4DB6-8C9D-04BD596B281E} -> C:\Program Files (x86)\buenosearch LTD\buenosearch\1.8.28.7\bh\buenosearch.dll [2013-11-08] (Montiera Technologies LTD)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30] (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30] (AVAST Software)
Toolbar: HKLM-x32 - No Name - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - No File
Toolbar: HKLM-x32 - buenosearch Toolbar - {828DC97A-2277-4E10-92A9-4907FA0922A9} - C:\Program Files (x86)\buenosearch LTD\buenosearch\1.8.28.7\buenosearchTlbr.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-02] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1047535193-2599728610-4175363373-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\FatmaCako\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll [2013-03-12] ()
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-24] [not signed]
FF HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\...\Firefox\Extensions: [freegames4357@BestOffers] - C:\Users\FatmaCako\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers
FF Extension: Free Games 111 - C:\Users\FatmaCako\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers [2014-05-02] [not signed]

Chrome:
=======
CHR RestoreOnStartup: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=688_pr__alt__ddc_dsssyc_bd_com"
CHR StartupUrls: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=688_pr__alt__ddc_dsssyc_bd_com"
CHR Profile: C:\Users\FatmaCako\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (CostMin) - C:\Users\FatmaCako\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnlijdaddomppcecemlkagbahfbikjch [2014-06-25]
CHR Extension: (Movies Toolbar) - C:\Users\FatmaCako\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobjjcahfhldcakcacmcomhgepfcppkc [2016-01-04] [UpdateUrl: [Link mogu videti samo ulogovani korisnici] <==== ATTENTION
CHR Extension: (Плаћања у Chrome веб-продавници) - C:\Users\FatmaCako\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-09]
CHR HKLM-x32\...\Chrome\Extension: [aaaaabcbmongicmdegkmmfgdickgnnob] - C:\Users\FatmaCako\AppData\Local\ilividmoviestoolbar181\GC\toolbar.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [acfoobbgoakpihljnfedbcfaipcdlfhk] - C:\Users\FatmaCako\AppData\Roaming\BabSolution\CR\bueno.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-29]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6199520 2013-07-08] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [158936 2013-06-18] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2094216 2013-05-29] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-09-11] ()
R2 TorchCrashHandler; C:\Users\FatmaCako\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217032 2014-10-29] (TorchMedia Inc.) <==== ATTENTION
R2 Update PacFunction; C:\Program Files (x86)\PacFunction\updatePacFunction.exe [657648 2016-01-05] ()
R2 Util PacFunction; C:\Program Files (x86)\PacFunction\bin\utilPacFunction.exe [657648 2016-01-05] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 MaintainerSvc2.12.9044570; "C:\ProgramData\5a29f6c6-227f-4883-9a26-af8533ba8ccf\maintainer.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2014-05-27] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2014-05-27] (LG Electronics Inc.)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2013-06-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [708632 2013-07-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2013-06-18] (COMODO)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-25] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [96800 2013-06-18] (COMODO)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2016-01-05] (Malwarebytes Corporation)
R1 {c9295130-7674-4d8c-af48-518ea8f9a1b9}w64; C:\Windows\System32\drivers\{c9295130-7674-4d8c-af48-518ea8f9a1b9}w64.sys [48784 2015-02-06] (StdLib)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc2.cfg [X]
S1 {19854aff-7c07-4859-9831-cd028ac55dd0}Gw64; system32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gw64.sys [X]
S1 {19854aff-7c07-4859-9831-cd028ac55dd0}w64; system32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}w64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-05 11:06 - 2016-01-05 11:07 - 00021982 _____ C:\Users\FatmaCako\Downloads\FRST.txt
2016-01-05 11:06 - 2016-01-05 11:06 - 00000000 ____D C:\FRST
2016-01-05 11:05 - 2016-01-05 11:06 - 02370560 _____ (Farbar) C:\Users\FatmaCako\Downloads\FRST64.exe
2016-01-05 00:16 - 2016-01-05 00:16 - 00053809 _____ C:\ComboFix.txt
2016-01-04 23:23 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-01-04 23:23 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-01-04 23:23 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-01-04 23:23 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-01-04 23:23 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-01-04 23:23 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-01-04 23:23 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-01-04 23:23 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-01-04 19:57 - 2016-01-05 00:16 - 00000000 ____D C:\Qoobox
2016-01-04 18:57 - 2016-01-05 00:11 - 00000000 ____D C:\Windows\erdnt
2016-01-04 17:47 - 2016-01-04 17:48 - 05643309 _____ (Swearware) C:\Users\FatmaCako\Downloads\ComboFix (1).exe
2016-01-04 17:47 - 2016-01-04 17:47 - 05643309 ____R (Swearware) C:\Users\FatmaCako\Downloads\ComboFix.exe
2016-01-04 17:23 - 2016-01-04 17:23 - 01721856 _____ (Farbar) C:\Users\FatmaCako\Downloads\FRST.exe
2016-01-04 16:05 - 2016-01-04 16:05 - 01721856 _____ (Farbar) C:\Users\FatmaCako\Downloads\Unconfirmed 612543.torchdownload
2016-01-04 14:54 - 2016-01-04 14:54 - 00000925 _____ C:\Users\FatmaCako\Desktop\Fixlist.txt
2016-01-02 13:56 - 2016-01-02 13:56 - 00011869 _____ C:\Users\FatmaCako\Downloads\[kat.cr]game.of.thrones.s05e06.720p.hdtv.x264.immerse.torrent
2015-12-29 09:49 - 2015-12-29 09:49 - 00020631 _____ C:\Users\FatmaCako\Downloads\[kat.cr]ikiru.1952.720p.brrip.x264.aac.team.nanban.torrent
2015-12-27 13:42 - 2015-12-27 13:42 - 00035490 _____ C:\Users\FatmaCako\Downloads\[kat.cr]the.big.bang.theory.s09e11.720p.hdtv.x264.dimension.rartv (1).torrent
2015-12-27 13:39 - 2015-12-27 13:39 - 00035490 _____ C:\Users\FatmaCako\Downloads\[kat.cr]the.big.bang.theory.s09e11.720p.hdtv.x264.dimension.rartv.torrent
2015-12-25 14:16 - 2016-01-04 14:22 - 00000000 ____D C:\Users\FatmaCako\Downloads\PopcornTime
2015-12-10 00:28 - 2015-12-10 00:28 - 00000000 ____D C:\689e1d91f9a161ebd9

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-05 11:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-05 11:05 - 2013-09-07 12:07 - 00000000 ____D C:\Users\FatmaCako\AppData\Roaming\uTorrent
2016-01-05 10:49 - 2013-09-07 11:53 - 00000000 ____D C:\Users\FatmaCako\AppData\Roaming\Skype
2016-01-05 10:47 - 2015-01-29 17:00 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-05 10:35 - 2009-07-14 05:45 - 00010208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-05 10:35 - 2009-07-14 05:45 - 00010208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-05 10:32 - 2014-03-23 11:56 - 00000000 ____D C:\Program Files (x86)\PacFunction
2016-01-05 10:32 - 2009-07-14 03:34 - 00000580 _____ C:\Windows\win.ini
2016-01-05 10:30 - 2015-06-11 19:51 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-01-05 10:28 - 2015-09-22 09:33 - 00000000 ____D C:\Users\FatmaCako\AppData\LocalLow\uTorrent
2016-01-05 10:28 - 2014-01-03 11:30 - 00000000 ____D C:\ProgramData\TorchCrashHandler
2016-01-05 10:28 - 2013-09-07 10:46 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-05 10:27 - 2015-05-15 16:40 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-01-05 10:27 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-05 00:20 - 2013-09-07 10:46 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-05 00:06 - 2014-07-31 08:04 - 00000000 ____D C:\Users\FatmaCako\AppData\Local\Adobe
2016-01-05 00:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2016-01-05 00:06 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-01-05 00:04 - 2009-07-14 03:34 - 67371008 _____ C:\Windows\system32\config\software.bak
2016-01-05 00:04 - 2009-07-14 03:34 - 18874368 _____ C:\Windows\system32\config\system.bak
2016-01-05 00:04 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2016-01-05 00:04 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2016-01-05 00:04 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\default.bak
2016-01-04 23:59 - 2013-11-19 21:40 - 00000000 ____D C:\ProgramData\Wincert
2016-01-04 23:21 - 2014-08-10 10:09 - 00000944 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1047535193-2599728610-4175363373-1001UA.job
2016-01-04 19:30 - 2014-05-27 19:40 - 00000000 ____D C:\Users\FatmaCako\Desktop\dszf
2016-01-04 19:27 - 2015-11-07 12:32 - 00000000 ____D C:\Users\FatmaCako\Desktop\Umetnost_pred1-3
2016-01-04 16:09 - 2013-09-07 11:48 - 00000000 ____D C:\ProgramData\MCShield
2016-01-04 14:42 - 2013-09-11 13:58 - 00003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BD816F16-C2C7-40FF-82E4-29BFC19F490E}
2016-01-04 14:34 - 2014-02-25 14:50 - 00000000 ____D C:\Users\FatmaCako\AppData\Roaming\DAEMON Tools Lite
2016-01-04 14:31 - 2014-01-23 21:33 - 00000000 ____D C:\Windows\Minidump
2016-01-04 14:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-04 12:25 - 2015-05-09 07:35 - 00000000 ____D C:\Users\FatmaCako\AppData\Local\ElevatedDiagnostics
2016-01-04 12:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-01-03 11:14 - 2014-08-10 10:09 - 00000922 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1047535193-2599728610-4175363373-1001Core.job
2015-12-29 20:42 - 2009-07-14 06:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-28 10:43 - 2014-01-03 11:30 - 00001415 _____ C:\Users\FatmaCako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2015-12-28 10:42 - 2014-01-03 11:29 - 00000000 ____D C:\Users\FatmaCako\AppData\Local\Torch
2015-12-20 18:38 - 2013-09-07 13:51 - 00000000 ____D C:\Users\FatmaCako\AppData\Roaming\BSplayer
2015-12-15 21:22 - 2013-09-07 10:50 - 00002229 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-10 00:28 - 2013-09-07 13:19 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-10 00:28 - 2013-09-07 13:19 - 00000000 ____D C:\Windows\system32\MRT

==================== Files in the root of some directories =======

2013-10-24 15:03 - 2015-03-25 17:20 - 0006656 _____ () C:\Users\FatmaCako\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-12-30 12:25

==================== End of FRST.txt ============================

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zdravo i dobrodošao na MyCity Ambulantu .

Pre svega,

Deinstaliraj sledeće programe:

MyPC Backup
PacFunction
Solution Real
Torch

Također, ako nisi instalirao PopCorn Time, deinstaliraj ga.

Zatim,

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

createrestorepoint:
closeprocesses:
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\...\Run: [iLivid] => C:\Users\FatmaCako\AppData\Local\iLivid\iLivid.exe [7913472 2014-05-25]
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\...\Run: [Yahoo! Search] => C:\Users\FatmaCako\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrlte.exe [660736 2015-09-21]
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=420&systemid=406&v=a13203-171&apn_uid=3135591826204200&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=420&systemid=406&v=a13203-171&apn_uid=3135591826204200&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1047535193-2599728610-4175363373-1001 -> OldSearch URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=501549&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1047535193-2599728610-4175363373-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B4C4002421A6B653&affID=128403&tsp=5195
SearchScopes: HKU\S-1-5-21-1047535193-2599728610-4175363373-1001 -> {2758E768-D627-42E3-9D52-3FB282CD1C98} URL = hxxp://searchsimple-a.akamaihd.net/?affID=mt-fm&q={searchTerms}&r=740
SearchScopes: HKU\S-1-5-21-1047535193-2599728610-4175363373-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1421703538&from=ild&uid=395049983_1052498_B4C4727F&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1047535193-2599728610-4175363373-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=420&systemid=406&v=a13203-171&apn_uid=3135591826204200&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110511131190} -> No File
BHO-x32: Flv2PC -> {1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} -> C:\Program Files (x86)\FLV2PC\flv2pc_ie.dll => No File
BHO-x32: No Name -> {3d86a75b-cb6b-4764-885d-ca6336f04ba2} -> No File
BHO-x32: PacFunction 1.0.0.7 -> {9aa72d95-59d7-4421-a02c-f93a1187a165} -> C:\Program Files (x86)\PacFunction\PacFunctionBHO.dll => No File
Toolbar: HKLM-x32 - No Name - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - No File
Toolbar: HKLM-x32 - buenosearch Toolbar - {828DC97A-2277-4E10-92A9-4907FA0922A9} - C:\Program Files (x86)\buenosearch LTD\buenosearch\1.8.28.7\buenosearchTlbr.dll No File
FF HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\...\Firefox\Extensions: [freegames4357@BestOffers] - C:\Users\FatmaCako\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers
FF Extension: Free Games 111 - C:\Users\FatmaCako\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers [2014-05-02] [not signed]
CHR RestoreOnStartup: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=688_pr__alt__ddc_dsssyc_bd_com"
CHR StartupUrls: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=688_pr__alt__ddc_dsssyc_bd_com"
CHR Extension: (CostMin) - C:\Users\FatmaCako\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnlijdaddomppcecemlkagbahfbikjch [2014-06-25]
CHR Extension: (Movies Toolbar) - C:\Users\FatmaCako\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobjjcahfhldcakcacmcomhgepfcppkc [2016-01-04] [UpdateUrl: hxxp://wwwpacfunctionin-a.akamaihd.net/update/chrome] <==== ATTENTION
R2 TorchCrashHandler; C:\Users\FatmaCako\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217032 2014-10-29] (TorchMedia Inc.) <==== ATTENTION
R2 Update PacFunction; C:\Program Files (x86)\PacFunction\updatePacFunction.exe
R2 Util PacFunction; C:\Program Files (x86)\PacFunction\bin\utilPacFunction.exe [657648 2016-01-05] ()
S2 MaintainerSvc2.12.9044570; "C:\ProgramData\5a29f6c6-227f-4883-9a26-af8533ba8ccf\maintainer.exe" [X]
R1 {c9295130-7674-4d8c-af48-518ea8f9a1b9}w64; C:\Windows\System32\drivers\{c9295130-7674-4d8c-af48-518ea8f9a1b9}w64.sys [48784 2015-02-06] (StdLib)
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc2.cfg [X]
S1 {19854aff-7c07-4859-9831-cd028ac55dd0}Gw64; system32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gw64.sys [X]
S1 {19854aff-7c07-4859-9831-cd028ac55dd0}w64; system32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}w64.sys [X]
C:\689e1d91f9a161ebd9
C:\Program Files (x86)\PacFunction
C:\ProgramData\TorchCrashHandler
C:\Users\FatmaCako\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: {34AE43CD-93E4-4A63-830A-997F4669E4AE} - \EPUpdater -> No File <==== ATTENTION
C:\Users\FatmaCako\AppData\Local\Pay-By-Ads
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
C:\Program Files (x86)\Movies Toolbar
C:\Users\FatmaCako\AppData\Local\iLivid
C:\Users\FatmaCako\AppData\Local\Torch
FirewallRules: [{CD43224F-FAF7-4FDA-8631-035538618189}] => (Allow) C:\Users\FatmaCako\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{44E8B5E2-57F7-488E-AF34-D0680E595B51}] => (Allow) C:\Users\FatmaCako\AppData\Local\Torch\Plugins\Hola\hola_plugin.exe
FirewallRules: [{4EAB3917-451F-4D5F-AF65-2320CD2D83DF}] => (Allow) C:\Users\FatmaCako\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe
FirewallRules: [{1648E3D3-40C8-403E-B1D5-CC6BAEAD825D}] => (Allow) C:\Users\FatmaCako\AppData\Local\iLivid\iLivid.exe
FirewallRules: [{40E18949-B8CD-4E79-B200-3D04CBD5D895}] => (Allow) C:\Users\FatmaCako\AppData\Local\iLivid\iLivid.exe
FirewallRules: [{27FFCCEF-B2A2-4B27-B158-553C7B2555E7}] => (Allow) C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe
FirewallRules: [{47993D4C-5C65-41E8-A23A-664F2786252D}] => (Allow) C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe
FirewallRules: [{A34805D2-CDB0-48E7-BB20-AD2669C77610}] => (Allow) C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~3\IE\dtuser.exe
FirewallRules: [{38CD3D63-0E2D-4029-8C56-3EEBC4DF0EA1}] => (Allow) C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~3\IE\dtuser.exe
CHR HKLM-x32\...\Chrome\Extension: [aaaaabcbmongicmdegkmmfgdickgnnob] - C:\Users\FatmaCako\AppData\Local\ilividmoviestoolbar181\GC\toolbar.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [acfoobbgoakpihljnfedbcfaipcdlfhk] - C:\Users\FatmaCako\AppData\Roaming\BabSolution\CR\bueno.crx <not found>
ShortcutWithArgument: C:\Users\FatmaCako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1421703538&from=ild&uid=395049983_1052498_B4C4727F
ShortcutWithArgument: C:\Users\FatmaCako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://isearch.omiga-plus.com/?type=sc&ts=1421703538&from=ild&uid=395049983_1052498_B4C4727F
emptytemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.


3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Zatim,

Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"
Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt

Pošto si također koristio Combofix okači i njegov log u odgovor (log se nalazi u C:\ ).

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Fix result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by FatmaCako (2016-01-05 16:48:08) Run:1
Running from C:\Users\FatmaCako\Desktop\New folder
Loaded Profiles: FatmaCako (Available Profiles: FatmaCako)
Boot Mode: Normal
==============================================

fixlist content:
*****************
createrestorepoint:
closeprocesses:
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\...\Run: [iLivid] => C:\Users\FatmaCako\AppData\Local\iLivid\iLivid.exe [7913472 2014-05-25]
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\...\Run: [Yahoo! Search] => C:\Users\FatmaCako\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrlte.exe [660736 2015-09-21]
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-21-1047535193-2599728610-4175363373-1001 -> OldSearch URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-21-1047535193-2599728610-4175363373-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&babsrc=SP_ss&mntrId=B4C4002421A6B653&affID=128403&tsp=5195
SearchScopes: HKU\S-1-5-21-1047535193-2599728610-4175363373-1001 -> {2758E768-D627-42E3-9D52-3FB282CD1C98} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&r=740
SearchScopes: HKU\S-1-5-21-1047535193-2599728610-4175363373-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
SearchScopes: HKU\S-1-5-21-1047535193-2599728610-4175363373-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110511131190} -> No File
BHO-x32: Flv2PC -> {1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} -> C:\Program Files (x86)\FLV2PC\flv2pc_ie.dll => No File
BHO-x32: No Name -> {3d86a75b-cb6b-4764-885d-ca6336f04ba2} -> No File
BHO-x32: PacFunction 1.0.0.7 -> {9aa72d95-59d7-4421-a02c-f93a1187a165} -> C:\Program Files (x86)\PacFunction\PacFunctionBHO.dll => No File
Toolbar: HKLM-x32 - No Name - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - No File
Toolbar: HKLM-x32 - buenosearch Toolbar - {828DC97A-2277-4E10-92A9-4907FA0922A9} - C:\Program Files (x86)\buenosearch LTD\buenosearch\1.8.28.7\buenosearchTlbr.dll No File
FF HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\...\Firefox\Extensions: [freegames4357@BestOffers] - C:\Users\FatmaCako\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers
FF Extension: Free Games 111 - C:\Users\FatmaCako\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers [2014-05-02] [not signed]
CHR RestoreOnStartup: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=688_pr__alt__ddc_dsssyc_bd_com"
CHR StartupUrls: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=688_pr__alt__ddc_dsssyc_bd_com"
CHR Extension: (CostMin) - C:\Users\FatmaCako\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnlijdaddomppcecemlkagbahfbikjch [2014-06-25]
CHR Extension: (Movies Toolbar) - C:\Users\FatmaCako\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobjjcahfhldcakcacmcomhgepfcppkc [2016-01-04] [UpdateUrl: [Link mogu videti samo ulogovani korisnici] <==== ATTENTION
R2 TorchCrashHandler; C:\Users\FatmaCako\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217032 2014-10-29] (TorchMedia Inc.) <==== ATTENTION
R2 Update PacFunction; C:\Program Files (x86)\PacFunction\updatePacFunction.exe
R2 Util PacFunction; C:\Program Files (x86)\PacFunction\bin\utilPacFunction.exe [657648 2016-01-05] ()
S2 MaintainerSvc2.12.9044570; "C:\ProgramData\5a29f6c6-227f-4883-9a26-af8533ba8ccf\maintainer.exe" [X]
R1 {c9295130-7674-4d8c-af48-518ea8f9a1b9}w64; C:\Windows\System32\drivers\{c9295130-7674-4d8c-af48-518ea8f9a1b9}w64.sys [48784 2015-02-06] (StdLib)
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc2.cfg [X]
S1 {19854aff-7c07-4859-9831-cd028ac55dd0}Gw64; system32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gw64.sys [X]
S1 {19854aff-7c07-4859-9831-cd028ac55dd0}w64; system32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}w64.sys [X]
C:\689e1d91f9a161ebd9
C:\Program Files (x86)\PacFunction
C:\ProgramData\TorchCrashHandler
C:\Users\FatmaCako\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: {34AE43CD-93E4-4A63-830A-997F4669E4AE} - \EPUpdater -> No File <==== ATTENTION
C:\Users\FatmaCako\AppData\Local\Pay-By-Ads
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
C:\Program Files (x86)\Movies Toolbar
C:\Users\FatmaCako\AppData\Local\iLivid
C:\Users\FatmaCako\AppData\Local\Torch
FirewallRules: [{CD43224F-FAF7-4FDA-8631-035538618189}] => (Allow) C:\Users\FatmaCako\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{44E8B5E2-57F7-488E-AF34-D0680E595B51}] => (Allow) C:\Users\FatmaCako\AppData\Local\Torch\Plugins\Hola\hola_plugin.exe
FirewallRules: [{4EAB3917-451F-4D5F-AF65-2320CD2D83DF}] => (Allow) C:\Users\FatmaCako\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe
FirewallRules: [{1648E3D3-40C8-403E-B1D5-CC6BAEAD825D}] => (Allow) C:\Users\FatmaCako\AppData\Local\iLivid\iLivid.exe
FirewallRules: [{40E18949-B8CD-4E79-B200-3D04CBD5D895}] => (Allow) C:\Users\FatmaCako\AppData\Local\iLivid\iLivid.exe
FirewallRules: [{27FFCCEF-B2A2-4B27-B158-553C7B2555E7}] => (Allow) C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe
FirewallRules: [{47993D4C-5C65-41E8-A23A-664F2786252D}] => (Allow) C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe
FirewallRules: [{A34805D2-CDB0-48E7-BB20-AD2669C77610}] => (Allow) C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~3\IE\dtuser.exe
FirewallRules: [{38CD3D63-0E2D-4029-8C56-3EEBC4DF0EA1}] => (Allow) C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~3\IE\dtuser.exe
CHR HKLM-x32\...\Chrome\Extension: [aaaaabcbmongicmdegkmmfgdickgnnob] - C:\Users\FatmaCako\AppData\Local\ilividmoviestoolbar181\GC\toolbar.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [acfoobbgoakpihljnfedbcfaipcdlfhk] - C:\Users\FatmaCako\AppData\Roaming\BabSolution\CR\bueno.crx <not found>
ShortcutWithArgument: C:\Users\FatmaCako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> [Link mogu videti samo ulogovani korisnici]
ShortcutWithArgument: C:\Users\FatmaCako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> [Link mogu videti samo ulogovani korisnici]
emptytemp:
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\Software\Microsoft\Windows\CurrentVersion\Run\\iLivid => value removed successfully
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Yahoo! Search => value removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\Machine => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" => key removed successfully
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" => key removed successfully
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => key not found.
"HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\OldSearch" => key removed successfully
HKCR\CLSID\OldSearch => key not found.
"HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => key removed successfully
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key not found.
"HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2758E768-D627-42E3-9D52-3FB282CD1C98}" => key removed successfully
HKCR\CLSID\{2758E768-D627-42E3-9D52-3FB282CD1C98} => key not found.
"HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" => key removed successfully
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511131190}" => key removed successfully
HKCR\CLSID\{11111111-1111-1111-1111-110511131190} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}" => key removed successfully
HKCR\Wow6432Node\CLSID\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9aa72d95-59d7-4421-a02c-f93a1187a165}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{9aa72d95-59d7-4421-a02c-f93a1187a165}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} => value removed successfully
HKCR\Wow6432Node\CLSID\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{828DC97A-2277-4E10-92A9-4907FA0922A9} => value removed successfully
"HKCR\Wow6432Node\CLSID\{828DC97A-2277-4E10-92A9-4907FA0922A9}" => key removed successfully
HKU\S-1-5-21-1047535193-2599728610-4175363373-1001\Software\Mozilla\Firefox\Extensions\\freegames4357@BestOffers => value removed successfully
C:\Users\FatmaCako\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers => moved successfully
FF Extension: Free Games 111 - C:\Users\FatmaCako\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers [2014-05-02] [not signed] => not found
Chrome RestoreOnStartup => removed successfully
Chrome StartupUrls => removed successfully
C:\Users\FatmaCako\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnlijdaddomppcecemlkagbahfbikjch => moved successfully
C:\Users\FatmaCako\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobjjcahfhldcakcacmcomhgepfcppkc <==== ATTENTION => not found
TorchCrashHandler => service not found.
Update PacFunction => Unable to stop service.
Update PacFunction => service removed successfully
Util PacFunction => Unable to stop service.
Util PacFunction => service removed successfully
MaintainerSvc2.12.9044570 => service removed successfully
{c9295130-7674-4d8c-af48-518ea8f9a1b9}w64 => Service stopped successfully.
{c9295130-7674-4d8c-af48-518ea8f9a1b9}w64 => service removed successfully
F06DEFF2-5B9C-490D-910F-35D3A9119622 => service removed successfully
{19854aff-7c07-4859-9831-cd028ac55dd0}Gw64 => service removed successfully
{19854aff-7c07-4859-9831-cd028ac55dd0}w64 => service removed successfully
C:\689e1d91f9a161ebd9 => moved successfully
C:\Program Files (x86)\PacFunction => moved successfully
"C:\ProgramData\TorchCrashHandler" => not found.
C:\Users\FatmaCako\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34AE43CD-93E4-4A63-830A-997F4669E4AE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34AE43CD-93E4-4A63-830A-997F4669E4AE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater" => key removed successfully
C:\Users\FatmaCako\AppData\Local\Pay-By-Ads => moved successfully
C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully.
"C:\Program Files (x86)\Movies Toolbar" => not found.
C:\Users\FatmaCako\AppData\Local\iLivid => moved successfully
C:\Users\FatmaCako\AppData\Local\Torch => moved successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CD43224F-FAF7-4FDA-8631-035538618189} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{44E8B5E2-57F7-488E-AF34-D0680E595B51} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4EAB3917-451F-4D5F-AF65-2320CD2D83DF} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1648E3D3-40C8-403E-B1D5-CC6BAEAD825D} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{40E18949-B8CD-4E79-B200-3D04CBD5D895} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{27FFCCEF-B2A2-4B27-B158-553C7B2555E7} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{47993D4C-5C65-41E8-A23A-664F2786252D} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A34805D2-CDB0-48E7-BB20-AD2669C77610} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{38CD3D63-0E2D-4029-8C56-3EEBC4DF0EA1} => value removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\acfoobbgoakpihljnfedbcfaipcdlfhk" => key removed successfully
C:\Users\FatmaCako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk => Shortcut argument removed successfully.
C:\Users\FatmaCako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Shortcut argument removed successfully.
EmptyTemp: => 1022.4 MB temporary data Removed.


The system needed a reboot.


==== End of Fixlog 16:50:04 ====
[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

S obzirom da su chromovi dll fajlovi patchovani,moraćeš uraditi reinstalaciju Chrome preglednika,nakon toga javi mi stanje računara.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Reinstalirao sam Chrome i sad radi bez problema,generalno komjuter radi mnogo bolje, hvala puno.Ima li potrebe jos nesto da se radi?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ako radi dobro, to je to .

• Sledeća procedura će implementirati završno čišćenje.



Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.

Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;
Remove disinfection tools
Create registry backup
Purge System Restore

Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.

Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno.


Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)
- Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
- DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Odradio sam.