Programi, infekcije...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

1. detaljan opis problema; Katastrofa stanje, mnogo koči, imam neki antivirus kineski, ne znam kako je upao, ne znam kako da ga izbrišem, nema ga tamo u instalicijama.. Previše koči, hteo bi malo barem da ga sredim jer mi je potreban za neke podatke i za rad, da bude funkcionalan. Da ne pričam napamet ne znam šta ima sve u njemu, videćete vi...

2. postavljanje dijagnostičkog izveštaja (log-a, logfile-a);

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-08-2015
Ran by prle (administrator) on PRLE-PC (20-08-2015 11:48:11)
Running from D:\MyCity
Loaded Profiles: prle & UpdatusUser (Available Profiles: prle & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: engleski (SAD)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Tencent) C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\QQPCRTP.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Stardock Corporation) C:\Program Files\Stardock\WindowBlinds\WBSrv.exe
(Stardock Software, Inc) C:\Program Files\Stardock\WindowBlinds\WBCore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
() C:\Windows\FixCamera.exe
() C:\Windows\vsnp325.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(BitTorrent Inc.) C:\Users\prle\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Users\prle\AppData\Local\Viber\Viber.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [ QQPCTray] => C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\QQPCTray.exe [355296 2015-06-10] (Tencent)
HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-27] (Panda Security, S.L.)
HKLM\...\Run: [FixCamera] => C:\Windows\FixCamera.exe [20480 2007-02-12] ()
HKLM\...\Run: [snp325] => C:\Windows\vsnp325.exe [835584 2007-05-10] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157968 2015-08-13] (Apple Inc.)
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [] => [X]
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia)
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [uTorrent] => C:\Users\prle\AppData\Roaming\uTorrent\uTorrent.exe [1696096 2015-08-18] (BitTorrent Inc.)
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [Viber] => C:\Users\prle\AppData\Local\Viber\Viber.exe [72389840 2015-08-12] ()
HKU\S-1-5-21-1606030900-3430388029-1771253369-1003\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\QMGCShellExt.dll [2015-06-10] (Tencent)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici]
HKU\S-1-5-21-1606030900-3430388029-1771253369-1003\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
HKU\S-1-5-21-1606030900-3430388029-1771253369-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici]
HKU\S-1-5-21-1606030900-3430388029-1771253369-1003\Software\Microsoft\Internet Explorer\Main,First Home Page = [Link mogu videti samo ulogovani korisnici]
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1606030900-3430388029-1771253369-1003 -> {0E90424D-0616-420E-8E5C-6B6FD05CD6D7} URL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&src=IE-SearchBox
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30] (Adobe Systems Incorporated)
BHO: Ó¦Óñ¦Ň»Ľü°˛×°˛ĺĽţ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1606030900-3430388029-1771253369-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems Incorporated)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{039C5642-6F31-4D6D-83AC-F9F7876886C1}: [DhcpNameServer] 10.85.64.173 10.85.64.174
Tcpip\..\Interfaces\{951D4D05-7622-484A-8CE7-A9975DE49AD5}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9B7B13D5-31FA-4388-A405-B917D9D885E4}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A2B60D15-4014-4A5C-9EFC-96A5AF86EBA5}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{C6D742C0-BC07-4658-9204-D37845F07F85}: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\ainpcrm1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-05] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-07-27] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin: @qq.com/npAndroidAssistant -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
FF Plugin: @qq.com/QQPCMgr -> C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\npQMExtensionsMozilla.dll [2015-06-10] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll [2014-06-10] (Verimatrix, Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems)
FF Plugin HKU\.DEFAULT: @rising.com.cn/nprising -> C:\Program Files\Rising\RAV\nprising.dll No File
FF Plugin HKU\S-1-5-21-1606030900-3430388029-1771253369-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\prle\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-21] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1606030900-3430388029-1771253369-1000: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll [2014-06-10] (Verimatrix, Inc.)
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2015-06-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-08-14]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - [Link mogu videti samo ulogovani korisnici]
CHR HKLM\...\Chrome\Extension: [ooebklgpfnbcnpokahmdidgbmlcdepkm] - [Link mogu videti samo ulogovani korisnici]

Opera:
=======
OPR Extension: (Gaming Companion) - C:\Users\prle\AppData\Roaming\Opera Software\Opera Stable\Extensions\bjdnlokgpbeflkegifbndikgnnbmfccd [2015-06-08]
OPR Extension: (Games for you and me) - C:\Users\prle\AppData\Roaming\Opera Software\Opera Stable\Extensions\hdlmjkfoidldghacbhdinlbmgpcplpal [2015-06-01]
OPR Extension: (Summer Sports) - C:\Users\prle\AppData\Roaming\Opera Software\Opera Stable\Extensions\hhjchhljdoccgihhmkmoefiegblmlekk [2015-05-30]
OPR Extension: (Beta Sports) - C:\Users\prle\AppData\Roaming\Opera Software\Opera Stable\Extensions\lnpddjhhjmmcnjbjdbopmniafbpfppkb [2015-05-29]
OPR Extension: (mcceagdollnkjlogmdckgjakjapmkdjf) - C:\Users\prle\AppData\Roaming\Opera Software\Opera Stable\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf [2015-05-29]
OPR Extension: (ohcpnigalekghcmgcdcenkpelffpdolg) - C:\Users\prle\AppData\Roaming\Opera Software\Opera Stable\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2015-06-08]
OPR Extension: (pooljnboifbodgifngpppfklhifechoe) - C:\Users\prle\AppData\Roaming\Opera Software\Opera Stable\Extensions\pooljnboifbodgifngpppfklhifechoe [2015-05-30]
StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera\Opera.exe [Link mogu videti samo ulogovani korisnici]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-27] (Panda Security, S.L.)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-27] (Panda Security, S.L.)
R2 QQPCRTP; C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\QQPCRTP.exe [297608 2015-08-03] (Tencent)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WindowBlinds; C:\Program Files\Stardock\WindowBlinds\wbsrv.exe [84592 2014-03-10] (Stardock Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [274304 2010-11-20] (Microsoft Corporation)
R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [22400 2011-03-11] (Advanced Micro Devices)
R5 atapi; C:\Windows\System32\drivers\atapi.sys [21584 2009-07-14] (Microsoft Corporation)
R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2012-10-18] (Atheros Communications, Inc.) [File not signed]
R5 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [370488 2015-01-31] (Microsoft Corporation)
R5 Disk; C:\Windows\System32\DRIVERS\disk.sys [57424 2009-07-14] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [58448 2009-07-14] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [198208 2009-07-14] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\system32\Drivers\Fs_Rec.sys [19824 2012-03-01] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [196328 2013-01-24] (Microsoft Corporation)
S3 gggen; C:\Windows\System32\DRIVERS\gggen.sys [11648 2006-09-28] (Sony Ericsson Mobile Communications) [File not signed]
S3 ggsemc; C:\Windows\System32\DRIVERS\ggsemc.sys [11648 2006-09-28] (Sony Ericsson Mobile Communications) [File not signed]
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2014-08-03] (Sony Mobile Communications)
S3 hcdriver; C:\Windows\System32\DRIVERS\hcdriver.sys [55208 2013-08-21] (Intel Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [22688 2014-07-20] (REALiX(tm))
R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14208 2010-11-20] (Microsoft Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [67512 2015-03-06] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [137656 2015-03-06] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-25] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [78784 2015-02-03] (Microsoft Corporation)
R5 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [13888 2009-07-14] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [49728 2009-07-14] (Microsoft Corporation)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [712048 2012-08-22] (Microsoft Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [86800 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202128 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [109584 2015-02-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [126480 2015-02-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [41744 2014-12-31] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99856 2015-02-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [61712 2015-02-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [120592 2015-02-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [281232 2015-02-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [205456 2015-02-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [108432 2015-02-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [239888 2015-02-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [94864 2015-02-09] (Panda Security, S.L.)
R5 nvstor; C:\Windows\System32\drivers\nvstor.sys [143744 2011-03-11] (NVIDIA Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [56176 2012-03-17] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [153984 2010-11-20] (Microsoft Corporation)
R5 pciide; C:\Windows\System32\drivers\pciide.sys [12368 2009-07-14] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [43088 2009-07-14] (Microsoft Corporation)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [140048 2015-04-21] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [105232 2015-02-25] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [168208 2015-02-25] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [113936 2015-02-25] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [124688 2015-02-25] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [100624 2015-02-25] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.)
R1 QMIEProtect; C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\QMIEProtect.sys [49976 2015-08-18] ()
R3 QMUdisk; C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\QMUdisk.sys [59872 2015-06-10] (Tencent)
R2 QQSysMon; C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\QQSysMon.sys [108472 2015-06-10] (电脑管家)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [173440 2010-11-20] (Microsoft Corporation)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [83336 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [15112 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [108680 2007-04-24] (MCCI Corporation)
S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [100488 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [98696 2007-04-24] (MCCI Corporation)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [113984 2015-02-28] (Power Software Ltd)
S3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10343168 2007-05-07] (Sonix Co. Ltd.)
R5 spldr; C:\Windows\system32\Drivers\spldr.sys [17472 2009-07-14] (Microsoft Corporation)
R5 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2014-01-18] (Duplex Secure Ltd.)
R5 storflt; C:\Windows\System32\drivers\vmstorfl.sys [40704 2010-11-20] (Microsoft Corporation)
R2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator.sys [77016 2015-06-10] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel.sys [138552 2015-06-10] (Tencent Technology(Shenzhen) Company Limited)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1294272 2014-04-05] (Microsoft Corporation)
R1 TFsFlt; C:\Windows\System32\Drivers\TFsFlt.sys [150072 2015-06-10] (电脑管家)
R3 TS888; C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\TS888.sys [30392 2015-08-20] (Tencent)
R1 TSCPM; C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\tscpm.sys [43448 2015-06-10] (电脑管家)
R1 TSDefenseBt; C:\Windows\System32\DRIVERS\TSDefenseBt.sys [14008 2015-06-10] (Tencent)
R5 TsFltMgr; C:\Windows\System32\drivers\TsFltMgr.sys [124792 2015-06-10] (电脑管家)
R1 TSKSP; C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\TSKsp.sys [204920 2015-06-10] (电脑管家)
S3 TSSK; C:\Windows\System32\tssk.sys [67896 2015-06-10] (电脑管家)
R1 TSSysKit; C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\TSSysKit.sys [101560 2015-06-10] (电脑管家)
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [17792 2008-12-26] (Avnex)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [32832 2009-07-14] (Microsoft Corporation)
R5 vmbus; C:\Windows\System32\drivers\vmbus.sys [175360 2010-11-20] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [53120 2010-11-20] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [297040 2009-07-14] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [245632 2010-11-20] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [527064 2013-06-26] (Microsoft Corporation)
S3 cpuz134; \??\C:\Users\prle\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
R1 MpKslbb549dcf; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{829FB6CF-96F6-4F85-917C-FE25FAE81DAE}\MpKslbb549dcf.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-20 11:48 - 2015-08-20 11:48 - 00000000 ____D C:\FRST
2015-08-16 01:29 - 2015-08-20 10:55 - 00002218 _____ C:\Windows\PFRO.log
2015-08-16 01:29 - 2015-08-16 01:29 - 03841216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-16 01:00 - 2015-08-20 10:56 - 00001512 _____ C:\Windows\setupact.log
2015-08-16 01:00 - 2015-08-16 01:00 - 00000000 _____ C:\Windows\setuperr.log
2015-08-16 00:50 - 2015-08-16 00:50 - 00000000 ____D C:\Users\prle\AppData\Roaming\iMobie
2015-08-16 00:50 - 2015-08-16 00:50 - 00000000 ____D C:\Users\prle\AppData\Local\iMobie_Inc
2015-08-16 00:48 - 2015-08-16 00:49 - 06973328 _____ (iMobie Inc. ) C:\Users\prle\Desktop\phoneclean-setup.exe
2015-08-15 19:11 - 2015-08-15 19:11 - 00112776 _____ C:\Users\prle\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-15 17:57 - 2015-08-15 18:02 - 00000000 ____D C:\QMDownload
2015-08-14 22:19 - 2015-08-15 18:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-14 16:19 - 2015-08-14 16:19 - 00001713 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-14 16:19 - 2015-08-14 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-14 16:18 - 2015-08-14 16:19 - 00000000 ____D C:\Program Files\iTunes
2015-08-14 16:18 - 2015-08-14 16:18 - 00000000 ____D C:\Program Files\iPod
2015-08-14 15:58 - 2015-08-14 16:01 - 110782744 _____ (Apple Inc.) C:\Users\prle\Downloads\iTunesSetup.exe
2015-08-13 00:51 - 2015-08-13 00:51 - 00000397 _____ C:\Users\prle\Desktop\Naxi_live_MP3-128k.pls
2015-08-08 14:57 - 2015-08-08 15:13 - 00000000 ____D C:\Users\prle\Desktop\ogijeve pesme
2015-07-30 04:12 - 2015-07-30 04:12 - 00000151 _____ C:\Windows\PhotoSnapViewer.INI
2015-07-28 13:15 - 2015-08-20 10:57 - 00000000 ____D C:\Users\prle\AppData\Roaming\ViberPC
2015-07-28 13:15 - 2015-08-19 12:13 - 00001161 _____ C:\Users\prle\Desktop\Viber.lnk
2015-07-28 13:15 - 2015-08-19 12:13 - 00000998 _____ C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk
2015-07-28 13:14 - 2015-08-19 12:13 - 00000000 ____D C:\Users\prle\AppData\Local\Viber
2015-07-28 13:13 - 2015-07-28 13:14 - 67701008 _____ (Viber Media Inc) C:\Users\prle\Desktop\ViberSetup.exe
2015-07-26 19:08 - 2015-07-26 19:08 - 35796928 _____ C:\Users\prle\Desktop\Pangu_v1.2.1.exe
2015-07-26 19:03 - 2015-07-26 19:39 - 00000000 ____D C:\Users\prle\AppData\Local\pangu
2015-07-26 19:00 - 2015-08-14 16:03 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-07-26 18:42 - 2015-07-26 18:43 - 44435904 _____ C:\Users\prle\Desktop\Pangu8_v1.2.1.exe
2015-07-25 03:40 - 2015-07-25 03:40 - 00000000 ____D C:\Windows\Sun
2015-07-22 22:10 - 2015-08-18 22:26 - 00000000 ____D C:\Users\prle\Desktop\Nova fascikla
2015-07-21 13:05 - 2015-07-21 13:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hama PC-Webcam AC-140
2015-07-21 13:05 - 2015-07-21 13:05 - 00000000 ____D C:\Program Files\Common Files\snp325
2015-07-21 13:05 - 2007-05-10 13:18 - 00835584 _____ () C:\Windows\vsnp325.exe
2015-07-21 13:05 - 2007-05-07 17:58 - 10343168 _____ (Sonix Co. Ltd.) C:\Windows\system32\Drivers\snp325.sys
2015-07-21 13:05 - 2007-04-21 09:36 - 00270336 _____ () C:\Windows\tsnp325.exe
2015-07-21 13:05 - 2007-04-20 16:40 - 00057344 _____ ( ) C:\Windows\system32\vsnp325.dll
2015-07-21 13:05 - 2007-02-12 14:50 - 00020480 _____ () C:\Windows\FixCamera.exe
2015-07-21 13:05 - 2006-07-03 10:31 - 00094208 _____ (Microsoft Corporation) C:\Windows\amcap.exe
2015-07-21 13:05 - 2006-04-12 12:11 - 00147456 _____ ( ) C:\Windows\system32\rsnp325.dll
2015-07-21 13:05 - 2005-11-23 13:55 - 00053248 _____ ( ) C:\Windows\system32\csnp325.dll
2015-07-21 13:05 - 2004-02-27 17:36 - 00015498 _____ C:\Windows\snp325.ini
2015-07-21 13:05 - 2004-02-27 17:36 - 00013023 _____ C:\Windows\snp325.src
2015-07-21 13:04 - 2015-07-21 13:04 - 00000000 ____D C:\Users\prle\AppData\Roaming\InstallShield

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-20 11:48 - 2013-06-28 12:51 - 00000000 ____D C:\Users\prle\AppData\Roaming\uTorrent
2015-08-20 11:30 - 2013-06-28 13:04 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-20 11:12 - 2014-07-27 22:37 - 01327305 _____ C:\Windows\WindowsUpdate.log
2015-08-20 11:11 - 2015-06-23 08:54 - 00000065 _____ C:\Windows\QMNetworkMgr.ini
2015-08-20 11:09 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-20 11:09 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-20 10:57 - 2015-06-10 18:40 - 00030392 _____ (Tencent) C:\Windows\system32\Drivers\TS888.sys
2015-08-20 10:56 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-20 07:37 - 2013-06-28 12:15 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-19 13:31 - 2013-08-20 21:26 - 03980288 ___SH C:\Users\prle\Desktop\Thumbs.db
2015-08-19 12:18 - 2013-06-28 12:48 - 00000000 ____D C:\Program Files\Opera
2015-08-19 04:45 - 2014-07-27 01:56 - 00000000 ____D C:\Users\prle\AppData\Roaming\Skype
2015-08-17 22:40 - 2009-07-14 06:34 - 00029280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-17 22:40 - 2009-07-14 06:34 - 00029280 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-17 19:00 - 2013-08-29 17:18 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2015-08-15 23:37 - 2013-06-28 13:11 - 00000000 ____D C:\Users\prle\AppData\Roaming\Winamp
2015-08-15 18:04 - 2013-06-28 13:11 - 00000000 ____D C:\Program Files\Winamp
2015-08-15 18:01 - 2015-02-25 20:53 - 00000000 ____D C:\Users\prle\AppData\Local\CrashDumps
2015-08-15 17:53 - 2013-08-29 17:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-14 16:18 - 2015-07-20 12:26 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-08 11:12 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-07-21 13:05 - 2013-06-28 12:40 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-07-21 13:05 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\twain_32
2015-07-21 13:05 - 2009-07-14 04:04 - 00000638 _____ C:\Windows\win.ini
2015-07-21 11:27 - 2013-07-13 22:24 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe

==================== Files in the root of some directories =======

2015-01-30 02:13 - 2015-01-30 02:14 - 0000115 _____ () C:\Users\prle\AppData\Roaming\LogFile.txt
2013-08-08 13:44 - 2013-08-10 15:09 - 0000018 _____ () C:\Users\prle\AppData\Roaming\uid.dat
2015-06-01 22:53 - 2015-06-01 22:53 - 0880640 _____ () C:\Users\prle\AppData\Roaming\XBbVVVyfNihzfsvwPyAE3wpr.exe
2012-05-03 13:12 - 2012-05-03 13:12 - 0000532 _____ () C:\Users\prle\AppData\Local\datos.txt
2014-08-06 05:16 - 2014-08-06 05:16 - 0000001 _____ () C:\Users\prle\AppData\Local\llftool.4.40.agreement
2013-07-07 06:30 - 2014-08-29 05:52 - 0007598 _____ () C:\Users\prle\AppData\Local\Resmon.ResmonCfg
2013-07-27 03:03 - 2014-10-09 01:44 - 0000435 _____ () C:\Users\prle\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
C:\Users\prle\AppData\Local\Temp\NEventMessages.dll
C:\Users\prle\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\prle\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-12 13:36

==================== End of log ============================

*************************************************************************


[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Korak 1

Imaš instalirana dva AV programa. Panda i Microsoft Security Essentials. Deinstaliraj jedan od njih.



Korak 2

Idi u Start -> Control Panel -> Programs and Features i deinstaliraj
YTD Video Downloader 4.9



Korak 3

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

R1 QMIEProtect; C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\QMIEProtect.sys [49976 2015-08-18] ()
R3 QMUdisk; C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\QMUdisk.sys [59872 2015-06-10] (Tencent)
R2 QQSysMon; C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\QQSysMon.sys [108472 2015-06-10] (电脑管家)
R2 QQPCRTP; C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\QQPCRTP.exe [297608 2015-08-03] (Tencent)
R3 TS888; C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\TS888.sys [30392 2015-08-20] (Tencent)
R1 TSCPM; C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\tscpm.sys [43448 2015-06-10] (电脑管家)
R1 TSDefenseBt; C:\Windows\System32\DRIVERS\TSDefenseBt.sys [14008 2015-06-10] (Tencent)
R5 TsFltMgr; C:\Windows\System32\drivers\TsFltMgr.sys [124792 2015-06-10] (电脑管家)
R1 TSKSP; C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\TSKsp.sys [204920 2015-06-10] (电脑管家)
S3 TSSK; C:\Windows\System32\tssk.sys [67896 2015-06-10] (电脑管家)
R1 TSSysKit; C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\TSSysKit.sys [101560 2015-06-10] (电脑管家)
HKLM\...\Run: [ QQPCTray] => C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\QQPCTray.exe [355296 2015-06-10] (Tencent)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\QMGCShellExt.dll [2015-06-10] (Tencent)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Ó¦Óñ¦Ň»Ľü°˛×°˛ĺĽţ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
FF Plugin: @qq.com/npAndroidAssistant -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
FF Plugin: @qq.com/QQPCMgr -> C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\npQMExtensionsMozilla.dll [2015-06-10] (Tencent Technology (Shenzhen) Company Limited)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-08-14]
CHR HKLM\...\Chrome\Extension: [ooebklgpfnbcnpokahmdidgbmlcdepkm] - https://clients2.google.com/service/update2/crx
OPR Extension: (Gaming Companion) - C:\Users\prle\AppData\Roaming\Opera Software\Opera Stable\Extensions\bjdnlokgpbeflkegifbndikgnnbmfccd [2015-06-08]
OPR Extension: (Games for you and me) - C:\Users\prle\AppData\Roaming\Opera Software\Opera Stable\Extensions\hdlmjkfoidldghacbhdinlbmgpcplpal [2015-06-01]
OPR Extension: (Summer Sports) - C:\Users\prle\AppData\Roaming\Opera Software\Opera Stable\Extensions\hhjchhljdoccgihhmkmoefiegblmlekk [2015-05-30]
OPR Extension: (Beta Sports) - C:\Users\prle\AppData\Roaming\Opera Software\Opera Stable\Extensions\lnpddjhhjmmcnjbjdbopmniafbpfppkb [2015-05-29]
OPR Extension: (mcceagdollnkjlogmdckgjakjapmkdjf) - C:\Users\prle\AppData\Roaming\Opera Software\Opera Stable\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf [2015-05-29]
OPR Extension: (ohcpnigalekghcmgcdcenkpelffpdolg) - C:\Users\prle\AppData\Roaming\Opera Software\Opera Stable\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2015-06-08]
OPR Extension: (pooljnboifbodgifngpppfklhifechoe) - C:\Users\prle\AppData\Roaming\Opera Software\Opera Stable\Extensions\pooljnboifbodgifngpppfklhifechoe [2015-05-30]
StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera\Opera.exe http://www.oursurfing.com/?type=sc&ts=14339476.....8_2CF1EC7B
R2 QQPCRTP; C:\Program Files\Tencent\QQPCMgr\10.9.16349.225\QQPCRTP.exe [297608 2015-08-03] (Tencent)
globalupdate Helper (Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-1606030900-3430388029-1771253369-1003_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> "C:\Users\prle\AppData\Local\Torch\Application\33.0.0.7326\delegate_execute.exe" No File
C:\Windows\System32\DRIVERS\TSDefenseBt.sys
C:\Windows\System32\drivers\TsFltMgr.sys
C:\Windows\System32\tssk.sys
C:\Program Files\Tencent
C:\Program Files\Common Files\Tencent
Task: {195D8B93-9929-4D02-9D61-1A8CD07102BF} - \Adobe Acrobat Update Task -> No File <==== ATTENTION
Task: {62EF3AF4-4243-4D52-BF2D-DE2778A67A17} - \WINshell Event Logging -> No File <==== ATTENTION
Task: {754BAD7D-A687-42ED-AF1A-BF285539A725} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {82BC1938-D24F-46B3-A463-F1B14FD2B9A0} - \{D00C354B-4D5D-4F91-8F41-E22F25537EC9} -> No File <==== ATTENTION
Task: {C05C525E-11FE-44DB-9C13-8CDE58016257} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {D735E50D-9295-43A7-810A-3D6354F35F74} - \Opera scheduled Autoupdate 1422158942 -> No File <==== ATTENTION
Task: {D9DC25F7-0EDA-49AA-AE94-97116839BA4B} - \WINshell Event Notification -> No File <==== ATTENTION
EmptyTemp:


U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).




Korak 4

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
u EULA prozoru klikni na I agree.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Cleaning i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK
Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S0].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"
Napomena: Izvještaj ce takođe biti sačuvan na C:\Adwcleaner\AdwCleaner[S0].txt