Problem sa reklamama

Sad skeniram. Puno hvala!

Aviru koristim, bar ja mislim da je to antivirusni program

zahvaljujem na strpljenju

malvarebytes: "Scan completed suuccessfully. No malicious items were detected"

gore na browseru sa desne str. stoji ikona adguarda zelena kvacica ipored br 45

ipak me jos trazida intaliram program tj. "ich akzeptiere die vereinbarung" na sto jos nisam kliknula

Puno si mi pomogao, zaista! Sad je super bez reklama, prozorcica, bar zasad.

Nadam se sutra nece iskociti koja.izgleda problem rijesen!

Hvala najljepa

Lijep pozdrav

Laku noc

poznato ti je ovo ?

[2014.11.15 20:06:20 | 000,000,033 | ---- | M] () -- C:\Users\IVAN\Documents\new1.cpp
[2014.11.15 20:05:12 | 000,475,166 | ---- | M] () -- C:\Users\IVAN\Documents\new1.exe

ako ti je poznato izbriši iz skripte ispod,a ako ti  nije poznato, uradi ovako

otvori OTL i ovo kopiraj u prazno polje

:Services
:Processes
KILLALLPROCESSES
:OTL
FF - prefs.js..extensions.enabledAddons: %7B4fec0d7e-e1c2-4b86-af44-c7cf7b0c199a%7D:0.1
[2013.10.17 10:11:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\IVAN\AppData\Roaming\Mozilla\Extensions
[2014.12.09 17:13:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\IVAN\AppData\Roaming\Mozilla\Firefox\Profiles\7b6cuhib.default\extensions
[2014.12.01 23:34:44 | 000,000,000 | ---D | M] ("Supreme Finder") -- C:\Users\IVAN\AppData\Roaming\Mozilla\Firefox\Profiles\7b6cuhib.default\extensions\{4fec0d7e-e1c2-4b86-af44-c7cf7b0c199a}
[2014.10.26 19:22:28 | 000,000,000 | ---D | M] (SearchNewTab) -- C:\Users\IVAN\AppData\Roaming\Mozilla\Firefox\Profiles\7b6cuhib.default\extensions\aeeayih@czyeyu-.co.uk
[2014.02.17 15:06:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\IVAN\AppData\Roaming\Mozilla\Firefox\Profiles7b6cuhib.default\extensions
[2014.02.17 15:06:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\IVAN\AppData\Roaming\Mozilla\Firefox\Profiles7b6cuhib.default\extensions\staged
[2014.02.17 15:26:17 | 000,002,666 | ---- | M] () -- C:\Users\IVAN\AppData\Roaming\Mozilla\Firefox\Profiles\7b6cuhib.default\searchplugins\Ask.xml
[2014.12.09 19:30:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
CHR - Extension: No name found = C:\Users\IVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Users\IVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: No name found = C:\Users\IVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Users\IVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\IVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\IVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\IVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\IVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\IVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0\
CHR - Extension: No name found = C:\Users\IVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: No name found = C:\Users\IVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfphhfdokdamioolhjfdohhkodbieida\17130.5044.6209_0\
CHR - Extension: No name found = C:\Users\IVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: No name found = C:\Users\IVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: No name found = C:\Users\IVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: No name found = C:\Users\IVAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O2:[b]64bit:[/b] - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No CLSID value found.
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No CLSID value found.
O2 - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No CLSID value found.
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found
O27:[b]64bit:[/b] - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\browsemngr.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\browsermngr.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\browsersafeguard.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\bundlesweetimsetup.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\cltmngsvc.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\delta babylon.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\delta tb.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\delta2.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\deltainstaller.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\deltasetup.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\deltatb.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\deltatb_2501-c733154b.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\dprotectsvc.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\iminentsetup.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\rjatydimofu.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\searchprotector.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\sweetimsetup.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\tbdelta.exetoolbar783881609.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27:[b]64bit:[/b] - HKLM IFEO\utiljumpflip.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsemngr.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsermngr.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browsersafeguard.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bundlesweetimsetup.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\cltmngsvc.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\delta babylon.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\delta tb.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\delta2.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltainstaller.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltasetup.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltatb.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\deltatb_2501-c733154b.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\dprotectsvc.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\iminentsetup.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\rjatydimofu.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotector.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\sweetimsetup.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\tbdelta.exetoolbar783881609.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\utiljumpflip.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
[2014.11.15 20:06:20 | 000,000,033 | ---- | M] () -- C:\Users\IVAN\Documents\new1.cpp
[2014.11.15 20:05:12 | 000,475,166 | ---- | M] () -- C:\Users\IVAN\Documents\new1.exe

:Commands
[purity]
[emptytemp]
[emptyjava]
[CREATERESTOREPOINT]
[Reboot]

klik na RUN FIX

log koji dobiješ nakon restarta kopiraj

2. skini adwcleaner i spremi na desktop

-pokreni program klikom na scan

-kad program završi, sve označi i klik na clean

-log koji dobiješ kopiraj

3. ponovo pokreni OTL quick scan, log kopiraj i javi kako sad računalo radi

 ima previše toga za otl skriptu, uradi ovako

1. skini adwcleaner i spremi na desktop

-pokreni program klikom na scan, kad završi scan klik na clean

-log koji dobiješ nakon restarta uploadaj na speedyshare kao i sve iduće logove koje ćeš dobiti

2. skini malwarebytes , instaliraj program

-klik na update

-klik na threat scan

-log kopiraj

3. ponovo pokreni OTL quick scan

-log kopiraj

 Označi riječ u svojoj poruci kad je pišeš i stisni spajalicu. Otvorit će ti se prozorčić u koji možeš dodati link.

Javio sam forumasu Total koji ce ti pogledati te logove i pomoci ti u rijesavanju problema.

Bok!

Sorry što odgovaram tek sad :(

I jedva sam ovo napravila, milion reklama, sve blokira... Help please!

Izraelska IP adresa????

Nemam pojma na što se veža ta adresa??? Mjesto gdje se nalazim?

RUN FIX : http://speedy.sh/f39VN/04052016-193718.log

Adwcleaner:

# AdwCleaner v5.109 - Logfile created 05/04/2016 at 20:31:28
# Updated 04/04/2016 by Xplode
# Database : 2016-04-05.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : User - USER-PC
# Running from : E:\Downloads\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\SearchProtect
[-] Folder Deleted : C:\Program Files (x86)\CinemaP-1.8cV11.04
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\IHProtectUpDate
[-] Folder Deleted : C:\ProgramData\Registry Helper
[-] Folder Deleted : C:\ProgramData\WindowsMangerProtect
[-] Folder Deleted : C:\ProgramData\2b5763b9-04f7-0
[-] Folder Deleted : C:\ProgramData\2b5763b9-6dc7-0
[-] Folder Deleted : C:\ProgramData\390c02c2
[-] Folder Deleted : C:\ProgramData\69dc9d38-2335-1
[-] Folder Deleted : C:\ProgramData\69dc9d38-2ee3-0
[-] Folder Deleted : C:\ProgramData\{03234caa-412c-0}
[-] Folder Deleted : C:\ProgramData\{084784a7-512c-0}
[-] Folder Deleted : C:\ProgramData\{14700830-512c-1}
[-] Folder Deleted : C:\ProgramData\{316843a0-712c-1}
[#] Folder Deleted : C:\ProgramData\Application Data\apn
[#] Folder Deleted : C:\ProgramData\Application Data\IHProtectUpDate
[#] Folder Deleted : C:\ProgramData\Application Data\Registry Helper
[#] Folder Deleted : C:\ProgramData\Application Data\WindowsMangerProtect
[#] Folder Deleted : C:\ProgramData\Application Data\2b5763b9-04f7-0
[#] Folder Deleted : C:\ProgramData\Application Data\2b5763b9-6dc7-0
[#] Folder Deleted : C:\ProgramData\Application Data\390c02c2
[#] Folder Deleted : C:\ProgramData\Application Data\69dc9d38-2335-1
[#] Folder Deleted : C:\ProgramData\Application Data\69dc9d38-2ee3-0
[#] Folder Deleted : C:\ProgramData\Application Data\{03234caa-412c-0}
[#] Folder Deleted : C:\ProgramData\Application Data\{084784a7-512c-0}
[#] Folder Deleted : C:\ProgramData\Application Data\{14700830-512c-1}
[#] Folder Deleted : C:\ProgramData\Application Data\{316843a0-712c-1}
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Liveistream
[-] Folder Deleted : C:\Users\User\AppData\Local\avaavaevy
[-] Folder Deleted : C:\Users\User\AppData\Local\Gameo
[-] Folder Deleted : C:\Users\User\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\User\AppData\Local\SearchProtect
[-] Folder Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah
[-] Folder Deleted : C:\Users\User\AppData\Roaming\Gameo
[-] Folder Deleted : C:\Users\User\AppData\Roaming\GoldenGate
[-] Folder Deleted : C:\Users\User\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\SearchProtect

***** [ Files ] *****

[-] File Deleted : C:\END
[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage
[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage
[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage-journal
[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_utop.it_0.localstorage
[-] File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_utop.it_0.localstorage-journal
[-] File Deleted : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
[-] File Deleted : C:\WINDOWS\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
[-] File Deleted : C:\WINDOWS\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : a0126b10-dd17-4da2-a3b2-f5d9acad7c58-1-7
[-] Task Deleted : a0126b10-dd17-4da2-a3b2-f5d9acad7c58-4

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{390c02c2}
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\gameo
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\GoldenGate
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\Linkey
[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKCU\Software\OB
[-] Key Deleted : HKCU\Software\performersoft llc
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKCU\Software\simplytech
[-] Key Deleted : HKCU\Software\TNT2
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\CinemaP-1.8cV11.04
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\FFPluginHp
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\IHProtect
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
[-] Key Deleted : HKLM\SOFTWARE\luckysearchesSoftware
[-] Key Deleted : HKLM\SOFTWARE\Registry Helper
[-] Key Deleted : HKLM\SOFTWARE\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\SmdmF
[-] Key Deleted : HKLM\SOFTWARE\SPPDCOM
[-] Key Deleted : HKLM\SOFTWARE\SupDp
[-] Key Deleted : HKLM\SOFTWARE\SupTab
[-] Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\CinemaP-1.8cV11.04
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\Linkey
[-] Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKU\S-1-5-21-1961194459-2000205327-4254249659-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{18833D37-BCB6-47B6-B33C-2D58064F6144} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{83692B8C-9A6F-4FCD-A887-3807986661FB} [NameServer]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{B85C99F4-E566-448F-9CC8-DCFCBC5B4110} [NameServer]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\eshopcomp.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.eshopcomp.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\utop.it

***** [ Web browsers ] *****

[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("CT2431400.FF19Solved", "true");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("CT2431400.UserID", "UN33822519121950416");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("CT2431400.dum", "2");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("CT2431400.fullUserID", "UN33822519121950416.IN.20150123160153");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("CT2431400.installDate", "23/01/2015 16:01:59");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("CT2431400.installSessionId", "b46eda35-9aa6-4468-9c7f-6953e03fe3d6");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("CT2431400.installSp", "FALSE");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("CT2431400.installerVersion", "1.11.0.11");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("CT2431400.searchRevert", "false");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("CT2431400.searchUninstallUserMode", "4");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("CT2431400.searchUserMode", "4");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("CT2431400.toolbarInstallDate", "23-01-2015 16:01:54");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("CT2431400.versionFromInstaller", "10.35.0.3");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("CT2431400.xpeMode", "1");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("browser.search.order.1", "Search The Web");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.desc", "");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.iconURL", "");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.name", "");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.ptid", "");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.uid", "");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.url", "");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("extensions.extension@linkeyproject.com.install-event-fired", true);
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._64Members_.hp.enabled", false);
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._64Members_.lastActivePing", "1444553523199");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "televisionfanatic@mindspark.com");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar_ORJ-SPE@apn.ask.com.install-event-fired", true);
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("keyword.URL", "hxxp://www.default-search.net/search?sid=578&aid=100&itype=n&ver=16064&tm=718&src=ds&p=");
[-] [C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js] [Preference] Deleted : user_pref("smartbar.machineId", "GB86USJJYR2G8KYSPQ6NYEV9SLTYZFJG7B6HIFS/BFX2WJESGQGSR4MS/JQCK0ZNV/BFAWHUG1J6TRLWGTRDPG");
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fpmeembnagmagppkgghhfjfdfajdfcah

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [20269 bytes] - [05/04/2016 20:31:28]
C:\AdwCleaner\AdwCleaner[S1].txt - [22338 bytes] - [05/04/2016 20:27:39]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [20417 bytes] ##########

FRST linkovi:

http://speedy.sh/JjqZS/Addition.txt
http://speedy.sh/2bF5C/FRST.txt

Hvala

evo ga...

Na FRST nisam imala RUN FIX nego sam FIX pa sam to pokrenula...valjda je ok..

Fixlog.txt:

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by User (2016-04-06 13:41:59) Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
Tcpip\Parameters: [NameServer] 82.163.143.171 82.163.142.173
Tcpip\..\Interfaces\{18833D37-BCB6-47B6-B33C-2D58064F6144}: [DhcpNameServer] 82.163.143.171
Tcpip\..\Interfaces\{B85C99F4-E566-448F-9CC8-DCFCBC5B4110}: [DhcpNameServer] 82.163.143.171
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://at.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_06&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEyB0AtD0EyBzz0C0EzyyCtN0D0Tzu0StCyDtDyEtN1L2XzutAtFtCzztFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAyC0CyDtD0DtByCtGyEyDtBtDtGtD0EyB0EtGyB0EtC0DtG0EyE0BzzyDtByDtCtC0Dzy0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyD0F0C0E0DyDyBtGyByEtDyDtGyEyD0A0BtG0B0Czy0BtG0Bzz0A0EyB0EtCtAtByCyDyC2QtN0A0LzuyE%26cr%3D420706110%26a%3Dwbf_nwmeddnld_16_06%26os_ver%3D6.3%26os%3DWindows%2B8.1
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://at.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_06&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEyB0AtD0EyBzz0C0EzyyCtN0D0Tzu0StCyDtDyEtN1L2XzutAtFtCzztFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAyC0CyDtD0DtByCtGyEyDtBtDtGtD0EyB0EtGyB0EtC0DtG0EyE0BzzyDtByDtCtC0Dzy0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyD0F0C0E0DyDyBtGyByEtDyDtGyEyD0A0BtG0B0Czy0BtG0Bzz0A0EyB0EtCtAtByCyDyC2QtN0A0LzuyE%26cr%3D420706110%26a%3Dwbf_nwmeddnld_16_06%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\user.js [2015-05-20]
CHR StartupUrls: Default -> "hxxps://at.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nwmeddnld_16_06&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0CyEyDyEyEyEyB0AtD0EyBzz0C0EzyyCtN0D0Tzu0StCyDtDyEtN1L2XzutAtFtCzztFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAyC0CyDtD0DtByCtGyEyDtBtDtGtD0EyB0EtGyB0EtC0DtG0EyE0BzzyDtByDtCtC0Dzy0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CyD0F0C0E0DyDyBtGyByEtDyDtGyEyD0A0BtG0B0Czy0BtG0Bzz0A0EyB0EtCtAtByCyDyC2QtN0A0LzuyE%26cr%3D420706110%26a%3Dwbf_nwmeddnld_16_06%26os_ver%3D6.3%26os%3DWindows%2B8.1"
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
2015-03-26 21:14 - 2015-03-26 21:14 - 0005542 _____ () C:\Users\User\AppData\Roaming\EYPL
2015-03-26 21:14 - 2015-03-26 21:14 - 0004185 _____ () C:\Users\User\AppData\Roaming\PKHIDES
2016-02-07 00:36 - 2016-02-07 00:36 - 0000045 _____ () C:\Users\User\AppData\Roaming\WB.CFG
2015-07-31 03:30 - 2015-07-31 03:30 - 0000000 _____ () C:\Users\User\AppData\Local\{3F69BB17-71FA-4DC8-A168-4B2E946858A4}
2015-07-28 21:25 - 2015-07-28 21:25 - 0000000 _____ () C:\Users\User\AppData\Local\{D57EDFC7-9AB4-4BD7-A9F5-E12520D8B94D}
Task: {0BA77310-F02F-41DC-B1DD-FAC12B5BEE57} - System32\Tasks\{797F0C47-0C0F-7E79-0D11-040B0B041108} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcA (the data entry has 9452 more characters).
CMD: ipconfig /flushdns
EmptyTemp:
end

*****************

Restore point was successfully created.
Processes closed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\NameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{18833D37-BCB6-47B6-B33C-2D58064F6144}\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B85C99F4-E566-448F-9CC8-DCFCBC5B4110}\\DhcpNameServer => value removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}" => key removed successfully
HKCR\CLSID\{2f23ab71-4ac6-41f2-a955-ea576e553146} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\user.js => moved successfully
Chrome StartupUrls => removed successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
C:\Users\User\AppData\Roaming\EYPL => moved successfully
C:\Users\User\AppData\Roaming\PKHIDES => moved successfully
C:\Users\User\AppData\Roaming\WB.CFG => moved successfully
C:\Users\User\AppData\Local\{3F69BB17-71FA-4DC8-A168-4B2E946858A4} => moved successfully
C:\Users\User\AppData\Local\{D57EDFC7-9AB4-4BD7-A9F5-E12520D8B94D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BA77310-F02F-41DC-B1DD-FAC12B5BEE57}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BA77310-F02F-41DC-B1DD-FAC12B5BEE57}" => key removed successfully
C:\WINDOWS\System32\Tasks\{797F0C47-0C0F-7E79-0D11-040B0B041108} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{797F0C47-0C0F-7E79-0D11-040B0B041108}" => key removed successfully

=========  ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

EmptyTemp: => 562.2 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 13:42:51 ====

Malwarebytes:

alwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 06/04/2016
Scan Time: 13:56
Logfile: malwarebytes.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.04.06.03
Rootkit Database: v2016.04.03.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 338465
Time Elapsed: 18 min, 21 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 9
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR  , , [b4e79f0cbfdaa195f3ca70cf669e748c],
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, , [c8d30f9cafea43f33c697b06d2321ee2],
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, , [abf0901b3b5e999dbde996ebec18b14f],
PUP.Optional.Cinema, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.8cV11.04-nv, , [f2a909a28712b482a7f8ec21e22234cc],
PUP.Optional.Cinema, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.8cV11.04-nv-ie, , [504b812a6b2e3006b5ea1cf1ba4a6b95],
PUP.Optional.WindowsMangerProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [0f8c218a881130061e9c212344c017e9],
PUP.Optional.Cinema, HKU\S-1-5-21-1961194459-2000205327-4254249659-1001\SOFTWARE\CinemaP-1.8cV11.04-nv, , [dfbc35767524cb6b2f679776867e56aa],
PUP.Optional.Cinema, HKU\S-1-5-21-1961194459-2000205327-4254249659-1001\SOFTWARE\CinemaP-1.8cV11.04-nv-ie, , [f6a5802b35649d99197dc9447c885fa1],
PUP.Optional.Gameo, HKU\S-1-5-21-1961194459-2000205327-4254249659-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\70A77367_0, , [a9f2cfdc534646f099ce5ad314ef34cc],

Registry Values: 8
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130735893294096619, , [e0bb812a9afff5410fad89b64bb95aa6]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130735893294096619, , [6e2d4e5d9dfc1d19a319c37c6f95758b]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130735893294096619, , [2873c1ea54452d099e1e083749bbe61a]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130735893294096619, , [415a9f0ccacfa4922c904df2689c639d]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130735893294096619, , [6c2fd6d51584999d0ab2bb8402028977]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130735893294096619, , [aeed7536bedbda5cebd15fe04fb54ab6]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr  |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130735893294096619, , [b4e79f0cbfdaa195f3ca70cf669e748c]
PUP.Optional.Gameo, HKU\S-1-5-21-1961194459-2000205327-4254249659-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\70a77367_0, {2}.\\?\hdaudio#func_01&ven_8086&dev_2807&subsys_80860101&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\ehdmiouttopo/00010001|\Device\HarddiskVolume4\Users\User\AppData\Roaming\Gameo\gameo.exe%b{00000000-0000-0000-0000-000000000000}, , [a9f2cfdc534646f099ce5ad314ef34cc]

Registry Data: 0
(No malicious items detected)

Folders: 3
PUP.Optional.Movix, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\jetpack\caa1-aDOiCAxFFMOVIX@jetpack, , [f7a49f0ce4b5e2540f227799f40f8b75],
PUP.Optional.Movix, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\jetpack\caa1-aDOiCAxFFMOVIX@jetpack\simple-storage, , [f7a49f0ce4b5e2540f227799f40f8b75],
PUP.Optional.ConduitTB.Gen, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\CT2431400, , [62395853c9d044f207fe1c08cb38ab55],

Files: 7
PUP.Optional.Movix, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\jetpack\caa1-aDOiCAxFFMOVIX@jetpack\simple-storage\store.json, , [f7a49f0ce4b5e2540f227799f40f8b75],
PUP.Optional.ConduitTB.Gen, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\CT2431400\CT2431400.dum, , [62395853c9d044f207fe1c08cb38ab55],
PUP.Optional.ConduitTB.Gen, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\CT2431400\CT2431400.fullUserID, , [62395853c9d044f207fe1c08cb38ab55],
PUP.Optional.ConduitTB.Gen, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\CT2431400\CT2431400.UserID, , [62395853c9d044f207fe1c08cb38ab55],
PUP.Optional.FastSearch, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js, Good: (), Bad: (searchffv2@gmail.com), ,[4b502388d4c543f3695fcd8e000549b7]
PUP.Optional.SearchEngine, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js, Good: (), Bad: (searchengine@gmail.com), ,[02991a91b0e94bebd1fc095206ff916f]
PUP.Optional.SweetSearch, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kqmt3far.default\prefs.js, Good: (), Bad: (sweetsearch@gmail.com), ,[5c3f614a930695a1804f89d232d338c8]

Physical Sectors: 0
(No malicious items detected)


(end)

Koliko vidim ne blokira više, i ne izbacuje mi te reklame....čini mi se ok! :)

Mislim da mozes ponovit jos jednom skeniranje s FRST da covjek vidi ako je sve otislo tj. da nije nesto ostalo.

1. skini FRST i spremi na desktop
2. pokreni program klikom na scan
3. kad završi scan dobit ćeš dvalog filea koja ćeš uploadat na speedyshare (FRST.txt i Adittion.txt)

http://speedy.sh/kuWnr/FRST.txt
http://speedy.sh/tQwN3/Addition.txt

evo ga...

možeš mi još reći zašto imam tu izraelsku IP adresu? Nije mi jasno s čim je to povezano...

iz Izraela definitivno nisam pisala

evo sve napravljeno...

puno ti hvala, nadam se da neko vrijeme neću trebati pomoć