Adware i malware problem

Adware i malware problem

offline
  • Istrazivanje Windowsa
  • Pridružio: 12 Jul 2012
  • Poruke: 1023

Pozdrav treba mi jedna pomoc. Danas se vratim kuci i vidim da mi tata nesto instalirao na laptopu... Otvorim Mozillu i pojavi se neka stranica ''Safesurfs.net'' i to ne mogu da obrisem nema leka. Nije ga bilo u instalaciji i pri tom ga nisam mogao obrisati. U ekstenzijama ga nema, nema ga u addonsima ali on se opet pojavi. Stavim da je google pocetna stranica i svaki put kad udjem u mozilu, google chrome ili Internet explorer prva stranica mi bude taj sajt i pojave se neke reklame poput ''League of Angels 2'' neka igra i tako to...

Skenirao sam sa AVG ali on nista nije pronasao, skenirao sam sa Adware cleaner i pronasao je 25 pretnji ali to nista nije bilo vezano za ovaj sajt. Koristio sam i neki drugi program i pronasao je neku pretnju ''safesurfs.net'' u registriju medjutim nije hteo da obrise jer se treba platiti program, a ja sam trazio taj program, trazio sam foldere u search, trazio sam u registriju i nigde nema ''safesurfs.exe,.net'' ili tako nesto slicno. Traga od toga nema ali taj problem mi ostaje. Resetovao sam browsere sve sam reset i sve podatke obrisao ali to je i dalje ostalo. Ja ne znam vise sta da radim...

First:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Metallica41 (administrator) on FIKO (02-09-2016 18:46:58)
Running from C:\Users\Stefan\Downloads
Loaded Profiles: Metallica41 (Available Profiles: Metallica41)
Platform: Windows 8 (X64) Language: English (United Kingdom)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [90832 2012-06-07] (ASUS)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-08-23] (Alcor Micro Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [204560 2016-08-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6709008 2016-07-28] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-473922799-1250382268-3828485289-1001\...\Run: [CCleaner Monitoring] => D:\Ccleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-473922799-1250382268-3828485289-1001\...\MountPoints2: F - "F:\setup.exe" /autorun
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-10-24]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.200.191.166 212.200.190.166
Tcpip\..\Interfaces\{02BEEDC7-9D69-4DCB-A274-DD31870171B1}: [DhcpNameServer] 212.200.191.166 212.200.190.166

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-473922799-1250382268-3828485289-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-473922799-1250382268-3828485289-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-473922799-1250382268-3828485289-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-01] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-01] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\91ithn9o.default-1472832363770
FF Homepage: hxxps://www.google.rs/?gws_rd=cr&ei=C6fJV8fyNYH8UoeQiagG
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-01] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-15]
CHR Extension: (Google Docs) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-15]
CHR Extension: (Google Drive) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-15]
CHR Extension: (YouTube) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-15]
CHR Extension: (Google Search) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-15]
CHR Extension: (Google Sheets) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-15]
CHR Extension: (Google Docs Offline) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (Gmail) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-15]
CHR Extension: (Chrome Media Router) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-29]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5267456 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1097488 2016-08-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies, Inc.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-09-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [314112 2016-06-30] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [261376 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [261888 2016-07-19] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3295984 2012-07-26] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-02] ()
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-03-09] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-09-12] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-09-12] (Microsoft Corporation)
S1 MpKsl401057ca; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{91F810EA-D191-4433-8507-55913FA18A30}\MpKsl401057ca.sys [X]
U0 msahci; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-02 18:46 - 2016-09-02 18:48 - 00014007 _____ C:\Users\Stefan\Downloads\FRST.txt
2016-09-02 18:46 - 2016-09-02 18:46 - 02397696 _____ (Farbar) C:\Users\Stefan\Downloads\FRST64.exe
2016-09-02 18:46 - 2016-09-02 18:46 - 00000000 ____D C:\FRST
2016-09-02 18:43 - 2016-09-02 18:43 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-09-02 18:42 - 2016-09-02 18:43 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\GameLauncher
2016-09-02 18:19 - 2016-09-02 18:19 - 00001263 _____ C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-02 17:48 - 2016-09-02 17:48 - 00000000 _____ C:\autoexec.bat
2016-09-02 17:46 - 2016-09-02 17:46 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-09-02 17:23 - 2016-09-02 18:31 - 00000000 ____D C:\AdwCleaner
2016-09-02 17:23 - 2016-09-02 17:23 - 03826240 _____ C:\Users\Stefan\Downloads\adwcleaner_6.010.exe
2016-09-02 14:21 - 2016-09-02 14:22 - 00000000 ____D C:\Users\Stefan\Downloads\[R.G. Mechanics] F.E.A.R. Anthology
2016-09-02 14:14 - 2016-09-02 14:14 - 00000000 ____D C:\Users\Stefan\Downloads\FEAR.Complete.EN-RU.Repack
2016-08-26 22:57 - 2016-08-26 22:57 - 00283800 _____ C:\Windows\Minidump\082616-48812-01.dmp
2016-08-26 22:50 - 2016-08-26 23:00 - 00000905 _____ C:\Users\Stefan\AppData\Roaming\trace_FilterInstaller.txt
2016-08-26 22:50 - 2016-08-26 23:00 - 00000000 _____ C:\Users\Stefan\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2016-08-26 22:50 - 2016-08-26 22:50 - 00001167 _____ C:\Users\Stefan\AppData\Roaming\trace_FilterInstaller.1.txt
2016-08-26 19:34 - 2016-08-26 23:00 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\NCH Software
2016-08-26 19:34 - 2016-08-26 23:00 - 00000000 ____D C:\Program Files (x86)\NCH Software
2016-08-26 19:34 - 2016-08-26 22:47 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2016-08-26 19:34 - 2016-08-26 19:34 - 00000000 ____D C:\ProgramData\NCH Software
2016-08-26 19:32 - 2016-08-26 19:32 - 00001206 _____ C:\Users\Stefan\AppData\Roaming\CamStudio.Producer.ini
2016-08-26 19:32 - 2016-08-26 19:32 - 00000000 _____ C:\Users\Stefan\AppData\Roaming\CamStudio.Producer.Data.ini
2016-08-26 19:29 - 2016-08-26 19:29 - 00000098 _____ C:\Users\Stefan\AppData\Roaming\CamStudio.Producer.command
2016-08-26 16:17 - 2016-09-02 15:22 - 00000000 ____D C:\Users\Stefan\AppData\Local\NFS Underground 2
2016-08-26 16:08 - 2016-08-26 19:33 - 00004509 _____ C:\Users\Stefan\AppData\Roaming\CamStudio.cfg
2016-08-26 16:08 - 2016-08-26 19:33 - 00000408 _____ C:\Users\Stefan\AppData\Roaming\CamShapes.ini
2016-08-26 16:08 - 2016-08-26 19:33 - 00000408 _____ C:\Users\Stefan\AppData\Roaming\CamLayout.ini
2016-08-26 16:08 - 2016-08-26 19:33 - 00000104 _____ C:\Users\Stefan\AppData\Roaming\Camdata.ini
2016-08-26 14:45 - 2016-08-26 14:45 - 00005029 _____ C:\Users\Stefan\Downloads\replay_1498562548.bat
2016-08-24 17:05 - 2016-08-24 17:05 - 00005029 _____ C:\Users\Stefan\Downloads\replay_1496981649.bat
2016-08-21 02:49 - 2016-08-21 02:49 - 00005029 _____ C:\Users\Stefan\Downloads\replay_1493608324.bat
2016-08-17 21:15 - 2016-08-17 21:15 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-08-17 16:43 - 2016-08-18 20:43 - 00000000 ____D C:\ProgramData\NFS Underground
2016-08-17 01:44 - 2016-08-17 16:42 - 00000000 ____D C:\Users\Stefan\AppData\Local\ElevatedDiagnostics
2016-08-14 19:51 - 2016-08-14 19:51 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\2K Sports
2016-08-11 23:05 - 2016-08-26 22:57 - 361606113 _____ C:\Windows\MEMORY.DMP
2016-08-11 23:05 - 2016-08-26 22:57 - 00000000 ____D C:\Windows\Minidump
2016-08-11 23:05 - 2016-08-11 23:06 - 00283744 _____ C:\Windows\Minidump\081116-46265-01.dmp
2016-08-09 14:23 - 2016-08-09 14:53 - 00000000 ____D C:\Users\Stefan\Documents\GTA San Andreas User Files
2016-08-05 23:59 - 2016-08-05 23:59 - 00000000 ____D C:\Users\Stefan\AppData\Local\MyNes
2016-08-05 18:47 - 2016-08-05 18:47 - 00303232 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-05 09:03 - 2016-08-05 09:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-08-05 09:03 - 2016-08-05 09:03 - 00000000 ____D C:\Program Files\Common Files\AV
2016-08-05 09:00 - 2016-08-05 09:00 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2016-08-05 09:00 - 2016-08-05 09:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-08-05 08:58 - 2016-08-05 09:02 - 00000000 ____D C:\Program Files (x86)\AVG
2016-08-04 19:35 - 2016-08-04 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Wars - Knights of the Old Republic [GOG.com]
2016-08-03 23:26 - 2016-08-03 23:27 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\MKKE
2016-08-03 03:00 - 2016-08-03 03:00 - 00000000 ____D C:\ProgramData\Ubisoft

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-02 18:43 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-09-02 18:18 - 2016-01-15 03:53 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-02 18:18 - 2015-09-12 20:16 - 00000000 ____D C:\ProgramData\MFAData
2016-09-02 18:18 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-09-02 18:17 - 2016-01-15 03:53 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-02 18:17 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-02 17:51 - 2016-01-15 03:54 - 00002270 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-02 17:51 - 2015-08-27 21:06 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\uTorrent
2016-09-02 17:49 - 2015-08-27 13:02 - 00001051 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-02 17:47 - 2015-08-27 12:14 - 00000000 ____D C:\Users\Stefan
2016-09-02 17:21 - 2016-01-15 03:54 - 00002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-02 17:21 - 2015-08-27 12:17 - 00001630 _____ C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-09-02 14:01 - 2012-07-26 10:12 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-02 14:01 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2016-09-01 15:59 - 2015-12-21 15:04 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\AIMP3
2016-08-30 19:23 - 2016-01-02 19:00 - 36446720 ___SH C:\Users\Stefan\Desktop\Thumbs.db
2016-08-30 14:06 - 2015-10-26 12:54 - 00000000 ____D C:\Users\Stefan\Documents\My Games
2016-08-30 14:06 - 2015-09-17 12:11 - 00000000 ____D C:\Users\Stefan\Desktop\Igre
2016-08-27 03:22 - 2016-01-23 02:05 - 00000951 _____ C:\Users\Stefan\Desktop\New Text Document (3).txt
2016-08-26 20:09 - 2015-08-27 12:25 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-473922799-1250382268-3828485289-1001
2016-08-26 18:58 - 2016-04-26 21:05 - 00000000 ____D C:\ProgramData\Origin
2016-08-26 18:57 - 2016-04-26 21:16 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-08-26 16:13 - 2015-09-04 21:03 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-08-26 16:12 - 2016-04-20 00:47 - 00000000 ____D C:\Temp
2016-08-26 13:06 - 2016-04-22 22:11 - 00000607 _____ C:\Users\Stefan\Desktop\profa.txt
2016-08-25 12:49 - 2015-08-27 13:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-17 21:16 - 2016-05-28 17:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-08-17 21:15 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\Inf
2016-08-17 21:05 - 2015-09-09 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
2016-08-17 19:43 - 2015-08-27 12:15 - 00000000 ____D C:\Users\Stefan\AppData\Local\VirtualStore
2016-08-17 16:41 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2016-08-12 15:30 - 2012-10-24 22:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-08-11 23:19 - 2016-01-08 20:28 - 00000045 _____ C:\Windows\SysWOW64\initdebug.nfo
2016-08-11 22:21 - 2015-08-27 13:00 - 00084480 _____ C:\DUMP4bed.tmp
2016-08-06 15:31 - 2016-07-26 12:23 - 00000000 ____D C:\Users\Stefan\Downloads\New folder
2016-08-05 09:04 - 2015-09-12 20:14 - 00000000 ____D C:\Users\Stefan\AppData\Local\Avg
2016-08-05 09:03 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-08-05 09:02 - 2016-07-11 19:34 - 00000000 ___HD C:\$AVG
2016-08-05 09:00 - 2015-10-26 12:16 - 00000000 ____D C:\ProgramData\Avg
2016-08-05 09:00 - 2015-09-12 20:14 - 00000000 ____D C:\Users\Stefan\AppData\Local\AvgSetupLog
2016-08-05 01:22 - 2015-11-02 04:18 - 00000000 ____D C:\Users\Stefan\Downloads\PopcornTime

==================== Files in the root of some directories =======

2016-08-26 16:08 - 2016-08-26 19:33 - 0000104 _____ () C:\Users\Stefan\AppData\Roaming\Camdata.ini
2016-08-26 16:08 - 2016-08-26 19:33 - 0000408 _____ () C:\Users\Stefan\AppData\Roaming\CamLayout.ini
2016-08-26 16:08 - 2016-08-26 19:33 - 0000408 _____ () C:\Users\Stefan\AppData\Roaming\CamShapes.ini
2016-08-26 16:08 - 2016-08-26 19:33 - 0004509 _____ () C:\Users\Stefan\AppData\Roaming\CamStudio.cfg
2016-08-26 19:29 - 2016-08-26 19:29 - 0000098 _____ () C:\Users\Stefan\AppData\Roaming\CamStudio.Producer.command
2016-08-26 19:32 - 2016-08-26 19:32 - 0000000 _____ () C:\Users\Stefan\AppData\Roaming\CamStudio.Producer.Data.ini
2016-08-26 19:32 - 2016-08-26 19:32 - 0001206 _____ () C:\Users\Stefan\AppData\Roaming\CamStudio.Producer.ini
2015-08-27 12:18 - 2015-08-27 12:56 - 0000352 _____ () C:\Users\Stefan\AppData\Roaming\sp_data.sys
2016-08-26 22:50 - 2016-08-26 22:50 - 0001167 _____ () C:\Users\Stefan\AppData\Roaming\trace_FilterInstaller.1.txt
2016-08-26 22:50 - 2016-08-26 23:00 - 0000905 _____ () C:\Users\Stefan\AppData\Roaming\trace_FilterInstaller.txt
2016-08-26 22:50 - 2016-08-26 23:00 - 0000000 _____ () C:\Users\Stefan\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2016-04-05 10:19 - 2016-04-05 10:19 - 0000094 _____ () C:\Users\Stefan\AppData\Local\fusioncache.dat
2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

Some files in TEMP:
====================
C:\Users\Stefan\AppData\Local\Temp\CH.dll
C:\Users\Stefan\AppData\Local\Temp\Copy.dll
C:\Users\Stefan\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Stefan\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Stefan\AppData\Local\Temp\sfextra.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-23 16:19

==================== End of FRST.txt ============================



https://www.mycity.rs/must-login.png

Stvarno se bojim za ovo pise na internetu da je virus ili nesto opasno ali ja ga ne mogu obrisati, sta god uradio on je uvek prisutan iako mu fajlova na disku nema ili ja to ne mogu pronaci. Molim vas pomozite mi.

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Zdravo,

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
HKU\S-1-5-21-473922799-1250382268-3828485289-1001\...\MountPoints2: F - "F:\setup.exe" /autorun
GroupPolicy: Restriction - Chrome <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-473922799-1250382268-3828485289-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472829664&a=1003801&src=sh&uuid=ee00182c-d823-4aec-951b-b5ea1b35558f"
ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472829664&a=1003801&src=sh&uuid=ee00182c-d823-4aec-951b-b5ea1b35558f"
ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472829664&a=1003801&src=sh&uuid=ee00182c-d823-4aec-951b-b5ea1b35558f"
ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1472829664&a=1003801&src=sh&uuid=ee00182c-d823-4aec-951b-b5ea1b35558f"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://safesurfs.net/?ssid=1472829664&a=1003801&src=sh&uuid=ee00182c-d823-4aec-951b-b5ea1b35558f"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
C:\Windows\system32\Drivers\EsgScanner.sys
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-02] ()
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Istrazivanje Windowsa
  • Pridružio: 12 Jul 2012
  • Poruke: 1023

Evo ga:

Fix result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by Metallica41 (02-09-2016 22:58:36) Run:1
Running from C:\Users\Stefan\Downloads
Loaded Profiles: Metallica41 (Available Profiles: Metallica41)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
HKU\S-1-5-21-473922799-1250382268-3828485289-1001\...\MountPoints2: F - "F:\setup.exe" /autorun
GroupPolicy: Restriction - Chrome <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-473922799-1250382268-3828485289-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472829664&a=1003801&src=sh&uuid=ee00182c-d823-4aec-951b-b5ea1b35558f"
ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472829664&a=1003801&src=sh&uuid=ee00182c-d823-4aec-951b-b5ea1b35558f"
ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472829664&a=1003801&src=sh&uuid=ee00182c-d823-4aec-951b-b5ea1b35558f"
ShortcutWithArgument: C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safesurfs.net/?ssid=1472829664&a=1003801&src=sh&uuid=ee00182c-d823-4aec-951b-b5ea1b35558f"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://safesurfs.net/?ssid=1472829664&a=1003801&src=sh&uuid=ee00182c-d823-4aec-951b-b5ea1b35558f"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
C:\Windows\system32\Drivers\EsgScanner.sys
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-02] ()
EmptyTemp:
*****************

Restore point was successfully created.
"HKU\S-1-5-21-473922799-1250382268-3828485289-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => key removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-473922799-1250382268-3828485289-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => Shortcut argument removed successfully.
C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => Shortcut argument removed successfully.
C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk => Shortcut argument removed successfully.
C:\Users\Stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => Shortcut argument removed successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc" => key removed successfully
C:\Windows\system32\Drivers\EsgScanner.sys => moved successfully
EsgScanner => service removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10000839 B
Java, Flash, Steam htmlcache => 541 B
Windows/system/drivers => 2372040 B
Edge => 0 B
Chrome => 8573716 B
Firefox => 159606492 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 169094 B
systemprofile32 => 272 B
LocalService => 79398 B
NetworkService => 0 B
Stefan => 474819105 B

RecycleBin => 0 B
EmptyTemp: => 633.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:01:23 ====

Nema vise problema, napast je otisla. Takodje mi je i brzi laptop. Hvala prijatelju na pomoci! Smile

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Ipak predlazem da pustis AdwCleaner i da mi okacis izvestaj.

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
U Options isključi Reset Winsock settings ako je uključen.
Klikni na dugme Scan i sačekaj da se završi skeniranje.
Klikni na dugme Cleaning i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[C1].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

offline
  • Istrazivanje Windowsa
  • Pridružio: 12 Jul 2012
  • Poruke: 1023

Evo ga:


https://www.mycity.rs/must-login.png

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

To bi bilo to.

Sledeća procedura će implementirati završno čišćenje.



Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.

Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;
Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.

Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno.


Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)
- Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
- DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

offline
  • Istrazivanje Windowsa
  • Pridružio: 12 Jul 2012
  • Poruke: 1023

Sve sam odradio, hvala na pomoci i laptop mi je mnogo brzi nego sto je bio nekad je znalo da zakoci i da baguje sad nista. Hvala!

Ko je trenutno na forumu
 

Ukupno su 658 korisnika na forumu :: 11 registrovanih, 2 sakrivenih i 645 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: -[CoA]-, Battlehammer, Bobrock1, cikadeda, DPera, hyla, Kenanjoz, Krvava Devetka, Lord Nem, nemkea71, slonic_tonic