kineski program

2

kineski program

offline
  • Pridružio: 23 Apr 2014
  • Poruke: 28

Napisano: 21 Maj 2016 15:17

Izveštaj skeniranja od Farbar Recovery Scan Tool (FRST) (x64) Verzija:21-05-2016
Pokrenuo Nikola (administrator) na DESKTOP-3LJ4T9R (21-05-2016 15:16:38)
Pokrenuto sa C:\Users\Nikola\AppData\Local\Microsoft\Windows\INetCache\IE\OOTSS3CU
Učitani Profili: Nikola (Dostupani Profili: Nikola)
Platform: Windows 10 Pro (X64) Jezik: srpski (latinica, Srbija)
Internet Explorer Verzija 11 (Podrazumevani pregledač: Edge)
Režim pokretanja sistema: Normal
Vodič za Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Procesi (Na Beloj Listi) =================

(Ukoliko je stavka unešena u fixlist, proces ce biti zatvoren. Datoteka nece biti premešten.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\LicensingUI.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registar (Na Beloj Listi) ===========================

(Ukoliko je stavka unešena u fixlist, registru stavka ce biti vraćena na podrazumevanu vrednost ili uklonjena. Datoteka neće biti premeštena.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [StereoLinksInstall] => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe [596784 2015-11-24] (NVIDIA Corporation)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-05-09] (Plays.tv, LLC)
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Na Beloj Listi) ====================

(Ukoliko je stavka unešena u fixlist, ako je to registru stavka, biće uklonjena ili vraćena na podrazumevanu vrednost.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.22
Tcpip\..\Interfaces\{b274b6aa-162a-4016-8dee-6c19f0e91b85}: [DhcpNameServer] 192.168.1.22

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-4227490223-4105165237-4186389179-1001 -> hxxp://www.google.rs/

FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)

==================== Servisi (Na Beloj Listi) ========================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-25] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-25] (NVIDIA Corporation)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-05-09] (Plays.tv, LLC)
U2 QQRepair1816; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepair1816 [147176 2016-05-21] ()
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairFixSVC [147176 2016-05-21] ()
S2 shefaleCloudservice; C:\Program Files (x86)\Shefale\shefaleCloudservice.exe [985752 2016-05-19] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drajveri (Na Beloj Listi) ==========================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-11-25] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\SRepairDrv [179320 2016-05-21] ()
R4 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernelEx64.sys [143992 2016-05-21] (Tencent Technology(Shenzhen) Company Limited)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUdisk64.sys [X]
R1 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\softaal64.sys [X]
R2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsNetHlpX64.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)


==================== Mesec Dana Kreirane Datoteke i Fascikli ========

(Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.)

2016-05-21 15:04 - 2016-05-21 15:04 - 00016148 _____ C:\Windows\system32\DESKTOP-3LJ4T9R_Nikola_HistoryPrediction.bin
2016-05-21 14:30 - 2016-05-21 15:16 - 00000000 ____D C:\FRST
2016-05-21 14:16 - 2016-05-21 14:16 - 00000000 ____D C:\Users\Nikola\AppData\Local\ElevatedDiagnostics
2016-05-21 13:51 - 2016-05-21 13:51 - 00005744 _____ C:\Users\Nikola\Desktop\fixlist.txt
2016-05-21 13:51 - 2016-05-21 13:51 - 00005744 _____ C:\Users\Nikola\Desktop\ficlist.txt
2016-05-21 13:50 - 2016-05-21 13:50 - 00000000 _____ C:\Users\Nikola\Desktop\Novi tekstualni dokument.txt
2016-05-21 13:48 - 2016-05-21 13:48 - 00000000 ____D C:\Users\Nikola\AppData\Local\Plugins
2016-05-21 13:42 - 2016-05-21 13:42 - 00002203 _____ C:\ProgramData\svchost.exe.lnk
2016-05-21 11:28 - 2016-05-21 11:28 - 00008942 _____ C:\Windows\System32\Tasks\Shefale Cloud
2016-05-21 11:28 - 2016-05-21 11:28 - 00000718 __RSH C:\ProgramData\ntuser.pol
2016-05-21 11:28 - 2016-05-21 11:28 - 00000000 ____D C:\extensions
2016-05-21 11:27 - 2016-05-21 13:38 - 00000000 ____D C:\Program Files (x86)\Razoghchak
2016-05-21 11:27 - 2016-05-21 11:28 - 00000000 ____D C:\Program Files (x86)\Shefale
2016-05-21 11:27 - 2016-05-21 11:28 - 00000000 ____D C:\Program Files (x86)\Platoward
2016-05-21 11:27 - 2016-05-21 11:27 - 00001138 _____ C:\Users\Nikola\Desktop\Continue installation .lnk
2016-05-21 11:16 - 2016-05-21 14:46 - 00000000 ____D C:\ProgramData\TXQMPC
2016-05-21 11:16 - 2016-05-21 11:16 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-05-21 11:16 - 2016-05-21 11:15 - 00143992 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernelEx64.sys
2016-05-21 11:15 - 2016-05-21 14:47 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2016-05-21 11:15 - 2016-05-21 14:47 - 00000000 ____D C:\ProgramData\Tencent
2016-05-21 11:15 - 2016-05-21 11:38 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\Tencent
2016-05-21 11:15 - 2016-05-21 11:15 - 00097400 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2016-05-21 11:15 - 2016-05-21 11:15 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-05-21 11:13 - 2016-05-21 11:13 - 00293320 _____ (深圳市迅雷网络技术有限公司) C:\ProgramData\xldl.dll
2016-05-21 11:13 - 2016-05-21 11:13 - 00000000 ____D C:\Users\Public\Thunder Network
2016-05-21 11:13 - 2016-05-21 11:13 - 00000000 ____D C:\ProgramData\Thunder Network
2016-05-21 11:13 - 2016-05-21 11:13 - 00000000 ____D C:\ProgramData\download
2016-05-21 11:12 - 2016-05-21 11:12 - 02400202 _____ C:\Windows\chromebrowser.exe
2016-05-21 10:49 - 2016-05-21 10:49 - 00347884 _____ C:\Users\Nikola\Downloads\odbrana sokratova.pdf
2016-05-21 10:34 - 2016-05-21 10:34 - 00002689 _____ C:\Users\Nikola\Desktop\µTorrent.lnk
2016-05-21 10:33 - 2016-05-21 13:33 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\uTorrent
2016-05-20 22:30 - 2016-05-20 22:30 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\Raptr
2016-05-20 22:29 - 2016-05-21 14:24 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\PlaysTV
2016-05-20 22:29 - 2016-05-20 22:29 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\library_dir
2016-05-20 22:29 - 2016-05-20 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlaysTV
2016-05-20 22:29 - 2016-05-20 22:29 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-05-20 22:29 - 2016-05-20 22:29 - 00000000 ____D C:\Program Files (x86)\PlaysTV
2016-05-10 20:45 - 2016-04-22 07:52 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-10 20:45 - 2016-04-22 07:44 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-10 20:45 - 2016-04-15 09:21 - 01085776 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-05-10 20:45 - 2016-04-15 08:43 - 00916800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-05-10 20:45 - 2016-04-15 08:18 - 24593408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-10 20:45 - 2016-04-15 08:14 - 00349184 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-05-10 20:45 - 2016-04-15 08:06 - 00602624 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-05-10 20:45 - 2016-04-15 08:05 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2016-05-10 20:45 - 2016-04-15 08:01 - 03586560 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-05-10 20:45 - 2016-04-15 08:01 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-05-10 20:45 - 2016-04-15 07:59 - 04791808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-10 20:45 - 2016-04-15 07:55 - 19325952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-10 20:45 - 2016-04-15 07:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2016-05-10 20:45 - 2016-04-15 07:39 - 03580416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-10 20:45 - 2016-04-09 12:58 - 01365584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-10 20:45 - 2016-04-09 12:53 - 01535032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-10 20:45 - 2016-04-09 12:52 - 00705520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-10 20:45 - 2016-04-09 12:52 - 00502504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-10 20:45 - 2016-04-09 12:12 - 08021856 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-10 20:45 - 2016-04-09 12:10 - 01824872 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-10 20:45 - 2016-04-09 12:10 - 00609976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-10 20:45 - 2016-04-09 12:06 - 01981280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-10 20:45 - 2016-04-09 12:05 - 01199368 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-10 20:45 - 2016-04-09 12:05 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2016-05-10 20:45 - 2016-04-09 12:04 - 02430304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-05-10 20:45 - 2016-04-09 12:04 - 01592360 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-10 20:45 - 2016-04-09 11:50 - 01515936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-10 20:45 - 2016-04-09 11:04 - 01780352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-10 20:45 - 2016-04-09 10:13 - 05160960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-05-10 20:45 - 2016-04-09 10:09 - 01380864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-10 20:45 - 2016-04-09 10:09 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-10 20:45 - 2016-04-09 10:09 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-05-10 20:45 - 2016-04-09 09:55 - 00373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-10 20:45 - 2016-04-09 09:54 - 00768000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-10 20:45 - 2016-04-09 09:52 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2016-05-10 20:45 - 2016-04-09 09:38 - 00464384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-05-10 20:45 - 2016-04-09 09:22 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2016-05-10 20:45 - 2016-04-09 09:18 - 11264000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-10 20:45 - 2016-04-09 09:18 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-05-10 20:45 - 2016-04-09 09:14 - 18798080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-05-10 20:45 - 2016-04-09 09:10 - 12504576 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-10 20:45 - 2016-04-09 09:09 - 06788608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-05-10 20:45 - 2016-04-09 09:06 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-10 20:45 - 2016-04-09 09:05 - 01602560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-10 20:45 - 2016-04-09 09:05 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-05-10 20:45 - 2016-04-09 08:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-10 20:45 - 2016-04-09 08:42 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-10 20:45 - 2016-04-09 08:41 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2016-05-10 20:45 - 2016-04-09 08:27 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-05-10 20:45 - 2016-04-09 08:13 - 21859328 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-05-10 20:45 - 2016-04-09 08:02 - 07521280 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-04-24 15:03 - 2016-04-24 15:03 - 00235944 ____R C:\Users\Nikola\Downloads\Presentation 2 (1).pptx
2016-04-24 15:03 - 2016-04-24 15:03 - 00235944 _____ C:\Users\Nikola\Downloads\Presentation 2.pptx

==================== Mesec Dana Modifikovane Datoteke i Fascikli ========

(Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.)

2016-05-21 14:56 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\AppReadiness
2016-05-21 14:46 - 2015-12-13 17:53 - 00000000 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-05-21 14:46 - 2015-12-13 17:49 - 00000000 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{04DC5424-BBC2-4748-8961-70E57534DF28}
2016-05-21 14:25 - 2015-12-21 20:48 - 00000000 ____D C:\Users\Nikola\AppData\Local\CrashDumps
2016-05-21 14:22 - 2015-12-13 18:21 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-21 14:22 - 2015-07-10 14:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-21 14:22 - 2015-07-10 11:05 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-05-21 13:48 - 2016-01-03 17:32 - 00000000 ____D C:\Users\Nikola\AppData\Local\MalwareProtectionLive
2016-05-21 13:40 - 2015-07-10 14:20 - 00202704 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-21 11:28 - 2015-07-10 13:04 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-05-21 11:28 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-05-21 11:15 - 2015-12-14 00:32 - 00000000 ____D C:\Users\Nikola\AppData\Local\VirtualStore
2016-05-20 22:30 - 2016-01-09 23:57 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\NVIDIA
2016-05-20 15:25 - 2015-12-25 22:48 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-20 14:34 - 2015-07-10 13:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-15 04:57 - 2015-12-14 00:32 - 00000000 ____D C:\Users\Nikola
2016-05-15 04:48 - 2016-01-08 22:08 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\ActivePresenter
2016-05-14 22:31 - 2015-07-10 12:55 - 00000000 ____D C:\Windows\CbsTemp
2016-05-12 19:46 - 2015-12-17 20:20 - 00000000 ____D C:\Users\Nikola\Desktop\Nova fascikla
2016-05-12 18:08 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\rescache
2016-05-11 21:50 - 2015-07-10 13:06 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-11 21:50 - 2015-07-10 13:06 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 13:22 - 2015-12-14 00:34 - 00830266 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-11 13:22 - 2015-07-10 13:02 - 00000000 ____D C:\Windows\INF
2016-05-11 11:21 - 2015-07-10 18:00 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-10 22:04 - 2015-12-15 15:17 - 00000000 ____D C:\Windows\system32\MRT
2016-05-10 21:58 - 2015-12-15 15:17 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-08 20:44 - 2015-12-17 01:23 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-03 12:05 - 2015-12-14 00:32 - 00000000 ____D C:\Users\Nikola\AppData\Local\Packages
2016-04-22 09:57 - 2015-12-13 21:27 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Datoteke u korenu nekih direktorijuma =======

2016-01-15 18:26 - 2016-01-15 18:26 - 0007598 _____ () C:\Users\Nikola\AppData\Local\Resmon.ResmonCfg
2016-05-21 13:42 - 2016-05-21 13:42 - 0002203 _____ () C:\ProgramData\svchost.exe.lnk
2016-05-21 11:13 - 2016-05-21 11:13 - 0293320 _____ (深圳市迅雷网络技术有限公司) C:\ProgramData\xldl.dll

Files to move or delete:
====================
C:\ProgramData\xldl.dll


Neke Datoteke u TEMP:
====================
C:\Users\Nikola\AppData\Local\Temp\acc.exe
C:\Users\Nikola\AppData\Local\Temp\ads.exe
C:\Users\Nikola\AppData\Local\Temp\appstart.exe
C:\Users\Nikola\AppData\Local\Temp\CodecFixDivx.exe
C:\Users\Nikola\AppData\Local\Temp\dxdiag.exe
C:\Users\Nikola\AppData\Local\Temp\MediaPlayer__11426.exe
C:\Users\Nikola\AppData\Local\Temp\msconfig.exe
C:\Users\Nikola\AppData\Local\Temp\nvStInst.exe
C:\Users\Nikola\AppData\Local\Temp\qqpcmgr_v11.5.17490.219_45527_Silence.exe


==================== Bamital & volsnap =================

(Ne postoji automatizovan popravak za datoteke koji nisu prošle verifikaciju.)

C:\Windows\system32\winlogon.exe => Datoteka je digitalno potpisana
C:\Windows\system32\wininit.exe => Datoteka je digitalno potpisana
C:\Windows\explorer.exe => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\explorer.exe => Datoteka je digitalno potpisana
C:\Windows\system32\svchost.exe => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\svchost.exe => Datoteka je digitalno potpisana
C:\Windows\system32\services.exe => Datoteka je digitalno potpisana
C:\Windows\system32\User32.dll => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\User32.dll => Datoteka je digitalno potpisana
C:\Windows\system32\userinit.exe => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\userinit.exe => Datoteka je digitalno potpisana
C:\Windows\system32\rpcss.dll => Datoteka je digitalno potpisana
C:\Windows\system32\dnsapi.dll => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\dnsapi.dll => Datoteka je digitalno potpisana
C:\Windows\system32\Drivers\volsnap.sys => Datoteka je digitalno potpisana


LastRegBack: 2016-05-21 14:57

==================== Kraj od FRST.txt ============================

Dopuna: 21 Maj 2016 16:05

Primetio sam da josuvek ima ovog sranja i kada igram League of Legends desi se zamo da client prestane sa radom i ne mogu da izbrisem nista desnim klikom>delete

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Ima da ...

Obrisi oba fixlist koja si skinuo/pravio ko zna odakle. Ne koristi script koji nije napisan za tvoj slucaj i prema tvom kompjuteru i logu jer skripte nekada mogu dovesti do ostecena operativnog sistema.

Zatim ...


1. FRST alat mora da se nalazi na Desktop-u a tebi se nalazi na 'C:\Users\Nikola\AppData\Local\Microsoft\Windows\INetCache\IE\OOTSS3CU'.

2. Preuzmi FixList sa ovog linka i sacuvaj ga na Desktop;
https://www.mycity.rs/must-login.png

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 23 Apr 2014
  • Poruke: 28

To sam negde na forumu video da je neko imao slicnih problema pa sam pokusao sa tim pre nego sto sam napravio temu...
ja sam preuzeo ovaj FRST i ono mi ga je automatski smestilo i pokrenulo...ja sada da izbacim fajl pod nazivom 'FRST' na desktop, da kreiram tekstualni dokument u koji treba da ubacim ovo sa linka, da pokrenem FRST i da pretisnem FIX...tako?
Samo proveravam da li sam dobro shvatio da ne uprskam nesto...

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Alat (koji se zove skraceno FRST) treba da se nalazi na Desktop-u (radna povrsina).
Preuzmi FixList koji sam ti okacio i sacuvaj ga takodje na Desktop-u.
Pokreni FRST, lupi Fix dugme i sacekaj. Racunar ce se restartovati ...


Postavi FixLog.txt izvestaj koji ce biti sacuvan na Desktop-u.

offline
  • Pridružio: 23 Apr 2014
  • Poruke: 28

Napisano: 21 Maj 2016 21:05

Evo, racunar se nije restartovao vec je u sekundi izbacio da je zavrsio i izaslo je ovo

Izveštaj ispravaka od Farbar Recovery Scan Tool (x64) Verzija:21-05-2016
Pokrenuo Nikola (2016-05-21 21:04:23) Run:2
Pokrenuto sa C:\Users\Nikola\Desktop
Učitani Profili: Nikola (Dostupani Profili: Nikola)
Režim pokretanja sistema: Normal
==============================================

fixlist sadržaj:
*****************
Start CreateRestorePoint: File: C:\ProgramData\svchost.exe.lnk File: C:\Windows\chromebrowser.exe CloseProcesses: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1 HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1 U2 QQRepair1816; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepair1816 [147176 2016-05-21] () S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairFixSVC [147176 2016-05-21] () R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\SRepairDrv [179320 2016-05-21] () R4 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernelEx64.sys [143992 2016-05-21] (Tencent Technology(Shenzhen) Company Limited) R1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUdisk64.sys [X] R1 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\softaal64.sys [X] R2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsNetHlpX64.sys [X] Unlock: C:\Windows\system32\Drivers\TAOKernelEx64.sys Unlock: C:\Windows\system32\Drivers\TFsFltX64.sys Unlock: :\ProgramData\xldl.dll Hosts: C:\Windows\system32\Drivers\TAOKernelEx64.sys C:\Program Files (x86)\Tencent C:\ProgramData\TXQMPC C:\Program Files\Common Files\Tencent C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???? C:\ProgramData\Tencent C:\Users\Nikola\AppData\Roaming\Tencent C:\Windows\system32\Drivers\TFsFltX64.sys C:\Program Files (x86)\Tencent C:\ProgramData\xldl.dll EmptyTemp: End
*****************

HKU\Start CreateRestorePoint: File: C:\ProgramData\svchost.exe.lnk File: C:\Windows\chromebrowser.exe CloseProcesses: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1 S-1-5-21-4227490223-4105165237-4186389179-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Greška postavljanja vrednosti.

==== Kraj od Fixlog 21:04:23 ====

Dopuna: 21 Maj 2016 21:07

Ali i dalje kada ulazim u explorer-u meni za pocetnu stranicu izbaca neki sajt hao.qq sa kineskim slovima

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Nije dobro izvrsen script ...idemo ponovo...

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

Start
CreateRestorePoint:
File: C:\ProgramData\svchost.exe.lnk
File: C:\Windows\chromebrowser.exe

CloseProcesses:
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1
U2 QQRepair1816; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepair1816 [147176 2016-05-21] ()
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairFixSVC [147176 2016-05-21] ()
R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\SRepairDrv [179320 2016-05-21] ()
R4 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernelEx64.sys [143992 2016-05-21] (Tencent Technology(Shenzhen) Company Limited)
R1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUdisk64.sys [X]
R1 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\softaal64.sys [X]
R2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsNetHlpX64.sys [X]

Unlock: C:\Windows\system32\Drivers\TAOKernelEx64.sys
Unlock: C:\Windows\system32\Drivers\TFsFltX64.sys
Unlock: :\ProgramData\xldl.dll

Hosts:
C:\Windows\system32\Drivers\TAOKernelEx64.sys
C:\Program Files (x86)\Tencent
C:\ProgramData\TXQMPC
C:\Program Files\Common Files\Tencent
C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
C:\ProgramData\Tencent
C:\Users\Nikola\AppData\Roaming\Tencent
C:\Windows\system32\Drivers\TFsFltX64.sys
C:\Program Files (x86)\Tencent
C:\ProgramData\xldl.dll

EmptyTemp:
End


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 23 Apr 2014
  • Poruke: 28

Izveštaj ispravaka od Farbar Recovery Scan Tool (x64) Verzija:21-05-2016
Pokrenuo Nikola (2016-05-21 22:15:09) Run:4
Pokrenuto sa C:\Users\Nikola\Desktop
Učitani Profili: Nikola (Dostupani Profili: Nikola)
Režim pokretanja sistema: Normal
==============================================

fixlist sadržaj:
*****************
Start
CreateRestorePoint:
File: C:\ProgramData\svchost.exe.lnk
File: C:\Windows\chromebrowser.exe

CloseProcesses:
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1
U2 QQRepair1816; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepair1816 [147176 2016-05-21] ()
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairFixSVC [147176 2016-05-21] ()
R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\SRepairDrv [179320 2016-05-21] ()
R4 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernelEx64.sys [143992 2016-05-21] (Tencent Technology(Shenzhen) Company Limited)
R1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUdisk64.sys [X]
R1 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\softaal64.sys [X]
R2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsNetHlpX64.sys [X]

Unlock: C:\Windows\system32\Drivers\TAOKernelEx64.sys
Unlock: C:\Windows\system32\Drivers\TFsFltX64.sys
Unlock: :\ProgramData\xldl.dll

Hosts:
C:\Windows\system32\Drivers\TAOKernelEx64.sys
C:\Program Files (x86)\Tencent
C:\ProgramData\TXQMPC
C:\Program Files\Common Files\Tencent
C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????
C:\ProgramData\Tencent
C:\Users\Nikola\AppData\Roaming\Tencent
C:\Windows\system32\Drivers\TFsFltX64.sys
C:\Program Files (x86)\Tencent
C:\ProgramData\xldl.dll

EmptyTemp:
End
*****************

Greška: (0) Neuspelo pravljenje tačke vraćanja.

========================= File: C:\ProgramData\svchost.exe.lnk ========================

====== Kraj od File: ======


========================= File: C:\Windows\chromebrowser.exe ========================

Datoteka nije potpisana
MD5: 2DD139FA66EAD9043141E69FA7F1502C
Datum kreiranja i modifikovanja: 2016-05-21 11:12 - 2016-05-21 11:12
Veličina: 2400202
Atributi: ----A
Ime Kompanije:
Interno Ime: suf_launch
Originalno Ime: suf_launch.exe
Proizvod: Setup Factory Runtime
Opis: Setup Application
Datoteka Verzija: 9.5.0.0
Proizvod Verzija: 9.5.0.0
Sva prava zadržana: Setup Engine Copyright © 2004-2015 Indigo Rose Corporation

====== Kraj od File: ======

Procesi su zatvoreni uspešno.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => vrednost uspešno vraćeno u predhodno stanje
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => vrednost uspešno vraćeno u predhodno stanje
QQRepair1816 => servis uspešno uklonjeno
QQRepairFixSVC => servis uspešno uklonjeno
SRepairDrv => Nije moguće zaustaviti servis.
SRepairDrv => servis uspešno uklonjeno
TAOKernelDriver => Nije moguće zaustaviti servis.
TAOKernelDriver => servis uspešno uklonjeno
QMUdisk => Nije moguće zaustaviti servis.
QMUdisk => servis uspešno uklonjeno
softaal => Nije moguće zaustaviti servis.
softaal => servis uspešno uklonjeno
tsnethlpx64 => Nije moguće zaustaviti servis.
tsnethlpx64 => servis uspešno uklonjeno
"C:\Windows\system32\Drivers\TAOKernelEx64.sys" => je otključan
"C:\Windows\system32\Drivers\TFsFltX64.sys" => je otključan
Unlock: :\ProgramData\xldl.dll => Greška: Ne postoji automacka popravka za ovu stavku.
C:\Windows\System32\Drivers\etc\hosts => uspešno premešteno
Hosts uspešno vraćeno u predhodno stanje.
C:\Windows\system32\Drivers\TAOKernelEx64.sys => uspešno premešteno
C:\Program Files (x86)\Tencent => uspešno premešteno
C:\ProgramData\TXQMPC => uspešno premešteno

"C:\Program Files\Common Files\Tencent" Fascikla premeštanje:

Nije uspelo premeštanje "C:\Program Files\Common Files\Tencent" => Planirano za premeštanje po ponovnom pokretanju.


=========== "C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" ==========

nije pronađena

========= Kraj -> "C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" ========


"C:\ProgramData\Tencent" Fascikla premeštanje:

Nije uspelo premeštanje "C:\ProgramData\Tencent" => Planirano za premeštanje po ponovnom pokretanju.

C:\Users\Nikola\AppData\Roaming\Tencent => uspešno premešteno
C:\Windows\system32\Drivers\TFsFltX64.sys => uspešno premešteno
"C:\Program Files (x86)\Tencent" => nije pronađena.
C:\ProgramData\xldl.dll => uspešno premešteno
EmptyTemp: => 220 MB privremeni podaci Uklonjeni.

Rezultat planiranih datoteka za premeštanje (Režim pokretanja sistema: Normal) (Datum&Vreme: 2016-05-21 22:17:33)

C:\Program Files\Common Files\Tencent => Je premešten uspešno
C:\ProgramData\Tencent => Je premešten uspešno

==== Kraj od Fixlog 22:17:34 ====

Vise ne otvara onaj kineski sajt kao pocetnu stranicu na pretrazivacu...

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

To bi trebalo biti to. Kakvo je sada stanje racunara?

offline
  • Pridružio: 23 Apr 2014
  • Poruke: 28

Cini mi se da sve radi kako treba i da nema vise onog sranja...
Hvala puno Very Happy

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Sledeća procedura će implementirati završno čišćenje.



Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.

Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;
Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.

Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno.


Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)
- Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
- DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Ko je trenutno na forumu
 

Ukupno su 1035 korisnika na forumu :: 58 registrovanih, 8 sakrivenih i 969 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Rade, arsa, babaroga, bojank, dane007, dankisha, DeerHunter, djboj, Djokislav, Djokkinen, Djordjevic, Doca, doklevise, DonRumataEstorski, Dorcolac, dragoljub11987, dule10savic, GandorCC, gorican, havoc995, ikan, Istman, Još malo pa deda, Klecaviks, kunktator, kybonacci, lord sir giga, LUDI, Luka Blažević, mercedesamg, Metanoja, mgolub, milenko crazy north, MiroslavD, Misirac, mnn2, mrav pesadinac, Nemanja.M, nemkea71, Neretva, oldtimer, pein, sap, sasa87, slonic_tonic, Stoilkovic, tubular, vathra, VJ, Vlad000, vladulns, voja64, Volkhov-M, Wrangler, yufighter, zixmix, zlaya011, 79693