kineski program

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Udjem na ctrl+ALT+delete da vidim pokrenute programe, posto sam video da mi se komp zamara, i provalim neka kineska slova
Hteo sam danas da instaliram neki programcic i skontao da mi je neki kineski antivirus upao
pokusao sam da ga lociram i izbrisem ali bezuspesno... kako da ga se resim...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav,

Postavi FRST izvestaje ovde. Neko od moderatora ce prebaciti ovu temu u Ambulantu.
http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ne razumem sta je FRST, slabo se razumem u racunare....znam da postoji neki teamviewer ili tako nesto preko cega bi neko drugi mogao da udje u moj racunar...je l bi mogao neko tako da mi resi ovaj problem?: D

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ne, ne pruzamo remote assistance. Da si procitao link koji sam ti lepo dao, znao bi sta je FRST.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 21 Maj 2016 14:28

Video sam da je to izvestaj onog programa koji je sacuvan u textualnom dokumentu nego nailazim na jos jedan problem. Ne mogu da skinem taj program zato sto ovaj kinez ne dozvoljava prijavu na windows account, a bez nje ne moze da se skine nista na racunaru...
Znaci primorava me da iskljucim zastitu ali ne znam kako
Imam windows 10

Dopuna: 21 Maj 2016 14:32

Uspeo sam da pokrenem farbar scan

+ Addition.txt


Additional izveštaj od Farbar Recovery Scan Tool (x64) Verzija:21-05-2016
Pokrenuo Nikola (2016-05-21 14:31:47)
Pokrenuto sa C:\Users\Nikola\AppData\Local\Microsoft\Windows\INetCache\IE\8P1K0IJJ
Windows 10 Pro (X64) (2015-12-13 22:31:05)
Režim pokretanja sistema: Normal
==========================================================


==================== Nalozi: =============================

Administrator (S-1-5-21-4227490223-4105165237-4186389179-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4227490223-4105165237-4186389179-503 - Limited - Disabled)
Guest (S-1-5-21-4227490223-4105165237-4186389179-501 - Limited - Disabled)
Nikola (S-1-5-21-4227490223-4105165237-4186389179-1001 - Administrator - Enabled) => C:\Users\Nikola

==================== Bezbednosni Centar ========================

(Ukoliko je stavka unešena u fixlist, ona će biti uklonjena.)

AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}

==================== Instalirani Programi ======================

(Samo adware programi sa "hidden" simbolom mogu biti dodati u fixlist da bi bili prikazani. Adware programi bi trebali biti ručno deinstalirani.)

µTorrent (HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
BitTorrent (HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\BitTorrent) (Version: 7.9.5.41373 - BitTorrent Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
cloudfront - Uninstall (HKLM-x32\...\{C0F919E7-8660-4590-9206-96D77E8518AD}) (Version: - )
Counter Strike 1.6 Classic Original (HKLM-x32\...\{B1EE6442-F9E5-4F14-BA56-8CF857B83E65}_is1) (Version: 1.1 - Counter-Strike)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
Malware Protection Live (HKLM-x32\...\MalwareProtectionLive) (Version: - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Graphics Driver 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.10.1-r112682-release - Plays.tv, LLC)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.1.0.9134 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)

==================== Prilagođen CLSID (Na Beloj Listi): ==========================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)


==================== Planirani Zadaci (Na Beloj Listi) =============

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

Task: {0508FDF8-F767-4050-8C84-1E409F7EAD05} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-05-10] (Microsoft Corporation)
Task: {072121FA-4436-44B3-836F-DB07BBAD8242} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {F7ADCBE9-578F-47CC-B9C4-33649DAC68BC} - System32\Tasks\Shefale Cloud => C:\Program Files (x86)\Shefale\shefaleCloudtask.exe [2016-05-19] () <==== Pažnja!

(Ukoliko je stavka unešena u fixlist, planirani zadaci (.job) datoteke će biti premeštene. Datoteka koju zadatak izvršava neće biti uklonjena.)


==================== Prečice =============================

(Stavka može biti navedena da bi bila vraćena ili uklonjena.)

==================== Učitani Moduli (Na Beloj Listi) ==============

2015-12-14 00:58 - 2015-07-15 04:04 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2015-12-13 18:20 - 2015-11-24 21:32 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-14 00:56 - 2015-08-11 11:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2016-04-12 22:21 - 2016-03-16 06:55 - 02495768 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-04-12 22:21 - 2016-03-16 06:55 - 02495768 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-12-14 00:55 - 2015-09-17 07:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-14 00:57 - 2015-11-25 06:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-14 00:57 - 2015-11-25 06:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

==================== Alternate Data Streams (Na Beloj Listi) =========

(Ukoliko je stavka unešena u fixlist, samo ce ADS biti uklonjen.)


==================== Bezbedni Režim (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. "AlternateShell" će biti vraćen na podrazumevanu vrednost..)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"

==================== Asocijacije (Na Beloj Listi) ===============

(Ukoliko je stavka unešena u fixlist, registru stavka ce biti vraćena na podrazumevanu vrednost ili uklonjena.)


==================== Internet Explorer pouzdano/ograničeno ===============

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra.)


==================== Hosts sadržaj: ===============================

(Ukoliko je potrebno, Hosts: direktiva može biti uključena u fixlist da postavi početnu Hosts vrednost.)

2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Ostale Oblasti ============================

(Trenutno ne postoji automatizovana popravka za ovu sekciju.)

HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.22
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall je omogućen

==================== MSCONFIG/TASK MANAGER isključeni unosi ==

(Trenutno ne postoji automatizovana popravka za ovu sekciju.)

HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "StereoLinksInstall"
HKLM\...\StartupApproved\Run32: => "svchost.exe -start"
HKLM\...\StartupApproved\Run32: => " QQPCTray"
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Na Beloj Listi) ===============

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{3810D6FC-AA6A-4D6C-80FC-6CD93347223B}C:\users\nikola\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\nikola\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{FC557557-2EE4-4352-8FF7-25BB55BBD888}C:\users\nikola\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\nikola\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [{7DE0FA27-032B-4430-9685-CCFC17402FE3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D6A7490E-9120-4019-8D7D-EE010C46DB0C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0C7046C6-5E58-47E9-9214-8DDF4FB8D198}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3CF2F732-B6DB-4357-AA41-6416D1D67419}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{42804C96-EA3E-46C5-A3A4-4F9BD318BB55}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{57901FBD-D0DA-4DB3-9B28-DAD998437800}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{66E00E48-FB78-4462-8172-2AEE91B15B07}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FF7F2642-CECD-4C7F-B3C7-216EBC027384}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{666F49E9-8ED7-41CF-A2C9-B0DEC8201A47}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{40F8569F-129C-49F2-A37A-BB852239E803}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6614F1A9-C03A-4CCA-A9B3-11F2D742998D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{39917963-B1C9-4583-9386-DF952FE164A8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{98C5F4DD-D481-418F-B16F-AC809073175C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{09D5CCAB-CB3D-47A9-B7A5-EAC9D42FBE62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{A9D2EC8E-5AED-4F23-9E5D-04EF21F8CB5A}D:\programi\skype\phone\skype.exe] => (Allow) D:\programi\skype\phone\skype.exe
FirewallRules: [UDP Query User{20BC382B-3378-41C3-BF27-E16F107013FA}D:\programi\skype\phone\skype.exe] => (Allow) D:\programi\skype\phone\skype.exe
FirewallRules: [{F66FA42A-F7B6-4BE6-839B-3CE42F55FF38}] => (Allow) C:\Users\Nikola\AppData\Local\Microsoft\Windows\INetCache\IE\BY1DB6HR\hdsentinel_trial_setup-72654718.exe
FirewallRules: [{061FF049-FA24-4075-90AA-C9EA463B7328}] => (Allow) C:\Users\Nikola\AppData\Local\Microsoft\Windows\INetCache\IE\BY1DB6HR\hdsentinel_trial_setup-72654718.exe
FirewallRules: [{B652E28F-0C08-45BD-BEBA-E5B47B1D0430}] => (Allow) C:\Users\Nikola\AppData\Local\Microsoft\Windows\INetCache\IE\OOTSS3CU\hdsentinel_setup-72655567.exe
FirewallRules: [{C817E8C7-8754-494E-8E6F-305576A186B3}] => (Allow) C:\Users\Nikola\AppData\Local\Microsoft\Windows\INetCache\IE\OOTSS3CU\hdsentinel_setup-72655567.exe
FirewallRules: [TCP Query User{728E4E5F-7BE6-46A6-99D0-C5122DCBFE07}E:\games\world_of_tanks\wotlauncher.exe] => (Block) E:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{5CD4BA9A-D656-4888-B72E-AFA16DA120CE}E:\games\world_of_tanks\wotlauncher.exe] => (Block) E:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{7D865F8D-46CC-4422-BE8F-04FC813ADC89}E:\games\world_of_tanks\worldoftanks.exe] => (Allow) E:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{F004A377-FD28-4E88-B44D-A7E0D5712675}E:\games\world_of_tanks\worldoftanks.exe] => (Allow) E:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{F382AA50-8B17-46F2-8597-161283866BE6}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A100EA2D-606D-4D02-BDC4-A3D330C07EF4}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{5EF48584-4795-487D-9A8F-E323D21C15AC}E:\games\counter-strike\hl.exe] => (Block) E:\games\counter-strike\hl.exe
FirewallRules: [UDP Query User{1B2CF83E-6915-4BA4-A853-2812CD6B93AF}E:\games\counter-strike\hl.exe] => (Block) E:\games\counter-strike\hl.exe
FirewallRules: [{48EDF767-0A31-45AE-9D79-3A1CC5C9F5E0}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{55B8D027-1310-418E-B6CE-C10A9196AE8F}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{765D0A90-E220-48AA-85F8-D2E12EAB4455}] => (Allow) C:\Users\Nikola\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7B66C945-2932-4044-8FE4-871F4689BB24}] => (Allow) C:\Users\Nikola\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{28FE8850-A044-420E-8322-33265EB54EF3}] => (Allow) C:\Users\Nikola\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A68B40DD-302D-4C6B-B179-826B00E2CA0C}] => (Allow) C:\Users\Nikola\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AED1B770-0747-4369-B50D-01EECD84CDC6}] => (Allow) C:\Users\Nikola\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B41F4CEB-50E6-44CE-8F2F-958E4EE734FD}] => (Allow) C:\Users\Nikola\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{91497E97-C61F-40DD-93A0-665161EE9B5F}] => (Allow) C:\ProgramData\download\MiniThunderPlatform.exe
FirewallRules: [{5A0A3015-215A-4E68-B82A-054B2D76404F}] => (Allow) C:\ProgramData\download\MiniThunderPlatform.exe
FirewallRules: [{36D47361-75F2-48D8-A162-13EF7546A4B1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCmgrInstallGuide.exe
FirewallRules: [{832A88FF-E679-4A74-AC13-4B21DA29549D}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{B108293D-4096-42E4-9BA5-29E793165BAA}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{D20E9FCA-F95F-4D94-9F52-CCB2F5775601}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe
FirewallRules: [{75EA5F89-9F3B-4F46-BD84-F052593111C3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCMgr.exe
FirewallRules: [{9A5C590A-1027-40EA-976B-0A3E2A65B5B4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCRTP.exe
FirewallRules: [{713292D5-0A75-4AAA-8700-7F7A0E040E42}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMDL.exe
FirewallRules: [{0C878C37-528C-4D7A-91AB-E2BACB1FF948}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\bugreport.exe
FirewallRules: [{A8F539B0-0F4A-4AFE-964A-8627CE16D6CC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCFileOpen.exe
FirewallRules: [{75840CFA-D672-45AE-8B60-D2E1CFD18012}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCLeakScan.exe
FirewallRules: [{4FA087D5-963B-4F88-9F52-25F09EA525B2}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPConfig.exe
FirewallRules: [{DB02DED4-B27D-4629-9842-EDBFA5F125E3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCSoftMgr.exe
FirewallRules: [{A3C2E550-A0DF-48DD-8765-9621AE06E388}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{D8A4D58F-6A2E-427E-B971-68CBA2D1A1BC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCBTU.exe
FirewallRules: [{6B21FF67-BD3F-4D6C-AF1C-7D5F47BFB5E2}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCClinic.exe
FirewallRules: [{4C7CE67C-5C0F-4D3B-A9E9-11F6C3C9371B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCLaunch.exe
FirewallRules: [{B24B5271-71B2-495C-A905-18411DF4248F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{99681BE9-E40E-49CA-87BE-F55574528962}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCSoftGame.exe
FirewallRules: [{5FF7FE73-8284-4CC8-B262-2936924693B4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCSysOptimize.exe
FirewallRules: [{C7560619-9D89-4F03-A667-83355238341F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCUpdateAVLib.exe
FirewallRules: [{20A6FDEE-8F63-4D58-9EC2-E495037BCAFC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQRepair.exe
FirewallRules: [{25C776D3-2F72-4FE9-AF00-15B4ABC1E086}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\Uninst.exe
FirewallRules: [{E512555D-5895-4EEB-A775-C97F8C9333BC}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCPatch.exe
FirewallRules: [{300B129B-A82E-45EE-A023-F3158737D785}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TpkUpdate.exe
FirewallRules: [{07FA3CD9-C818-49A7-919D-EDB33ED0B79D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMRouterMgr.exe
FirewallRules: [{DC340612-4B2F-4DD5-9558-8816AD1144E4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMAccountProtection.exe
FirewallRules: [{8A1C146C-F3A0-4EF2-BBD4-C030C7BAD416}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMAdBlock.exe

==================== Tačke Vraćanja =========================

Pažnja!: Oporavak Sistema is isključen

==================== Neispravni Uređaji Upravljač Uređajima =============


==================== Event log greške: =========================

Aplikacione greške:
==================
Error: (05/21/2016 02:28:55 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4188) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (05/21/2016 02:28:55 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4188) An attempt to create the file "C:\Windows\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (05/21/2016 02:28:44 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4188) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (05/21/2016 02:28:44 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4188) An attempt to create the file "C:\Windows\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (05/21/2016 02:28:34 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4188) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (05/21/2016 02:28:34 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4188) An attempt to create the file "C:\Windows\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (05/21/2016 02:28:24 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4188) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (05/21/2016 02:28:24 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4188) An attempt to create the file "C:\Windows\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (05/21/2016 02:28:13 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4188) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (05/21/2016 02:28:13 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4188) An attempt to create the file "C:\Windows\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).


Systemske greške:
=============
Error: (05/21/2016 02:21:59 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Usluga „Klijent smernica grupe“ se nije ispravno isključila nakon prijema kontrole pre isključivanja.

Error: (05/21/2016 02:21:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Dostignuto je vremensko ograničenje (30000 milisekundi) tokom čekanja da se usluga „Sync Host_Session1“ poveže.

Error: (05/21/2016 02:21:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Dostignuto je vremensko ograničenje (30000 milisekundi) tokom čekanja da se usluga „Skladište podataka o korisniku_Session1“ poveže.

Error: (05/21/2016 02:21:14 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Upravljač kontrole usluga je pokušao da izvrši korekciju (Ponovo pokrenite uslugu) nakon neočekivanog prekida usluge Skladište podataka o korisniku_Session1, ali ova korekcija nije uspela uz sledeću grešku:
%%1056

Error: (05/21/2016 02:21:05 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3LJ4T9R)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (05/21/2016 02:21:05 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3LJ4T9R)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (05/21/2016 02:21:05 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3LJ4T9R)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (05/21/2016 02:21:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usluga „Pristup podacima o korisniku_Session1“ se neočekivano prekinula. To se dogodilo 1 puta. Za 10000 milisekundi biće izvršena sledeća korekcija: Ponovo pokrenite uslugu.

Error: (05/21/2016 02:21:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usluga „Skladište podataka o korisniku_Session1“ se neočekivano prekinula. To se dogodilo 1 puta. Za 10000 milisekundi biće izvršena sledeća korekcija: Ponovo pokrenite uslugu.

Error: (05/21/2016 02:21:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usluga „Podaci o kontaktima_Session1“ se neočekivano prekinula. To se dogodilo 1 puta. Za 10000 milisekundi biće izvršena sledeća korekcija: Ponovo pokrenite uslugu.


==================== Informacije o Memoriji ===========================

Procesor: AMD FX(tm)-6300 Six-Core Processor
Postotak memorije u upotrebi: 20%
Ukupno fizičkog RAM-a: 8158.68 MB
Dostupno fizičkog RAM-a: 6454.09 MB
Ukupno Virtualnog: 9438.68 MB
Dostupno Virtualnog: 7346.18 MB

==================== Drajveri ================================

Drive c: () (Fixed) (Total:46.57 GB) (Free:0 GB) NTFS ==>[disk sa boot komponentama (dobijeno od BCD)]
Drive d: (Local Disk) (Fixed) (Total:102.48 GB) (Free:21.59 GB) NTFS
Drive e: (Novi volumen) (Fixed) (Total:732.42 GB) (Free:696.52 GB) NTFS
Drive f: (Novi volumen) (Fixed) (Total:199.09 GB) (Free:198.97 GB) NTFS

==================== MBR & Particiona Tabela ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: C6C3C6C3)
Partition 1: (Active) - (Size=46.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=102.5 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EF40B2A1)
Partition 1: (Not Active) - (Size=732.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=199.1 GB) - (Type=07 NTFS)

==================== Kraj od Addition.txt ============================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Dostavi FRST.txt takodje, on je osnova.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Izve�taj skeniranja od Farbar Recovery Scan Tool (FRST) (x64) Verzija:21-05-2016
Pokrenuo Nikola (administrator) na DESKTOP-3LJ4T9R (21-05-2016 14:30:57)
Pokrenuto sa C:\Users\Nikola\AppData\Local\Microsoft\Windows\INetCache\IE\8P1K0IJJ
U�itani Profili: Nikola (Dostupani Profili: Nikola)
Platform: Windows 10 Pro (X64) Jezik: srpski (latinica, Srbija)
Internet Explorer Verzija 11 (Podrazumevani pregleda�: Edge)
Re�im pokretanja sistema: Normal
Vodi� za Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Procesi (Na Beloj Listi) =================

(Ukoliko je stavka une�ena u fixlist, proces ce biti zatvoren. Datoteka nece biti preme�ten.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCRTP.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
(Tencent) C:\Program Files (x86)\Common Files\Tencent\QQDownload\130\Tencentdl.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\LicensingUI.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16719_none_11647d1561f368c0\TiWorker.exe


==================== Registar (Na Beloj Listi) ===========================

(Ukoliko je stavka une�ena u fixlist, registru stavka ce biti vra�ena na podrazumevanu vrednost ili uklonjena. Datoteka ne�e biti preme�tena.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM-x32\...\Run: [StereoLinksInstall] => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe [596784 2015-11-24] (NVIDIA Corporation)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-05-09] (Plays.tv, LLC)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe [362304 2016-05-21] (Tencent)
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => Nema Datoteke

==================== Internet (Na Beloj Listi) ====================

(Ukoliko je stavka une�ena u fixlist, ako je to registru stavka, bi�e uklonjena ili vra�ena na podrazumevanu vrednost.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.22
Tcpip\..\Interfaces\{b274b6aa-162a-4016-8dee-6c19f0e91b85}: [DhcpNameServer] 192.168.1.22

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSWebMon64.dat [2016-05-21] (Tencent)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-4227490223-4105165237-4186389179-1001 -> hxxp://www.google.rs/

FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\npQMExtensionsMozilla.dll [2016-05-21] (Tencent Technology (Shenzhen) Company Limited)

==================== Servisi (Na Beloj Listi) ========================

(Ukoliko je stavka une�ena u fixlist, bi�e uklonjena iz registra. Datoteka ne�e biti preme�tena ukoliko nije izlistana zasebno..)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-25] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-25] (NVIDIA Corporation)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-05-09] (Plays.tv, LLC)
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCRTP.exe [313936 2016-05-21] (Tencent)
U2 QQRepair1816; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepair1816 [147176 2016-05-21] ()
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairFixSVC [147176 2016-05-21] ()
S2 shefaleCloudservice; C:\Program Files (x86)\Shefale\shefaleCloudservice.exe [985752 2016-05-19] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drajveri (Na Beloj Listi) ==========================

(Ukoliko je stavka une�ena u fixlist, bi�e uklonjena iz registra. Datoteka ne�e biti preme�tena ukoliko nije izlistana zasebno..)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-11-25] (NVIDIA Corporation)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUdisk64.sys [184952 2016-05-18] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQSysMonX64.sys [154744 2016-05-21] (电脑管家)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R1 softaal; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\softaal64.sys [44664 2016-05-21] (Tencent)
R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\SRepairDrv [179320 2016-05-21] ()
R3 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [99480 2016-05-21] (Tencent)
R2 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernelEx64.sys [143992 2016-05-21] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [97400 2016-05-21] (电脑管家)
S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSDefenseBT64.sys [28984 2016-05-21] (Tencent)
R2 tsnethlpx64; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsNetHlpX64.sys [57976 2016-05-21] ()
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSSysKit64.sys [96888 2016-05-21] (电脑管家)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Na Beloj Listi) ===================

(Ukoliko je stavka une�ena u fixlist, bi�e uklonjena iz registra. Datoteka ne�e biti preme�tena ukoliko nije izlistana zasebno..)


==================== Mesec Dana Kreirane Datoteke i Fascikli ========

(Ukoliko je stavka une�ena u fixlist, Datoteka/Fascikla �e biti preme�tena.)

2016-05-21 14:30 - 2016-05-21 14:30 - 00000000 ____D C:\FRST
2016-05-21 14:23 - 2016-05-21 14:23 - 00016148 _____ C:\Windows\system32\DESKTOP-3LJ4T9R_Nikola_HistoryPrediction.bin
2016-05-21 14:16 - 2016-05-21 14:16 - 00000000 ____D C:\Users\Nikola\AppData\Local\ElevatedDiagnostics
2016-05-21 13:51 - 2016-05-21 13:51 - 00005744 _____ C:\Users\Nikola\Desktop\fixlist.txt
2016-05-21 13:51 - 2016-05-21 13:51 - 00005744 _____ C:\Users\Nikola\Desktop\ficlist.txt
2016-05-21 13:50 - 2016-05-21 13:50 - 00000000 _____ C:\Users\Nikola\Desktop\Novi tekstualni dokument.txt
2016-05-21 13:48 - 2016-05-21 13:48 - 00000000 ____D C:\Users\Nikola\AppData\Local\Plugins
2016-05-21 13:42 - 2016-05-21 13:42 - 00002203 _____ C:\ProgramData\svchost.exe.lnk
2016-05-21 11:28 - 2016-05-21 11:28 - 00008942 _____ C:\Windows\System32\Tasks\Shefale Cloud
2016-05-21 11:28 - 2016-05-21 11:28 - 00000718 __RSH C:\ProgramData\ntuser.pol
2016-05-21 11:28 - 2016-05-21 11:28 - 00000000 ____D C:\extensions
2016-05-21 11:27 - 2016-05-21 13:38 - 00000000 ____D C:\Program Files (x86)\Razoghchak
2016-05-21 11:27 - 2016-05-21 11:28 - 00000000 ____D C:\Program Files (x86)\Shefale
2016-05-21 11:27 - 2016-05-21 11:28 - 00000000 ____D C:\Program Files (x86)\Platoward
2016-05-21 11:27 - 2016-05-21 11:27 - 00001138 _____ C:\Users\Nikola\Desktop\Continue installation .lnk
2016-05-21 11:16 - 2016-05-21 14:23 - 00000000 ____D C:\ProgramData\TXQMPC
2016-05-21 11:16 - 2016-05-21 11:16 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-05-21 11:16 - 2016-05-21 11:15 - 00143992 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernelEx64.sys
2016-05-21 11:16 - 2016-05-21 11:15 - 00099480 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2016-05-21 11:15 - 2016-05-21 12:15 - 00000000 ____D C:\ProgramData\Tencent
2016-05-21 11:15 - 2016-05-21 11:38 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\Tencent
2016-05-21 11:15 - 2016-05-21 11:15 - 00097400 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2016-05-21 11:15 - 2016-05-21 11:15 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2016-05-21 11:15 - 2016-05-21 11:15 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-05-21 11:13 - 2016-05-21 11:13 - 00293320 _____ (深圳市迅雷网络技术有限公司) C:\ProgramData\xldl.dll
2016-05-21 11:13 - 2016-05-21 11:13 - 00000000 ____D C:\Users\Public\Thunder Network
2016-05-21 11:13 - 2016-05-21 11:13 - 00000000 ____D C:\ProgramData\Thunder Network
2016-05-21 11:13 - 2016-05-21 11:13 - 00000000 ____D C:\ProgramData\download
2016-05-21 11:12 - 2016-05-21 11:12 - 02400202 _____ C:\Windows\chromebrowser.exe
2016-05-21 10:49 - 2016-05-21 10:49 - 00347884 _____ C:\Users\Nikola\Downloads\odbrana sokratova.pdf
2016-05-21 10:34 - 2016-05-21 10:34 - 00002689 _____ C:\Users\Nikola\Desktop\�Torrent.lnk
2016-05-21 10:33 - 2016-05-21 13:33 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\uTorrent
2016-05-20 22:30 - 2016-05-20 22:30 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\Raptr
2016-05-20 22:29 - 2016-05-21 14:24 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\PlaysTV
2016-05-20 22:29 - 2016-05-20 22:29 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\library_dir
2016-05-20 22:29 - 2016-05-20 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlaysTV
2016-05-20 22:29 - 2016-05-20 22:29 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-05-20 22:29 - 2016-05-20 22:29 - 00000000 ____D C:\Program Files (x86)\PlaysTV
2016-05-10 20:45 - 2016-04-22 07:52 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-10 20:45 - 2016-04-22 07:44 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-10 20:45 - 2016-04-15 09:21 - 01085776 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-05-10 20:45 - 2016-04-15 08:43 - 00916800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-05-10 20:45 - 2016-04-15 08:18 - 24593408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-10 20:45 - 2016-04-15 08:14 - 00349184 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-05-10 20:45 - 2016-04-15 08:06 - 00602624 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-05-10 20:45 - 2016-04-15 08:05 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2016-05-10 20:45 - 2016-04-15 08:01 - 03586560 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-05-10 20:45 - 2016-04-15 08:01 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-05-10 20:45 - 2016-04-15 07:59 - 04791808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-10 20:45 - 2016-04-15 07:55 - 19325952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-10 20:45 - 2016-04-15 07:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2016-05-10 20:45 - 2016-04-15 07:39 - 03580416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-10 20:45 - 2016-04-09 12:58 - 01365584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-10 20:45 - 2016-04-09 12:53 - 01535032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-10 20:45 - 2016-04-09 12:52 - 00705520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-10 20:45 - 2016-04-09 12:52 - 00502504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-10 20:45 - 2016-04-09 12:12 - 08021856 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-10 20:45 - 2016-04-09 12:10 - 01824872 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-10 20:45 - 2016-04-09 12:10 - 00609976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-10 20:45 - 2016-04-09 12:06 - 01981280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-10 20:45 - 2016-04-09 12:05 - 01199368 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-10 20:45 - 2016-04-09 12:05 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2016-05-10 20:45 - 2016-04-09 12:04 - 02430304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-05-10 20:45 - 2016-04-09 12:04 - 01592360 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-10 20:45 - 2016-04-09 11:50 - 01515936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-10 20:45 - 2016-04-09 11:04 - 01780352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-10 20:45 - 2016-04-09 10:13 - 05160960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-05-10 20:45 - 2016-04-09 10:09 - 01380864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-10 20:45 - 2016-04-09 10:09 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-10 20:45 - 2016-04-09 10:09 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-05-10 20:45 - 2016-04-09 09:55 - 00373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-10 20:45 - 2016-04-09 09:54 - 00768000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-10 20:45 - 2016-04-09 09:52 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2016-05-10 20:45 - 2016-04-09 09:38 - 00464384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-05-10 20:45 - 2016-04-09 09:22 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2016-05-10 20:45 - 2016-04-09 09:18 - 11264000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-10 20:45 - 2016-04-09 09:18 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-05-10 20:45 - 2016-04-09 09:14 - 18798080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-05-10 20:45 - 2016-04-09 09:10 - 12504576 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-10 20:45 - 2016-04-09 09:09 - 06788608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-05-10 20:45 - 2016-04-09 09:06 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-10 20:45 - 2016-04-09 09:05 - 01602560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-10 20:45 - 2016-04-09 09:05 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-05-10 20:45 - 2016-04-09 08:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-10 20:45 - 2016-04-09 08:42 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-10 20:45 - 2016-04-09 08:41 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2016-05-10 20:45 - 2016-04-09 08:27 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-05-10 20:45 - 2016-04-09 08:13 - 21859328 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-05-10 20:45 - 2016-04-09 08:02 - 07521280 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-04-24 15:03 - 2016-04-24 15:03 - 00235944 ____R C:\Users\Nikola\Downloads\Presentation 2 (1).pptx
2016-04-24 15:03 - 2016-04-24 15:03 - 00235944 _____ C:\Users\Nikola\Downloads\Presentation 2.pptx

==================== Mesec Dana Modifikovane Datoteke i Fascikli ========

(Ukoliko je stavka une�ena u fixlist, Datoteka/Fascikla �e biti preme�tena.)

2016-05-21 14:25 - 2015-12-21 20:48 - 00000000 ____D C:\Users\Nikola\AppData\Local\CrashDumps
2016-05-21 14:22 - 2015-12-13 18:21 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-21 14:22 - 2015-07-10 14:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-21 14:22 - 2015-07-10 11:05 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-05-21 14:14 - 2015-12-13 17:49 - 00003378 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{04DC5424-BBC2-4748-8961-70E57534DF28}
2016-05-21 14:05 - 2015-12-13 17:53 - 00002224 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-05-21 13:52 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\AppReadiness
2016-05-21 13:48 - 2016-01-03 17:32 - 00000000 ____D C:\Users\Nikola\AppData\Local\MalwareProtectionLive
2016-05-21 13:40 - 2015-07-10 14:20 - 00202704 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-21 11:28 - 2015-07-10 13:04 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-05-21 11:28 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-05-21 11:15 - 2015-12-14 00:32 - 00000000 ____D C:\Users\Nikola\AppData\Local\VirtualStore
2016-05-20 22:30 - 2016-01-09 23:57 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\NVIDIA
2016-05-20 15:25 - 2015-12-25 22:48 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-20 14:34 - 2015-07-10 13:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-15 04:57 - 2015-12-14 00:32 - 00000000 ____D C:\Users\Nikola
2016-05-15 04:48 - 2016-01-08 22:08 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\ActivePresenter
2016-05-14 22:31 - 2015-07-10 12:55 - 00000000 ____D C:\Windows\CbsTemp
2016-05-12 19:46 - 2015-12-17 20:20 - 00000000 ____D C:\Users\Nikola\Desktop\Nova fascikla
2016-05-12 18:08 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\rescache
2016-05-11 21:50 - 2015-07-10 13:06 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-11 21:50 - 2015-07-10 13:06 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 13:22 - 2015-12-14 00:34 - 00830266 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-11 13:22 - 2015-07-10 13:02 - 00000000 ____D C:\Windows\INF
2016-05-11 11:21 - 2015-07-10 18:00 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-10 22:04 - 2015-12-15 15:17 - 00000000 ____D C:\Windows\system32\MRT
2016-05-10 21:58 - 2015-12-15 15:17 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-08 20:44 - 2015-12-17 01:23 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-03 12:05 - 2015-12-14 00:32 - 00000000 ____D C:\Users\Nikola\AppData\Local\Packages
2016-04-22 09:57 - 2015-12-13 21:27 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Datoteke u korenu nekih direktorijuma =======

2016-01-15 18:26 - 2016-01-15 18:26 - 0007598 _____ () C:\Users\Nikola\AppData\Local\Resmon.ResmonCfg
2016-05-21 13:42 - 2016-05-21 13:42 - 0002203 _____ () C:\ProgramData\svchost.exe.lnk
2016-05-21 11:13 - 2016-05-21 11:13 - 0293320 _____ (深圳市迅雷网络技术有限公司) C:\ProgramData\xldl.dll

Files to move or delete:
====================
C:\ProgramData\xldl.dll


Neke Datoteke u TEMP:
====================
C:\Users\Nikola\AppData\Local\Temp\acc.exe
C:\Users\Nikola\AppData\Local\Temp\ads.exe
C:\Users\Nikola\AppData\Local\Temp\appstart.exe
C:\Users\Nikola\AppData\Local\Temp\CodecFixDivx.exe
C:\Users\Nikola\AppData\Local\Temp\dxdiag.exe
C:\Users\Nikola\AppData\Local\Temp\MediaPlayer__11426.exe
C:\Users\Nikola\AppData\Local\Temp\msconfig.exe
C:\Users\Nikola\AppData\Local\Temp\nvStInst.exe
C:\Users\Nikola\AppData\Local\Temp\qqpcmgr_v11.5.17490.219_45527_Silence.exe


==================== Bamital & volsnap =================

(Ne postoji automatizovan popravak za datoteke koji nisu pro�le verifikaciju.)

C:\Windows\system32\winlogon.exe => Datoteka je digitalno potpisana
C:\Windows\system32\wininit.exe => Datoteka je digitalno potpisana
C:\Windows\explorer.exe => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\explorer.exe => Datoteka je digitalno potpisana
C:\Windows\system32\svchost.exe => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\svchost.exe => Datoteka je digitalno potpisana
C:\Windows\system32\services.exe => Datoteka je digitalno potpisana
C:\Windows\system32\User32.dll => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\User32.dll => Datoteka je digitalno potpisana
C:\Windows\system32\userinit.exe => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\userinit.exe => Datoteka je digitalno potpisana
C:\Windows\system32\rpcss.dll => Datoteka je digitalno potpisana
C:\Windows\system32\dnsapi.dll => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\dnsapi.dll => Datoteka je digitalno potpisana
C:\Windows\system32\Drivers\volsnap.sys => Datoteka je digitalno potpisana


LastRegBack: 2016-05-11 14:35

==================== Kraj od FRST.txt ============================

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Eto, vidis da se moze.

Prvo da probamo ovo da odradimo na jednostavniji nacin i bez velike filozofije.

Pronadji C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219 i u njemu bi trebao da se nalazi file Uninst.exe. Pokreni ga kao Administrator i klikci dugmice (kineska slova) dok ne ubodes dugme za potvrdu deinstalacije. Odgledaj video klip (od 0:50 -> ) za pomoc;



Malo se pomuci i kada uspes (ako uspes) javi rezultate da bih znao moj sledeci korak.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Sredjeno...
Dodjem ti pice
HVALA

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nije jos gotovo...

Ponovo pokreni FRST i iskopiraj mi svez FRST.txt da vidim ima li nekih ostataka.