kineski program

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 21 Maj 2016 15:17

Izveštaj skeniranja od Farbar Recovery Scan Tool (FRST) (x64) Verzija:21-05-2016
Pokrenuo Nikola (administrator) na DESKTOP-3LJ4T9R (21-05-2016 15:16:38)
Pokrenuto sa C:\Users\Nikola\AppData\Local\Microsoft\Windows\INetCache\IE\OOTSS3CU
Učitani Profili: Nikola (Dostupani Profili: Nikola)
Platform: Windows 10 Pro (X64) Jezik: srpski (latinica, Srbija)
Internet Explorer Verzija 11 (Podrazumevani pregledač: Edge)
Režim pokretanja sistema: Normal
Vodič za Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Procesi (Na Beloj Listi) =================

(Ukoliko je stavka unešena u fixlist, proces ce biti zatvoren. Datoteka nece biti premešten.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\LicensingUI.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registar (Na Beloj Listi) ===========================

(Ukoliko je stavka unešena u fixlist, registru stavka ce biti vraćena na podrazumevanu vrednost ili uklonjena. Datoteka neće biti premeštena.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [StereoLinksInstall] => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe [596784 2015-11-24] (NVIDIA Corporation)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-05-09] (Plays.tv, LLC)
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Na Beloj Listi) ====================

(Ukoliko je stavka unešena u fixlist, ako je to registru stavka, biće uklonjena ili vraćena na podrazumevanu vrednost.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.22
Tcpip\..\Interfaces\{b274b6aa-162a-4016-8dee-6c19f0e91b85}: [DhcpNameServer] 192.168.1.22

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-4227490223-4105165237-4186389179-1001 -> hxxp://www.google.rs/

FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)

==================== Servisi (Na Beloj Listi) ========================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-25] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-25] (NVIDIA Corporation)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-05-09] (Plays.tv, LLC)
U2 QQRepair1816; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepair1816 [147176 2016-05-21] ()
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairFixSVC [147176 2016-05-21] ()
S2 shefaleCloudservice; C:\Program Files (x86)\Shefale\shefaleCloudservice.exe [985752 2016-05-19] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drajveri (Na Beloj Listi) ==========================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-11-25] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\SRepairDrv [179320 2016-05-21] ()
R4 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernelEx64.sys [143992 2016-05-21] (Tencent Technology(Shenzhen) Company Limited)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUdisk64.sys [X]
R1 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\softaal64.sys [X]
R2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsNetHlpX64.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Na Beloj Listi) ===================

(Ukoliko je stavka unešena u fixlist, biće uklonjena iz registra. Datoteka neće biti premeštena ukoliko nije izlistana zasebno..)


==================== Mesec Dana Kreirane Datoteke i Fascikli ========

(Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.)

2016-05-21 15:04 - 2016-05-21 15:04 - 00016148 _____ C:\Windows\system32\DESKTOP-3LJ4T9R_Nikola_HistoryPrediction.bin
2016-05-21 14:30 - 2016-05-21 15:16 - 00000000 ____D C:\FRST
2016-05-21 14:16 - 2016-05-21 14:16 - 00000000 ____D C:\Users\Nikola\AppData\Local\ElevatedDiagnostics
2016-05-21 13:51 - 2016-05-21 13:51 - 00005744 _____ C:\Users\Nikola\Desktop\fixlist.txt
2016-05-21 13:51 - 2016-05-21 13:51 - 00005744 _____ C:\Users\Nikola\Desktop\ficlist.txt
2016-05-21 13:50 - 2016-05-21 13:50 - 00000000 _____ C:\Users\Nikola\Desktop\Novi tekstualni dokument.txt
2016-05-21 13:48 - 2016-05-21 13:48 - 00000000 ____D C:\Users\Nikola\AppData\Local\Plugins
2016-05-21 13:42 - 2016-05-21 13:42 - 00002203 _____ C:\ProgramData\svchost.exe.lnk
2016-05-21 11:28 - 2016-05-21 11:28 - 00008942 _____ C:\Windows\System32\Tasks\Shefale Cloud
2016-05-21 11:28 - 2016-05-21 11:28 - 00000718 __RSH C:\ProgramData\ntuser.pol
2016-05-21 11:28 - 2016-05-21 11:28 - 00000000 ____D C:\extensions
2016-05-21 11:27 - 2016-05-21 13:38 - 00000000 ____D C:\Program Files (x86)\Razoghchak
2016-05-21 11:27 - 2016-05-21 11:28 - 00000000 ____D C:\Program Files (x86)\Shefale
2016-05-21 11:27 - 2016-05-21 11:28 - 00000000 ____D C:\Program Files (x86)\Platoward
2016-05-21 11:27 - 2016-05-21 11:27 - 00001138 _____ C:\Users\Nikola\Desktop\Continue installation .lnk
2016-05-21 11:16 - 2016-05-21 14:46 - 00000000 ____D C:\ProgramData\TXQMPC
2016-05-21 11:16 - 2016-05-21 11:16 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-05-21 11:16 - 2016-05-21 11:15 - 00143992 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernelEx64.sys
2016-05-21 11:15 - 2016-05-21 14:47 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2016-05-21 11:15 - 2016-05-21 14:47 - 00000000 ____D C:\ProgramData\Tencent
2016-05-21 11:15 - 2016-05-21 11:38 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\Tencent
2016-05-21 11:15 - 2016-05-21 11:15 - 00097400 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2016-05-21 11:15 - 2016-05-21 11:15 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-05-21 11:13 - 2016-05-21 11:13 - 00293320 _____ (深圳市迅雷网络技术有限公司) C:\ProgramData\xldl.dll
2016-05-21 11:13 - 2016-05-21 11:13 - 00000000 ____D C:\Users\Public\Thunder Network
2016-05-21 11:13 - 2016-05-21 11:13 - 00000000 ____D C:\ProgramData\Thunder Network
2016-05-21 11:13 - 2016-05-21 11:13 - 00000000 ____D C:\ProgramData\download
2016-05-21 11:12 - 2016-05-21 11:12 - 02400202 _____ C:\Windows\chromebrowser.exe
2016-05-21 10:49 - 2016-05-21 10:49 - 00347884 _____ C:\Users\Nikola\Downloads\odbrana sokratova.pdf
2016-05-21 10:34 - 2016-05-21 10:34 - 00002689 _____ C:\Users\Nikola\Desktop\µTorrent.lnk
2016-05-21 10:33 - 2016-05-21 13:33 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\uTorrent
2016-05-20 22:30 - 2016-05-20 22:30 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\Raptr
2016-05-20 22:29 - 2016-05-21 14:24 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\PlaysTV
2016-05-20 22:29 - 2016-05-20 22:29 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\library_dir
2016-05-20 22:29 - 2016-05-20 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlaysTV
2016-05-20 22:29 - 2016-05-20 22:29 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-05-20 22:29 - 2016-05-20 22:29 - 00000000 ____D C:\Program Files (x86)\PlaysTV
2016-05-10 20:45 - 2016-04-22 07:52 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-10 20:45 - 2016-04-22 07:44 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-10 20:45 - 2016-04-15 09:21 - 01085776 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-05-10 20:45 - 2016-04-15 08:43 - 00916800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-05-10 20:45 - 2016-04-15 08:18 - 24593408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-10 20:45 - 2016-04-15 08:14 - 00349184 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-05-10 20:45 - 2016-04-15 08:06 - 00602624 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-05-10 20:45 - 2016-04-15 08:05 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2016-05-10 20:45 - 2016-04-15 08:01 - 03586560 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-05-10 20:45 - 2016-04-15 08:01 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-05-10 20:45 - 2016-04-15 07:59 - 04791808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-10 20:45 - 2016-04-15 07:55 - 19325952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-10 20:45 - 2016-04-15 07:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2016-05-10 20:45 - 2016-04-15 07:39 - 03580416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-10 20:45 - 2016-04-09 12:58 - 01365584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-10 20:45 - 2016-04-09 12:53 - 01535032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-10 20:45 - 2016-04-09 12:52 - 00705520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-10 20:45 - 2016-04-09 12:52 - 00502504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-10 20:45 - 2016-04-09 12:12 - 08021856 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-10 20:45 - 2016-04-09 12:10 - 01824872 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-10 20:45 - 2016-04-09 12:10 - 00609976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-10 20:45 - 2016-04-09 12:06 - 01981280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-10 20:45 - 2016-04-09 12:05 - 01199368 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-10 20:45 - 2016-04-09 12:05 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2016-05-10 20:45 - 2016-04-09 12:04 - 02430304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-05-10 20:45 - 2016-04-09 12:04 - 01592360 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-10 20:45 - 2016-04-09 11:50 - 01515936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-10 20:45 - 2016-04-09 11:04 - 01780352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-10 20:45 - 2016-04-09 10:13 - 05160960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-05-10 20:45 - 2016-04-09 10:09 - 01380864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-10 20:45 - 2016-04-09 10:09 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-10 20:45 - 2016-04-09 10:09 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-05-10 20:45 - 2016-04-09 09:55 - 00373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-10 20:45 - 2016-04-09 09:54 - 00768000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-10 20:45 - 2016-04-09 09:52 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2016-05-10 20:45 - 2016-04-09 09:38 - 00464384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-05-10 20:45 - 2016-04-09 09:22 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2016-05-10 20:45 - 2016-04-09 09:18 - 11264000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-10 20:45 - 2016-04-09 09:18 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-05-10 20:45 - 2016-04-09 09:14 - 18798080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-05-10 20:45 - 2016-04-09 09:10 - 12504576 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-10 20:45 - 2016-04-09 09:09 - 06788608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-05-10 20:45 - 2016-04-09 09:06 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-10 20:45 - 2016-04-09 09:05 - 01602560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-10 20:45 - 2016-04-09 09:05 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-05-10 20:45 - 2016-04-09 08:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-10 20:45 - 2016-04-09 08:42 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-10 20:45 - 2016-04-09 08:41 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2016-05-10 20:45 - 2016-04-09 08:27 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-05-10 20:45 - 2016-04-09 08:13 - 21859328 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-05-10 20:45 - 2016-04-09 08:02 - 07521280 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-04-24 15:03 - 2016-04-24 15:03 - 00235944 ____R C:\Users\Nikola\Downloads\Presentation 2 (1).pptx
2016-04-24 15:03 - 2016-04-24 15:03 - 00235944 _____ C:\Users\Nikola\Downloads\Presentation 2.pptx

==================== Mesec Dana Modifikovane Datoteke i Fascikli ========

(Ukoliko je stavka unešena u fixlist, Datoteka/Fascikla će biti premeštena.)

2016-05-21 14:56 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\AppReadiness
2016-05-21 14:46 - 2015-12-13 17:53 - 00000000 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-05-21 14:46 - 2015-12-13 17:49 - 00000000 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{04DC5424-BBC2-4748-8961-70E57534DF28}
2016-05-21 14:25 - 2015-12-21 20:48 - 00000000 ____D C:\Users\Nikola\AppData\Local\CrashDumps
2016-05-21 14:22 - 2015-12-13 18:21 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-21 14:22 - 2015-07-10 14:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-21 14:22 - 2015-07-10 11:05 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-05-21 13:48 - 2016-01-03 17:32 - 00000000 ____D C:\Users\Nikola\AppData\Local\MalwareProtectionLive
2016-05-21 13:40 - 2015-07-10 14:20 - 00202704 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-21 11:28 - 2015-07-10 13:04 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-05-21 11:28 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-05-21 11:15 - 2015-12-14 00:32 - 00000000 ____D C:\Users\Nikola\AppData\Local\VirtualStore
2016-05-20 22:30 - 2016-01-09 23:57 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\NVIDIA
2016-05-20 15:25 - 2015-12-25 22:48 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-20 14:34 - 2015-07-10 13:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-15 04:57 - 2015-12-14 00:32 - 00000000 ____D C:\Users\Nikola
2016-05-15 04:48 - 2016-01-08 22:08 - 00000000 ____D C:\Users\Nikola\AppData\Roaming\ActivePresenter
2016-05-14 22:31 - 2015-07-10 12:55 - 00000000 ____D C:\Windows\CbsTemp
2016-05-12 19:46 - 2015-12-17 20:20 - 00000000 ____D C:\Users\Nikola\Desktop\Nova fascikla
2016-05-12 18:08 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\rescache
2016-05-11 21:50 - 2015-07-10 13:06 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-11 21:50 - 2015-07-10 13:06 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 13:22 - 2015-12-14 00:34 - 00830266 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-11 13:22 - 2015-07-10 13:02 - 00000000 ____D C:\Windows\INF
2016-05-11 11:21 - 2015-07-10 18:00 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-10 22:04 - 2015-12-15 15:17 - 00000000 ____D C:\Windows\system32\MRT
2016-05-10 21:58 - 2015-12-15 15:17 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-08 20:44 - 2015-12-17 01:23 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-03 12:05 - 2015-12-14 00:32 - 00000000 ____D C:\Users\Nikola\AppData\Local\Packages
2016-04-22 09:57 - 2015-12-13 21:27 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Datoteke u korenu nekih direktorijuma =======

2016-01-15 18:26 - 2016-01-15 18:26 - 0007598 _____ () C:\Users\Nikola\AppData\Local\Resmon.ResmonCfg
2016-05-21 13:42 - 2016-05-21 13:42 - 0002203 _____ () C:\ProgramData\svchost.exe.lnk
2016-05-21 11:13 - 2016-05-21 11:13 - 0293320 _____ (深圳市迅雷网络技术有限公司) C:\ProgramData\xldl.dll

Files to move or delete:
====================
C:\ProgramData\xldl.dll


Neke Datoteke u TEMP:
====================
C:\Users\Nikola\AppData\Local\Temp\acc.exe
C:\Users\Nikola\AppData\Local\Temp\ads.exe
C:\Users\Nikola\AppData\Local\Temp\appstart.exe
C:\Users\Nikola\AppData\Local\Temp\CodecFixDivx.exe
C:\Users\Nikola\AppData\Local\Temp\dxdiag.exe
C:\Users\Nikola\AppData\Local\Temp\MediaPlayer__11426.exe
C:\Users\Nikola\AppData\Local\Temp\msconfig.exe
C:\Users\Nikola\AppData\Local\Temp\nvStInst.exe
C:\Users\Nikola\AppData\Local\Temp\qqpcmgr_v11.5.17490.219_45527_Silence.exe


==================== Bamital & volsnap =================

(Ne postoji automatizovan popravak za datoteke koji nisu prošle verifikaciju.)

C:\Windows\system32\winlogon.exe => Datoteka je digitalno potpisana
C:\Windows\system32\wininit.exe => Datoteka je digitalno potpisana
C:\Windows\explorer.exe => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\explorer.exe => Datoteka je digitalno potpisana
C:\Windows\system32\svchost.exe => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\svchost.exe => Datoteka je digitalno potpisana
C:\Windows\system32\services.exe => Datoteka je digitalno potpisana
C:\Windows\system32\User32.dll => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\User32.dll => Datoteka je digitalno potpisana
C:\Windows\system32\userinit.exe => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\userinit.exe => Datoteka je digitalno potpisana
C:\Windows\system32\rpcss.dll => Datoteka je digitalno potpisana
C:\Windows\system32\dnsapi.dll => Datoteka je digitalno potpisana
C:\Windows\SysWOW64\dnsapi.dll => Datoteka je digitalno potpisana
C:\Windows\system32\Drivers\volsnap.sys => Datoteka je digitalno potpisana


LastRegBack: 2016-05-21 14:57

==================== Kraj od FRST.txt ============================

Dopuna: 21 Maj 2016 16:05

Primetio sam da josuvek ima ovog sranja i kada igram League of Legends desi se zamo da client prestane sa radom i ne mogu da izbrisem nista desnim klikom>delete

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Ima da ...

Obrisi oba fixlist koja si skinuo/pravio ko zna odakle. Ne koristi script koji nije napisan za tvoj slucaj i prema tvom kompjuteru i logu jer skripte nekada mogu dovesti do ostecena operativnog sistema.

Zatim ...


1. FRST alat mora da se nalazi na Desktop-u a tebi se nalazi na 'C:\Users\Nikola\AppData\Local\Microsoft\Windows\INetCache\IE\OOTSS3CU'.

2. Preuzmi FixList sa ovog linka i sacuvaj ga na Desktop;
https://www.mycity.rs/must-login.png

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

To sam negde na forumu video da je neko imao slicnih problema pa sam pokusao sa tim pre nego sto sam napravio temu...
ja sam preuzeo ovaj FRST i ono mi ga je automatski smestilo i pokrenulo...ja sada da izbacim fajl pod nazivom 'FRST' na desktop, da kreiram tekstualni dokument u koji treba da ubacim ovo sa linka, da pokrenem FRST i da pretisnem FIX...tako?
Samo proveravam da li sam dobro shvatio da ne uprskam nesto...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Alat (koji se zove skraceno FRST) treba da se nalazi na Desktop-u (radna povrsina).
Preuzmi FixList koji sam ti okacio i sacuvaj ga takodje na Desktop-u.
Pokreni FRST, lupi Fix dugme i sacekaj. Racunar ce se restartovati ...


Postavi FixLog.txt izvestaj koji ce biti sacuvan na Desktop-u.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 21 Maj 2016 21:05

Evo, racunar se nije restartovao vec je u sekundi izbacio da je zavrsio i izaslo je ovo

Izveštaj ispravaka od Farbar Recovery Scan Tool (x64) Verzija:21-05-2016
Pokrenuo Nikola (2016-05-21 21:04:23) Run:2
Pokrenuto sa C:\Users\Nikola\Desktop
Učitani Profili: Nikola (Dostupani Profili: Nikola)
Režim pokretanja sistema: Normal
==============================================

fixlist sadržaj:
*****************
Start CreateRestorePoint: File: C:\ProgramData\svchost.exe.lnk File: C:\Windows\chromebrowser.exe CloseProcesses: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1 HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1 U2 QQRepair1816; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepair1816 [147176 2016-05-21] () S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairFixSVC [147176 2016-05-21] () R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\SRepairDrv [179320 2016-05-21] () R4 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernelEx64.sys [143992 2016-05-21] (Tencent Technology(Shenzhen) Company Limited) R1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUdisk64.sys [X] R1 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\softaal64.sys [X] R2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsNetHlpX64.sys [X] Unlock: C:\Windows\system32\Drivers\TAOKernelEx64.sys Unlock: C:\Windows\system32\Drivers\TFsFltX64.sys Unlock: :\ProgramData\xldl.dll Hosts: C:\Windows\system32\Drivers\TAOKernelEx64.sys C:\Program Files (x86)\Tencent C:\ProgramData\TXQMPC C:\Program Files\Common Files\Tencent C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???? C:\ProgramData\Tencent C:\Users\Nikola\AppData\Roaming\Tencent C:\Windows\system32\Drivers\TFsFltX64.sys C:\Program Files (x86)\Tencent C:\ProgramData\xldl.dll EmptyTemp: End
*****************

HKU\Start CreateRestorePoint: File: C:\ProgramData\svchost.exe.lnk File: C:\Windows\chromebrowser.exe CloseProcesses: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1 S-1-5-21-4227490223-4105165237-4186389179-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Greška postavljanja vrednosti.

==== Kraj od Fixlog 21:04:23 ====

Dopuna: 21 Maj 2016 21:07

Ali i dalje kada ulazim u explorer-u meni za pocetnu stranicu izbaca neki sajt hao.qq sa kineskim slovima

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nije dobro izvrsen script ...idemo ponovo...

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

Start
CreateRestorePoint:
File: C:\ProgramData\svchost.exe.lnk
File: C:\Windows\chromebrowser.exe

CloseProcesses:
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1
U2 QQRepair1816; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepair1816 [147176 2016-05-21] ()
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairFixSVC [147176 2016-05-21] ()
R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\SRepairDrv [179320 2016-05-21] ()
R4 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernelEx64.sys [143992 2016-05-21] (Tencent Technology(Shenzhen) Company Limited)
R1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUdisk64.sys [X]
R1 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\softaal64.sys [X]
R2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsNetHlpX64.sys [X]

Unlock: C:\Windows\system32\Drivers\TAOKernelEx64.sys
Unlock: C:\Windows\system32\Drivers\TFsFltX64.sys
Unlock: :\ProgramData\xldl.dll

Hosts:
C:\Windows\system32\Drivers\TAOKernelEx64.sys
C:\Program Files (x86)\Tencent
C:\ProgramData\TXQMPC
C:\Program Files\Common Files\Tencent
C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
C:\ProgramData\Tencent
C:\Users\Nikola\AppData\Roaming\Tencent
C:\Windows\system32\Drivers\TFsFltX64.sys
C:\Program Files (x86)\Tencent
C:\ProgramData\xldl.dll

EmptyTemp:
End

2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Izveštaj ispravaka od Farbar Recovery Scan Tool (x64) Verzija:21-05-2016
Pokrenuo Nikola (2016-05-21 22:15:09) Run:4
Pokrenuto sa C:\Users\Nikola\Desktop
Učitani Profili: Nikola (Dostupani Profili: Nikola)
Režim pokretanja sistema: Normal
==============================================

fixlist sadržaj:
*****************
Start
CreateRestorePoint:
File: C:\ProgramData\svchost.exe.lnk
File: C:\Windows\chromebrowser.exe

CloseProcesses:
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1
U2 QQRepair1816; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepair1816 [147176 2016-05-21] ()
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairFixSVC [147176 2016-05-21] ()
R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\SRepairDrv [179320 2016-05-21] ()
R4 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernelEx64.sys [143992 2016-05-21] (Tencent Technology(Shenzhen) Company Limited)
R1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUdisk64.sys [X]
R1 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\softaal64.sys [X]
R2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsNetHlpX64.sys [X]

Unlock: C:\Windows\system32\Drivers\TAOKernelEx64.sys
Unlock: C:\Windows\system32\Drivers\TFsFltX64.sys
Unlock: :\ProgramData\xldl.dll

Hosts:
C:\Windows\system32\Drivers\TAOKernelEx64.sys
C:\Program Files (x86)\Tencent
C:\ProgramData\TXQMPC
C:\Program Files\Common Files\Tencent
C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????
C:\ProgramData\Tencent
C:\Users\Nikola\AppData\Roaming\Tencent
C:\Windows\system32\Drivers\TFsFltX64.sys
C:\Program Files (x86)\Tencent
C:\ProgramData\xldl.dll

EmptyTemp:
End
*****************

Greška: (0) Neuspelo pravljenje tačke vraćanja.

========================= File: C:\ProgramData\svchost.exe.lnk ========================

====== Kraj od File: ======


========================= File: C:\Windows\chromebrowser.exe ========================

Datoteka nije potpisana
MD5: 2DD139FA66EAD9043141E69FA7F1502C
Datum kreiranja i modifikovanja: 2016-05-21 11:12 - 2016-05-21 11:12
Veličina: 2400202
Atributi: ----A
Ime Kompanije:
Interno Ime: suf_launch
Originalno Ime: suf_launch.exe
Proizvod: Setup Factory Runtime
Opis: Setup Application
Datoteka Verzija: 9.5.0.0
Proizvod Verzija: 9.5.0.0
Sva prava zadržana: Setup Engine Copyright © 2004-2015 Indigo Rose Corporation

====== Kraj od File: ======

Procesi su zatvoreni uspešno.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => vrednost uspešno vraćeno u predhodno stanje
HKU\S-1-5-21-4227490223-4105165237-4186389179-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => vrednost uspešno vraćeno u predhodno stanje
QQRepair1816 => servis uspešno uklonjeno
QQRepairFixSVC => servis uspešno uklonjeno
SRepairDrv => Nije moguće zaustaviti servis.
SRepairDrv => servis uspešno uklonjeno
TAOKernelDriver => Nije moguće zaustaviti servis.
TAOKernelDriver => servis uspešno uklonjeno
QMUdisk => Nije moguće zaustaviti servis.
QMUdisk => servis uspešno uklonjeno
softaal => Nije moguće zaustaviti servis.
softaal => servis uspešno uklonjeno
tsnethlpx64 => Nije moguće zaustaviti servis.
tsnethlpx64 => servis uspešno uklonjeno
"C:\Windows\system32\Drivers\TAOKernelEx64.sys" => je otključan
"C:\Windows\system32\Drivers\TFsFltX64.sys" => je otključan
Unlock: :\ProgramData\xldl.dll => Greška: Ne postoji automacka popravka za ovu stavku.
C:\Windows\System32\Drivers\etc\hosts => uspešno premešteno
Hosts uspešno vraćeno u predhodno stanje.
C:\Windows\system32\Drivers\TAOKernelEx64.sys => uspešno premešteno
C:\Program Files (x86)\Tencent => uspešno premešteno
C:\ProgramData\TXQMPC => uspešno premešteno

"C:\Program Files\Common Files\Tencent" Fascikla premeštanje:

Nije uspelo premeštanje "C:\Program Files\Common Files\Tencent" => Planirano za premeštanje po ponovnom pokretanju.


=========== "C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" ==========

nije pronađena

========= Kraj -> "C:\Users\Nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" ========


"C:\ProgramData\Tencent" Fascikla premeštanje:

Nije uspelo premeštanje "C:\ProgramData\Tencent" => Planirano za premeštanje po ponovnom pokretanju.

C:\Users\Nikola\AppData\Roaming\Tencent => uspešno premešteno
C:\Windows\system32\Drivers\TFsFltX64.sys => uspešno premešteno
"C:\Program Files (x86)\Tencent" => nije pronađena.
C:\ProgramData\xldl.dll => uspešno premešteno
EmptyTemp: => 220 MB privremeni podaci Uklonjeni.

Rezultat planiranih datoteka za premeštanje (Režim pokretanja sistema: Normal) (Datum&Vreme: 2016-05-21 22:17:33)

C:\Program Files\Common Files\Tencent => Je premešten uspešno
C:\ProgramData\Tencent => Je premešten uspešno

==== Kraj od Fixlog 22:17:34 ====

Vise ne otvara onaj kineski sajt kao pocetnu stranicu na pretrazivacu...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

To bi trebalo biti to. Kakvo je sada stanje racunara?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Cini mi se da sve radi kako treba i da nema vise onog sranja...
Hvala puno

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

• Sledeća procedura će implementirati završno čišćenje.



Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.

Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;
Remove disinfection tools
Create registry backup
Purge System Restore

Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.

Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Ukoliko neki alat ili izveštaj nije uklonjen, slobodno ih obriši ručno.


Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)
- Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
- DelFix briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.