Hoću proveru računara

Hoću proveru računara

Napisano: 20 Nov 2014 19:01

Kompjuter mi je sporiji u poslednje vreme. Kada otvaram neke programe, traje malo duže nego pre, onda zabaguje 2-5 sekunde i onda radi kako treba. I Mozilla povremeno zabaguje 5 sekunde pa proradi.
Želim da proverim svoj komp i da znam u čemu je problem pa zabaguje nakratko?

Dopuna: 20 Nov 2014 19:04

[quote="Marko Ivanović 2"]Kompjuter mi je sporiji u poslednje vreme. Kada otvaram neke programe, traje malo duže nego pre, onda zabaguje 2-5 sekunde i onda radi kako treba. I Mozilla povremeno zabaguje 5 sekunde pa proradi.
Ovo su pravi rezultati:



Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-11-2014
Ran by Home (administrator) on HOME-PC on 20-11-2014 19:00:33
Running from C:\Users\Home\Desktop
Loaded Profile: Home (Available profiles: Home)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: engleski (SAD)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\loggingserver.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Skillbrains) C:\Users\Home\AppData\Local\Skillbrains\lightshot\\Lightshot.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() D:\League of Legends\RADS\system\rads_user_kernel.exe
() D:\League of Legends\RADS\projects\lol_launcher\releases\\deploy\LoLLauncher.exe
() D:\League of Legends\RADS\projects\lol_patcher\releases\\deploy\LoLPatcher.exe
() D:\League of Legends\RADS\projects\lol_patcher\releases\\deploy\LoLPatcher.exe
() D:\League of Legends\RADS\projects\lol_patcher\releases\\deploy\LoLPatcher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3060248 2014-11-06] ()
HKU\S-1-5-21-3145937626-3286986765-835811450-1000\...\Run: [LightShot] => C:\Users\Home\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226560 2014-06-18] ()
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3145937626-3286986765-835811450-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3145937626-3286986765-835811450-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x71DEA046E22BCF01
HKU\S-1-5-21-3145937626-3286986765-835811450-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-rs
HKU\S-1-5-21-3145937626-3286986765-835811450-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
URLSearchHook: HKLM-x32 - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-3145937626-3286986765-835811450-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={24870B44-9554-484F-803E-A5A5BBCD58F1}&mid=071a1cc38db447d39433e1ccefac356f-bacaf10902b0c99645e4e6d549939f161787c654&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 09:09:03&v={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\\AVG Web TuneUp.dll (AVG)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer]

FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\tn32x1h6.default-1414483103292
FF NewTab: www.google.rs
FF Homepage: www.google.rs
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.10\\npsitesafety.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3145937626-3286986765-835811450-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Home\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\tn32x1h6.default-1414483103292\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pogodakyu.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\vokabular.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF Extension: AVG Web TuneUp - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\tn32x1h6.default-1414483103292\Extensions\avg@toolbar [2014-11-06]

CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google новчаник) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [1849368 2014-11-06] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 3xHybr64; C:\Windows\System32\DRIVERS\3xHybr64.sys [873216 2007-04-20] (Philips Semiconductors GmbH)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-11-06] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-10-19] (Disc Soft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [117152 2009-10-25] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [38944 2009-10-25] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832U_IRHID; C:\Windows\SysWOW64\DRIVERS\RTL2832U_IRHID.sys [44320 2009-10-05] (Realtek)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-20 18:58 - 2014-11-20 19:00 - 00022691 _____ () C:\Users\Home\Desktop\Addition.txt
2014-11-20 18:56 - 2014-11-20 19:01 - 00013412 _____ () C:\Users\Home\Desktop\FRST.txt
2014-11-20 18:56 - 2014-11-20 19:00 - 00000000 ____D () C:\FRST
2014-11-20 18:50 - 2014-11-20 18:53 - 02117120 _____ (Farbar) C:\Users\Home\Desktop\FRST64.exe
2014-11-20 17:01 - 2014-11-20 17:01 - 00000000 ____D () C:\Users\Home\AppData\Roaming\AVG2015
2014-11-20 16:59 - 2014-11-20 16:59 - 00000937 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-11-20 16:59 - 2014-11-20 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-11-20 16:56 - 2014-11-20 16:59 - 00000000 ____D () C:\ProgramData\AVG2015
2014-11-19 18:21 - 2014-11-19 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2014-11-18 21:36 - 2014-11-18 21:36 - 00000000 ____D () C:\Users\Home\Documents\default
2014-11-18 16:11 - 2014-11-20 17:30 - 00000000 ____D () C:\Users\Home\Documents\Euro Truck Simulator 2
2014-11-15 21:01 - 2014-11-20 18:36 - 00081371 _____ () C:\Windows\WindowsUpdate.log
2014-11-09 21:32 - 2014-11-09 21:32 - 00000000 ____D () C:\ProgramData\KONAMI
2014-11-09 21:32 - 2014-11-09 21:32 - 00000000 ____D () C:\Program Files (x86)\KONAMI
2014-11-06 09:09 - 2014-11-09 19:52 - 00000000 ____D () C:\Users\Home\AppData\Local\AVG Web TuneUp
2014-11-06 09:09 - 2014-11-06 10:10 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-11-06 09:09 - 2014-11-06 09:08 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-11-06 09:08 - 2014-11-06 09:09 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-11-06 09:08 - 2014-11-06 09:08 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-11-06 09:08 - 2014-11-06 09:08 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-10-29 21:35 - 2014-10-29 21:35 - 00263960 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-10-22 13:42 - 2014-10-22 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-22 13:42 - 2014-10-22 13:41 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-22 13:42 - 2014-10-22 13:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-22 13:42 - 2014-10-22 13:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-22 13:42 - 2014-10-22 13:41 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-21 14:03 - 2014-10-21 14:03 - 00000000 ____D () C:\Users\Home\Documents\TacticalIntervention

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-20 18:37 - 2013-04-02 16:56 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-20 18:21 - 2014-10-09 08:52 - 00000386 _____ () C:\Windows\Tasks\update-sys.job
2014-11-20 18:19 - 2013-09-30 08:25 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-20 18:06 - 2013-06-29 12:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-20 18:04 - 2014-10-17 07:16 - 00000000 ____D () C:\Users\Home\AppData\Local\Avg2015
2014-11-20 17:45 - 2013-07-30 18:46 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Disk Cleaner
2014-11-20 17:40 - 2013-12-20 16:13 - 00000000 ____D () C:\Users\Home\Desktop\Ikonice
2014-11-20 17:37 - 2014-06-10 19:15 - 00000000 ____D () C:\Users\Home\AppData\Roaming\uTorrent
2014-11-20 17:37 - 2013-04-02 18:06 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Winamp
2014-11-20 17:33 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-20 17:32 - 2014-04-19 10:14 - 00000000 ____D () C:\ProgramData\AVG2014
2014-11-20 17:32 - 2009-07-14 05:45 - 00020832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-20 17:32 - 2009-07-14 05:45 - 00020832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-20 17:31 - 2014-04-19 10:11 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-11-20 17:15 - 2014-10-09 08:52 - 00000386 _____ () C:\Windows\Tasks\update-S-1-5-21-3145937626-3286986765-835811450-1000.job
2014-11-20 17:01 - 2014-03-24 13:55 - 00000000 ___HD () C:\$AVG
2014-11-20 16:47 - 2014-03-27 20:00 - 00000000 ____D () C:\Users\Home\Desktop\Skice
2014-11-18 21:28 - 2014-10-09 08:52 - 00003258 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-3145937626-3286986765-835811450-1000
2014-11-18 21:28 - 2014-10-09 08:52 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-11-18 21:28 - 2014-08-17 15:35 - 00000435 _____ () C:\Users\Home\AppData\Local\UserProducts.xml
2014-11-15 21:22 - 2013-12-16 15:36 - 00000000 ____D () C:\Users\Home\AppData\Roaming\.minecraft
2014-11-14 17:14 - 2013-09-30 08:25 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-14 17:14 - 2013-09-30 08:25 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-14 17:14 - 2013-09-30 08:25 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-12 20:06 - 2013-06-29 12:14 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 20:06 - 2013-04-01 16:00 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 20:06 - 2013-04-01 16:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-11 17:46 - 2014-09-25 07:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 14:29 - 2013-07-11 12:18 - 00000000 ____D () C:\Users\Home\AppData\Roaming\DAEMON Tools Lite
2014-11-10 09:49 - 2013-12-11 18:47 - 00000000 ____D () C:\Users\Home\Documents\KONAMI
2014-11-09 21:37 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-02 16:27 - 2009-07-14 06:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-29 10:10 - 2009-07-14 06:08 - 00032564 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-24 18:24 - 2014-08-17 15:36 - 00000000 ____D () C:\Users\Home\Documents\Lightshot
2014-10-22 13:46 - 2014-04-25 20:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-21 14:40 - 2014-06-01 20:25 - 00000000 ____D () C:\ProgramData\Origin

Some content of TEMP:

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-07 11:56

==================== End Of Log ============================

Arrow Korak 1

Idi u Start -> Control Panel -> Programs and Features i deinstaliraj sljedeće programe:

AVG Web TuneUp
McAfee Security Scan Plus

Arrow Korak 2

Otvori Notepad i iskopiraj sljedeći tekst koji se nalazi unutar Kod polja.

HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3060248 2014-11-06] ()
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-3145937626-3286986765-835811450-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={24870B44-9554-484F-803E-A5A5BBCD58F1}&mid=071a1cc38db447d39433e1ccefac356f-bacaf10902b0c99645e4e6d549939f161787c654&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 09:09:03&v={searchTerms}
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\\AVG Web TuneUp.dll (AVG)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll (AVG Secure Search)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.10\\npsitesafety.dll No File
FF Extension: AVG Web TuneUp - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\tn32x1h6.default-1414483103292\Extensions\avg@toolbar [2014-11-06]
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\tn32x1h6.default-1414483103292\searchplugins\avg-secure-search.xml
R2 vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [1849368 2014-11-06] (AVG Secure Search)
C:\Program Files (x86)\AVG Web TuneUp
C:\Program Files (x86)\Common Files\AVG Secure Search
C:\Users\Home\AppData\Local\AVG Web TuneUp
C:\ProgramData\AVG Security Toolbar

U okviru Notepad-a klikni na File --> Save As
Fajl nazovi Fixlist i sačuvaj na Desktop
Dvoklikom ponovo pokreni FRST.exe
Klikni na Fix i sačekaj dok program ne završi.
Ukoliko program zatraži restart računara, omogući mu da to nesmetano obavi.
Nakon završetka rada, otvoriće se fixlog.txt, sa sadržajem koji treba da kopiraš u temu.
Takođe, na Desktop-u će se nalaziti (fixlog.txt).

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-11-2014
Ran by Home at 2014-11-21 12:22:34 Run:1
Running from C:\Users\Home\Desktop
Loaded Profile: Home (Available profiles: Home)
Boot Mode: Normal

Content of fixlist:
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3060248 2014-11-06] ()
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-3145937626-3286986765-835811450-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={24870B44-9554-484F-803E-A5A5BBCD58F1}&mid=071a1cc38db447d39433e1ccefac356f-bacaf10902b0c99645e4e6d549939f161787c654&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 09:09:03&v={searchTerms}
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\\AVG Web TuneUp.dll (AVG)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll (AVG Secure Search)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.10\\npsitesafety.dll No File
FF Extension: AVG Web TuneUp - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\tn32x1h6.default-1414483103292\Extensions\avg@toolbar [2014-11-06]
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\tn32x1h6.default-1414483103292\searchplugins\avg-secure-search.xml
R2 vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [1849368 2014-11-06] (AVG Secure Search)
C:\Program Files (x86)\AVG Web TuneUp
C:\Program Files (x86)\Common Files\AVG Secure Search
C:\Users\Home\AppData\Local\AVG Web TuneUp
C:\ProgramData\AVG Security Toolbar

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\vProt => Value not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3145937626-3286986765-835811450-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
"HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
"HKCR\Wow6432Node\PROTOCOLS\Handler\viprotocol" => Key not found.
"HKCR\Wow6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}" => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=,application/x-avg-sitesafety-plugin" => Key not found.
C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\tn32x1h6.default-1414483103292\Extensions\avg@toolbar not found.
C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\tn32x1h6.default-1414483103292\searchplugins\avg-secure-search.xml => Moved successfully.
vToolbarUpdater18.1.10 => Service not found.
C:\Program Files (x86)\AVG Web TuneUp => Moved successfully.
"C:\Program Files (x86)\Common Files\AVG Secure Search" => File/Directory not found.
"C:\Users\Home\AppData\Local\AVG Web TuneUp" => File/Directory not found.
C:\ProgramData\AVG Security Toolbar => Moved successfully.
EmtpyTemp: => Error: No automatic fix found for this entry.

==== End of Fixlog ====

Preuzmi Malwarebytes Anti-Rootkit (MBAR) sa sledeceg linka i sacuvaj ga na Desktop.

Dvoklikom pokreni MBAR () na ikonicu programa:
- Klikni OK na sledecem prozoru da bi dozvolio raspakivanje u zaseban mbar folder na desktop-u;
- mbar.exe ce biti startovan. Na nekim sistemima to moze da potraje nekoliko dodatnih sekundi, te pricekati pokretanje.;
- U uvodnom prozoru klikni dugme Next ukoliko si saglasan;

• Na 'Update Database' prozoru klik na dugme Update da bi preuzeo sveze definicije. Kada se ispise poruka 'Success: Database was successfully updated' klik na dugme Next;
• Pod sekcijom 'Scan Targets' proveri da su sve opcije stiklirane, te klikni na dugme Scan;

Obavestenje: sa nekim infekcijama moze se desiti da se prikaze neka od sledecih poruka:
- 'Could not load protection driver' => u tom slucaju klikni OK.
- 'Could not load DDA driver' => klikni Yes na to obavestenje da bi dozvolio ucitavanje nakon restarta. Dozvoli restart i nastavi sa ostatkom instrukcija posle restarta.

>> Ukoliko malware nije detektovan, klik na Exit dugme da zatvoris program. U sledecu poruku postavi mbar-log-year-month-day (sat-minuti-sekundi).txt i system-log.txt izveštaje.

>> Ukoliko su infekcija/e pronadjene, proveriti da li je obelezena opcija 'Create Restore Point' i klikni na dugme Cleanup! da bi uklonili pretnje.
- Procedura uklanjanje malware-a (scheduled) ce biti zakazana po restartu, bice prikazano obavestenje u pop-up prozoru. Klikni dugme Yes i sistem bi trebao da se restartuje i da zavrsi proceduru ciscenja.

Obavestenje! samo ukoliko je RootKit detektovan: - postaraj se da pokrenes fixdamage.exe alat koji se nalazi u mbar folderu, \Plugins\fixdamage.exe:
- Dvoklikom pokreni fixdamage, u crnom prozoru koji se otvori (command prompt) ukucaj Y (Y stoji za Yes) da bi nastavio izvrsenje, pricekati da alat odradi sve popravke ...
- Kada vidis poruku 'press any key to exit' popravka je kompletirana. Pritisnuti bilo koju tipku na tastaturi da bi se prozor zatvorio. Restartovati sistem.

Sledeci izvestaji ce biti formirani u mbar folderu.
1. mbar-log-year-month-day (hour-minute-second).txt
2. system-log.txt

Iskopiraj sadrzaj mbar log-a u poruku a system log okaci uz poruku koristeci opciju Prikači fajl.

  • Gde živiš: U kući



To bi bilo to.


Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore

Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.


Preporučujem da za zaštitu USB memorijskih uređaja koristiš MCShield.
Nema nikakve veze sa antivirus-om tj. neće ometati njegov rad, a pokazao se kao jedan od najboljih vida zaštite od malware-a koji se prenosi putem USB mem. uređaja.

Home Page MCShield-a: http://www.mcshield.net
Više o MCShield-u možeš saznati u ovoj temi: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v3.html
Facebook stranica MCShield-a: http://www.facebook.com/MCShield

Hvalaaaaaaa punooo. Sad je super i brže se diže sistem, i ne baguje ni malo Very Happy

