Provera kompjutera

Provera kompjutera

offline
  • Marko
  • Pridružio: 30 Maj 2013
  • Poruke: 425
  • Gde živiš: U kući

Napisano: 22 Sep 2013 18:50

Kao što kaže naslov želim da proverim kompjuter... Imam spybot koji nije našao ništa, AVG antivirus takođe. Znači želim proveru od malwarea virusa... Evo izveštaja:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.25.2
Run by Home at 18:48:37 on 2013-09-22
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.3545.2201 [GMT 2:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\LemurLeap\updateLemurLeap.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\AUDIODG.EXE
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: LemurLeap: {415419c3-dad0-4df1-ac37-22c72ad81878} - C:\Program Files (x86)\LemurLeap\LemurLeapbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{A2EEAB71-9E59-4F0A-A90F-D432E29D2661} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\94yugiu7.default\
FF - prefs.js: browser.startup.homepage - www.google.rs
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-5 45880]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-7-20 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-4-1 235520]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-7-23 283136]
R2 Update LemurLeap;Update LemurLeap;C:\Program Files (x86)\LemurLeap\updateLemurLeap.exe [2013-8-31 206624]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2013-4-1 110744]
S3 3xHybr64;3xHybrid service;C:\Windows\System32\drivers\3xHybr64.sys [2007-4-20 873216]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 RTL2832U_IRHID;HID Infrared Remote Receiver;C:\Windows\System32\drivers\RTL2832U_IRHID.sys [2013-5-30 44320]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver;C:\Windows\System32\drivers\RTL2832UBDA.sys [2013-5-30 117152]
S3 RTL2832UUSB;REALTEK 2832U USB Driver;C:\Windows\System32\drivers\RTL2832UUSB.sys [2013-5-30 38944]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Usluga tehnologije aktivacije operativnog sistema Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-4-1 1255736]
SUnknown tsusbhub;tsusbhub; [x]
.
=============== Created Last 30 ================
.
2013-09-22 14:50:38 -------- d-----w- C:\Program Files (x86)\Counter-Strike 1.6
2013-09-20 11:44:42 -------- d-----w- C:\Program Files (x86)\LemurLeap
2013-09-20 11:44:08 -------- d-----w- C:\Users\Home\AppData\Local\SwvUpdater
2013-09-14 13:36:35 -------- d-----w- C:\Users\Home\AppData\Roaming\smc
2013-09-14 13:02:04 -------- d-----w- C:\Program Files\Games By GG releases
2013-09-07 11:38:05 -------- d-----w- C:\Users\Home\AppData\Roaming\Wise Registry Cleaner
2013-09-04 23:43:42 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2013-08-29 17:57:10 -------- d-----w- C:\ProgramData\BlueStacksSetup
.
==================== Find3M ====================
.
2013-09-10 19:07:17 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-10 19:07:17 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-19 23:51:00 311608 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2013-07-19 23:50:56 71480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2013-07-19 23:50:56 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-07-19 23:50:50 206648 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-06-30 23:45:28 116536 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
.
============= FINISH: 18:49:01,77 ===============

https://www.mycity.rs/must-login.png

Dopuna: 22 Sep 2013 19:10

I da zaboravio sam ako ima nekih programa za de-instalaciju recite mi, i evo GMER izveštaja:

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png


https://www.mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Pozdrav,

Nema ovde malware-a. Imas jedan jasan adware unos, verovatno je dosao od nekud sa instalacijom a to cemo sada i ukloniti.


Start > Control Panel > Program and Features i tamo deinstaliraj sledece:
LemurLeap 3.0.0

Restartuj racunar a potom radimo dodatno uklanjanje (da budemo sigurni ) + dodatnu proveru.



Preuzmi zoek.zip () sa ovog ili ovog linka i sačuvaj ga na Desktop.

Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:

LemurLeap 3.0.0;u
filesrcm;
startupall;
{415419c3-dad0-4df1-ac37-22c72ad81878};c
C:\Program Files (x86)\LemurLeap;fs
Update LemurLeap;s
firefoxlook;
chromelook;
autoclean;


Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadrzaj tog loga u poruku.

offline
  • Marko
  • Pridružio: 30 Maj 2013
  • Poruke: 425
  • Gde živiš: U kući

Napisano: 22 Sep 2013 20:21

Zoek.exe Version 4.0.0.4 Updated 19-September-2013
Tool run by Home on ned 22.09.2013 at 20:10:35,44.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Home\Downloads\zoek\zoek.exe [Script inserted]

==== System Restore Info ======================

22.9.2013 20:11:21 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3145937626-3286986765-835811450-1000\Software\Microsoft\Internet Explorer\SearchScopes\{18401191-9920-4692-8096-1EA7F09EA828} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

"C:\Program Files (x86)\LemurLeap" not found
"C:\Windows\tasks\AmiUpdXp.job" deleted
"C:\Users\Home\AppData\Local\MarineAquarium3Free_57" deleted
"C:\Users\Home\AppData\Local\SwvUpdater" deleted
"C:\Users\Home\AppData\LocalLow\MarineAquarium3Free_57" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Home\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-09-22 18:00:31 297BCF86E40731F5F3B712A0F744B649 414656 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT
====== C:\Windows\Sysnative\drivers =====
2013-09-04 23:43:42 4494718783294ECFFBA7E89D82BAE6E1 45880 ----a-w- C:\Windows\Sysnative\drivers\avgrkx64.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-09-14 13:02:04 -------- d-----w- C:\Program Files\Games By GG releases
======= C:\Program Files (x86) =====
2013-09-22 14:50:38 -------- d-----w- C:\Program Files (x86)\Counter-Strike 1.6
======= C: =====
====== C:\Users\Home\AppData\Roaming ======
2013-09-22 17:33:27 8377B8A4F14EA724DFE3224458CE680F 12155975 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache-S-1-5-21-3145937626-3286986765-835811450-1000-8192.dat
2013-09-22 17:33:27 6FAEDF1E2124CEA0F2FC33B886417A2E 382588 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache-System.dat
2013-09-22 14:52:06 -------- d-----w- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2013-09-14 13:36:35 -------- d-----w- C:\Users\Home\AppData\Roaming\smc
2013-09-14 13:03:12 -------- d-----w- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Secret Maryo Chronicles
2013-09-07 13:35:41 -------- d-----w- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-09-07 11:38:05 -------- d-----w- C:\Users\Home\AppData\Roaming\Wise Registry Cleaner
====== C:\Users\Home ======
2013-09-22 14:52:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2013-09-21 07:47:19 5561252434E5ACC5DD58ACE0886ABBD1 730112 ----a-w- C:\Users\Home\Desktop\dclean.exe
2013-09-20 11:55:29 6776FDB93F4F37021D32D7340EE2D558 352768 ----a-w- C:\Users\Home\Desktop\Minecraft.exe
2013-09-14 13:03:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secret Maryo Chronicles
2013-09-13 06:52:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2013-08-29 17:57:10 -------- d-----w- C:\ProgramData\BlueStacksSetup

====== C: exe-files ==
2013-09-22 14:50:39 A4E575C4307E41564A7591BC25F74D1C 346364 ----a-w- C:\Program Files (x86)\Counter-Strike 1.6\Uninstal.exe
2013-09-22 12:00:02 5AFDC6027E4A101EC3FD143273C65A66 188803755 ----a-w- C:\Users\Home\Downloads\Counter Strike 1.6\Counter Strike 1.6 Maps.exe
2013-09-22 11:59:27 F8CEC41BCC62AC70865D0056242D4E69 314177167 ----a-w- C:\Users\Home\Downloads\Counter Strike 1.6\Counter Strike 1.6 Final.exe
2013-09-21 07:47:19 5561252434E5ACC5DD58ACE0886ABBD1 730112 ----a-w- C:\Users\Home\Desktop\dclean.exe
2013-09-20 11:55:29 6776FDB93F4F37021D32D7340EE2D558 352768 ----a-w- C:\Users\Home\Desktop\Minecraft.exe
2013-09-20 06:27:48 0B1CD71CE29E8123A664A5B40153D2FE 1915744 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.76\29.0.1547.76_29.0.1547.66_chrome_updater.exe
=== C: other files ==
2013-09-20 11:55:43 A9DB9CEB54475ED2BB47A8FF0C888A61 30810015 ----a-w- C:\Users\Home\AppData\Roaming\.minecraft\gamefiles.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3145937626-3286986765-835811450-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BCSSync"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MCShield Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MCShield Monitor"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\MCShield\\MCShieldRTM.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WinampAgent"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Winamp\\winampa.exe\""


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01.07.2013 21:17]
C:\Windows\tasks\schedule\Undetermined Task.exe []

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\94yugiu7.default
E5AF72B7353FF8D431A7C463A4229524 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash
AE7B288233C212C62CD544BF768C45E6 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll - Shockwave for Director / Shockwave for Director
2EE9DCAE1D70ABF4D058688DE35F8221 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.16
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System


==== Chrome Look ======================

Docs - Home - default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Home - default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Home - default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Home - default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - Home - default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Home\AppData\Local\Mozilla\Firefox\Profiles\94yugiu7.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Home\AppData\Local\Google\Chrome\User Data\default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Home\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on ned 22.09.2013 at 20:20:37,12 ======================

Dopuna: 22 Sep 2013 20:26

I da te pitam još nešto smem li da skinem anti-malware ranije kad sam ga skinuo da windows xp i tad sam imao eset nod32 antivirus 5 kočilo mi je. Kad sam kupio novo kućište nisam pokušavao da ga skinem. Tvoja preporuka?

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

magna86 nije danas u mogućnosti da ti odgovori pa ću ja.

Čist si što se malware-a i junkware-a tiče. Ostaje ti još da uradiš sljedeće:

Arrow

Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop

Dvoklikom pokreni program.

Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings


Klikni na dugme "Run" i pričekaj da program završi rad.
Kada alat završi, otvoriće izvestaj u notepadu.

Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt



Arrow

Posjeti temu Testirajte da li vam je pretraživač ranjiv, pročitaj i isprati link koji stoji u njoj.



Arrow

Preporučujem da za zaštitu USB memorijskih uređaja koristiš MCShield.
Nema nikakve veze sa antivirus-om tj. neće ometati njegov rad, a pokazao se kao jedan od najboljih vida zaštite od malware-a koji se prenosi putem USB mem. uređaja.


Home Page MCShield-a: http://www.mcshield.net
Više o MCShield-u možeš saznati u ovoj temi: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html
Facebook stranica MCShield-a: http://www.facebook.com/MCShield



Arrow

Što se tiče tvog pitanja, možeš da zamijeniš AVG sa NOD32 i provjeriš da li ti odgovara samo ti ne bih preporučio da koristiš piratsku verziju istog.

offline
  • Marko
  • Pridružio: 30 Maj 2013
  • Poruke: 425
  • Gde živiš: U kući

Hvala vam! Ne bih zamenjivao pošto ne smem to da radim!

Ko je trenutno na forumu
 

Ukupno su 1077 korisnika na forumu :: 42 registrovanih, 8 sakrivenih i 1027 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: avijacija, Brana01, cenejac111, dankisha, DeerHunter, Denaya, dragoljub11987, drimer, dule10savic, Georgius, joca83, kokodakalo, Kubovac, kunktator, kybonacci, ladro, Lieutenant, mercedesamg, Miki01, milenko crazy north, mrav pesadinac, nebkv, nebojsag, Nemanjasrb, nemkea71, nenad81, oldtimer, Povratak1912, radionica1, RILE-NS, saputnik plavetnila, Snorks, Stanlio, stegonosa, suton, Suva planina, theNedjeljko, tubular, vathra, wizzardone, wolverined4, ZetaMan