Provera kompjutera

Provera kompjutera

offline
  • Mare Ivanović
  • Bokser
  • Pridružio: 30 Maj 2013
  • Poruke: 423
  • Gde živiš: U kući

Napisano: 22 Sep 2013 18:50

Kao što kaže naslov želim da proverim kompjuter... Imam spybot koji nije našao ništa, AVG antivirus takođe. Znači želim proveru od malwarea virusa... Evo izveštaja:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.25.2
Run by Home at 18:48:37 on 2013-09-22
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.3545.2201 [GMT 2:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\LemurLeap\updateLemurLeap.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\AUDIODG.EXE
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: LemurLeap: {415419c3-dad0-4df1-ac37-22c72ad81878} - C:\Program Files (x86)\LemurLeap\LemurLeapbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{A2EEAB71-9E59-4F0A-A90F-D432E29D2661} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\94yugiu7.default\
FF - prefs.js: browser.startup.homepage - www.google.rs
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-5 45880]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-7-20 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-4-1 235520]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-7-23 283136]
R2 Update LemurLeap;Update LemurLeap;C:\Program Files (x86)\LemurLeap\updateLemurLeap.exe [2013-8-31 206624]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2013-4-1 110744]
S3 3xHybr64;3xHybrid service;C:\Windows\System32\drivers\3xHybr64.sys [2007-4-20 873216]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 RTL2832U_IRHID;HID Infrared Remote Receiver;C:\Windows\System32\drivers\RTL2832U_IRHID.sys [2013-5-30 44320]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver;C:\Windows\System32\drivers\RTL2832UBDA.sys [2013-5-30 117152]
S3 RTL2832UUSB;REALTEK 2832U USB Driver;C:\Windows\System32\drivers\RTL2832UUSB.sys [2013-5-30 38944]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Usluga tehnologije aktivacije operativnog sistema Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-4-1 1255736]
SUnknown tsusbhub;tsusbhub; [x]
.
=============== Created Last 30 ================
.
2013-09-22 14:50:38 -------- d-----w- C:\Program Files (x86)\Counter-Strike 1.6
2013-09-20 11:44:42 -------- d-----w- C:\Program Files (x86)\LemurLeap
2013-09-20 11:44:08 -------- d-----w- C:\Users\Home\AppData\Local\SwvUpdater
2013-09-14 13:36:35 -------- d-----w- C:\Users\Home\AppData\Roaming\smc
2013-09-14 13:02:04 -------- d-----w- C:\Program Files\Games By GG releases
2013-09-07 11:38:05 -------- d-----w- C:\Users\Home\AppData\Roaming\Wise Registry Cleaner
2013-09-04 23:43:42 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2013-08-29 17:57:10 -------- d-----w- C:\ProgramData\BlueStacksSetup
.
==================== Find3M ====================
.
2013-09-10 19:07:17 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-10 19:07:17 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-19 23:51:00 311608 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2013-07-19 23:50:56 71480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2013-07-19 23:50:56 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-07-19 23:50:50 206648 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-06-30 23:45:28 116536 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
.
============= FINISH: 18:49:01,77 ===============

https://www.mycity.rs/must-login.png

Dopuna: 22 Sep 2013 19:10

I da zaboravio sam ako ima nekih programa za de-instalaciju recite mi, i evo GMER izveštaja:

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png


https://www.mycity.rs/must-login.png

offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Pozdrav,

Nema ovde malware-a. Imas jedan jasan adware unos, verovatno je dosao od nekud sa instalacijom a to cemo sada i ukloniti.


Start > Control Panel > Program and Features i tamo deinstaliraj sledece:
LemurLeap 3.0.0

Restartuj racunar a potom radimo dodatno uklanjanje (da budemo sigurni ) + dodatnu proveru.



Preuzmi zoek.zip () sa ovog ili ovog linka i sačuvaj ga na Desktop.

Raspakuj arhivu u neki folder (uputstvo), a zatim:

zatvori browser i ostale pokrenute programe;
privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ;
dvoklikom pokreni zoek na ikonicu programa ;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:

LemurLeap 3.0.0;u
filesrcm;
startupall;
{415419c3-dad0-4df1-ac37-22c72ad81878};c
C:\Program Files (x86)\LemurLeap;fs
Update LemurLeap;s
firefoxlook;
chromelook;
autoclean;


Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadrzaj tog loga u poruku.

offline
  • Mare Ivanović
  • Bokser
  • Pridružio: 30 Maj 2013
  • Poruke: 423
  • Gde živiš: U kući

Napisano: 22 Sep 2013 20:21

Zoek.exe Version 4.0.0.4 Updated 19-September-2013
Tool run by Home on ned 22.09.2013 at 20:10:35,44.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Home\Downloads\zoek\zoek.exe [Script inserted]

==== System Restore Info ======================

22.9.2013 20:11:21 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3145937626-3286986765-835811450-1000\Software\Microsoft\Internet Explorer\SearchScopes\{18401191-9920-4692-8096-1EA7F09EA828} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

"C:\Program Files (x86)\LemurLeap" not found
"C:\Windows\tasks\AmiUpdXp.job" deleted
"C:\Users\Home\AppData\Local\MarineAquarium3Free_57" deleted
"C:\Users\Home\AppData\Local\SwvUpdater" deleted
"C:\Users\Home\AppData\LocalLow\MarineAquarium3Free_57" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Home\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-09-22 18:00:31 297BCF86E40731F5F3B712A0F744B649 414656 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT
====== C:\Windows\Sysnative\drivers =====
2013-09-04 23:43:42 4494718783294ECFFBA7E89D82BAE6E1 45880 ----a-w- C:\Windows\Sysnative\drivers\avgrkx64.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-09-14 13:02:04 -------- d-----w- C:\Program Files\Games By GG releases
======= C:\Program Files (x86) =====
2013-09-22 14:50:38 -------- d-----w- C:\Program Files (x86)\Counter-Strike 1.6
======= C: =====
====== C:\Users\Home\AppData\Roaming ======
2013-09-22 17:33:27 8377B8A4F14EA724DFE3224458CE680F 12155975 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache-S-1-5-21-3145937626-3286986765-835811450-1000-8192.dat
2013-09-22 17:33:27 6FAEDF1E2124CEA0F2FC33B886417A2E 382588 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache-System.dat
2013-09-22 14:52:06 -------- d-----w- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2013-09-14 13:36:35 -------- d-----w- C:\Users\Home\AppData\Roaming\smc
2013-09-14 13:03:12 -------- d-----w- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Secret Maryo Chronicles
2013-09-07 13:35:41 -------- d-----w- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-09-07 11:38:05 -------- d-----w- C:\Users\Home\AppData\Roaming\Wise Registry Cleaner
====== C:\Users\Home ======
2013-09-22 14:52:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2013-09-21 07:47:19 5561252434E5ACC5DD58ACE0886ABBD1 730112 ----a-w- C:\Users\Home\Desktop\dclean.exe
2013-09-20 11:55:29 6776FDB93F4F37021D32D7340EE2D558 352768 ----a-w- C:\Users\Home\Desktop\Minecraft.exe
2013-09-14 13:03:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secret Maryo Chronicles
2013-09-13 06:52:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2013-08-29 17:57:10 -------- d-----w- C:\ProgramData\BlueStacksSetup

====== C: exe-files ==
2013-09-22 14:50:39 A4E575C4307E41564A7591BC25F74D1C 346364 ----a-w- C:\Program Files (x86)\Counter-Strike 1.6\Uninstal.exe
2013-09-22 12:00:02 5AFDC6027E4A101EC3FD143273C65A66 188803755 ----a-w- C:\Users\Home\Downloads\Counter Strike 1.6\Counter Strike 1.6 Maps.exe
2013-09-22 11:59:27 F8CEC41BCC62AC70865D0056242D4E69 314177167 ----a-w- C:\Users\Home\Downloads\Counter Strike 1.6\Counter Strike 1.6 Final.exe
2013-09-21 07:47:19 5561252434E5ACC5DD58ACE0886ABBD1 730112 ----a-w- C:\Users\Home\Desktop\dclean.exe
2013-09-20 11:55:29 6776FDB93F4F37021D32D7340EE2D558 352768 ----a-w- C:\Users\Home\Desktop\Minecraft.exe
2013-09-20 06:27:48 0B1CD71CE29E8123A664A5B40153D2FE 1915744 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.76\29.0.1547.76_29.0.1547.66_chrome_updater.exe
=== C: other files ==
2013-09-20 11:55:43 A9DB9CEB54475ED2BB47A8FF0C888A61 30810015 ----a-w- C:\Users\Home\AppData\Roaming\.minecraft\gamefiles.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3145937626-3286986765-835811450-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BCSSync"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MCShield Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MCShield Monitor"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\MCShield\\MCShieldRTM.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WinampAgent"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Winamp\\winampa.exe\""


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01.07.2013 21:17]
C:\Windows\tasks\schedule\Undetermined Task.exe []

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\94yugiu7.default
E5AF72B7353FF8D431A7C463A4229524 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash
AE7B288233C212C62CD544BF768C45E6 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll - Shockwave for Director / Shockwave for Director
2EE9DCAE1D70ABF4D058688DE35F8221 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.16
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System


==== Chrome Look ======================

Docs - Home - default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Home - default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Home - default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Home - default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - Home - default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Home\AppData\Local\Mozilla\Firefox\Profiles\94yugiu7.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Home\AppData\Local\Google\Chrome\User Data\default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Home\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Home\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on ned 22.09.2013 at 20:20:37,12 ======================

Dopuna: 22 Sep 2013 20:26

I da te pitam još nešto smem li da skinem anti-malware ranije kad sam ga skinuo da windows xp i tad sam imao eset nod32 antivirus 5 kočilo mi je. Kad sam kupio novo kućište nisam pokušavao da ga skinem. Tvoja preporuka?

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

magna86 nije danas u mogućnosti da ti odgovori pa ću ja.

Čist si što se malware-a i junkware-a tiče. Ostaje ti još da uradiš sljedeće:

Arrow

Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop

Dvoklikom pokreni program.

Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings


Klikni na dugme "Run" i pričekaj da program završi rad.
Kada alat završi, otvoriće izvestaj u notepadu.

Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt



Arrow

Posjeti temu Testirajte da li vam je pretraživač ranjiv, pročitaj i isprati link koji stoji u njoj.



Arrow

Preporučujem da za zaštitu USB memorijskih uređaja koristiš MCShield.
Nema nikakve veze sa antivirus-om tj. neće ometati njegov rad, a pokazao se kao jedan od najboljih vida zaštite od malware-a koji se prenosi putem USB mem. uređaja.


Home Page MCShield-a: http://www.mcshield.net
Više o MCShield-u možeš saznati u ovoj temi: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html
Facebook stranica MCShield-a: http://www.facebook.com/MCShield



Arrow

Što se tiče tvog pitanja, možeš da zamijeniš AVG sa NOD32 i provjeriš da li ti odgovara samo ti ne bih preporučio da koristiš piratsku verziju istog.

offline
  • Mare Ivanović
  • Bokser
  • Pridružio: 30 Maj 2013
  • Poruke: 423
  • Gde živiš: U kući

Hvala vam! Ne bih zamenjivao pošto ne smem to da radim!

Ko je trenutno na forumu
 

Ukupno su 780 korisnika na forumu :: 40 registrovanih, 3 sakrivenih i 737 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., alkatraz080, Apok, aramis s, Atomski čoban, b_z_b, Boris Bosiljčić, botta, branko7, Dannyboy, darios, darkangel, Drug pukovnik, Frunze, gacesam, goxin, HrcAk47, krkalon, laurusri, M1los, mercedesamg, Milan A. Nikolic, Milometer, Mimikrija, mnn2, naki011, operniki, opt1, Parker, pceklic, Snorks, Sr.Stat., Srle993, Stoilkovic, stokssone, su27, torlak 1, voja64, vsn111, zastavnik