Da li je moj kompjuter zarazen?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Imam problem zato sto mi koci kompjuter.
Usporen rad kompjutera je pocelo pre 1 nedelje.
Imam anti virus avg koji detekjute viruse kada nesto skidam ali nisam siguran da je istina posto kompjuter mi je usporen pa bih voleo da znam da li mi kompjuter ima virus.
Evo nekih log file.

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

Da li mozete da mi pomognete?

• 1Ovo se svidja korisniku: NIx Car
  
  Registruj se da bi pohvalio/la poruku!

Pozdrav, Killer7

Isprati ovo uputstvo i dostavi sledece izvestaje:
- DDS.txt (kopiraj u temu)
- Attach.txt (prikaci)
- Gmer 1 (prikaci)
- Gmer 2 (prikaci)
- Gmer 3 (prikaci)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Treba ce mi malo vise vremena jer nisam bas dobar u tome

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Samo polako, ja cekam

Pazljivo citaj, sve je veoma kratko i jasno...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 04 Mar 2013 15:09

Ok imam 32 bitni windows

evo dds text:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.15.2
Run by Slavko Radic at 14:21:26 on 2013-03-04
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.959.368 [GMT 1:00]
.
AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2012 *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\AVG Secure Search\vprot.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
uSearch Bar = [Link mogu videti samo ulogovani korisnici]
uSearch Page = [Link mogu videti samo ulogovani korisnici]
uDefault_Search_URL = [Link mogu videti samo ulogovani korisnici]
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = [Link mogu videti samo ulogovani korisnici]
uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici]
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Softonic Helper Object: {E87806B5-E908-45FD-AF5E-957D83E58E68} - LocalServer32 - <no file>
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Softonic Toolbar: {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\reader 8.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~2.lnk - c:\program files\adobe\reader 8.0\reader\AdobeCollabSync.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - [Link mogu videti samo ulogovani korisnici]
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - [Link mogu videti samo ulogovani korisnici]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{DCDA6A31-04D3-488B-BDC7-FBF8DD2AA9B8} : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - LocalServer32 - <no file>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\14.2.0\ViProtocol.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\25.0.1364.97\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 192.168.1.2 ps2nfs04.ea.com
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\slavko radic\application data\mozilla\firefox\profiles\bgy97gij.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\14.2.0\npsitesafety.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_171.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - plugin: c:\windows\system32\npwmsdrm.dll
FF - ExtSQL: 2013-01-05 14:49; [Link mogu videti samo ulogovani korisnici]; c:\documents and settings\slavko radic\application data\mozilla\firefox\profiles\bgy97gij.default\extensions\torntv@torntv.com.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 94048]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 35552]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 19936]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 159712]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 164832]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-4 33112]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2013-2-23 21664]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\14.2.0\ToolbarUpdater.exe [2013-2-19 968880]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-4-5 158856]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2013-1-19 1691480]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena plus\room\safedrv.sys --> c:\program files\garena plus\room\safedrv.sys [?]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
FileExt: .inf: inffile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-03-03 20:32:31 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-03 20:32:30 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-27 18:10:11 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-27 18:10:11 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-23 21:52:47 1074636 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-02-23 21:52:47 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-02-23 21:52:38 1074636 ----a-w- c:\windows\system32\nvdrsdb1.bin
2013-02-19 09:31:14 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 01:16:02 2193024 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:36:58 2069760 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-03 13:16:31 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2013-01-02 06:49:10 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:16:29 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:16:28 43520 ------w- c:\windows\system32\licmgr10.dll
2012-12-26 20:16:28 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40:59 385024 ------w- c:\windows\system32\html.iec
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-04 20:35:34 5376144 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2012-12-04 16:03:02 73872 ----a-w- c:\windows\system32\RtkCoInstIIXP.dll
2012-12-04 13:43:04 20117648 ----a-w- c:\windows\RTHDCPL.EXE
.
============= FINISH: 14:22:32,98 ===============

I evo attach

[Link mogu videti samo ulogovani korisnici]

Gmer1: [Link mogu videti samo ulogovani korisnici]
Gmer2: [Link mogu videti samo ulogovani korisnici]
Gmer3: [Link mogu videti samo ulogovani korisnici]

Dopuna: 04 Mar 2013 15:11

Ovde kod gmera linkovi se nisu otvorili nadam se da mozes ici na copy pa paste

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Na sistemu nije prisutan malware, ali jesu AVG Free i ostaci AVG IS-a...

Moraces da obrises AVG Free iz Control Panel-a, kao i AVG Security Toolbar.

Nakon toga, preuzmi ovaj alat

[Link mogu videti samo ulogovani korisnici]

Restartuj racunar u safe mode po ovom uputstvu i pokreni AVG Remover.

Nakon sto zavrsis, restartuj racunar i postavi mi svez DDS.txt

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 04 Mar 2013 17:33

Cekaj objasni mi zasto da obrisem AVG?
Da li ima virus?
Jer ako ga izbrisem koji cu antivirus imati?
Ako si siguran u sve ove posrupke onda cu uraditi
Samo mi objasni zasto da avg obrisem.

Dopuna: 04 Mar 2013 17:34

postupke* izvini pogresio sam

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Dva antivirusa nisu preporucljiva na racunaru, cak sta vise mogu biti i opasna jer rade posao koji bi trebalo samo jedan...

Ti imas instaliran AVG Free 2013, a u sistemu su prisutni i ostaci od AVG Internet Security 2012.

Potrebno je ukloniti sve, a zatim ces instalirati ponovo AVG Free...

Da li si sad razumeo?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 04 Mar 2013 18:30

Razumeo sam sad cu da ga izbrisem i uradicu u safe modu i stavicu dds file

Dopuna: 04 Mar 2013 18:46

Ako nije malware sta onda usporava moj racunar?
Izbrisao sam AVG i toolbar da li moram ici u safe mode ili mogu odmah instalirati program avg remover?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pa upravo pricam o tome, racunar usporavaju dva AV-a...

Moras to uraditi iz Safe Mode-a...