Da li je zarazen?

Da li je zarazen?

offline
  • Pridružio: 17 Jan 2012
  • Poruke: 38

ispitujem racunar nekog drugara zbog BSOD-ova, skenirao je av-om i kaze da nema nista,ali evo da budemo sigurni.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 10.4.1
Run by boki at 16:18:01 on 2012-07-26
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.381.1033.18.2037.936 [GMT 2:00]
.
AV: ESET NOD32 Antivirus 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
D:\programi\ekrn.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
D:\programi\egui.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\Windows\system32\igfxsrvc.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\boki\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uURLSearchHooks: SearchHook Class: {bc86e1ab-eda5-4059-938f-ce307b0c6f0a} - c:\program files\devicevm\browser configuration utility\AddressBarSearch.dll
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
TB: {013A635F-E3AA-4371-B682-ECE95CA974B0} - No File
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [DAEMON Tools Lite] "d:\daemon tools lite\DTLite.exe" -autorun
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Google Update] "c:\users\boki\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [BCU] "c:\program files\devicevm\browser configuration utility\BCU.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [Skytel] c:\program files\realtek\audio\hda\Skytel.exe
mRun: [egui] "d:\programi\egui.exe" /hide /waitservice
mRun: [VMonitorVMUVC] "c:\program files\vimicro corporation\vmuvc\VMonitor.exe" VMUVC
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Search the Web - c:\program files\sweetim\toolbars\internet explorer\resources\menuext.html
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{E6119949-8669-4597-8B13-7DFFD4A5459D} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{E6119949-8669-4597-8B13-7DFFD4A5459D}\6596C61602D456469647562716E60223 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{E6119949-8669-4597-8B13-7DFFD4A5459D}\6596C616D456469647562716E623 : DhcpNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\boki\appdata\roaming\mozilla\firefox\profiles\qkms0u2s.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431400&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431400&SearchSource=2&q=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\boki\appdata\local\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\users\boki\appdata\roaming\mozilla\firefox\profiles\qkms0u2s.default\extensions\{013a635f-e3aa-4371-b682-ece95ca974b0}\plugins\np-mswmp.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_265.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R1 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2012-3-14 169080]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\hwinfo32\HWiNFO32.SYS [2012-7-26 21624]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-4-4 63928]
R2 BCUService;Browser Configuration Utility Service;c:\program files\devicevm\browser configuration utility\BCUService.exe [2012-5-3 219360]
R2 ekrn;ESET Service;d:\programi\ekrn.exe [2012-3-7 913144]
R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2012-3-14 103112]
R2 ES lite Service;ES lite Service for program management.;c:\program files\gigabyte\easysaver\essvr.exe [2012-5-3 68136]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-7-5 3048136]
R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-7-26 2673064]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\drivers\athur.sys [2012-5-3 1500160]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-5-3 242240]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2012-5-3 51712]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [2012-5-3 256512]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2012-5-3 398720]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-5-12 116648]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-5-6 250056]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-5-12 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-6-5 114144]
.
=============== Created Last 30 ================
.
2012-07-26 13:31:41 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{48547537-ec1d-4cce-8dd8-6a91c433a4b5}\offreg.dll
2012-07-26 13:21:40 -------- d-----w- c:\program files\HWiNFO32
2012-07-26 13:02:15 -------- d-----w- c:\users\boki\appdata\roaming\TeamViewer
2012-07-26 13:01:58 -------- d-----w- c:\users\boki\temp
2012-07-26 13:01:50 -------- d-----w- c:\program files\TeamViewer
2012-07-26 11:29:01 -------- d-----w- c:\program files\HD Tune
2012-07-26 10:19:07 516096 ----a-w- c:\windows\system32\VMUVC.ax
2012-07-26 10:19:06 -------- d-----w- c:\program files\Vimicro Corporation
2012-07-26 09:52:43 -------- d-----w- c:\users\boki\appdata\roaming\Easeware
2012-07-26 09:52:40 -------- d-----w- c:\program files\Easeware
2012-07-25 22:54:19 -------- d-----w- c:\users\boki\appdata\local\ESET
2012-07-25 21:22:19 -------- d-----w- c:\program files\WhoCrashed
2012-07-24 17:01:35 6891424 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{48547537-ec1d-4cce-8dd8-6a91c433a4b5}\mpengine.dll
2012-07-21 15:30:01 73696 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll
2012-07-17 14:25:57 -------- d-----w- c:\users\boki\appdata\local\ElevatedDiagnostics
2012-07-06 11:07:36 -------- d-----w- c:\users\boki\appdata\roaming\BitTorrent
2012-07-05 20:16:20 -------- d-----w- c:\program files\common files\PX Storage Engine
2012-07-05 20:15:39 -------- d-----w- c:\program files\common files\DivX Shared
2012-07-05 20:11:38 -------- d-----w- c:\program files\DivX
2012-07-05 20:10:19 -------- d-----w- c:\programdata\DivX
2012-07-05 18:49:29 -------- d-----w- c:\users\boki\appdata\roaming\uTorrent
2012-06-30 16:07:53 -------- d-----w- C:\avast! sandbox
2012-06-29 17:17:10 737280 ----a-w- c:\windows\iun6002.exe
.
==================== Find3M ====================
.
2012-07-26 10:11:03 17488 ----a-w- c:\windows\gdrv.sys
2012-07-12 13:51:48 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-12 13:51:48 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-03 16:21:32 41224 ----a-w- c:\windows\avastSS.scr
2012-05-31 10:25:14 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-05-27 12:05:48 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-05-27 12:05:48 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-05-03 18:06:19 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
.
============= FINISH: 16:18:19.90 ===============



mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

Pozdrav,Tomy Fedek

Računar je čist što se malwarea tiče. No isprati i sledeća uputstva:

Idea Preporučujem ti da koristiš program MCShield za zaštitu USB memorijskih uređaja.

Program možeš preuzeti sa OVOG linka. Nakon instalacije programa, priključi USB memorijske uređaje, i oni će biti skenirani. Na kraju skeniranja ćeš dobiti izveštaj da je uređaj čist ili obaveštenje o uklonjenom malware-u.


Idea Takođe, poseti ovu temu da vidiš da li ti je pretraživač ranjiv i instaliraš ažurirane komponente
http://www.mycity.rs/Propusti-i-azuriranja/Testira.....anjiv.html


Idea Preporučujem ti da instaliraš Service Pack 1 za Windows 7. Na taj način ćeš ažurirati operativni sistem i zakrpiti odgovarajuće bezbednosne propuste na računaru. Prednosti su brojne, u odnosu na Windows 7 bez Service Packa, koji trenutno poseduješ.


Arrow Otvori novu temu u potforumu Windows,tamo bi trebao da dobiješ adekvatan odgovor na tvoj problem


offline
  • Pridružio: 17 Jan 2012
  • Poruke: 38

Nije moj racunar u pitanju. Da li taj to treba samo instalirati, tj posle download-a samo pustim da se instalira ili to ide nekako drugacije?

offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

ako mislis na MCShield onda da... Instalira se kao i svaki drugi program. Ukoliko imas jos neke nedoumice vezane za MCShield imas posebnu temu za njega:
http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html

Pozdrav.

offline
  • Pridružio: 17 Jan 2012
  • Poruke: 38

Ne, mislio sam na service pack i kako treba da se instalira, ali reseno je sve.Smile

Ko je trenutno na forumu
 

Ukupno su 916 korisnika na forumu :: 6 registrovanih, 0 sakrivenih i 910 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: babaroga, Hans Gajger, Neutral-M, Panter, pein, VJ