Plavi ekran smrti i restart racunara

Plavi ekran smrti i restart racunara

offline
  • Pridružio: 08 Okt 2005
  • Poruke: 109
  • Gde živiš: Italy

Posle otvaranja teme
mycity.rs/Windows/Plavi-ekran-smrti-i-restart-racunara.html
dospeo sam ovde radi daljeg ispitivanja mog sistema
Ono sto treba dodati da Malwarebytes Anti-Malware i Microsoft Security Essentials nisu nasli nista sto bi ukazivalo na neku zarazu.
Evo izvestaja progdama DDS :

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Dejan Bobdanovic at 19:40:20 on 2012-08-21
Microsoft Windows 7 Professional 6.1.7601.1.1252.39.1040.18.2047.1260 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\vds.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\vVX3000.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SkypeMate\SkypeMate.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Users\Dejan Bobdanovic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dejan Bobdanovic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dejan Bobdanovic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dejan Bobdanovic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Users\Dejan Bobdanovic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [VX3000] c:\windows\vVX3000.exe
StartupFolder: c:\users\dejanb~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\skypem~1.lnk - c:\program files\skypemate\SkypeMate.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{3A97E065-0031-40BB-AF3F-D46FF0D26BC4} : DhcpNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [2012-4-25 50312]
R0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [2012-4-25 42120]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]
R1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [2012-4-25 17032]
R1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys [2012-4-25 187016]
R2 EaseUS Agent;EaseUS Agent;c:\program files\easeus\todo backup\bin\Agent.exe [2012-4-25 61064]
R2 Guard Agent;Guard Agent;c:\program files\easeus\todo backup\bin\GuardAgent.exe [2012-4-25 23176]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-4-25 654408]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-2-29 382272]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-4-25 22344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Servizio Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-4-25 116648]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-7 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-25 250056]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 gupdatem;Servizio Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-4-25 116648]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-3-20 74112]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-5-2 214952]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2012-4-25 27192]
S3 StorSvc;Servizio di archiviazione;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\wat\WatAdminSvc.exe [2012-4-25 1343400]
.
=============== Created Last 30 ================
.
2012-08-21 11:32:55 400896 ----a-w- c:\windows\system32\srcore.dll
2012-08-21 11:32:52 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-08-21 11:32:49 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-08-21 11:32:49 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-21 11:32:45 41984 ----a-w- c:\windows\system32\browcli.dll
2012-08-21 11:32:45 102912 ----a-w- c:\windows\system32\browser.dll
2012-08-21 11:32:44 769024 ----a-w- c:\windows\system32\localspl.dll
2012-08-21 11:32:02 7023536 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{13461dc9-d198-4efa-8508-632f0f31bd57}\mpengine.dll
2012-08-09 17:59:39 6891424 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-07-30 18:08:13 -------- d-----w- c:\program files\WhoCrashed
.
==================== Find3M ====================
.
2012-08-21 14:14:16 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-21 14:14:15 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-29 00:16:58 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-26 17:46:25 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-26 17:46:25 472840 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-06 05:05:52 1390080 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- c:\windows\system32\cdosys.dll
2012-06-02 22:12:32 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12:13 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19:42 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12:20 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 04:45:04 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 04:45:03 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 04:40:59 369336 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 04:40:39 225280 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- c:\windows\system32\ncrypt.dll
.
============= FINISH: 19:40:49,00 ===============

mycity.rs/must-login.png
GMER:


mycity.rs/must-login.png


mycity.rs/must-login.png


mycity.rs/must-login.png

offline
  • Osvjedodžbeni spretnik munjarstva
  • Pridružio: 04 Jul 2011
  • Poruke: 5284
  • Gde živiš: Beograd

Arrow Na tvom sistemu nema aktivnog malware-a. Rešavalje problema možeš nastaviti u svojoj temi u Windows potforumu.



Arrow Obavezno poseti temu "Testirajte da li vam je pretrazivac ranjiv", procitaj i isprati link koji stoji u njoj. Imas prastaru verziju Jave koju moras nadograditi zbog sigurnosnih propusta u njoj. U svakom slucaju, bilo koji dodatak da je stare verzije, bilo bi pozeljno nadograditi ga na najnoviju. Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html



Arrow Preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield v2. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja. Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan.


Home Page MCShield-a ::Anti-Malware Tool:: v2: http://amf.mycity.rs/mcshield/

Vise o MCShield-u mozes saznati u ovim temama:
v1: http://www.mycity.rs/MyCity-Laboratorija/MCShield.html
v2: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html




Ivance95 (AMF Tim)

offline
  • Pridružio: 08 Okt 2005
  • Poruke: 109
  • Gde živiš: Italy

@ivance95
Hvala !

Ko je trenutno na forumu
 

Ukupno su 1045 korisnika na forumu :: 41 registrovanih, 4 sakrivenih i 1000 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 1798 - dana 19 Sep 2019 18:42

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., ALBION101, Aleksandar Konstantin, aljosa7, Apok, bounty hunters, darkangel2, Dimitrise93, dozorni, Drug pukovnik, Ehinacea, JOntra2, kalens021, kaptain2, Kubovac, mačković, MB120mm, medvedekbobi123, Milan A. Nikolic, milos.cbr, Mixelotti, MORAVA1, nedeljkovici, nesic1, NoOneEver Dreams, nradukic, Oscar2, repac, Revolucion, RJ, robertino, sakota79, SD2, Skywhaler, slonic_tonic, sosko, SsssssNOVI, timke, vasa.93, vlad the impaler, Zvrk2