MyCity » Ambulanta -> Arhiva Ambulante » Provjera i STOP error

Provjera i STOP error

Napisano na dan: 23.9.2008

Provjera i STOP error

Sledeća strana

Pagination

Odgovori

sacocoma Poslao: 23 Sep 2008 21:30 Idi na vrh
offline sacocoma Novi MyCity građanin Pridružio: 23 Sep 2008 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Dobri ljudi, moloim za pomoc! zadnjih tjedan dana mi se pojavljuje BSOD sa porukom: STOP: 0x000000D1 (0x00000000, 0x00000002, 0x00000000, 0x8835A8EA) Beginning dump of physical memory Physical memory dump complete. Ono sta sam pokusao napraviti da to popravim je: win update ukljucujuci i KB894391 i KB916595 za koje sam procitao da su izravno vezani sa ovim problemom, zatim sam obavio memory test u trajanju nekih 8h koji je pokazao da je sve ok, preinstalirao driver za graficku karticu. I jos jedna cudna stvar. ZoneAlarm mi cesto iskace sa porukom "Generic Host Process for Win32 Services is trying to connect to the internet". Rijec je o svchost.exe servisu verzije 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158-). Ne znam je li on ima kakve veze sa problemom i sta sad on hoce Unaprijed zahvaljujem na pomoci! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:20:27, on 23.9.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\ZoneLabs\vsmon.exe D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\Explorer.EXE D:\Program Files\DebugDiag\DbgSvc.exe D:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe D:\Program Files\ESET\ESET Smart Security\ekrn.exe D:\WINDOWS\system32\dllhost.exe D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe D:\Program Files\ESET\ESET Smart Security\egui.exe D:\Program Files\RALINK\Common\RaUI.exe D:\WINDOWS\System32\svchost.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\Program Files\HijackThis\HijackThis.exe D:\WINDOWS\system32\NOTEPAD.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ZoneAlarm Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Ralink Wireless Utility.lnk = D:\Program Files\RALINK\Common\RaUI.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{A4E23F67-28FB-4A71-9E24-E128A22C1643}: NameServer = 195.29.149.196,195.29.149.197 O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - D:\WINDOWS\System32\appdrvrem01.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe O23 - Service: Diskeeper - Diskeeper Corporation - D:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - (no file) O23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - D:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 3855 bytes

Profil

dr_Bora Poslao: 23 Sep 2008 22:02 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Poz... U samom logu nema znakova malware-a. No, izvršićemo dodatnu proveru... Preuzmi gmer.zip sa ovog linka i sačuvaj na Desktopu. Raspakuj ga u neki folder. Dupli klik na gmer.exe za početak: Izaberi Rootkit/Malware Tab na vrhu. Klikni na Scan. Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati rezultate skeniranja u Clipboard. Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt. Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt. Iskoristi opciju Prikači fajl ispod polja za pisanje poruke na forumu, i prikači nam ovde ta dva fajla koja smo malopre snimili.

Profil

sacocoma Poslao: 23 Sep 2008 22:12 Idi na vrh
offline sacocoma Novi MyCity građanin Pridružio: 23 Sep 2008 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! GMER 1.0.14.14536 - gmer.net Rootkit scan 2008-09-23 22:07:33 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.14 ---- SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwConnectPort [0xACCE0040] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateFile [0xACCDC930] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateKey [0xACCE7A80] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreatePort [0xACCE0510] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateProcess [0xACCE6870] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateProcessEx [0xACCE6AA0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateSection [0xACCE9FD0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateWaitablePort [0xACCE0600] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteFile [0xACCDCF20] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteKey [0xACCE86E0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteValueKey [0xACCE8440] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDuplicateObject [0xACCE6580] SSDT spjg.sys ZwEnumerateKey [0xB9EC6CA2] SSDT spjg.sys ZwEnumerateValueKey [0xB9EC7030] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwLoadDriver [0xACCDA3F0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwLoadKey [0xACCE88B0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwMapViewOfSection [0xACCEA270] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenFile [0xACCDCD70] SSDT spjg.sys ZwOpenKey [0xB9EA80C0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenProcess [0xACCE6350] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenThread [0xACCE6150] SSDT spjg.sys ZwQueryKey [0xB9EC7108] SSDT spjg.sys ZwQueryValueKey [0xB9EC6F88] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRenameKey [0xACCE9250] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwReplaceKey [0xACCE8CB0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRequestWaitReplyPort [0xACCDFC00] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRestoreKey [0xACCE9080] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSecureConnectPort [0xACCE0220] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSetInformationFile [0xACCDD120] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSetSystemInformation [0xACCDA1C0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSetValueKey [0xACCE8140] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwTerminateProcess [0xACCE6CD0] SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwUnloadDriver [0xACCDA5F0] INT 0x73 ? 8A454BF8 INT 0x73 ? 8A454BF8 INT 0x73 ? 8A35EF00 INT 0x73 ? 8A454BF8 INT 0xB4 ? 8A35EF00 ---- Kernel code sections - GMER 1.0.14 ---- .text ntkrnlpa.exe!ZwCallbackReturn + 2C44 805039F8 12 Bytes [ 10, 05, CE, AC, 70, 68, CE, ... ] ? spjg.sys The system cannot find the file specified. ! ? srescan.sys The system cannot find the file specified. ! .text USBPORT.SYS!DllUnload B9C4562C 5 Bytes JMP 8A35E4E0 .text ajstgvvz.SYS B95B0386 35 Bytes [ 00, 00, 00, 00, 00, 00, 20, ... ] .text ajstgvvz.SYS B95B03AA 24 Bytes [ 00, 00, 00, 00, 00, 00, 00, ... ] .text ajstgvvz.SYS B95B03C4 3 Bytes [ 00, 70, 02 ] .text ajstgvvz.SYS B95B03C9 1 Byte [ 2E ] .text ajstgvvz.SYS B95B03CB 9 Bytes [ 00, 00, 5A, 02, 00, 00, 00, ... ] .text ... ---- User code sections - GMER 1.0.14 ---- .text D:\Program Files\ESET\ESET Smart Security\ekrn.exe[1340] kernel32.dll!SetUnhandledExceptionFilter 7C84467D 4 Bytes [ C2, 04, 00, 00 ] ---- Kernel IAT/EAT - GMER 1.0.14 ---- IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B9EA9040] spjg.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B9EA913C] spjg.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B9EA90BE] spjg.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B9EA97FC] spjg.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B9EA96D2] spjg.sys IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B9EB9048] spjg.sys IAT \SystemRoot\System32\Drivers\ajstgvvz.SYS[HAL.dll!KfAcquireSpinLock] 4B8BDF8B IAT \SystemRoot\System32\Drivers\ajstgvvz.SYS[HAL.dll!READ_PORT_UCHAR] 8D3F0304 IAT \SystemRoot\System32\Drivers\ajstgvvz.SYS[HAL.dll!KeGetCurrentIrql] CB033043 IAT \SystemRoot\System32\Drivers\ajstgvvz.SYS[HAL.dll!KfRaiseIrql] 0673C13B IAT \SystemRoot\System32\Drivers\ajstgvvz.SYS[HAL.dll!KfLowerIrql] C13B0003 IAT \SystemRoot\System32\Drivers\ajstgvvz.SYS[HAL.dll!HalGetInterruptVector] 8366FA72 IAT \SystemRoot\System32\Drivers\ajstgvvz.SYS[HAL.dll!HalTranslateBusAddress] 75000E7B IAT \SystemRoot\System32\Drivers\ajstgvvz.SYS[HAL.dll!KeStallExecutionProcessor] 0B7D80E3 IAT \SystemRoot\System32\Drivers\ajstgvvz.SYS[HAL.dll!KfReleaseSpinLock] 307B8D00 IAT \SystemRoot\System32\Drivers\ajstgvvz.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 00AA840F IAT \SystemRoot\System32\Drivers\ajstgvvz.SYS[HAL.dll!READ_PORT_USHORT] 83660000 IAT \SystemRoot\System32\Drivers\ajstgvvz.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 6A000E7A IAT \SystemRoot\System32\Drivers\ajstgvvz.SYS[HAL.dll!WRITE_PORT_UCHAR] C6647400 IAT \SystemRoot\System32\Drivers\ajstgvvz.SYS[WMILIB.SYS!WmiSystemControl] 4F8B0200 IAT \SystemRoot\System32\Drivers\ajstgvvz.SYS[WMILIB.SYS!WmiCompleteRequest] 968D5140 IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [ACCE4CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [ACCE51C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [ACCE5320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [ACCE4E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [ACCE4E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [ACCE4CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [ACCE51C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [ACCE5320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [ACCE4CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [ACCE5320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [ACCE51C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [ACCE4E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [ACCE5320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [ACCE51C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [ACCE4CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [ACCE4E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [ACCE4CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [ACCE51C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [ACCE5320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter] [ACCE5320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter] [ACCE51C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] [ACCE4E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] [ACCE4CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ---- Devices - GMER 1.0.14 ---- Device \FileSystem\Ntfs \Ntfs 8A4531F8 AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET) Device \FileSystem\Fastfat \FatCdrom 884731F8 Device \Driver\Tcpip \Device\Ip vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (Eset Personal Firewall TDI filter/ESET) Device \Driver\NetBT \Device\NetBT_Tcpip_{C5F9A55B-4041-4E2B-93D6-E8F383AF5643} 888061F8 Device \Driver\usbohci \Device\USBPDO-0 8A3B7500 Device \Driver\usbehci \Device\USBPDO-1 8A3B4500 Device \Driver\dmio \Device\DmControl\DmIoDaemon 8A4C51F8 Device \Driver\dmio \Device\DmControl\DmConfig 8A4C51F8 Device \Driver\dmio \Device\DmControl\DmPnP 8A4C51F8 Device \Driver\dmio \Device\DmControl\DmInfo 8A4C51F8 Device \Driver\Tcpip \Device\Tcp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET) Device \Driver\Ftdisk \Device\HarddiskVolume1 8A4551F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{A4E23F67-28FB-4A71-9E24-E128A22C1643} 888061F8 Device \Driver\Ftdisk \Device\HarddiskVolume2 8A4551F8 Device \Driver\Cdrom \Device\CdRom0 8A3B6500 Device \Driver\Cdrom \Device\CdRom1 8A3B6500 Device \Driver\atapi \Device\Ide\IdePort0 8A4541F8 Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 8A4541F8 Device \Driver\atapi \Device\Ide\IdePort1 8A4541F8 Device \Driver\atapi \Device\Ide\IdePort2 8A4541F8 Device \Driver\atapi \Device\Ide\IdePort3 8A4541F8 Device \Driver\atapi \Device\Ide\IdeDeviceP3T1L0-10 8A4541F8 Device \Driver\NetBT \Device\NetBt_Wins_Export 888061F8 Device \Driver\NetBT \Device\NetbiosSmb 888061F8 Device \Driver\PCI_PNP7114 \Device\0000004c spjg.sys Device \Driver\Tcpip \Device\Udp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET) Device \Driver\Tcpip \Device\RawIp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET) Device \Driver\sptd \Device\1057358364 spjg.sys Device \Driver\usbohci \Device\USBFDO-0 8A3B7500 Device \Driver\usbehci \Device\USBFDO-1 8A3B4500 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8868C1F8 Device \Driver\Tcpip \Device\IPMULTICAST vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) Device \FileSystem\MRxSmb \Device\LanmanRedirector 8868C1F8 Device \Driver\Ftdisk \Device\FtControl 8A4551F8 Device \Driver\ajstgvvz \Device\Scsi\ajstgvvz1 89EA8500 Device \Driver\ajstgvvz \Device\Scsi\ajstgvvz1Port4Path0Target0Lun0 89EA8500 Device \FileSystem\Fastfat \Fat 884731F8 AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET) Device \FileSystem\Cdfs \Cdfs 88640500 ---- Registry - GMER 1.0.14 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x18 0x59 0x17 0x7E ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xCB 0xE4 0x4F 0xF3 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 D:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xA9 0xE2 0x71 0x7B ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xEC 0xB7 0x10 0x19 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0xD3 0x01 0x6E 0xFF ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x18 0x59 0x17 0x7E ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xCB 0xE4 0x4F 0xF3 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 D:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xA9 0xE2 0x71 0x7B ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xEC 0xB7 0x10 0x19 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0xD3 0x01 0x6E 0xFF ... Reg HKCU\Software\Microsoft\Windows\ShellNoRoam\Bags\782\Shell@MinPos1280x1024(1).x -1 Reg HKCU\Software\Microsoft\Windows\ShellNoRoam\Bags\782\Shell@MinPos1280x1024(1).y -1 ---- EOF - GMER 1.0.14 ----

Profil

dr_Bora Poslao: 24 Sep 2008 16:50 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ništa od drugog loga? No, nije ni bitno - ovde nema ni traga malware-u. U čemu je problem? Pa, može biti bilo šta. Npr. imaš instaliran ESS i ZA (time imaš praktično dva firewall-a) - to bi mogao biti problem (ali to je čisto nagađanje). Za mišljenja i savete se možeš obratiti u forum Windows. poz

Profil

sacocoma Poslao: 24 Sep 2008 19:10 Idi na vrh
offline sacocoma Novi MyCity građanin Pridružio: 23 Sep 2008 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Dr Bora, oprosti, skroz sam zaboravio na drugi dio loga! Sta se tice dva firewall-a znam da moram imati samo jedan pa mi je zato u ESS ugašen. GMER 1.0.14.14536 - gmer.net Autostart scan 2008-09-24 19:00:42 Windows 5.1.2600 Service Pack 2 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = D:\WINDOWS\system32\userinit.exe, HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent@DLLName = Ati2evxx.dll HKLM\SYSTEM\CurrentControlSet\Services\ >>> appdrvrem01@ = %SystemRoot%\System32\appdrvrem01.exe svc Ati HotKey Poller@ = %SystemRoot%\system32\Ati2evxx.exe ATI Smart@ = D:\WINDOWS\system32\ati2sgag.exe DbgSvc@ = "D:\Program Files\DebugDiag\DbgSvc.exe" Diskeeper@ = "D:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe" ekrn@ = "D:\Program Files\ESET\ESET Smart Security\ekrn.exe" UMWdf@ = D:\WINDOWS\system32\wdfmgr.exe vsmon@ = D:\WINDOWS\system32\ZoneLabs\vsmon.exe -service HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>> @AlcmtrALCMTR.EXE = ALCMTR.EXE @ZoneAlarm Client"D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" = "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" @egui"D:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice = "D:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice @QuickTime Task"D:\Program Files\QuickTime\QTTask.exe" -atboottime = "D:\Program Files\QuickTime\QTTask.exe" -atboottime HKCU\Software\Microsoft\Windows\CurrentVersion\Run@Azureus = D:\Program Files\Vuze\Azureus.exe HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>> @{42071714-76d4-11d1-8b24-00a0c9068ff3} /Display Panning CPL Extension/deskpan.dll /file not found/ = deskpan.dll /file not found/ @{596AB062-B4D2-4215-9F74-E9109B0A8153} /Previous Versions Property Page/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll @{9DB7A13C-F208-4981-8353-73CC61AE2783} /Previous Versions/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll @{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /Autoplay for SlideShow/(null) = @{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /Extensions Manager Folder/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll @{B41DB860-8EE4-11D2-9906-E49FADC173CA} /WinRAR shell extension/D:\Program Files\WinRAR\rarext.dll = D:\Program Files\WinRAR\rarext.dll @{e82a2d71-5b2f-43a0-97b8-81be15854de8} /ShellLink for Application References/D:\WINDOWS\system32\dfshim.dll = D:\WINDOWS\system32\dfshim.dll @{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /Shell Icon Handler for Application References/D:\WINDOWS\system32\dfshim.dll = D:\WINDOWS\system32\dfshim.dll @{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} /UnlockerShellExtension/D:\Program Files\Unlocker\UnlockerCOM.dll = D:\Program Files\Unlocker\UnlockerCOM.dll @{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} /TuneUp Shredder Shell Extension/D:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll = D:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll @{44440D00-FF19-4AFC-B765-9A0970567D97} /TuneUp Theme Extension/%SystemRoot%\System32\uxtuneup.dll = %SystemRoot%\System32\uxtuneup.dll @{B327765E-D724-4347-8B16-78AE18552FC3} /NeroDigitalIconHandler/D:\Program Files\Common Files\Ahead\lib\NeroDigitalExt.dll = D:\Program Files\Common Files\Ahead\lib\NeroDigitalExt.dll @{7F1CF152-04F8-453A-B34C-E609530A9DC8} /NeroDigitalPropSheetHandler/D:\Program Files\Common Files\Ahead\lib\NeroDigitalExt.dll = D:\Program Files\Common Files\Ahead\lib\NeroDigitalExt.dll @{45670FA8-ED97-4F44-BC93-305082590BFB} /Microsoft.XPS.Shell.Metadata.1/%SystemRoot%\System32\XPSSHHDR.DLL = %SystemRoot%\System32\XPSSHHDR.DLL @{44121072-A222-48f2-A58A-6D9AD51EBBE9} /Microsoft.XPS.Shell.Thumbnail.1/%SystemRoot%\System32\XPSSHHDR.DLL = %SystemRoot%\System32\XPSSHHDR.DLL @{B089FE88-FB52-11D3-BDF1-0050DA34150D} /Eset Smart Security - Context Menu Shell Extension/(null) = @{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} /PowerISO/D:\Program Files\PowerISO\PWRISOSH.DLL = D:\Program Files\PowerISO\PWRISOSH.DLL HKLM\Software\Classes\\shellex\ContextMenuHandlers\ >>> PowerISO@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} = D:\Program Files\PowerISO\PWRISOSH.DLL TuneUp Shredder Shell Extension@{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} = D:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = D:\Program Files\WinRAR\rarext.dll HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>> PowerISO@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} = D:\Program Files\PowerISO\PWRISOSH.DLL TuneUp Shredder Shell Extension@{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} = D:\PROGRA~1\TUNEUP~1\SDShelEx-win32.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = D:\Program Files\WinRAR\rarext.dll HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>> MBAMShlExt@{57CE581A-0CB6-4266-9CA0-19364C90A0B3} = D:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll PowerISO@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} = D:\Program Files\PowerISO\PWRISOSH.DLL UnlockerShellExtension@{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} = D:\Program Files\Unlocker\UnlockerCOM.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = D:\Program Files\WinRAR\rarext.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>> @{18DF081C-E8AD-4283-A596-FA578C2EBDC3}D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll = D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll @{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll = D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll HKCU\Control Panel\Desktop@SCRNSAVE.EXE = D:\WINDOWS\system32\logon.scr HKLM\Software\Microsoft\Internet Explorer\Main >>> @Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome @Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home HKCU\Software\Microsoft\Internet Explorer\Main@Start Page = microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM\Software\Classes\PROTOCOLS\Handler\ >>> dvd@CLSID = D:\WINDOWS\system32\msvidctl.dll its@CLSID = D:\WINDOWS\system32\itss.dll mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll ms-its@CLSID = D:\WINDOWS\system32\itss.dll tv@CLSID = D:\WINDOWS\system32\msvidctl.dll wia@CLSID = D:\WINDOWS\system32\wiascr.dll HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A4E23F67-28FB-4A71-9E24-E128A22C1643} /Wireless Network Connection*/ >>> @IPAddress192.168.2.100 = 192.168.2.100 @NameServer195.29.149.196,195.29.149.197 = 195.29.149.196,195.29.149.197 @DefaultGateway192.168.2.1 = 192.168.2.1 @Domain = D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup = Ralink Wireless Utility.lnk ---- EOF - GMER 1.0.14 ----

Profil

dr_Bora Poslao: 24 Sep 2008 19:41 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ništa maliciozno ni u ovom logu.

Profil

sacocoma Poslao: 24 Sep 2008 20:52 Idi na vrh
offline sacocoma Novi MyCity građanin Pridružio: 23 Sep 2008 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zahvaljujem! P.S. izgleda da sam uspio rijesiti i problem sa BSOD-om. Win update KB894391 to popravlja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provjera i STOP error

Ko je trenutno na forumu

Ukupno su 1204 korisnika na forumu :: 46 registrovanih, 5 sakrivenih i 1153 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 8u47, 9k38, airsuba, AK - 230, Andrija357, Apok, babaroga, bojanM84, cavatina, cifra, darios, Denaya, Dimitrise93, djboj, Dorcolac, dragoljub11987, FileFinder, hyla, ikan, Istman, kikisp, kjkszpj, Kubovac, kunktator, kybonacci, laganini123, Marko Marković, mercedesamg, Mercury, milenko crazy north, Milometer, Miloskec, milutin134, mrav pesadinac, nemkea71, novator, panzerwaffe, pein, procesor, robertino, Srle993, theNedjeljko, tubular, Tvrtko I, zillbg, |_MeD_|

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by