MyCity » Ambulanta -> Arhiva Ambulante » problemi sa sp2

problemi sa sp2

Napisano na dan: 16.12.2007

problemi sa sp2
Sledeća strana Pagination

Idi na vrh

Poslao: 16 Dec 2007 23:04
Idi na vrh
offline
  • Pridružio: 04 Sep 2007
  • Poruke: 130

Imao sam do skoro sp1 i odlucio sam da instaliram sp2 i kada sam to uradio izlazi mi poruka generic host problem sistem32.Kada mi ta poruka izadje zablokira mi se internet konekcija i windows promeni izgled.Video sam da su vec imali ljudi problema sa ovim ali nisam mogao da nadjem nista konkretno i sigurno za resavanje problema ako je to i moguce.

Logfile of HijackThis v1.99.1
Scan saved at 9:04:29 PM, on 12/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\devldr32.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Blaza\Desktop\New Folder\tr3.exe.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD97E73D-B6E1-431F-A282-4FC6F6D8BBF8}: NameServer = 195.178.32.2
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

Dopuna: 16 Dec 2007 23:04

Skinuo sam i zakrpu za windows i opet mi se pojavljuje i totalno blokira internet.



Poslao: 17 Dec 2007 13:54
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Skini ComboFix sa jedne od sledecih adresa:
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log koji ces nam ovde iskopirati.



Poslao: 17 Dec 2007 22:16
Idi na vrh
offline
  • Pridružio: 04 Sep 2007
  • Poruke: 130

ComboFix 07-12-17.1 - Blaza 2007-12-17 18:17:31.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.168 [GMT 1:00]
Running from: C:\Documents and Settings\Blaza\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2007-11-17 to 2007-12-17 )))))))))))))))))))))))))))))))
.

2007-12-17 13:55 . 2007-12-17 13:58 <DIR> d-------- C:\Program Files\Valve
2007-12-17 01:24 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-12-17 01:24 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2007-12-16 22:53 . 2006-09-06 17:43 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-12-16 22:32 . 2007-12-17 06:46 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2007-12-16 22:07 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2007-12-16 22:07 . 2007-07-30 19:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2007-12-16 22:07 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2007-12-16 22:07 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2007-12-16 22:07 . 2007-07-30 19:18 20,312 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2007-12-16 22:03 . 2007-12-16 22:03 <DIR> d---s---- C:\Documents and Settings\Blaza\UserData
2007-12-16 21:10 . 2007-12-16 21:10 1,158 --a------ C:\WINDOWS\mozver.dat
2007-12-16 20:56 . 2007-12-16 20:56 <DIR> d-------- C:\Documents and Settings\Blaza\Application Data\Ahead
2007-12-16 20:55 . 2007-12-16 20:55 <DIR> d-------- C:\Program Files\Nero
2007-12-16 20:55 . 2007-12-16 20:57 <DIR> d-------- C:\Program Files\Common Files\Ahead
2007-12-16 20:41 . 2007-12-16 20:41 0 --a------ C:\WINDOWS\nsreg.dat
2007-12-16 20:40 . 2007-12-17 14:15 <DIR> d-------- C:\Program Files\eMule
2007-12-16 20:39 . 2007-12-16 20:39 <DIR> d-------- C:\Program Files\Soulseek
2007-12-16 20:39 . 2007-12-16 20:39 <DIR> d-------- C:\Program Files\BitLord
2007-12-16 20:37 . 2007-12-16 20:37 <DIR> d-------- C:\WINDOWS\Easy CD-DA Extractor
2007-12-16 20:37 . 2007-12-16 20:37 <DIR> d-------- C:\Program Files\Easy CD-DA Extractor 8
2007-12-16 20:36 . 2007-12-16 20:36 <DIR> d-------- C:\Program Files\Mv2Player
2007-12-16 20:36 . 2007-12-16 20:36 <DIR> d-------- C:\Program Files\DivX
2007-12-16 20:34 . 2007-12-16 20:35 <DIR> d-------- C:\Program Files\Winamp
2007-12-16 20:25 . 2007-12-16 20:25 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-12-16 20:25 . 2007-12-17 08:00 <DIR> d-------- C:\Documents and Settings\Blaza\Application Data\AVG7
2007-12-16 20:25 . 2007-12-16 20:25 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-12-16 20:25 . 2007-12-16 20:25 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-12-16 20:24 . 2007-12-16 20:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-16 20:24 . 2007-12-17 08:00 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2007-12-16 20:19 . 2007-12-16 20:19 <DIR> d-------- C:\Program Files\Realtek Sound Manager
2007-12-16 20:18 . 2007-12-16 20:18 <DIR> d-------- C:\Program Files\Realtek AC97
2007-12-16 20:18 . 2007-12-16 20:19 <DIR> d-------- C:\Program Files\AvRack
2007-12-16 20:18 . 2001-07-05 17:19 164 -r------- C:\WINDOWS\avrack.ini
2007-12-16 20:17 . 2005-07-26 10:03 3,644,032 -ra------ C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2007-12-16 20:17 . 2004-09-07 07:23 156,672 -ra------ C:\WINDOWS\system32\RTLCPAPI.dll
2007-12-16 20:17 . 2005-07-22 08:00 81,920 -ra------ C:\WINDOWS\SOUNDMAN.EXE
2007-12-16 20:17 . 2005-07-15 09:48 40,960 -r------- C:\WINDOWS\system32\ChCfg.exe
2007-12-16 20:16 . 2005-07-22 07:56 18,763,776 -ra------ C:\WINDOWS\system32\ALSNDMGR.CPL
2007-12-16 20:16 . 2005-07-22 07:59 10,458,112 -ra------ C:\WINDOWS\system32\RTLCPL.EXE
2007-12-16 20:16 . 2005-06-02 09:31 294,912 -r------- C:\WINDOWS\alcupd.exe
2007-12-16 20:16 . 2005-06-02 09:43 200,704 -r------- C:\WINDOWS\alcrmv.exe
2007-12-16 20:16 . 2002-02-05 06:54 141,016 -ra------ C:\WINDOWS\system32\ALSNDMGR.WAV
2007-12-16 20:16 . 2004-07-01 08:02 584 -r------- C:\WINDOWS\system32\drivers\alcxinit.dat
2007-12-16 20:13 . 2007-12-16 20:13 <DIR> d-------- C:\WINDOWS\OPTIONS
2007-12-16 20:13 . 2005-03-04 04:10 74,496 --a------ C:\WINDOWS\system32\drivers\Rtlnicxp.sys
2007-12-16 20:11 . 2005-06-20 11:53 60,928 -ra------ C:\WINDOWS\system32\drivers\viamraid.sys
2007-12-16 20:09 . 2007-12-16 20:11 <DIR> d-------- C:\Program Files\VIA

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-17 12:55 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-16 19:12 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-12-16 18:59 --------- d-----w C:\Program Files\S3
2007-12-16 18:06 --------- d-----w C:\Program Files\microsoft frontpage
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-27 16:39 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 13:32]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2005-03-07 20:33 C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [2005-08-03 08:32 C:\WINDOWS\system32\VTTrayp.exe]
"RaidTool"="C:\Program Files\VIA\RAID\raid_tool.exe" [2005-06-20 11:53]
"SoundMan"="SOUNDMAN.EXE" [2005-07-22 08:00 C:\WINDOWS\SOUNDMAN.EXE]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-16 20:24]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-12-16 20:24]

R0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys [2005-06-20 11:53]

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2007-12-17 18:18:38
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-17 18:19:18
.
2007-12-17 05:48:23 --- E O F ---

Dopuna: 17 Dec 2007 22:16

E,da updejtovao sam ceo vindows,trajalo je ceo dan:) i za sada ne izbacuje ali opet nesto mi koci internet vezu. [mod edit: PIRATERIJA JE ZABRANJENA NA FORUMU]

Poslao: 17 Dec 2007 22:27
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Ovako... Svi logovi su čisti - ovde nema malware-a.

Najviše što mogu da uradim je da te uputim na sledeću temu:

[Link mogu videti samo ulogovani korisnici]

U njoj imaš nekoliko linkova koji bi ti mogli pomoći u rešavanju ovog problema.

Poslao: 18 Dec 2007 01:12
Idi na vrh
offline
  • Pridružio: 04 Sep 2007
  • Poruke: 130

updejtovao sam windows i sada vise ne izlazi to obavestenje.

MyCity » Ambulanta -> Arhiva Ambulante » problemi sa sp2

Ko je trenutno na forumu
 

Ukupno su 638 korisnika na forumu :: 78 registrovanih, 8 sakrivenih i 552 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 20624 - dana 04 Apr 2026 04:18

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 10x10.9, acov34, Akiro, aleph_one, amstel, Andrija357, aramis s, asdfjklc, Asteker, blankspace, BORUTUS, Boxy, bpvl, Brankojle, bukefal, C-Gun, Chainsaw, dankisha, darionis, dendrit86, Dimitrije Paunovic, DrNeoCortex, esko_hz, foka106, FOX, Frunze, gomago, Hemi, Ikica977, Istman, ivica976, Jester, jodzula, Jose, Kajzer Soze, kori, loon123, ludiagresivan, MadMike, Manjane, Marko1238, marko308, mercedesamg, Metanoja, Miki01, mikrimaus, milbos, Milos ZA, milutin134, mitja2512, nenad81, OKT, Paklenica, Prašinar, Prečanin30, Promising0, RajkoB, raketaš, reader, rodoljub, Rogan33, ruma, sabros, sasovsky, Sirius, Smiljkovich, Srky Boy, sspp, Stevan Visoki, Toper, Troja, TTN, Veselimalisa, Vica1958, Vlada78, Yugol33, Žabar, 79693