Forumi


Povratak   PC Ekspert Forum > Računala > Problemi > Softverski problemi
Osvježi stranicu (riješeno) Netsh.exe - application error
Ime
Lozinka

Odgovori
 
Uređivanje
Staro 16.12.2010., 00:52   #1
Hybrid1011
Premium
Moj komp
 
Datum registracije: Dec 2008
Lokacija: Rijeka
Postovi: 26
(riješeno) Netsh.exe - application error
Pozdrav!

Jučer su se počeli javljat problemi sa plavim monitorom tj. usred filma mi je izbacio plavi monitor di je pisalo nesto u vezi system memory dump. Kako nisam mogao nikako izaći, ručno sam resetirao komp i nastavio dalje sa radom na kompu tj filmom sve je bilo ok par sati i onda opet ista fora samo sada vise nisam mogao doci do desktopa pa sam se odlucio ubacit "frišku" verziju winsa sto mi je uspjelo medjutim brijem da je to sve zbog virusa jer sam bio nezasticen par tjedana. Sad nemogu nijednu aplikaciju otvorit (uključujuči cmd.exe) a da mi ne izbaci error u vezi tog netsh.exe:


Čak i da samo npr. gledam film ili surfam netom m isvakih 3 min izbaci taj window.. U čem bi mogao bit problem, na guglu niš pametnog nisam našao.
Radi se o Win 7 Ultimate 32-bit.
Hvala!
Hybrid1011 je offline   Reply With Quote
Staro 16.12.2010., 02:09   #2
Joke
N00B
Moj komp
 
Joke's Avatar
 
Datum registracije: Oct 2006
Lokacija: Split
Postovi: 3,886
Imas ga medju procesima u task manageru?
PS. Mislim da je to ipak neko smetje, ajde se "posluzi" (Malwarebytes, Combofix HijackThis)..
__________________
IE6
Linux is Not Windows
Joke je offline   Reply With Quote
Oglasni prostor
Oglas
 
Oglas
Staro 16.12.2010., 17:51   #3
Hybrid1011
Premium
Moj komp
 
Datum registracije: Dec 2008
Lokacija: Rijeka
Postovi: 26
Nemam ga u taskmanageru kao proces, malwarebytes je nasao podosta infekcija i sve sam očistio te sada ne izbacuje svakih par min taj error al opet su mi cmd zakljucani i to me sprijecilo da instaliram Combofix. Evo malwarebytes log:

Citiraj:
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5325

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

12/16/2010 2:10:18 PM
mbam-log-2010-12-16 (14-10-14).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 280986
Time elapsed: 53 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 11

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\xho9y (Trojan.Downloader) -> Value: xho9y -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Nino\AppData\Local\Temp\Rar$DR00.008\keygen\santa.exe (Dont.Steal.Our.Software.A) -> No action taken.
c:\windows.old.000\Windows\Temp\Trv.exe (Trojan.FraudPack.Gen) -> No action taken.
c:\windows.old.000\Windows\Temp\Trw.exe (Trojan.FraudPack.Gen) -> No action taken.
c:\windows.old.000\Windows\Temp\Trx.exe (Trojan.FraudPack.Gen) -> No action taken.
c:\windows.old.000\Windows\Temp\Try.exe (Trojan.FraudPack.Gen) -> No action taken.
c:\windows.old.000\Windows\Temp\5g27kqi4.exe (Trojan.Agent.Gen) -> No action taken.
c:\windows.old.000\Windows\Temp\cbs8E32.tmp (Spyware.Zbot) -> No action taken.
d:\$RECYCLE.BIN\s-1-5-21-3405818887-4011234578-2589254653-1001\$RB1HHEY.exe (TheftMarker.Crude) -> No action taken.
Sve sam poslije premjestio ukarantenu i izbrisao.

A ovo je HijackThis analizirao:

Citiraj:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:50:23 PM, on 12/16/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Nino\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredigames.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O2 - BHO: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: GOM Player + Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll
O3 - Toolbar: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: STSService - Unknown owner - C:\Program Files\SoundTaxi Media Suite\STSService.exe (file missing)
O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
O23 - Service: Virtual CDAudio Service - RapidSolution Software AG - C:\Program Files\RapidSolution\Tunebite 7\VCDWriter\32\VCDAudioService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe

--
End of file - 5269 bytes
Sta da radim dalje?
Hybrid1011 je offline   Reply With Quote
Staro 17.12.2010., 03:07   #4
Joke
N00B
Moj komp
 
Joke's Avatar
 
Datum registracije: Oct 2006
Lokacija: Split
Postovi: 3,886
HT log pregledaj tu!
Baci ti isti error, kad a ide pokrenut (mislim na CMD)?
__________________
IE6
Linux is Not Windows
Joke je offline   Reply With Quote
Staro 17.12.2010., 12:42   #5
Hybrid1011
Premium
Moj komp
 
Datum registracije: Dec 2008
Lokacija: Rijeka
Postovi: 26
Tamo su mi 2 opasna entry-a koja sam označio i izbrisao međutim ništa nisam dobio, možda bi trebao još nešto? Ovkvo je trenutno stanje:





A ovaj error izbacuje kod pokušaja pokretanja cmd.exe:
Hybrid1011 je offline   Reply With Quote
Staro 18.12.2010., 02:59   #6
Joke
N00B
Moj komp
 
Joke's Avatar
 
Datum registracije: Oct 2006
Lokacija: Split
Postovi: 3,886
Kad pokusas pokrenit na "Run as Administrator" takodjer dobijes isti error, ili jesi probao pokrenut cmd iz system32 foldera?
Pokusaj sa "sfc /scannow" sredit problem..
__________________
IE6
Linux is Not Windows
Joke je offline   Reply With Quote
Staro 18.12.2010., 11:45   #7
Hybrid1011
Premium
Moj komp
 
Datum registracije: Dec 2008
Lokacija: Rijeka
Postovi: 26
cmd.exe nemogu ni kao admin nit ga mogu pokretat iz system32 uvijek isti problem, a sfc /scannow također baac error. Mislim da cu taj hdd izvuc i zalijepit u kamin neka gori
Hybrid1011 je offline   Reply With Quote
Staro 18.12.2010., 12:50   #8
Vrga
Lalalallalaaaaaa
 
Vrga's Avatar
 
Datum registracije: Mar 2009
Lokacija: Zagreb
Postovi: 520
to il odi u safe mode i tamo kemijaj.
Vrga je offline   Reply With Quote
Staro 19.12.2010., 02:20   #9
Hybrid1011
Premium
Moj komp
 
Datum registracije: Dec 2008
Lokacija: Rijeka
Postovi: 26
Citiraj:
Autor Vrga Pregled postova
to il odi u safe mode i tamo kemijaj.
Ipak je bilo ovo prvo, sad radi odlično i bez problema, Vrga i Joke jedno veliko (za hdd )
Hybrid1011 je offline   Reply With Quote
Oglasni prostor
Oglas
 
Oglas
Odgovori

« Prethodna tema | Sljedeća tema »


Pravila postanja
Vi ne možete otvarati nove teme
Vi ne možete pisati odgovore
Vi ne možete uploadati priloge
Vi ne možete uređivati svoje poruke
BB code je Uključeno
Smajlići su Uključeno
[IMG] kod je Uključeno
HTML je Isključeno
Idi na



© 1999-2023 PC Ekspert - Sva prava pridržana ISSN 1334-2940
Ad Management by RedTyger
Powered by vBulletin®
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.