Molim za pomoc - komp blokira

Molim za pomoc - komp blokira

offline
  • Pridružio: 19 Jan 2008
  • Poruke: 42

Molim da pogledate log fajl hijackthese. Komp mi stalno blokira i moram da ga resetujem. Molim nekog ko se razume da obrati paznju na kraj:

O23 - Service: WPS Scanner Service (WPSScannerSvc) - Unknown owner - D:\Program Files\Skyhook Wireless\Wi-Fi Service\WPSScannerSvc.exe (file missing)


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:17:05, on 16.3.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\Eset\nod32krn.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\WFXSVC.EXE
D:\Program Files\Symantec\WinFax\WFXMOD32.EXE
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Documents and Settings\kole\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Program Files\Skype\Plugin Manager\skypePM.exe
D:\Documents and Settings\kole\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\kole\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\kole\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\kole\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\kole\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\kole\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\kole\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Program Files\Opera 9\Opera.exe
D:\Documents and Settings\kole\Desktop\HiJackThis.exe

O4 - HKCU\..\Run: [HijackThis startup scan] D:\Documents and Settings\kole\Desktop\HijackThis.exe /startupscan
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset\nod32krn.exe
O23 - Service: WinFax PRO (wfxsvc) - Symantec Corporation - D:\WINDOWS\system32\WFXSVC.EXE
O23 - Service: WPS Scanner Service (WPSScannerSvc) - Unknown owner - D:\Program Files\Skyhook Wireless\Wi-Fi Service\WPSScannerSvc.exe (file missing)

--
End of file - 2317 bytes

Dopuna: 16 Mar 2009 14:36

evo jos log file od haxFix
mycity.rs/must-login.png

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8515
  • Gde živiš: Novi Beograd

A, ja bih tebe molio da obratis paznju, da radis kako uputstvo kaze.

Nisi preimenovao HiJack This.

Ovako ne valja:


Klikni desno dugme misa na ikonicu programa i odaberi opciju Rename:


Zadaj mu neko bezvezno ime, recimo GH5.EXE ili TR3.EXE, ili bilo sta drugo samo da se ne spominje HijackThis:



Preimenuj, pa postavi novi log.

offline
  • Pridružio: 19 Jan 2008
  • Poruke: 42

Мислим да је сад све ок. Молим погледај
mycity.rs/must-login.png

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:55:39, on 16.3.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\Eset\nod32krn.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\WFXSVC.EXE
D:\Program Files\Symantec\WinFax\WFXMOD32.EXE
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Skype\Plugin Manager\skypePM.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Opera 9\Opera.exe
D:\Documents and Settings\kole\Desktop\rr.exe.exe

O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [HijackThis startup scan] D:\Documents and Settings\kole\Desktop\HijackThis.exe /startupscan
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset\nod32krn.exe
O23 - Service: WinFax PRO (wfxsvc) - Symantec Corporation - D:\WINDOWS\system32\WFXSVC.EXE
O23 - Service: WPS Scanner Service (WPSScannerSvc) - Unknown owner - D:\Program Files\Skyhook Wireless\Wi-Fi Service\WPSScannerSvc.exe (file missing)

--
End of file - 1704 bytes

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8515
  • Gde živiš: Novi Beograd

Iskljuci privremeno Nod.

Skini ComboFix sa jedne od sledecih adresa na Desktop:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Ko je trenutno na forumu
 

Ukupno su 416 korisnika na forumu :: 6 registrovanih, 2 sakrivenih i 408 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: havoc995, Ognjen D., opt1, raykan, Van, zlaya011