Molim za pomoc - komp blokira

Molim za pomoc - komp blokira

offline
  • Pridružio: 19 Jan 2008
  • Poruke: 42

Molim da pogledate log fajl hijackthese. Komp mi stalno blokira i moram da ga resetujem. Molim nekog ko se razume da obrati paznju na kraj:

O23 - Service: WPS Scanner Service (WPSScannerSvc) - Unknown owner - D:\Program Files\Skyhook Wireless\Wi-Fi Service\WPSScannerSvc.exe (file missing)


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:17:05, on 16.3.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\Eset\nod32krn.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\WFXSVC.EXE
D:\Program Files\Symantec\WinFax\WFXMOD32.EXE
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Documents and Settings\kole\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Program Files\Skype\Plugin Manager\skypePM.exe
D:\Documents and Settings\kole\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\kole\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\kole\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\kole\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\kole\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\kole\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\kole\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Program Files\Opera 9\Opera.exe
D:\Documents and Settings\kole\Desktop\HiJackThis.exe

O4 - HKCU\..\Run: [HijackThis startup scan] D:\Documents and Settings\kole\Desktop\HijackThis.exe /startupscan
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset\nod32krn.exe
O23 - Service: WinFax PRO (wfxsvc) - Symantec Corporation - D:\WINDOWS\system32\WFXSVC.EXE
O23 - Service: WPS Scanner Service (WPSScannerSvc) - Unknown owner - D:\Program Files\Skyhook Wireless\Wi-Fi Service\WPSScannerSvc.exe (file missing)

--
End of file - 2317 bytes

Dopuna: 16 Mar 2009 14:36

evo jos log file od haxFix
mycity.rs/must-login.png

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

A, ja bih tebe molio da obratis paznju, da radis kako uputstvo kaze.

Nisi preimenovao HiJack This.

Ovako ne valja:


Klikni desno dugme misa na ikonicu programa i odaberi opciju Rename:


Zadaj mu neko bezvezno ime, recimo GH5.EXE ili TR3.EXE, ili bilo sta drugo samo da se ne spominje HijackThis:



Preimenuj, pa postavi novi log.

offline
  • Pridružio: 19 Jan 2008
  • Poruke: 42

Мислим да је сад све ок. Молим погледај
mycity.rs/must-login.png

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:55:39, on 16.3.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\Eset\nod32krn.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\WFXSVC.EXE
D:\Program Files\Symantec\WinFax\WFXMOD32.EXE
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Skype\Plugin Manager\skypePM.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Opera 9\Opera.exe
D:\Documents and Settings\kole\Desktop\rr.exe.exe

O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [HijackThis startup scan] D:\Documents and Settings\kole\Desktop\HijackThis.exe /startupscan
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset\nod32krn.exe
O23 - Service: WinFax PRO (wfxsvc) - Symantec Corporation - D:\WINDOWS\system32\WFXSVC.EXE
O23 - Service: WPS Scanner Service (WPSScannerSvc) - Unknown owner - D:\Program Files\Skyhook Wireless\Wi-Fi Service\WPSScannerSvc.exe (file missing)

--
End of file - 1704 bytes

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Iskljuci privremeno Nod.

Skini ComboFix sa jedne od sledecih adresa na Desktop:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Ko je trenutno na forumu
 

Ukupno su 1012 korisnika na forumu :: 35 registrovanih, 8 sakrivenih i 969 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., anta, bigfoot, Bobrock1, bozo13, cavatina, DragoslavS, dule10savic, Fog of War, FOX, GandorCC, Georgius, goxin, jaeger, janbo, Još malo pa deda, kybonacci, ljuba, mercedesamg, mile33, milenko crazy north, MilosKop, milutin134, nikoladim, Panter, panzerwaffe, Parker, raptorsi, royst33, savaskytec, SlaKoj, stegonosa, Vatreni Zmaj, Viktor Petrenko, virked