Neznam da li je tema na pravom mjestu ali ovaj mi proces gusi komp,da li ima netko slicnih iskustava radi se o operativnom sustavu Win7....na laptopu ..Hvala.Sve prnađene teme na netu nisu mi bas bile od pomoci ..Hvala!!!
WmiPrwSE.exe
- poruka: 42
- |
- čitano: 14.289
- |
- moderatori:
pirat, Lazarus Long, XXX-Man, vincimus
Skini HiJackThis i kopiraj log ovdje.
Ne bi bilo loše niti skenirati Malwarebytesom.
jesi siguran da si ga dobro prepisao,da nije ovaj wmiprvse.exe ?
Jesam sa MalwareBytesom
A Evo i ovoLogfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:12:14, on 03.08.2010.
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files\Lock My PC 4\lockpc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
D:\Programi 2009\Programi 1.1.2010\Auto Cleaner!!!!!\CCleanerRuner.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\Program Files\AutoSizer\AutoSizer.exe
C:\Program Files\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe
C:\Program Files\RainLander\Rainlendar2.exe
C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\FileHippo.com\UpdateChecker.exe
C:\Program Files\DeskPins\DeskPins.exe
C:\Users\Kaligula\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Program Files\BinarySense\HDDlife 3\HDDlifeNB.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Live\Companion\companionuser.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.hr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Google Analytics Opt-out Browser Add-on - {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} - C:\Program Files\Google\Google Analytics Opt-Out\gaoptout.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: DDIEBHO.DreamDesktopBHO - {BBEDB999-1ECD-474F-BA1E-24FBE469D523} - C:\Program Files\Dream Desktop Agent\DDIEBHO.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: LastClosedTab - {e15e75e9-a653-42a3-8d05-f2f7e309bdca} - mscoree.dll (file missing)
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [AutoClean] D:\Programi 2009\Programi 1.1.2010\Auto Cleaner!!!!!\CCleanerRuner.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKCU\..\Run: [AutoSizer] "C:\Program Files\AutoSizer\AutoSizer.exe"
O4 - HKCU\..\Run: [Gadwin PrintScreen Pro] C:\Program Files\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe /nosplash
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\RainLander\Rainlendar2.exe
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - HKCU\..\Run: [Transparent] C:\Program Files\TweakNow PowerPack 2010\Transparent.exe 141 141
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kaligula\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: DeskPins.lnk = C:\Program Files\DeskPins\DeskPins.exe
O4 - Startup: HDDlife.lnk = C:\Program Files\BinarySense\HDDlife 3\HDDlifeNB.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save Picture to Mobile Phone - C:\Program Files\Pix2Fone\p2fd.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm
O9 - Extra 'Tools' menuitem: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Open Last Closed Tab - {e15e75e9-a653-42a3-8d05-f2f7e309bdca} - mscoree.dll (file missing)
O9 - Extra button: (no name) - {638F11AA-DF27-433b-BA2E-7281CE561D71} - C:\Program Files\Xmarks\IE Extension\xmarkssync.exe (HKCU)
O9 - Extra 'Tools' menuitem: Xmarks for IE... - {638F11AA-DF27-433b-BA2E-7281CE561D71} - C:\Program Files\Xmarks\IE Extension\xmarkssync.exe (HKCU)
O9 - Extra button: Upload File - {A2F93841-DEAB-0392-4958-BA333CF05732} - C:\Program Files\Pix2Fone\p2fup.html (HKCU)
O9 - Extra 'Tools' menuitem: Upload File to Mobile Phone - {A2F93841-DEAB-0392-4958-BA333CF05732} - C:\Program Files\Pix2Fone\p2fup.html (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - "C:\Program Files\Common Files\BinarySense\hlAPP.dll" (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Armchairware Photato Service (Armchairware.Photato.WindowsService) - Armchairware Ltd - C:\Program Files\Armchairware\Photato\Armchairware.Photato.WindowsService.exe
O23 - Service: BridgerCheckerservice - WLANBook.com - C:\Program Files\WLAN Book\BridgeChecker\BridgeCheckerservice.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GenericMount Helper Service - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files\Common Files\BinarySense\hldasvc.exe
O23 - Service: Media Center Support Service (Jasmio.MediaCenter.Service) - Unknown owner - C:\Program Files\Jasmio\Media Center Support Service\Jasmio.MediaCenter.Service.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Lock My PC Service (LmpcService) - Unknown owner - C:\Program Files\Lock My PC 4\LmpcServ.exe
O23 - Service: MCEBuddy Service (MCEBuddy) - Unknown owner - C:\Program Files\Tyrell\MCEBuddy\MCEBuddySvc.exe
O23 - Service: mcShoutCastECommerceService - Unknown owner - C:\Program Files\mcShoutCast\mcShoutCastECommerceService.exe
O23 - Service: mcShoutCastLauraFM - Sörnt Poppe - C:\Program Files\mcShoutCast\ShoutCastLauraFMService.exe
O23 - Service: mcShoutCastProxy - Sörnt Poppe - C:\Program Files\mcShoutCast\ShoutCastProxyService.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - D:\K850i\SE PC Suite\SupServ.exe
O23 - Service: stunnel - Unknown owner - F:\Pasword Key\stunnel-4.11.exe (file missing)
O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Unknown owner - C:\Program Files\USB Safely Remove\USBSRService.exe
Isprika nije w nego v ...ali mi nece ucitati nikako ........isao sam na opciju Browse??? I nista!! A ono gore je kopirano sto je HiJack izbacio !!!
U Pravu si nije W nego V hvala puno isprika!!!
Treba malo duže pričekati da se učita. Ja sam pogledao i nema ništa vezanog uz navedeni proces.
Ma ima i sad je aktivan 50% otprilike!!
Treba malo duže pričekati da se učita. Ja sam pogledao i nema ništa vezanog uz navedeni proces.
nema,ali ima jedan koji se kao mora bristat,al nisam ga kopirao,a sad mi neće učitat
Lol... neće sad ni meni.
Server prenatrpan...
Evo i slika iz Task Managera
jel se smije ugasit windos managment instrumentation servis u sedmici?
treba proguglat
Ne smije se isključit.
Ma Pise svasta da i ne sad ako netko ima iz prve ruke nesto neka podijeli ali ovaj moj proces prelazi sad oko 80 %
Ove stavke označi u HiJackThisu i zatim klikni na Fix checked.
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
O2 - BHO: LastClosedTab - {e15e75e9-a653-42a3-8d05-f2f7e309bdca} - mscoree.dll (file missing)
kasnim,ovaj prvi je bitan
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
ovi file missing su nebitni ali mogu se brisati
malo sam guglao,ima nekih problema vezanih uz trojanca koji se zakačio,windows media playera,updatea..koji se povezuju s tim procesom wmiprvse.exe
ne znam,sretno,moram ić
deadman će to riješit
Idem probati pa javim!!
Ne isto se desava jos uvijek se ne spusta ispo 40 %...Obrisao obadvije stavke
Da li možeš taj Setup pokrenuti u Compatibility Modu?
Da li možeš taj Setup pokrenuti u Compatibility Modu?
Ne Neda!!
Imaš li možda program pod nazivom IMON Manager? On je povezan sa tim procesom.
Imaš li možda program pod nazivom IMON Manager? On je povezan sa tim procesom.
Ne taj naziv nemam !!!!
Napravi ovako. Ulogiraj se kao administrator.
Otvori notepad i kopiraj slijedeći tekst u njega:
net stop "IP Helper"
net stop "Security Center"
net stop "VMware Authorization Service"
net stop "Windows Management Instrumentation"
net start "Windows Management Instrumentation"
net start "Security Center"
net start "IP Helper"
net start "VMware Authorization Service"
Nazovi ga bat.cmd i stavi ga na desktop.
Sada restartaj komp, odmah otvori taj fajl i vidi ima li poboljšanja.
Napravi ovako. Ulogiraj se kao administrator.
Otvori notepad i kopiraj slijedeći tekst u njega:
net stop "IP Helper"
net stop "Security Center"
net stop "VMware Authorization Service"
net stop "Windows Management Instrumentation"
net start "Windows Management Instrumentation"
net start "Security Center"
net start "IP Helper"
net start "VMware Authorization Service"
Nazovi ga bat.cmd i stavi ga na desktop.
Sada restartaj komp, odmah otvori taj fajl i vidi ima li poboljšanja.
Wauu Strai hvala pustio je ,jos nekad iskoci onako malo do 15% ali veci dio vremena ga nema!!!!Hvala I pozdrav ..javim se ako se pojavi !!
Napravi ovako. Ulogiraj se kao administrator.
Otvori notepad i kopiraj slijedeći tekst u njega:
net stop "IP Helper"
net stop "Security Center"
net stop "VMware Authorization Service"
net stop "Windows Management Instrumentation"
net start "Windows Management Instrumentation"
net start "Security Center"
net start "IP Helper"
net start "VMware Authorization Service"
Nazovi ga bat.cmd i stavi ga na desktop.
Sada restartaj komp, odmah otvori taj fajl i vidi ima li poboljšanja.
Wauu Strai hvala pustio je ,jos nekad iskoci onako malo do 15% ali veci dio vremena ga nema!!!!Hvala I pozdrav ..javim se ako se pojavi !!
Taman se ponadao kad ono nakon 24 sata opet se pojavio .......
Opet pokreni taj fajl dok ne smislim nešto novo.