MyCity » Ambulanta -> Arhiva Ambulante » WindowsXP problem

WindowsXP problem

Napisano na dan: 28.10.2007

WindowsXP problem
Sledeća strana Pagination

Idi na vrh

Poslao: 28 Okt 2007 20:24
Idi na vrh
offline
  • Pridružio: 21 Avg 2007
  • Poruke: 56

Molam nekoi od poiskusnite da mi pomognat... kompjuterot mnogu e baven.. Pozdrav do site clenovi na MyCity Forumot

Logfile of HijackThis v1.99.1
Scan saved at 19:20:58, on 28.10.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Labtec\Mouse\2.1\moffice.exe
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\Program Files\OpenVPN\bin\openvpn-gui.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Labtec\Mouse\2.1\MOUSE32A.EXE
C:\Program Files\RALINK\Common\RaUI.exe
C:\Program Files\OpenVPN\bin\openvpn.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\KIMOVII\Desktop\ht\ht.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {166632E8-C1EC-4572-BCE2-236D59B352AC} - C:\WINDOWS\system32\gebcyvt.dll (file missing)
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: (no name) - {938A8A03-A938-4019-B764-03FF8D167D79} - C:\WINDOWS\system32\pabkfqhw.dll (file missing)
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O2 - BHO: (no name) - {FF6A6D9B-1BC1-45B5-A1D5-FD916AB1A687} - C:\WINDOWS\system32\geeba.dll (file missing)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Mouse\2.1\moffice.exe
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\qkacnfwu.dll",forkonce
O4 - HKLM\..\Run: [Anti Mosquito] C:\Documents and Settings\KIMOVII\Desktop\Anti Mosquito.exe
O4 - HKLM\..\Run: [openvpn-gui] C:\Program Files\OpenVPN\bin\openvpn-gui.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: gebcyvt - gebcyvt.dll (file missing)
O20 - Winlogon Notify: geeba - C:\WINDOWS\system32\geeba.dll (file missing)
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: winjgf32 - winjgf32.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe



Poslao: 28 Okt 2007 22:20
Idi na vrh
offline
  • DEMIAN  Male
  • Legendarni građanin
  • IT Manager
  • Pridružio: 25 Mar 2005
  • Poruke: 3706
  • Gde živiš: The darkest place on earth..

Daj sledeći fajl na analizu:
C:\WINDOWS\system32\qkacnfwu.dll

Za upload koristi ovaj link:
[Link mogu videti samo ulogovani korisnici]
-----------------------------

Pokreni HijackThis, štikliraj polje pored ove linije i klikni na Fix Checked.
O2 - BHO: (no name) - {166632E8-C1EC-4572-BCE2-236D59B352AC} - C:\WINDOWS\system32\gebcyvt.dll (file missing)
O2 - BHO: (no name) - {938A8A03-A938-4019-B764-03FF8D167D79} - C:\WINDOWS\system32\pabkfqhw.dll (file missing)
O2 - BHO: (no name) - {FF6A6D9B-1BC1-45B5-A1D5-FD916AB1A687} - C:\WINDOWS\system32\geeba.dll (file missing)
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\qkacnfwu.dll",forkonce
O20 - Winlogon Notify: gebcyvt - gebcyvt.dll (file missing)
O20 - Winlogon Notify: geeba - C:\WINDOWS\system32\geeba.dll (file missing)
O20 - Winlogon Notify: winjgf32 - winjgf32.dll (file missing)

Zatim restartuj računar.

Postavi posle ovoga novi HJT log pa da vidimo šta i kako dalje..



Poslao: 29 Okt 2007 19:56
Idi na vrh
offline
  • Pridružio: 21 Avg 2007
  • Poruke: 56

Temata ke moze li da poceka do petok? bidejki sum na fakultet vo drug grad i duri vo petok ke si odam doma... Pozdrav i blagodaram

Poslao: 29 Okt 2007 20:02
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Tu smo mi, nigde necemo da pobegnemo do petka Laughing
U petak postavi novi HijackThis log, posto moze biti nekih promena u medjuvremenu.

MyCity » Ambulanta -> Arhiva Ambulante » WindowsXP problem

Ko je trenutno na forumu
 

Ukupno su 1069 korisnika na forumu :: 91 registrovanih, 7 sakrivenih i 971 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 015, _Rade, acov34, Alexa77, Areal84, arezina, Asteker, Azzo, Ba4e, babaroga, Banovo Brdo, bojan581, boromir, Bosnjo, bpvl, Bubimir, Centauro, Clouseau, cyprus, daedal, debeli, Dioniss, Dolinc, Dorcolac, dozorni, dukajov, Dzoni Stek, Dzoni2412, Electron, Fabius, GAGI, GeoM, Georgius, Gogi_avio, Goran_, Jeremiah, Jonbonjovi, Još malo pa deda, Kawasaki1000, kenny74, Kobrim, Kubovac, kunktator, kuntalo, Lester Freamon, Lucije Kvint, M74AB3, Malahit, markolopin, marsovac 2, Metanoja, Miki 24pbr, Milan A. Nikolic, milan.tatanac1, milenko crazy north, mm1811, moldway, momcilob55, monomah, nemkea71, neutrino, Nobunaga, nobutado, novator, Povratak1912, Prečanin30, PrincipL, proka89, Pururin, raptorsi, Ripanjac, shota91, sixpac, spalev, Srki98, stalja, stokssone, synergia, tehnika, Trpe Grozni, Tunguska55, vathra, Vatreni Zmaj, voja64, vuksa72, W123, XBMC, yiyi, YugoSlav, zmajbre, zziko