WindowsXP problem

WindowsXP problem

offline
  • Pridružio: 21 Avg 2007
  • Poruke: 56

Molam nekoi od poiskusnite da mi pomognat... kompjuterot mnogu e baven.. Pozdrav do site clenovi na MyCity Forumot

Logfile of HijackThis v1.99.1
Scan saved at 19:20:58, on 28.10.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Labtec\Mouse\2.1\moffice.exe
C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
C:\Program Files\OpenVPN\bin\openvpn-gui.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Labtec\Mouse\2.1\MOUSE32A.EXE
C:\Program Files\RALINK\Common\RaUI.exe
C:\Program Files\OpenVPN\bin\openvpn.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\KIMOVII\Desktop\ht\ht.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {166632E8-C1EC-4572-BCE2-236D59B352AC} - C:\WINDOWS\system32\gebcyvt.dll (file missing)
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: (no name) - {938A8A03-A938-4019-B764-03FF8D167D79} - C:\WINDOWS\system32\pabkfqhw.dll (file missing)
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O2 - BHO: (no name) - {FF6A6D9B-1BC1-45B5-A1D5-FD916AB1A687} - C:\WINDOWS\system32\geeba.dll (file missing)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Mouse\2.1\moffice.exe
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\qkacnfwu.dll",forkonce
O4 - HKLM\..\Run: [Anti Mosquito] C:\Documents and Settings\KIMOVII\Desktop\Anti Mosquito.exe
O4 - HKLM\..\Run: [openvpn-gui] C:\Program Files\OpenVPN\bin\openvpn-gui.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: gebcyvt - gebcyvt.dll (file missing)
O20 - Winlogon Notify: geeba - C:\WINDOWS\system32\geeba.dll (file missing)
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: winjgf32 - winjgf32.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

offline
  • DEMIAN  Male
  • Legendarni građanin
  • IT Manager
  • Pridružio: 25 Mar 2005
  • Poruke: 3706
  • Gde živiš: The darkest place on earth..

Daj sledeći fajl na analizu:
C:\WINDOWS\system32\qkacnfwu.dll

Za upload koristi ovaj link:
http://www.mycity.rs/ambulanta-upload.php
-----------------------------

Pokreni HijackThis, štikliraj polje pored ove linije i klikni na Fix Checked.
O2 - BHO: (no name) - {166632E8-C1EC-4572-BCE2-236D59B352AC} - C:\WINDOWS\system32\gebcyvt.dll (file missing)
O2 - BHO: (no name) - {938A8A03-A938-4019-B764-03FF8D167D79} - C:\WINDOWS\system32\pabkfqhw.dll (file missing)
O2 - BHO: (no name) - {FF6A6D9B-1BC1-45B5-A1D5-FD916AB1A687} - C:\WINDOWS\system32\geeba.dll (file missing)
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\qkacnfwu.dll",forkonce
O20 - Winlogon Notify: gebcyvt - gebcyvt.dll (file missing)
O20 - Winlogon Notify: geeba - C:\WINDOWS\system32\geeba.dll (file missing)
O20 - Winlogon Notify: winjgf32 - winjgf32.dll (file missing)

Zatim restartuj računar.

Postavi posle ovoga novi HJT log pa da vidimo šta i kako dalje..

offline
  • Pridružio: 21 Avg 2007
  • Poruke: 56

Temata ke moze li da poceka do petok? bidejki sum na fakultet vo drug grad i duri vo petok ke si odam doma... Pozdrav i blagodaram

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24130
  • Gde živiš: Wien

Tu smo mi, nigde necemo da pobegnemo do petka Laughing
U petak postavi novi HijackThis log, posto moze biti nekih promena u medjuvremenu.

Ko je trenutno na forumu
 

Ukupno su 1020 korisnika na forumu :: 60 registrovanih, 5 sakrivenih i 955 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3028 - dana 22 Nov 2019 07:47

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 5.56, 8u47, _Sale, A.R.Chafee.Jr., Abdee, aramis s, Arhiv, awathorn, cole77, CrazyDiablo, croato, darcaud, darkstar101, Dežurni pod palubom, dolinalima, Dr.Strangelove, Drug pukovnik, dule10savic, dzoni25, Faki-Valjevo, FOX2, Georgius, ivan979, ivance95, jovan.simovic97, kaptain, kolateralnasteta, Konda, KUZMAR, liman, Majstorr, mandicdamir245, Marko Marković, Markoni29, Mercury, Metanoja, mihajlot2013, milan.tatanac, mile09, novator, nuke92, pandur, raketaš, Raptor12, repac, RJ, robertino, rovac, ruma, saputnik plavetnila, slonic_tonic, spektorsky, Srki94, suton, t84dar, taz1cl, trutcina, VJ, yrraf, |_MeD_|