Donanım Haber Forum
Giriş :
 Şifre:
Beni Hatırla / Şifremi unuttum ?
Benim Forumlarım'a git  
Ana Sayfa | Kayıt ol | Profilim | Gelen Kutusu | DH Hız Aşırtma VT | Adres Defteri | Email'le üyeliklerim | Benim forumlarım | Fotoğraf Albümleri
Favorileriniz | Üyeler | Arama | SSS | Şikayet listesi | Uyarı listesi | Nick işlemleri
Cevap: HijackThis Detayli Egitim & Log dosyasi analizleri! [Resimli]

İlgili konuları bak: (bu forumda | tüm forumlarda)

Bu isimle girdiniz: Guest
Bu konudaki kullanıcılar: hiç
  Basılabilir versiyon
Tüm forumlar >> [Donanım / Hardware] >> Network, İnternet ve Güvenlik >> Güvenlik >> Cevap: HijackThis Detayli Egitim & Log dosyasi analizleri! [Resimli] Sayfa: <<   < önceki  7 8 [9] 10 11 12 13 14 15 16   sonraki >   >>
Giriş
Mesaj << Daha eski konu   Daha yeni konu >>
keltikfrost

 

Mesaj: 84


 2 Kasım 2006; 22:52:27 
Bu mesajla ilgili şikayetinizi bu icon a tıklayarak yapabilirsiniz.
Logfile of HijackThis v1.99.1
Scan saved at 22:51:55, on 02.11.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\emMon.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\ALFASE~1\LOCALS~1\Temp\HijackThis.exe

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Program Files\Camfrog\CamfrogBar\CamfrogBar.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [emMonitor] C:\WINDOWS\emMon.exe
O4 - HKLM\..\RunOnce: [SpeedStartup] C:\Program Files\Speed Startup\speedstartup.exe runonce
O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat 3.72\CamfrogNet.exe" 1 C:\Program Files\Camfrog\Camfrog Video Chat 3.72\Camfrog Video Chat.exe
O4 - HKCU\..\Run: [SpeedStartup] C:\Program Files\Speed Startup\speedstartup.exe bootup
O4 - Startup: Cyber-shot Viewer Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{36B88DAA-2A26-4762-AED1-676572A7E445}: NameServer = 195.175.39.39 195.175.39.40
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: distributed.net client (dnetc) - Unknown owner - C:\WINDOWS\system32\iosdt\iosdt.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Power Manager (PowerManager) - Unknown owner - C:\WINDOWS\svchost.exe (file missing)
O23 - Service: Windows Media Connect Hizmeti (WMConnectCDS) - Unknown owner - C:\Program Files\Windows Media Connect 2\wmccds.exe (file missing)

serji buyur kardeş

_____________________________

yok
serji

Mesaj: 7226
Bu kullanıcının bu kategori altındaki blog mesajlarına git Bu kullanıcının DH Blog sayfasina git


Sisteme Gözat

 2 Kasım 2006; 23:07:42 
Bu mesajla ilgili şikayetinizi bu icon a tıklayarak yapabilirsiniz.
quote:

Orjinalden alıntı: keltikfrost
serji buyur kardeş

iste dostm

NOT: Sistemde virus var. (trojan) koyu ile yazdiklarimi guvenli modda sil

C:\WINDOWS\emMon.exe
O3 - Toolbar: Camfrog Toolbar - {AF2A1C5A-1AED-4E92-8BA8-D708EB79537E} - C:\Program Files\Camfrog\CamfrogBar\CamfrogBar.dll
O4 - HKLM\..\Run: [emMonitor] C:\WINDOWS\emMon.exe
O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat 3.72\CamfrogNet.exe" 1 C:\Program Files\Camfrog\Camfrog Video Chat 3.72\Camfrog Video Chat.exe
O23 - Service: distributed.net client (dnetc) - Unknown owner - C:\WINDOWS\system32\iosdt\iosdt.exe (file missing)
O23 - Service: Power Manager (PowerManager) - Unknown owner - C:\WINDOWS\svchost.exe (file missing)
O23 - Service: Windows Media Connect Hizmeti (WMConnectCDS) - Unknown owner - C:\Program Files\Windows Media Connect 2\wmccds.exe (file missing)

_____________________________

HijackThis Kayit Dosyasi Analizi. Sistem Performansinizi artirin ve Guvenliginizi saglayin.
Sisteminizi detaylarıyla inceletip analiz sonuçlarına göre açıklarını kapatmayı ve hızını artırmayı istiyorsanız tıklayın.
hypnertocmacia

Mesaj: 1065


 2 Kasım 2006; 23:10:41 
Bu mesajla ilgili şikayetinizi bu icon a tıklayarak yapabilirsiniz.
Logfile of HijackThis v1.99.1
Scan saved at 22:58:13, on 02.11.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: edit_html Class - {14D1A72D-8705-11D8-B120-0040F46CB696} - C:\WINDOWS\inet20004\112143121.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {73364D99-1240-4dff-B12A-67E448373148} - C:\WINDOWS\system32\ipv6mons.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WinMedia] C:\WINDOWS\system32\gyovumhi16096781.exe
O4 - Startup: WinMySQLadmin.lnk = C:\apache\mysql\bin\winmysqladmin.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: MS_update_0610_KB72306.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {58EF1388-AF07-4D13-A069-D107671B8819} - http://www.gamegarden.net/game/ggsecure.cab
O16 - DPF: {64E27CFB-8B69-4B83-80F0-36A81437D587} - http://activex.camfrogweb.com/basic/cfweb_activex.camfrogweb.com-basic_instmodule.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{14DF8040-B33A-47C3-8132-6B693FF6D688}: NameServer = 85.255.114.61,85.255.112.60
O17 - HKLM\System\CCS\Services\Tcpip\..\{250F5624-0EAD-4ED6-957A-F962203941CF}: NameServer = 85.255.114.61,85.255.112.60
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE65D86C-F414-4351-9564-6BC7BE5E15C7}: NameServer = 85.255.114.61,85.255.112.60
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.94 85.255.112.19
O17 - HKLM\System\CS1\Services\Tcpip\..\{14DF8040-B33A-47C3-8132-6B693FF6D688}: NameServer = 85.255.113.94,85.255.112.19
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.94 85.255.112.19
O17 - HKLM\System\CS2\Services\Tcpip\..\{14DF8040-B33A-47C3-8132-6B693FF6D688}: NameServer = 85.255.113.94,85.255.112.19
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.114.61 85.255.112.60
O17 - HKLM\System\CS3\Services\Tcpip\..\{14DF8040-B33A-47C3-8132-6B693FF6D688}: NameServer = 85.255.114.61,85.255.112.60
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 85.255.114.61 85.255.112.60
O17 - HKLM\System\CS4\Services\Tcpip\..\{14DF8040-B33A-47C3-8132-6B693FF6D688}: NameServer = 85.255.114.61,85.255.112.60
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.61 85.255.112.60
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Abyss Web Server (AbyssWebServer) - - (no file)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: PHPGeekUtil - Unknown owner - c:\apache\APACHE.EXE" --ntservice (file missing)
O23 - Service: RadClock - Unknown owner - C:\WINDOWS\system32\RadClock.exe


arkadaşım zahmet olmassa bi bakarmısın şimdiden teşekkürler

_____________________________


____gRuP AnKaRa____
keltikfrost

 

Mesaj: 84


 2 Kasım 2006; 23:12:44 
Bu mesajla ilgili şikayetinizi bu icon a tıklayarak yapabilirsiniz.
koyu ile yazılan bi tek c:windows emon var.oda lisefe yok bide güvenli moddan derken.reset atıp başlarken f8'le güvenli moddan girip gene aynı programla hjackthisle mi sfix edip silcez?

_____________________________

yok
serji

Mesaj: 7226
Bu kullanıcının bu kategori altındaki blog mesajlarına git Bu kullanıcının DH Blog sayfasina git


Sisteme Gözat

 2 Kasım 2006; 23:36:15 
Bu mesajla ilgili şikayetinizi bu icon a tıklayarak yapabilirsiniz.
quote:

Orjinalden alıntı: keltikfrost
koyu ile yazılan bi tek c:windows emon var.oda lisefe yok bide güvenli moddan derken.reset atıp başlarken f8'le güvenli moddan girip gene aynı programla hjackthisle mi sfix edip silcez?

listedekileri once fixle normal. butun pencereler kapali olsun ama. sonra direkt yeniden baslat pcyi dedigin gibi f8 ile guvenli modda ac ve emmon.exe'yi sil

quote:

Orjinalden alıntı: hypnertocmacia
arkadaşım zahmet olmassa bi bakarmısın şimdiden teşekkürler

estag. dostm iste liste

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: edit_html Class - {14D1A72D-8705-11D8-B120-0040F46CB696} - C:\WINDOWS\inet20004\112143121.dll (file missing)
O2 - BHO: (no name) - {73364D99-1240-4dff-B12A-67E448373148} - C:\WINDOWS\system32\ipv6mons.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKCU\..\Run: [WinMedia] C:\WINDOWS\system32\gyovumhi16096781.exe
O4 - Global Startup: MS_update_0610_KB72306.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Abyss Web Server (AbyssWebServer) - - (no file)
C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: PHPGeekUtil - Unknown owner - c:\apache\APACHE.EXE" --ntservice (file missing)



< Bu mesaj bu kişi tarafından değiştirildi serji -- 2 Kasım 2006; 23:36:54 >

_____________________________

HijackThis Kayit Dosyasi Analizi. Sistem Performansinizi artirin ve Guvenliginizi saglayin.
Sisteminizi detaylarıyla inceletip analiz sonuçlarına göre açıklarını kapatmayı ve hızını artırmayı istiyorsanız tıklayın.
foobar

 

Mesaj: 147


 3 Kasım 2006; 11:25:17 
Bu mesajla ilgili şikayetinizi bu icon a tıklayarak yapabilirsiniz.
dostum benim istediğn log dosyası bir elinden öper

Logfile of HijackThis v1.99.1
Scan saved at 19:07:19, on 30.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Babylon\Babylon.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Program Files\RivaTuner v2.0 RC 16\RivaTuner.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\bittorrent.exe
C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\PGP Corporation\PGP for Windows XP\PGPtray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\lvhidsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PGPsdkServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Motherboard Monitor 5\MBM5.exe
C:\WINDOWS\system32\wuauclt.exe
G:\bittorrent.exe
E:\Foobar Program Pack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - G:\PROGRA~1\FLASHGET\jccatch.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - G:\PROGRA~1\FLASHGET\fgiebar.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [WinDVRCtrl] C:\WINDOWS\WDVRCtrl.exe
O4 - HKLM\..\Run: [ScanRegistry] C:\W
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.0 RC 16\RivaTuner.exe" /S
O4 - HKLM\..\Run: [RivaTuner] "C:\Program Files\RivaTuner v2.0 RC 16\RivaTuner.exe" /T
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Bittorrent] C:\WINDOWS\bittorrent.exe
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - Global Startup: Adobe Reader Hızlı Çalıştırma.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: PGPtray.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: FlashGet'i kullanarak indir - G:\PROGRA~1\FLASHGET\jc_link.htm
O8 - Extra context menu item: Tümünü FlashGet'i kullanarak indir - G:\PROGRA~1\FLASHGET\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - G:\PROGRA~1\FLASHGET\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - G:\PROGRA~1\FLASHGET\flashget.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Remote HID Service (LvHidSvc) - Philips - C:\WINDOWS\System32\lvhidsvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PGPsdkService (PGPsdkServ) - PGP Corporation - C:\WINDOWS\system32\PGPsdkServ.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe



_____________________________
akreb

Mesaj: 12


 3 Kasım 2006; 12:08:50 
Bu mesajla ilgili şikayetinizi bu icon a tıklayarak yapabilirsiniz.

quote:

Orjinalden alıntı: serji

quote:

Orjinalden alıntı: akreb
Dostum selam,
Benim derdim, (ekte ekran görüntüsünü de gönderdiğim) internette gezinirken karşılaştığım bir problem. İnternet explorer, sitede gezerken "System Security Center" denen böyle bi sayfa açıyor. Antispyware'lerin hemen hepsini denedim. Hatta çalışan programları bozma pahasına, ne bulduysa fixledim, yine de olmadı. Son çare "Sistem Geri Yükleme" yapmaya başladım. Şimdiye kadar "Sistem Geri Yükleme" ile aşmaya çalıştım bunu. Artık o da yemez oldu. Logfile'ı da kopyaladım, sana zahmet bi bakar mısın?
Teşekkürler...

iste dostum anti spywarelerin yapamadigini birlikte yapalm


Üstad saolsın, gerçekten işe yaradı. Ellerine emeğine sağlık. Beni büyük bi eziyetten ve sinir harbinden kurtardın. Eyvallah...

Not: Herşeyin hakkı ödenir de bu forumların hakkı ödenmez arkadaş!
-----------------------------
AKREB

_____________________________
RuiNatioN

Mesaj: 448


 3 Kasım 2006; 13:19:32 
Bu mesajla ilgili şikayetinizi bu icon a tıklayarak yapabilirsiniz.
Dostum serji, ilk kez yolluyorum bunu, demi$tim hatırlarsın, a$ırı ram yiyordu bazı programlar, bakarsan sevinirim, ü$enmeyip herkese yardımcı olduğun içinde ayrıca te$ekkurler

Logfile of HijackThis v1.99.1
Scan saved at 13:13:30, on 03.11.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\ATKKBService.exe
D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\DOCUME~1\fatih\LOCALS~1\Temp\Rar$EX00.359\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {58EF1388-AF07-4D13-A069-D107671B8819} - http://www.gamegarden.net/game/ggsecure.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

_____________________________







Ne Beşiktaş Ne Fener,bu sevgi ömre bedel,şampiyon olsan yeter,olmasan ne farkeder?!...
serji

Mesaj: 7226
Bu kullanıcının bu kategori altındaki blog mesajlarına git Bu kullanıcının DH Blog sayfasina git


Sisteme Gözat

 3 Kasım 2006; 14:48:25 
Bu mesajla ilgili şikayetinizi bu icon a tıklayarak yapabilirsiniz.
quote:

Orjinalden alıntı: foobar
dostum benim istediğn log dosyası bir elinden öper

ok dostm iste liste

C:\WINDOWS\bittorrent.exe
G:\bittorrent.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - G:\PROGRA~1\FLASHGET\fgiebar.dll (file missing)
O4 - HKLM\..\Run: [ScanRegistry] C:\W
O4 - HKLM\..\Run: [Bittorrent] C:\WINDOWS\bittorrent.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: PGPtray.lnk = ?
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - G:\PROGRA~1\FLASHGET\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - G:\PROGRA~1\FLASHGET\flashget.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe


_____________________________

HijackThis Kayit Dosyasi Analizi. Sistem Performansinizi artirin ve Guvenliginizi saglayin.
Sisteminizi detaylarıyla inceletip analiz sonuçlarına göre açıklarını kapatmayı ve hızını artırmayı istiyorsanız tıklayın.
serji

Mesaj: 7226
Bu kullanıcının bu kategori altındaki blog mesajlarına git Bu kullanıcının DH Blog sayfasina git


Sisteme Gözat

 3 Kasım 2006; 14:50:39 
Bu mesajla ilgili şikayetinizi bu icon a tıklayarak yapabilirsiniz.
quote:

Orjinalden alıntı: akreb
Üstad saolsın, gerçekten işe yaradı. Ellerine emeğine sağlık. Beni büyük bi eziyetten ve sinir harbinden kurtardın. Eyvallah...