Hijackthis ile .LOG Dosyası Hazırlayın

+ Yorum Gönder
3. Sayfa BirinciBirinci ... 23
Bilgisayar Dünyası ve Spy ve Virüs Haberleri Bölümünden Hijackthis ile .LOG Dosyası Hazırlayın ile ilgili Kısaca Bilgi
  1. 25
    BADMAN
    Usta Üye
    Reklam

    --->: Hijackthis ile .LOG Dosyası Hazırlayın

    Reklam



    burdanda yararlanabilirsiniz arkadaslar konuyla ilgili diye düsündüm saygilarimla


    Yudumla --->: Hijackthis ile .LOG Dosyası Hazırlayın Hakkında Konu

  2. 26
    merhaba55
    Yeni Üye
    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 16:21:07, on 13.01.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
    C:\Program Files\VIA\RAID\raid_tool.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Eset\nod32kui.exe
    C:\Program Files\TRKY-DnsAyar\TRKY-DnsAyar.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
    C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Eset\nod32krn.exe
    C:\Program Files\Ace Explorer\Aexplore.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\MuRti\LOCALS~1\Temp\Rar$EX00.844\HiJac kThis_v2.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O1 - Hosts: 67.15.137.107
    www.thecrims.com #04.01.2008
    O2 - BHO: Adobe PDF Reader Bağı Yardımı - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [TRKY-DnsAyar] C:\Program Files\TRKY-DnsAyar\TRKY-DnsAyar.exe
    O4 - HKLM\..\Run: [System] \windows\winlogon.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
    O4 - HKCU\..\Run: [ZEject] C:\Program Files\2002 CD Eject\CDEject.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0FC8B38E-9293-424C-9D0E-CE60775679CF} (SubClassEditCtrlContainer Class) -
    https://sube.garanti.com.tr/lib/JaguarEditControl.CAB
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1196410366500
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{30DFDBAD-CDCD-4220-82EC-B405C4C0BF0C}: NameServer = 212.156.4.7,193.140.83.251,212.57.1.18,205.171.2.6 5,205.171.3.65
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B7D2FF87-DEA9-4001-A2D2-98FE75C341CA}: NameServer = 212.156.4.7,193.140.83.251,212.57.1.18,205.171.2.6 5,205.171.3.65
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C069B604-D86B-4ECE-B342-0A47540B5C8B}: NameServer = 212.156.4.7,193.140.83.251,212.57.1.18,205.171.2.6 5,205.171.3.65
    O17 - HKLM\System\CS1\Services\Tcpip\..\{30DFDBAD-CDCD-4220-82EC-B405C4C0BF0C}: NameServer = 212.156.4.7,193.140.83.251,212.57.1.18,205.171.2.6 5,205.171.3.65
    O17 - HKLM\System\CS2\Services\Tcpip\..\{30DFDBAD-CDCD-4220-82EC-B405C4C0BF0C}: NameServer = 212.57.1.18,212.57.1.17,212.156.4.7,205.171.2.65,2 05.171.3.65
    O22 - SharedTaskScheduler: Browseui önceden yükleyicisi - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Bileşen Katergorileri önbellek daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Kaspersky Network Agent (klnagent) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

    --
    End of file - 6052 bytes


    kanki baksana buda benim bende bilgisayarı açarken winlogon AQ123 hatası verip duruyo neyapayım???




  3. 27
    MaviAdam
    Özel Üye
    Alıntı imran Nickli Üyeden Alıntı Mesajı göster
    @ICEEXOL

    Simdi sen bunu kendin yorumluyorsundur deme ?

    Yoksa a$$agidaki sitedemi senin ??
    http://hjt.networktechs.com/



    Ugra$mayin beyler ne ole logu koycan cevap alcan yukaridaki siteye girip kodu yapistirin parse tusuna basin bukadar basit !

    ...
    Tekrar görü$mek üzere !
    Peki Siz Öyle Yapın Sorumluluk Nasıl Olsa Sizde Format Atmayıda Biliyorsan O Siteye Güven Zararlı Dedigi Herşeyi Sil o.k

  4. 28
    ICEEXOL
    Özel Üye
    @Merhaba55

    Winlogon.exe normalde system32'de bulunuyor ve XP'nin açılışından sorumlu bir servis.Fakat senin kaydında Windows klasöründe çalışıyor gibi gözüküyor.Çok büyük bir ihtimal *sahte* ve *zararlı*.

    Güvenli Mod'a geçerek tekrar tarat ve aşağıdaki bölümü *fix* le.

    Kod:
     O4 - HKLM\..\Run: [System] \windows\winlogon.exe


  5. 29
    06yaramaz25
    Yeni Üye
    Logfile of HijackThis v1.99.1
    Scan saved at 03:13:35, on 2/17/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\SiteAdvisor\6253\SAService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\VMSnap3.EXE
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\Program Files\AirTies\ADSL Hizmet Programı\AirTies_util3.exe
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    D:\program kurulum dosyaları\virus prog\hijackthis 199 ( yeni )\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.ie7pro.com/firstrun/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O2 - BHO: Adobe PDF Reader Bağı Yardımı - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
    O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKCU\..\Run: [mssdbsrv] C:\WINDOWS\system32\msupdtck.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
    O4 - Global Startup: AirTies ADSL Hizmet Programı.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1202758797421
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FF150400-75FA-459D-AACA-BD41E9D1DC04}: NameServer = 195.175.39.40,195.175.39.39
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe

  6. 30
    06yaramaz25
    Yeni Üye
    Arkadaşlar şu Blog Olayinda Yardimci Olurmusunuz Teşekkürler Iyi Calismalar

    Biraz önceki Mesaja Duzeltme Metni :) Blok Yazmisim Yazmak Istedigim ( Log ) Olucakti Tesekkurler

  7. 31
    ICEEXOL
    Özel Üye
    Kaydında herhangi bir problem yok.

  8. 32
    06yaramaz25
    Yeni Üye
    ıceexol tesekkur ederım yardımın ıcımı rahatlattı basarılarınızın devamı dılegımle emegınıze saglık

  9. 33
    deathline
    Yeni Üye
    PHP- Kodu:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20
    :56:45on 4/19/2009
    Platform
    Windows XP SP2 (WinNT 5.01.2600)
    MSIEInternet Explorer v7.00 (7.00.6000.16827)
    Boot modeNormal
    Running processes
    :
    C:\WINDOWS\System32\smss.exe
    C
    :\WINDOWS\system32\winlogon.exe
    C
    :\WINDOWS\system32\services.exe
    C
    :\WINDOWS\system32\lsass.exe
    C
    :\WINDOWS\system32\svchost.exe
    C
    :\WINDOWS\System32\svchost.exe
    C
    :\WINDOWS\Explorer.EXE
    C
    :\WINDOWS\system32\spoolsv.exe
    C
    :\WINDOWS\RTHDCPL.EXE
    C
    :\Program Files\XpertVision\TBPanel.exe
    C
    :\WINDOWS\system32\RUNDLL32.EXE
    C
    :\WINDOWS\System32\reader_s.exe
    C
    :\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C
    :\Documents and Settings\furkan\reader_s.exe
    C
    :\WINDOWS\system32\ctfmon.exe
    C
    :\Program Files\AirTies\ADSL Hizmet Programı\AirTies_util3.exe
    C
    :\Program Files\Hamachi\hamachi.exe
    C
    :\WINDOWS\system32\3361\SVCHOST.exe
    C
    :\WINDOWS\dhcp\svchost.exe
    C
    :\WINDOWS\system32\nvsvc32.exe
    C
    :\WINDOWS\system32\wscntfy.exe
    C
    :\Program Files\Internet Explorer\iexplore.exe
    C
    :\Program Files\Windows Live\Messenger\usnsvc.exe
    C
    :\WINDOWS\System32\svchost.exe
    C
    :\WINDOWS\System32\svchost.exe
    C
    :\WINDOWS\System32\svchost.exe
    C
    :\WINDOWS\System32\svchost.exe
    C
    :\WINDOWS\System32\svchost.exe
    C
    :\Program Files\Registry Mechanic\regmech.exe
    C
    :\WINDOWS\system32\msiexec.exe
    C
    :\WINDOWS\System32\svchost.exe
    C
    :\Documents and Settings\furkan\Desktop\HiJackThis.exe
    R0 
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page about:blank
    R1 
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL http://go.microsoft.com/fwlink/?LinkId=69157
    R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL http://go.microsoft.com/fwlink/?LinkId=54896
    R1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page http://go.microsoft.com/fwlink/?LinkId=54896
    R0 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page http://go.microsoft.com/fwlink/?LinkId=69157
    R0 HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName Bağlantılar
    O2 
    BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 HKLM\..\Run: [RTHDCPLRTHDCPL.EXE
    O4 
    HKLM\..\Run: [SkyTelSkyTel.EXE
    O4 
    HKLM\..\Run: [AlcmtrALCMTR.EXE
    O4 
    HKLM\..\Run: [GainwardC:\Program Files\XpertVision\TBPanel.exe /A
    O4 
    HKLM\..\Run: [NvCplDaemonRUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 
    HKLM\..\Run: [nwiznwiz.exe /install
    O4 
    HKLM\..\Run: [NvMediaCenterRUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 
    HKLM\..\Run: [reader_sC:\WINDOWS\System32\reader_s.exe
    O4 
    HKLM\..\Run: [svchost.exe"C:\WINDOWS\system32\3361\SVCHOST.exe"
    O4 HKLM\..\Run: [Radio-TV advertsC:\WINDOWS\TEMP\rtv_winupd.exe
    O4 
    HKLM\..\RunOnce: [svchost.exe"C:\WINDOWS\system32\3361\SVCHOST.exe"
    O4 HKCU\..\Run: [MsnMsgr"C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 
    HKCU\..\Run: [reader_sC:\Documents and Settings\furkan\reader_s.exe
    O4 
    HKCU\..\Run: [ctfmon.exeC:\WINDOWS\system32\ctfmon.exe
    O4 
    HKCU\..\Run: [RegistryMechanicC:\Program Files\Registry Mechanic\RegMech.exe /H
    O4 
    HKCU\..\Run: [Uniblue RegistryBooster 2009C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
    O4 
    HKUS\S-1-5-18\..\Run: [svcc:\program Files\ThunMail\testabd.exe (User 'SYSTEM')
    O4 HKUS\S-1-5-18\..\Run: [reader_sC:\Documents and Settings\furkan\reader_s.exe (User 'SYSTEM')
    O4 HKUS\S-1-5-18\..\Run: [msnmsgr"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
    O4 HKUS\.DEFAULT\..\Run: [svcc:\program Files\ThunMail\testabd.exe (User 'Default user')
    O4 Startuphamachi.lnk C:\Program Files\Hamachi\hamachi.exe
    O4 
    - Global StartupAirTies ADSL Hizmet Programı.lnk = ?
    O9 Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 
    Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1239996958234
    O20 AppInit_DLLsc:\progra~1\ThunMail\testabd.dll
    O23 
    ServiceDhcp server (DhcpSrv) - Unknown owner C:\WINDOWS\dhcp\svchost.exe
    O23 
    ServiceNVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation C:\WINDOWS\system32\nvsvc32.exe
    --
    End of file 4473 bytes 

    acil bakarsan sevinirim bilgisyara ne kdar format attıysam sonuc yok..Duzelmedi hata veriyor ve net gidiyor:S

  10. 34
    ertugrull46
    Yeni Üye
    PHP- Kodu:
    Logfile of HijackThis v1.99.1
    Scan saved at 12
    :40:13on 28.08.2009
    Platform
    Windows XP SP3 (WinNT 5.01.2600)
    MSIEInternet Explorer v8.00 (8.00.6001.18702)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C
    :\WINDOWS\system32\winlogon.exe
    C
    :\WINDOWS\system32\services.exe
    C
    :\WINDOWS\system32\lsass.exe
    C
    :\WINDOWS\system32\Ati2evxx.exe
    C
    :\WINDOWS\system32\svchost.exe
    C
    :\WINDOWS\System32\svchost.exe
    C
    :\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C
    :\Program Files\Alwil Software\Avast4\ashServ.exe
    C
    :\WINDOWS\system32\spoolsv.exe
    C
    :\WINDOWS\system32\Ati2evxx.exe
    C
    :\WINDOWS\system32\WgaTray.exe
    C
    :\Program Files\eBoostr\EBstrSvc.exe
    C
    :\Program Files\Java\jre6\bin\jqs.exe
    C
    :\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
    C
    :\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C
    :\WINDOWS\system32\svchost.exe
    C
    :\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C
    :\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C
    :\Program Files\WebcamMax\wcmmon.exe
    C
    :\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C
    :\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C
    :\Program Files\Java\jre6\bin\jusched.exe
    C
    :\Program Files\Windows Live\Messenger\msnmsgr.exe
    C
    :\Program Files\Messenger\msmsgs.exe
    C
    :\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C
    :\Program Files\Orbitdownloader\orbitdm.exe
    C
    :\Program Files\vghd\vghd.exe
    C
    :\WINDOWS\System32\svchost.exe
    C
    :\Documents and Settings\utku\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
    C
    :\Program Files\Styler\Styler.exe
    C
    :\Program Files\Orbitdownloader\orbitnet.exe
    C
    :\Program Files\vghd\VirtuaGirl_downloader.exe
    C
    :\WINDOWS\system32\wbem\wmiapsrv.exe
    C
    :\WINDOWS\system32\ctfmon.exe
    C
    :\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C
    :\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C
    :\WINDOWS\system32\wuauclt.exe
    C
    :\WINDOWS\explorer.exe
    C
    :\Program Files\Mozilla Firefox\firefox.exe
    C
    :\WINDOWS\system32\wuauclt.exe
    C
    :\Documents and Settings\utku\Desktop\HijackThis.exe

    R0 
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page http://search.conduit.com?SearchSource=10&ctid=CT2086743
    R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL http://go.microsoft.com/fwlink/?LinkId=69157
    R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL http://go.microsoft.com/fwlink/?LinkId=54896
    R1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page http://go.microsoft.com/fwlink/?LinkId=54896
    R0 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page http://go.microsoft.com/fwlink/?LinkId=69157
    R1 HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext http://youtube.com/watch?v=drG94S-O49g
    R0 HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName Bağlantılar
    R3 
    URLSearchHookPHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
    O2 
    BHObtorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
    O2 
    BHOAcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 
    BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 BHOSearch Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 
    BHOSSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 
    BHOWindows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 
    BHOGoogle Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 
    BHOGoogle Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 
    BHOGoogle Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 
    BHOJava(tmPlug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 
    BHOPHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
    O2 
    BHOWindows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 
    BHOJQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 
    ToolbarGrab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
    O3 
    ToolbarGoogle Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O3 
    ToolbarStylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
    O3 
    ToolbarPHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
    O3 
    Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 
    HKLM\..\Run: [VIPv3_Auto_UpdateC:\WINDOWS\VIPv3\CheckForUpdates.exe
    O4 
    HKLM\..\Run: [VistadrvC:\WINDOWS\VIPv3\VIPhd\vsdrv.exe
    O4 
    HKLM\..\Run: [IMJPMIG8.1"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 
    HKLM\..\Run: [MSPY2002C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 
    HKLM\..\Run: [PHIME2002ASyncC:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 
    HKLM\..\Run: [PHIME2002AC:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 
    HKLM\..\Run: [WebcamMaxMoniter"C:\Program Files\WebcamMax\wcmmon.exe" /a
    O4 
    HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 
    HKLM\..\Run: [QuickTime Task"C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 
    HKLM\..\Run: [ATICCC"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 
    HKLM\..\Run: [BootSkin Startup Jobs"C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
    O4 
    HKLM\..\Run: [LogonStudio"C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
    O4 
    HKLM\..\Run: [SunJavaUpdateSched"C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 HKCU\..\Run: [msnmsgr"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 
    HKCU\..\Run: [MSMSGS"C:\Program Files\Messenger\msmsgs.exe" /background
    O4 
    HKCU\..\Run: [swgC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 
    HKCU\..\Run: [Google Update"C:\Documents and Settings\utku\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 
    HKCU\..\Run: [ctfmon.exeC:\WINDOWS\system32\ctfmon.exe
    O4 
    StartupAdobe Gamma.lnk C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 
    StartupDesktopVideoPlayer.LNK C:\Program Files\vghd\vghd.exe
    O4 
    Startupserserichat.lnk = ?
    O4 StartupStyler.lnk = ?
    O4 - Global StartupAdobe Reader Speed Launch.lnk C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 
    - Global StartupeBoostr Control Panel.lnk C:\Program Files\eBoostr\eBoostrCP.exe
    O4 
    - Global StartupOrbit.lnk C:\Program Files\Orbitdownloader\orbitdm.exe
    O8 
    Extra context menu item: &Download by Orbit res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
    O8 Extra context menu item: &Grab video by Orbit res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
    O8 Extra context menu item: &VİNDİR FOR YOUTUBE 2 >>> - C:\Program Files\Vindir for YouTube 2\context_handle.htm
    O8 
    Extra context menu itemAdd to Google Photos Screensa&ver res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 Extra context menu item: Do&wnload selected by Orbit res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
    O8 Extra context menu itemDown&load all by Orbit res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
    O8 Extra context menu itemMicrosoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Bunu Bloga Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra '
    Tools' menuitem: Windows Live Writer içinde &Bunu Web Günlüğüne Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra '
    Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra '
    Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A5EC3F2F-5996-41B1-B15B-4E4025A80358}: NameServer = 208.67.222.222,208.67.220.220
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: eBoostr Service (EBOOSTRSVC) - eBoostr.com - C:\Program Files\eBoostr\EBstrSvc.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
    O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) 


  11. 35
    niko
    Özel Üye
    ertuğrul 46

    Aşadakiler Fix checked de zararlı

    PHP- Kodu:
    O2 BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)File Missing
    When a file is missing
    you should always have HijackThis fix the item.
    O4 HKCU..Run: [ctfmon.exeC:WINDOWSsystem32ctfmon.exe
    O9 
    Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)File MissingWhen a file is missingyou should always have HijackThis fix the item.O9 Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)File Missing
    When a file is missing
    you should always have HijackThis fix the item.
    Ctfmon.exe
    "CoolWebSearch Ctfmon32 parasite variant" 
    PHP- Kodu:
    O20 Winlogon Notifydimsntfy - %SystemRoot%System32dimsntfy.dll (file missing)File Missing
    When a file is missing
    you should always have HijackThis fix the item.O21 SSODLWPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32wpdshserviceobj.dllShellServiceObjectDelayLoad Registry key autorun
    HJT automatically weeds out the good ones here so we
    'll flag this as bad. Consult a HJT expert before cleaning anything.
    O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)File Missing
    When a file is missing, you should always have HijackThis fix the item.
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)File Missing
    When a file is missing, you should always have HijackThis fix the item. 
    PHP- Kodu:
    O23 ServiceJava Quick Starter (JavaQuickStarterService) - Unknown owner C:Program FilesJavajre6binjqs.exe" -service -config "C:Program FilesJavajre6libdeployjqsjqs.conf (file missing)File Missing
    When a file is missing
    you should always have HijackThis fix the item.
    O23 ServiceMySQL Unknown owner C:Program.exe (file missing)File Missing
    When a file is missing
    you should always have HijackThis fix the item
    Aşadakiler ise zararsız sistemi yoran programlar dilediğini fixleyebilirsin

    PHP- Kodu:
    O4 HKLM..Run: [MSPY2002C:WINDOWSsystem32IMEPINTLGNTImScInst.exe /SYNCMSPY2002
    "Part of Microsoft's Input Message Editor (IME) for translating Japanese/Chinese text in IE
    O4 - HKLM..Run: [PHIME2002ASync] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /SYNCPHIME2002ASync
    "
    Part of Microsoft's Input Message Editor (IME) for translating Japanese/Chinese text in IE
    O4 - HKLM..Run: [PHIME2002A] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /IMENamePhime2002a
    "Part of Microsoft'
    s Input Message Editor (IME) for translating Japanese/Chinese text in IE
    O4 
    HKLM..Run: [QuickTime Task"C:\Program Files\QuickTime\qttask.exe" -atboottimeQuickTime Task
    System Tray access to Apple
    's "Quick Time" viewer from version 5 onwards 
    O4 - HKLM..Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -DelayATICCC
    "ATI'
    s CATALYST� CONTROL CENTER. Required if you want to change graphics settings on a regular basis but you must have internet access and Microsoft's .NET framework installed. Note that this has ""runtime"" appended to cli.exe in the ""Command"" column of MSCONFIG. Recommend that start the program manually via Start -> Programs -> ATI Catalyst Control Center -> Advanced -> Restart Runtime as it can casue problems when starting Windows" 
    PHP- Kodu:
    O4 HKLM..Run: [LogonStudio"C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOMLogonStudio
    "WinCustomize LogonStudio - "Allows Windows XP users to edit
    O4 
    HKLM..Run: [SunJavaUpdateSched"C:\Program Files\Java\jre6\bin\jusched.exe"SunJavaUpdateSched
    "Checks with Sun's Java updates site to see if newer Java versions are available. Visit  http://java.sun.com or just run the Java Plug-In Control Panel" 
    O4 HKCU..Run: [msnmsgr"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /backgroundmsnmsgr
    "MSN Messenger utility. If you don't use MSN Messenger
    O4 - HKCU..Run: [MSMSGS] "
    C:\Program Files\Messenger\msmsgs.exe" /backgroundMSMSGS
    "
    Windows Messenger utility. If you don't use Windows Messenger
    O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe 


+ Yorum Gönder
3. Sayfa BirinciBirinci ... 23
5 üzerinden 5.00 | Toplam : 1 kişi