Logfile of HijackThis v1.99.1
Scan saved at 05:07:36, on 03.05.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\UAService7.exe
C:\WINDOWS\System32\khooker.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\ubeydullah\My Documents\Unzipped\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\UBEYDU~1\LOCALS~1\Temp\se.dll/spage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\UBEYDU~1\LOCALS~1\Temp\se.dll/spage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R3 - URLSearchHook: ICQ Toolbar - - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - - C:\WINDOWS\System32\jfbk.dll
O3 - Toolbar: &Radio - - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: Steganos Internet Anonym - - c:\program files\steganos internet anonym pro 7\siapro7iep.dll
O3 - Toolbar: ICQ Toolbar - - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [scvhost] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [firlnin] C:\Documents and Settings\ubeydullah\Local Settings\Temporary Internet Files\Content.IE5\9SZI7WRS\delf061225[1].exe
O4 - HKLM\..\Run: [System] C:\WINDOWS\systray.exe
O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\UBEYDU~1\LOCALS~1\Temp\se.dll,DllInsta ll
O4 - HKCU\..\Run: [scvhost] C:\WINDOWS\scvhost.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Microsoft Excel'e Go&nder - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research - - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Related - - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - - C:\WINDOWS\web\related.htm
O15 - Trusted Zone: *.dapsol.com
O15 - Trusted Zone: *.dapsol.com (HKLM)
O16 - DPF: (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1111450694859
O16 - DPF: (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O18 - Filter: text/html - - C:\WINDOWS\System32\jfbk.dll
O18 - Filter: text/plain - - C:\WINDOWS\System32\jfbk.dll
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\System32\UAService7.exe
ev arkadasımın pc desktopta
security warning:
a fatal error in IE has occured at 0028:C0011E36 in VXD VMM + 00010E36. error was caused by Trojan-Spy.HTML.Smitfraud.c
* system can not functio nin normmal mode
please chech your security settings.
*scan your PC with any available antivireus / spyware remover program to fix the problem
spy nuker ve microsoftun antispyware ile taratık ama kaldıramdık ve IE hata veriyo
__________________
hijackthis log
Bilgisayar Güvenliği0 Mesaj
●22 Görüntüleme
- ReadBull.net
- Teknoloji Forumları
- Donanım ve Bilgisayar
- Bilgisayar Güvenliği
- hijackthis log