Logfile of HijackThis v1.99.1
Scan saved at 21:35:35, on 31.05.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\khooker.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\SMSRouter\SMSClient\OtoMessager.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\Program Files\Media Access\MediaAccK.exe
C:\Program Files\Media Access\MediaAccess.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\onk4dl71.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\program files\180searchassistant\saap.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\Integrator.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ICQ\Icq.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\AND\Local Settings\Temp\HijackThis.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.usmjuehklyvyuuhwmhsemjj.c...cMvqKMIgq.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/cust...//my.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
R3 - URLSearchHook: (no name) - _ - (no file)
O1 - Hosts: 213.239.0.226 andr.net
O1 - Hosts: 213.239.0.226 www.andr.net
O1 - Hosts: 213.239.0.226 *****z.ws
O1 - Hosts: 213.239.0.226 www.*****z.ws
O1 - Hosts: 213.239.0.226 *****spider.com
O1 - Hosts: 213.239.0.226 www.*****spider.com
O1 - Hosts: 213.239.0.226 astalavista.box.sk
O2 - BHO: BHObj Class - - C:\WINDOWS\nem220.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - - C:\Progra~1\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - - c:\syslibie.dll (file missing)
O3 - Toolbar: &Google - - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SMSClient OtoMessager] C:\Program Files\SMSRouter\SMSClient\OtoMessager.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [24Soru] C:\Program Files\24Soru\24soru.exe -m
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [Jnckf] C:\Program Files\Zadcqs\Xhnccf.exe
O4 - HKLM\..\Run: [Wpfvz] C:\Program Files\Tycc\Qpgdvq.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [onk4dl71] C:\WINDOWS\system32\onk4dl71.exe
O4 - HKLM\..\Run: [saap] c:\program files\180searchassistant\saap.exe
O4 - HKLM\..\Run: [wjclojyj] C:\WINDOWS\wjclojyj.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1059.dll,InstantAccess
O4 - Startup: Hare.lnk = C:\Program Files\Dachshund Software\Hare\Hare.exe
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe
O4 - Global Startup: Hotkey.lnk = C:\Program Files\Asus\ASUS Hotkey\Hotkey.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Hızlı Başlangıc.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Microsoft Excel'e Go&nder - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: ICQ Pro - - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: Messenger - - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Search *****s at *****Spider.NET - - http://*****spider.net/ie/btn.php (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Search *****s at *****Spider.NET - - http://*****spider.net/ie/btn.php (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com.tw
O16 - DPF: ConferenceRoom Java Client - http://vortex.unitedchat.net:8000/java/cr.cab
O16 - DPF: MynetTavla - http://oyun.mynet.com/game/WebRoot/Tavla.CAB
O16 - DPF: Yahoo! Backgammon - http://download.games.yahoo.com/game...ts/y/at1_x.cab
O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/game...ts/y/pt1_x.cab
O16 - DPF: (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: - http://hot.thebugs.ws/fav.exe
O16 - DPF: - http://static.windupdates.com/cab/Do...ridge-c283.cab
O16 - DPF: (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?link...67&clcid=0x409
O16 - DPF: - http://ak.imgfarm.com/images/nocache...tup1.0.0.8.cab
O16 - DPF: (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab28177.cab
O16 - DPF: (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll
O16 - DPF: (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O16 - DPF: (FlashXControl Object) - https://spinpalace.microgaming.com/s...ce/FlashAX.cab
O16 - DPF: (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\: NameServer = 213.243.1.40 213.243.1.42
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
tsk ederim
__________________
log a bakar misiniz pls!!
Bilgisayar Güvenliği0 Mesaj
●20 Görüntüleme
- ReadBull.net
- Teknoloji Forumları
- Donanım ve Bilgisayar
- Bilgisayar Güvenliği
- log a bakar misiniz pls!!