v1.99.1
Scan saved at 21:06:09, on 03.09.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\svchost.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\khooker.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\uljmxf\igdiejb.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Camfrog\Camfrog Video Chat 3.4\Camfrog Video Chat.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\mbn\Desktop\Yeni Klasor\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mynet.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neynet.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O3 - Toolbar: &Radio - - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [dymwoj] C:\WINDOWS\System32\ifaciud\dymwoj.exe
O4 - HKLM\..\Run: [edyq] C:\WINDOWS\System32\ufra\edyq.exe
O4 - HKLM\..\Run: [xbunawwg] C:\WINDOWS\System32\kffgsd\xbunawwg.exe
O4 - HKLM\..\Run: [igdiejb] C:\WINDOWS\System32\uljmxf\igdiejb.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat 3.4\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat 3.4\Camfrog Video Chat.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Microsoft Excel'e Go&nder - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - - C:\Program Files\Java\j2re1.4.1\bin\npjpi141.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - - C:\Program Files\Java\j2re1.4.1\bin\npjpi141.dll
O9 - Extra button: Related - - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - - C:\Program Files\Messenger\MSMSGS.EXE
O13 - WWW Prefix: http://www.neynet.com/n/?link=
O13 - Home Prefix: http://www.neynet.com/n/?link=
O16 - DPF: - http://start1.aaa1screensavers.com/30012.exe
O16 - DPF: (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: (AvaLaunch Control) - http://213.194.124.180:81/avaLaunch84.cab
O16 - DPF: (ParsMailSimpleVoice.pmVchat) - http://www.sinasoft.net/vchat/pmvoice4.CAB
???
__________________
Hijackthis.RAPORUM İŞTE ACİLL YARDIMLogfile of HijackThis
Bilgisayar Güvenliği0 Mesaj
●20 Görüntüleme
- ReadBull.net
- Teknoloji Forumları
- Donanım ve Bilgisayar
- Bilgisayar Güvenliği
- Hijackthis.RAPORUM İŞTE ACİLL YARDIMLogfile of HijackThis