|
|
|
|
||||||||
Güvenlik ve Güvenlik Açıkları Kategorisinde ve Bilgisayar Güvenliği ve Hijackthis Forumunda Bulunan Temizmi PC Acaba. Konusunu Görüntülemektesiniz => Logfile of Advanced SystemCare 3 Security Analyzer Scan saved at 20:46:33, on 11.11.2010 Platform: Windows XP (WinNT 5.1) MSIE: Internet ...
 |
|
|
Konu Araçları |
11-11-10, 20:52
|
#1 |
|
Temizmi PC Acaba.
Logfile of Advanced SystemCare 3 Security Analyzer Scan saved at 20:46:33, on 11.11.2010 Platform: Windows XP (WinNT 5.1) MSIE: Internet Explorer v8.0 (8.0.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.exe C:\AppServ\Apache2.2\bin\httpd.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\LogMeIn Hamachi\hamachi-2.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\AppServ\MySQL\bin\mysqld.exe C:\AppServ\Apache2.2\bin\httpd.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\regsvr.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ESET\ESET Smart Security\egui.exe C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EX E C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\windotnetsrv.exe C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe C:\WINDOWS\system32\regsvr.exe C:\WINDOWS\system32\SSVICHOSST.exe C:\Program Files\Symantec\Norton AntiBot\agent\bin\NABMonitor.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: (no name) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\s wg.dll O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" O4 - HKCU\..\Run: [Msn Messsenger] C:\WINDOWS\system32\regsvr.exe O4 - HKCU\..\Run: [Yahoo Messengger] C:\WINDOWS\system32\SSVICHOSST.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EX E O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [windll] C:\WINDOWS\system32\windotnetsrv.exe O4 - HKLM\..\Run: [NortonAntiBot] "C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe" O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950D F09FAB501E03.dll/cmsidewiki.html O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Apache2.2 - Apache Software Foundation - C:\AppServ\Apache2.2\bin\httpd.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: PnkBstrA - Unknown - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SymantecAntiBotAgent - Symantec - C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABAgent.exe O23 - Service: SymantecAntiBotWatcher - Symantec - C:\Program Files\Symantec\Norton AntiBot\agent\Bin\NABWatcher.exe Temizmi Lütfen PC Hacklendi Az Önce. |
|
|
|
11-11-10, 21:39
|
#2 |
|
|
C: Temizmi PC Acaba.
C:\WINDOWS\system32\SSVICHOSST.exe suölu bu TROJAN işte SVCHOST.EXE diye sistem dosyası war onun adına benzetmiş kendini ayrıca O4 - HKCU\..\Run: [Msn Messsenger] C:\WINDOWS\system32\regsvr.exe O4 - HKCU\..\Run: [Yahoo Messengger] C:\WINDOWS\system32\SSVICHOSST.exe FIXle bunları BEARSHARE ile indirdiklerini taratmadan açma antivirüs programını değiştir demekki yakalayamamış zararlıları |
|
|
|
|
12-11-10, 12:54
|
#3 |
|
|
C: Temizmi PC Acaba.
Saol.Birde Pc Açıldıgında Şöle Bir Hata Çıkıyor = "SSVICHOSST.exe" Windows Tarafından Bulunanmıyor.İsmi Doğru Yazıldıgından Emin Olup Yeniden Deneyin.Bir Dosya Açmak İçin Başlat Düğmesini Tıklatım Ara'yı Tıklatın.
|
|
|
|
|
12-11-10, 15:58
|
#4 |
|
|
C: Temizmi PC Acaba.
SSVICHOSST.exe dosyası TROJANdır
Bilgisayar Güvenliği ve Hijackthis - Forum TR BURAYA log yolla mutlaka orjinali olan SVCHOST.EXE system dosyasının taklitidir mutlaka o bölüme log yolla bakalım zararlı warmı sisteminde |
|
|
|
|
| Bu konunun kısa yolunu aşağıdaki sitelere ekleyebilirsiniz |
| Konu Araçları | |
|
|
|
5651 sayılı yasaya göre forumumuzdaki mesajlardan doğabilecek her türlü sorumluluk yazan kullanıcılara aittir. Şikayet Mailimiz. İçerik, Yer Sağlayıcı Bilgilerimiz. Reklam Mailimiz. Gizlilik Politikası |
