bendede 6 tane svchost.exe war. cpu dan hiç kullanmıyorlar ancak.. bunların arasındadamı virüs war yoksa..![]() |
| Paylaşım için çok SAĞOL. |
svchost.exe birden fazla olabilir virüs demek degildir şu an bende 7 adet eger bir sorun yoksa daha fazla ugraşmamanı tavsiye ederim..( ayrıca isme dikkatli bakmanı öneririm svchost.exe adına benzeyen [ svcchost.exe ] gibi olmamasına dikkat et cpu kullanımına ve ayrıca kullanıcı adı altında çalişıp çalişmadıgınıda kontrol etmelisin o zaman bir virüsten şüphelenebilirsin..
dostum aynı şeyler senin içinde geçerli eger belirgin bir problem yoksa sorun yok .. Svchost.exe nedir? Tanım; Windows XP'deki Svchost.exe'nin Açıklaması Bu makalede Svchost.exe ve işlevleri açıklanmaktadır. Svchost.exe, dinamik bağlantı kitaplıklarından (DLL'ler) çalışan hizmetlere ilişkin genel bir ana bilgisayar işlemi adıdır. MORE INFORMATION Svchost.exe dosyası %SystemRoot%\System32 klasöründe bulunur. Başlangıçta, Svchost.exe yüklemesi gereken hizmetlerin listesini oluşturmak için kayıt defterinin hizmetler bölümünü denetler. ---- Svchost.exe'nin birden çok örneği aynı anda çalışabilir ---- Her Svchost.exe oturumu bir hizmet grubu içerebilir, böylece Svchost.exe'nin nasıl ve nerede başlatıldığına bağlı olarak farklı hizmetler çalışabilir. Bu durum, daha iyi denetim ve daha kolay hata ayıklama olanağı sağlar. Svchost.exe grupları aşağıdaki kayıt defteri anahtarında tanımlanır: HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Svchost Bu anahtar altındaki her değer farklı bir Svchost grubunu temsil eder ve etkin işlemleri görüntülediğinizde farklı bir örnek olarak görüntülenir. Her değer bir REG_MULTI_SZ değeridir ve Svchost grubu altında çalışan hizmetleri içerir. Her Svchost grubu, Parametreler anahtarı bir ServiceDLL değeri içeren aşağıdaki kayıt defteri anahtarından ayıklanmış bir veya daha fazla hizmet adı içerebilir: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Hizmet Svchost'ta çalışan hizmetlerin listesini görüntülemek için: 1. Windows görev çubuğunda Başlat'ı tıklatın ve sonra Çalıştır'ı tıklatın. 2. Aç kutusuna, CMD yazın ve ENTER tuşuna basın. 3. Tasklist /SVC yazın ve ENTER tuşuna basın. Tasklist etkin işlemlerin listesini görüntüler. /SVC anahtarı her işlemdeki etkin hizmetlerin listesini görüntüler. Bir işlem hakkında daha fazla bilgi almak için, aşağıdaki komutu yazın ve ENTER tuşuna basın: Tasklist /FI "PID eq işlemkimliği" (tırnak işaretleriyle birlikte) [microsoft alıntıdır] http://support.microsoft.com/kb/314056/tr |
Yararlı topic olma yolunda ilerleyen bir başlık. |
http://forum.donanimhaber.com/m_9478084/tm.htm bu konudanda birebir loglarinizi gonderebilrisiniz. |
sisteminde keylogger var aynı bendeki gibi services.exe onu fixle |
sen konuyu kariştırdın dostum sanırım ama aşagıdakileri fixleyebilirsin ben sorun göremedim O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) edit// nerden dersen geçmiş mesajlarına bakınca farkettim |
|
seventyseven bilgilerin için sağol da ben bir şey demek istiyorum bu forumun amacı birbirimize yardımcı olmak değilmi eyer öyle ise bu yarış halinde veya atışma halinde konular nie oluyor herkez istediğini yapsın isteyen serjini topik inden isteyen seventyseven verdiği adresten yapar bence seventyseven verdiği link e bakıp birde serjinin topik ine yazarsak çook ii bir çalışma olmuş olur birisinden kaçmış olan diğerrinden kaçmaz iki kere taratmış oluruz çalışmalarınız için serji seventyseven teşşekkürler. |
| Kendi işimizi kendimizin görebilmesi en kolay yol bence. Bu başlıkta bunu sağlamış sanırım. Sağolun.. |
He Heh Hiç bir sorun bulunamadı aslında sorunum var ama neyse saol yinede |
|
daha önce serjiye fixletmiştim. dün format attıgım için temiz çıktı ama bi hafta sonra kendim fixleyebilirim artık. teşekkürler |
ben teşekkür ederim arkadaşlar |
anladıgım kadarıyla koydugunuz resimdeki linki arıyorsunuz ? o resmin linki aşagıdadır hızlı geçtiginiz için belki farketmediniz konuda 2 ayrı analiz sitesi verdim birincisi zaten senin verdigin resmini koydugunuz ikinci sitedir inşallah yanlış anlamamışımdır http://hjt.networktechs.com/ |
tamma hocam.çıktı.teşekkür ederim.yalnız burda acronisi neden hatalı österir .anlyamadım Bad - Remove almost always OK Most of the time - don't need to touch Probably not needed - Safe to remove Generally harmless - third party applications Bad if you don't know what it is Unknown Item - Investigate further -------------------------------------------------------------------------------- You can reference this log by going to:http://hjt.networktechs.com/parse.php?log=336372 -------------------------------------------------------------------------------- Logfile of HijackThis v1.99.1Up To Date Version of HijackThis You are using the latest version of HijackThis. Checkwww.merijn.org frequently for updates. Scan saved at 23:54:48, on 24.05.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exeSmss.exe What is it? Session Manager SubSystem - smss.exe What does it do? smss.exe - This is the session manager subsystem, which is responsible for starting the user session. This process is initiated by the system thread and is responsible for various activities, including launching the Winlogon and Win32 (Csrss.exe) processes and setting system variables. After it has launched these processes, it waits for either Winlogon or Csrss to end. If this happens "normally," the system shuts down; if it happens unexpectedly, Smss.exe causes the system to stop responding (hang). Additional Reading: Smss.exe does not resolve forward references in environment You will not be able to end this through task manager! More info -------------------------------------------------------------------------------- Virus Precaution: The smss.exe which is from Microsoft is located at c:windowsSystem32smss.exe . We've been able to find several viruses that run as smss to trick you. Adware.Advision - Symantec Corporation Adware.DreamAd - Symantec Corporation Backdoor.IRC.Aladinz.O - Symantec Corporation Backdoor.IRC.Flood.F - Symantec Corporation W32.Dalbug.Worm - Symantec Corporation W32.Resdoc - Symantec Corporation C:\WINDOWS\system32\winlogon.exeWinlogon.exe What is it? Windows Logon Process - Winlogon.exe What does it do? Direct Quote from here: This is the process responsible for managing user logon and logoff. Moreover, Winlogon is active only when the user presses CTRL+ALT+DEL, at which point it shows the security dialog box. Search MS for more info: Link Virus Precaution: The original Winlogon.exe from Microsoft gets placed in the C:WINDOWSSystem32 directory. if you find it anywhere else then you should be suspicious for sure. You'll want to keep an eye on this google search for any known viruses. We've been able to find only 1 report of a virus so far. Troj/Madr-B @ Sophos Netsky.D @ Trend Micro C:\WINDOWS\system32\services.exeservices.exe services.exe is a part of Windows that manages the processes. Anytime a service starts or stops it is through services.exe. During system startup and shutdown is when this process sees most of its action. You should never end this process unless it is running outside of your windows system folder. C:\WINDOWS\system32\lsass.exelsass.exe What is it? Local Security Authentication Server - lsass.exe What does it do? lsass.exe - It generates the process responsible for authenticating users for the Winlogon service. This process is performed by using authentication packages such as the default Msgina.dll. If authentication is successful, Lsass generates the user's access token, which is used to launch the initial shell. Other processes that the user initiates inherit this token. You will not be able to end this through task manager! From MS -------------------------------------------------------------------------------- The lsass.exe which is from Microsoft is located at c:windowsSystem32lsass.exe . there's a few viruses that have been found to run as lsass.exe to hide from you. C:\WINDOWS\system32\svchost.exeSvchost.exe What is it? Service Host Process - svchost.exe What does it do? Here's a direct quote from MS about this: (source) Svchost.exe is a generic host process name for services that are run from dynamic-link libraries (DLLs). The Svchost.exe file is located in the %SystemRoot%System32 folder. At startup, Svchost.exe checks the services portion of the registry to construct a list of services that it needs to load. There can be multiple instances of Svchost.exe running at the same time. Each Svchost.exe session can contain a grouping of services, so that separate services can be run depending on how and where Svchost.exe is started. This allows for better control and debugging. Svchost.exe groups are identified in the following registry key: HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionSvchost Each value under this key represents a separate Svchost group and is displayed as a separate instance when you are viewing active processes. Each value is a REG_MULTI_SZ value and contains the services that run under that Svchost group. Each Svchost group can contain one or more service_names extracted from the following registry key, whose Parameters key contains a ServiceDLL value: HKEY_LOCAL_MACHINESystemCurrentControlSetServicesService If you're running Windows XP Home edition then you'll have to download this file HERE and put it in your windows/system32 directory. If you're running XP Pro then you won't need that file since you already have it. 1.) Start --> Run --> cmd 2.) Tasklist /svc >C:ianaginfo.txt Here's an example of what I got when I issued this command if you'd like to take a look at an example. A Description of Svchost.exe in Windows XP: http://support.microsoft.com/?kbid=314056 More Info More Info Virus Precaution: The original file from Microsoft gets placed in the Located in C:WINDOWSSystem32 directory. If you find it anywhere else then you should be suspicious for sure. You'll want to keep an eye on this google search for any known viruses. C:\WINDOWS\System32\svchost.exeSvchost.exe What is it? Service Host Process - svchost.exe What does it do? Here's a direct quote from MS about this: (source) Svchost.exe is a generic host process name for services that are run from dynamic-link libraries (DLLs). The Svchost.exe file is located in the %SystemRoot%System32 folder. At startup, Svchost.exe checks the services portion of the registry to construct a list of services that it needs to load. There can be multiple instances of Svchost.exe running at the same time. Each Svchost.exe session can contain a grouping of services, so that separate services can be run depending on how and where Svchost.exe is started. This allows for better control and debugging. Svchost.exe groups are identified in the following registry key: HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionSvchost Each value under this key represents a separate Svchost group and is displayed as a separate instance when you are viewing active processes. Each value is a REG_MULTI_SZ value and contains the services that run under that Svchost group. Each Svchost group can contain one or more service_names extracted from the following registry key, whose Parameters key contains a ServiceDLL value: HKEY_LOCAL_MACHINESystemCurrentControlSetServicesService If you're running Windows XP Home edition then you'll have to download this file HERE and put it in your windows/system32 directory. If you're running XP Pro then you won't need that file since you already have it. 1.) Start --> Run --> cmd 2.) Tasklist /svc >C:ianaginfo.txt Here's an example of what I got when I issued this command if you'd like to take a look at an example. A Description of Svchost.exe in Windows XP: http://support.microsoft.com/?kbid=314056 More Info More Info Virus Precaution: The original file from Microsoft gets placed in the Located in C:WINDOWSSystem32 directory. If you find it anywhere else then you should be suspicious for sure. You'll want to keep an eye on this google search for any known viruses. C:\WINDOWS\Explorer.EXEexplorer.exe What is it? Windows Explorer - explorer.exe What does it do? explorer.exe - Below is a direct quote from Microsoft found on THIS page: This is the user shell, which we see as the familiar taskbar, desktop, and so on. This process isn't as vital to the running of Windows as you might expect, and can be stopped (and restarted) from Task Manager, usually with no negative side effects on the system. I have found that stopping this process is needed sometimes to stop some other processes. More Info More Info Virus Precaution: The original file from Microsoft gets placed at C:WINDOWSSystem32explorer.exe . if you find it anywhere else then you should be suspicious for sure. You'll want to keep an eye on this google search for any known viruses. There's only one unique virus found through this search. All of the results are the various names of this single virus. Deloder-A @ Sophos MyDoom.B @ Symantec C:\WINDOWS\system32\spoolsv.exeSpoolsv.exe What is it? SPOOLer SerVice - spoolsv.exe What does it do? spoolsv.exe - The spooler service is responsible for managing spooled print/fax jobs You will be able to end this through task manager! More info -------------------------------------------------------------------------------- Virus Precaution: The spoolsv.exe which is from Microsoft is located at c:windowsSystem32spoolsv.exe . We've been able to find several viruses that run as spoolsv to trick you. Backdoor.Ciadoor.B - Symantec Corporation Hacktool.Privshell - Symantec Corporation VBS.Masscal.Worm (vbs) - Symantec Corporation Graybird-A @ Sophos C:\Program Files\AntiVir PersonalEdition Premium\avguard.exeAVGUARD.EXE What is it? AVGUARD.EXE?Part of antivirus scanning software. Also noted to be part of a netsky infection. What does it do? AVG?runs on your?pc?to protect your bits from nasty bytes?that spread?viruses. More info: Found here in our Startup DB. If?you're worried about a virus on your?system?scan it?with an antivirus program?such as: AVG?antivirus Bit Defender Trend micro?housecall[/url C:\Program Files\AntiVir PersonalEdition Premium\avgnt.exeAVGNT.EXE What is it? AVGNT.EXE is associated with the AVG antivirus application. What does it do? Helps protect your computer bits from nasty bytes that might spread viruses. More info: Read more about AVG antivirus at [url=http://www.grisoft.com/doc/1]grisoft.com C:\WINDOWS\system32\ctfmon.exectfmon.exe What is it? Language bar AKA Alternative User Input Services - ctfmon.exe What does it do? ctfmon.exe - it's an ever annoying helper tool that comes rather unexpectedly at times and liked by nearly nobody. Ctfmon.exe monitors the active windows and provides text input service support for speech recognition, handwriting recognition, keyboard, translation, and other alternative user input technologies. Loads of information can be found on microsoft's site here. Unless you're using anything in that list above you'll want to stop this file from loading! How do I get rid of it? There's been a number of threads in our forum as well as others about this. A typical thread can be found here. control panel --> regional and language options --> languages tab --> details button --> language bar button Virus Precaution: Just like so many of the other files I've written about so far, ctfmon.exe is located in the c:windowsSystem32ctfmon.exe. At the time of this writing there isn't any spyware, viruses or anything like that masking itself as this file. If you find any info on one then please let me know! C:\Program Files\MSN Messenger\msnmsgr.exemsnmsgr.exe msnmsgr.exe is the main system process for Windows Messenger AKA Microsoft Messenger. You can get more information on this file here. Quote: Instant message in real time, get face-to-face with webcam, send messages to your friends' cell phones, or get the latest news with MSN Alerts. It's easy to explore all the ways to stay in touch! C:\Program Files\AntiVir PersonalEdition Premium\sched.exeSCHED.EXE SCHED.EXE is the scheduler process for F-Prot anitvirus. If you use manual scans you really don't need this. C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exeAVESVC.EXE We Don't know! Please post a comment with information about this file C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeCFSvcs.exe CFSvcs.exe - This is a process installed with Toshiba Notebooks it provides configuration options for these devices, this is non essential only terminate if causing problems. C:\WINDOWS\system32\svchost.exeSvchost.exe What is it? Service Host Process - svchost.exe What does it do? Here's a direct quote from MS about this: (source) Svchost.exe is a generic host process name for services that are run from dynamic-link libraries (DLLs). The Svchost.exe file is located in the %SystemRoot%System32 folder. At startup, Svchost.exe checks the services portion of the registry to construct a list of services that it needs to load. There can be multiple instances of Svchost.exe running at the same time. Each Svchost.exe session can contain a grouping of services, so that separate services can be run depending on how and where Svchost.exe is started. This allows for better control and debugging. Svchost.exe groups are identified in the following registry key: HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionSvchost Each value under this key represents a separate Svchost group and is displayed as a separate instance when you are viewing active processes. Each value is a REG_MULTI_SZ value and contains the services that run under that Svchost group. Each Svchost group can contain one or more service_names extracted from the following registry key, whose Parameters key contains a ServiceDLL value: HKEY_LOCAL_MACHINESystemCurrentControlSetServicesService If you're running Windows XP Home edition then you'll have to download this file HERE and put it in your windows/system32 directory. If you're running XP Pro then you won't need that file since you already have it. 1.) Start --> Run --> cmd 2.) Tasklist /svc >C:ianaginfo.txt Here's an example of what I got when I issued this command if you'd like to take a look at an example. A Description of Svchost.exe in Windows XP: http://support.microsoft.com/?kbid=314056 More Info More Info Virus Precaution: The original file from Microsoft gets placed in the Located in C:WINDOWSSystem32 directory. If you find it anywhere else then you should be suspicious for sure. You'll want to keep an eye on this google search for any known viruses. C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exeAVMAILC.EXE We Don't know! Please post a comment with information about this file C:\WINDOWS\system32\wuauclt.exewuauclt.exe What is it? Windows Update Automatic Client - wuauclt.exe What does it do? wuauclt.exe - This is used by the automatic update tool in Windows ME to check the Windows Update site every so often to see if any updates need to be installed. More Info More Info Virus Precaution: The original wuauclt.exe from Microsoft gets placed in the Located at C:WINDOWSSystem32wuauclt.exe . If you find it anywhere else then you should be suspicious for sure. You'll want to keep an eye on this google search for any known viruses. . Backdoor.Clt @ Symantec Corporation Troj/Cult-B @ Sophos C:\WINDOWS\system32\svchost.exeSvchost.exe What is it? Service Host Process - svchost.exe What does it do? Here's a direct quote from MS about this: (source) Svchost.exe is a generic host process name for services that are run from dynamic-link libraries (DLLs). The Svchost.exe file is located in the %SystemRoot%System32 folder. At startup, Svchost.exe checks the services portion of the registry to construct a list of services that it needs to load. There can be multiple instances of Svchost.exe running at the same time. Each Svchost.exe session can contain a grouping of services, so that separate services can be run depending on how and where Svchost.exe is started. This allows for better control and debugging. Svchost.exe groups are identified in the following registry key: HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionSvchost Each value under this key represents a separate Svchost group and is displayed as a separate instance when you are viewing active processes. Each value is a REG_MULTI_SZ value and contains the services that run under that Svchost group. Each Svchost group can contain one or more service_names extracted from the following registry key, whose Parameters key contains a ServiceDLL value: HKEY_LOCAL_MACHINESystemCurrentControlSetServicesService If you're running Windows XP Home edition then you'll have to download this file HERE and put it in your windows/system32 directory. If you're running XP Pro then you won't need that file since you already have it. 1.) Start --> Run --> cmd 2.) Tasklist /svc >C:ianaginfo.txt Here's an example of what I got when I issued this command if you'd like to take a look at an example. A Description of Svchost.exe in Windows XP: http://support.microsoft.com/?kbid=314056 More Info More Info Virus Precaution: The original file from Microsoft gets placed in the Located in C:WINDOWSSystem32 directory. If you find it anywhere else then you should be suspicious for sure. You'll want to keep an eye on this google search for any known viruses. C:\Program Files\Internet Explorer\IEXPLORE.EXEiexplore.exe What is it? Internet Explorer - iexplore.exe What does iexplore.exe do? This is the main executable to the browser brought to you by Microsoft. If you're using this then please look into Firefox. This browser is a security hazard Microsoft's information page. Virus Precautions: You'll want to keep an eye on this google search for any known viruses. The normal location of iexplore.exe is C:Program FilesInternet Exploreriexplore.exe There's a LOT of bugs you need to worry about if the exe is running in any location other than that one. search Trend Micro. C:\PROGRA~1\FREEDO~1\fdm.exefdm.exe fdm.exe - This is the main process for the free Download manager software, this is a manager application and download accelerator. C:\Program Files\AntiVir PersonalEdition Premium\avcenter.exeavcenter.exe We Don't know! Please post a comment with information about this file C:\Program Files\Hijackthis\HijackThis.exeHijackThis.exe This is our favorite application for fighting against malware and other trashy application that bog systems down. Our guide to using this software can be found here. We have also taken the time to write a system to process the log files created from this application here. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = BağlantılarInternet Start Page This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don't know here clean this line! O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Premium\avgnt.exe" /minAVGnt "AntiVir® PersonalEdition Classic - System Tray icon and control program" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeCtfmon.exe "CoolWebSearch Ctfmon32 parasite variant" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /backgroundmsnmsgr "MSN Messenger utility. If you don't use MSN Messenger O10 - Broken Internet access because of LSP provider 'avsda.dll' missingWinsock Hijacker Every time I've seen this its been a bad thing O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLLExtra Protocols There's a few known hijackers that use this but I haven't found anything good come out of these O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLLExtra Protocols There's a few known hijackers that use this but I haven't found anything good come out of these O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dllAppInit_DLLs Registry value autorun Very few known *good* purposes of this. Norton Cleansweep being the headliner of good items Loads a .dll into memory when a user logs in. Frequently used by VERY bad hijackers. O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (file missing)File Missing When a file is missing, you should always have HijackThis fix the item. O23 - Service: AntiVir PersonalEdition Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exeUnknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. O23 - Service: AntiVir PersonalEdition Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\sched.exeUnknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. O23 - Service: AntiVir PersonalEdition Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avguard.exeUnknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. O23 - Service: AntiVir PersonalEdition Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exeUnknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeConfigFree Service Toshiba related |
|
yukardaki konuda anlatımı mevcut 2. adres olarak daha dikkat çekici bir hale getirdim yine aynı yöntemle bu sitedende log analiz alabilirsiniz Verilen rapor 6 renk grubuna ayrılıyor [[[ Bizi ilgilendiren kırmızı renk satırlar ]]] 1.Yeşil renk - dokunulmaması gereken 2.Mavi renk - zararsız uygulamalar 3 parti yazılımlar 3.Siyah renk- araştırılması gerekli olan kesin silinip silinmeyecegi karar verilemeyen 4.Kırmızı renk- kesinlikle silinmesi gerekenler 5.Pembe renk- sistem için gerekli olmayan ama güvenlik açısından silinmesi yararlı olabilecekler 6.Mor renk - ne oldugu hakkında bir fikriniz yoksa zararlı olduğu düşünülen silinmesi gerekenler edit // yukarda verdigin log dogru ise o log da herhangi bir sorun görünmüyor arkadaşım analiz içinse 1. link i tavsiye edecegim zaten sorun olmadıgında pek kurcalamaya grek yok [ikinci link de bazı güvenli dosyaları kırmızı olarak gösteriyor aslında dosya bilgisinden güvenligi hakkında bilgi alabiliriz ama konuya vakıf degilsek sorun olabilecegi şüphesi ile fix lenebilir ve sorun yaratabiliriz ] programı tkrr çaliştırıp aldıgın log dosyasını tkrr buraya koyabilirsen yardımcı olmak isterim |
sayın hocam.verdiğniz linklerdeki hatalar farklı farklı gösterir.bu linkin hangisi daha güvenli.kusura bakmayın.linkin birinde olan hata o birnde göstermiyor.bir akıl vermenizi rica eerim http://hjt.networktechs.com/ :::::: http://www.hijackthis.de/#anl :::::: |
sevgili alia arkadaşım hata falan yok kafakarıştırma !!! sadece 2. link kasper i virüs olarak gösteriyor bunuda zaten 25 kere falan yazdım artık biraz dikkatli oku !! sen neden bahsettigini bilmiyorsun ayrıca sorun yokken [ ki şuan sendeki gibi ] sürekli ugraşmak sana fayda degil zarar verecek şuan ki durumdan belli sana aldıgın log u buraya iliştir ben senin yerine inceleyim dedim ama sen hiç oralı degilsin .. ayrıca bu program sürekli kullanılacak birşeyde degildir sorun oldugunda kullanmanı tavsiye ederim ! şimdi eger pc de sorun varsa log u buraya at yoksada birdaha bu programla ugraşma |
çok teşekür ederim. |
Sisteminizi NOD32 ya kaspersky ile taratmayı deneyiniz.
nod32
http://www.nod32.com.tr/download/bireysel.asp
Bu mesaja 1 cevap geldi. Cevapları Gizle