Yeni Kayıt
Konudaki Resimler
önceki
|
Hızlı 
Bildirim
HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+ (264. sayfa)
Sıcak Fırsatlarda Tıklananlar
Editörün Seçtiği Fırsatlar
JR Gear Bomber Mini Su Geçirmez Çanta : Amazon.com.tr: Elektronik
https://www.amazon.com.tr/dp/B01G6ZPCMI
7 sa. önce paylaşıldı
Daha Fazla 
Bu Konudaki Kullanıcılar:
Daha Az 
2 Misafir - 2 Masaüstü
Giriş
Mesaj
-
-
Sistem performansın artar -
quote:
Orjinalden alıntı: Panturk
Combofix adli programi indirin.
http://www.guvenlikuzmanim.com/dosyalar/ComboFix.exe
1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
4. ComboFix çalışmaya başladıktan sonra sizden 1 ya da 2 tuşuna basmanız istenecektir. Devam etmek için 1 tuşuna basın.
5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
6. Bu işlemler sırasında internet bağlantınız kesilecektir. Bu normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
7. Biraz sabırlı olmanız gerekebilir çünkü tam 41 aşama söz konusudur.
8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.
quote:
Orjinalden alıntı: Reasonable
Sağolasın çok teşekkür ederim.
Peki bu yaptıklarım bana ne gibi bir fayda sağlar?
Rica ederim. Genel bir sistem performansinda artis olur
-
serji bak bakalım doğru yapıyormuyum
Bu logum
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:29:55, on 11.10.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
D:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Google\Update\GoogleUpdate.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\RTHDCPL.EXE
D:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
D:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
D:\Program Files\DAP\DAP.EXE
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
D:\Documents and Settings\Ali.ALI-1354113D545\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Giganology\Gigaget\Gigaget.exe
D:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Hamachi\hamachi.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\Ali.ALI-1354113D545\Desktop\HiJackThis.exe
O1 - Hosts: Youtube Dünya Capinda IP leri toplam 2859 adet ....
O1 - Hosts: 208.65.153.251 uk.youtube.com
O1 - Hosts: 208.65.153.253 de.youtube.com
O1 - Hosts: 208.117.236.70 youtube.com
O1 - Hosts: 208.117.236.70 www.youtube.com
O1 - Hosts: 74.125.65.118 img.youtube.com
O1 - Hosts: 64.15.124.143 sjc-v1.sjc.youtube.com
O1 - Hosts: 64.15.124.144 sjc-v2.sjc.youtube.com
O1 - Hosts: 64.15.124.145 sjc-v3.sjc.youtube.com
O1 - Hosts: 64.15.124.146 sjc-v4.sjc.youtube.com
O1 - Hosts: 64.15.124.147 sjc-v5.sjc.youtube.com
O1 - Hosts: 64.15.124.148 sjc-v6.sjc.youtube.com
O1 - Hosts: 64.15.124.149 sjc-v7.sjc.youtube.com
O1 - Hosts: 64.15.124.150 sjc-v8.sjc.youtube.com
O1 - Hosts: 64.15.124.151 sjc-v9.sjc.youtube.com
O1 - Hosts: 64.15.124.152 sjc-v10.sjc.youtube.com
O1 - Hosts: 64.15.124.153 sjc-v11.sjc.youtube.com
O1 - Hosts: 64.15.124.154 sjc-v12.sjc.youtube.com
O1 - Hosts: 64.15.124.155 sjc-v13.sjc.youtube.com
O1 - Hosts: 64.15.124.156 sjc-v14.sjc.youtube.com
O1 - Hosts: 64.15.124.157 sjc-v15.sjc.youtube.com
O1 - Hosts: 64.15.124.158 sjc-v16.sjc.youtube.com
O1 - Hosts: 64.15.124.159 sjc-v17.sjc.youtube.com
O1 - Hosts: 64.15.124.160 sjc-v18.sjc.youtube.com
O1 - Hosts: 64.15.124.161 sjc-v19.sjc.youtube.com
O1 - Hosts: 64.15.124.162 sjc-v20.sjc.youtube.com
O1 - Hosts: 64.15.124.163 sjc-v21.sjc.youtube.com
O1 - Hosts: 64.15.124.164 sjc-v22.sjc.youtube.com
O1 - Hosts: 64.15.124.165 sjc-v23.sjc.youtube.com
O1 - Hosts: 64.15.124.166 sjc-v24.sjc.youtube.com
O1 - Hosts: 64.15.124.167 sjc-v25.sjc.youtube.com
O1 - Hosts: 64.15.124.168 sjc-v26.sjc.youtube.com
O1 - Hosts: 64.15.124.169 sjc-v27.sjc.youtube.com
O1 - Hosts: 64.15.124.170 sjc-v28.sjc.youtube.com
O1 - Hosts: 64.15.124.171 sjc-v29.sjc.youtube.com
O1 - Hosts: 64.15.124.172 sjc-v30.sjc.youtube.com
O1 - Hosts: 64.15.124.173 sjc-v31.sjc.youtube.com
O1 - Hosts: 64.15.124.174 sjc-v32.sjc.youtube.com
O1 - Hosts: 64.15.124.175 sjc-v33.sjc.youtube.com
O1 - Hosts: 64.15.124.176 sjc-v34.sjc.youtube.com
O1 - Hosts: 64.15.124.177 sjc-v35.sjc.youtube.com
O1 - Hosts: 64.15.124.178 sjc-v36.sjc.youtube.com
O1 - Hosts: 64.15.124.179 sjc-v37.sjc.youtube.com
O1 - Hosts: 64.15.124.180 sjc-v38.sjc.youtube.com
O1 - Hosts: 64.15.124.207 sjc-v39.sjc.youtube.com
O1 - Hosts: 64.15.124.208 sjc-v40.sjc.youtube.com
O1 - Hosts: 64.15.124.209 sjc-v41.sjc.youtube.com
O1 - Hosts: 64.15.124.210 sjc-v42.sjc.youtube.com
O1 - Hosts: 64.15.124.211 sjc-v43.sjc.youtube.com
O1 - Hosts: 64.15.124.212 sjc-v44.sjc.youtube.com
O1 - Hosts: 64.15.124.213 sjc-v45.sjc.youtube.com
O1 - Hosts: 64.15.124.214 sjc-v46.sjc.youtube.com
O1 - Hosts: 64.15.124.215 sjc-v47.sjc.youtube.com
O1 - Hosts: 64.15.124.216 sjc-v48.sjc.youtube.com
O1 - Hosts: 64.15.124.217 sjc-v49.sjc.youtube.com
O1 - Hosts: 64.15.124.218 sjc-v50.sjc.youtube.com
O1 - Hosts: 64.15.124.219 sjc-v51.sjc.youtube.com
O1 - Hosts: 64.15.124.220 sjc-v52.sjc.youtube.com
O1 - Hosts: 64.15.124.221 sjc-v53.sjc.youtube.com
O1 - Hosts: 64.15.124.222 sjc-v54.sjc.youtube.com
O1 - Hosts: 64.15.124.223 sjc-v55.sjc.youtube.com
O1 - Hosts: 64.15.124.224 sjc-v56.sjc.youtube.com
O1 - Hosts: 64.15.124.225 sjc-v57.sjc.youtube.com
O1 - Hosts: 64.15.124.226 sjc-v58.sjc.youtube.com
O1 - Hosts: 64.15.124.227 sjc-v59.sjc.youtube.com
O1 - Hosts: 64.15.124.228 sjc-v60.sjc.youtube.com
O1 - Hosts: 64.15.124.229 sjc-v61.sjc.youtube.com
O1 - Hosts: 64.15.124.230 sjc-v62.sjc.youtube.com
O1 - Hosts: 64.15.124.231 sjc-v63.sjc.youtube.com
O1 - Hosts: 64.15.124.232 sjc-v64.sjc.youtube.com
O1 - Hosts: 64.15.124.233 sjc-v65.sjc.youtube.com
O1 - Hosts: 64.15.124.234 sjc-v66.sjc.youtube.com
O1 - Hosts: 64.15.124.235 sjc-v67.sjc.youtube.com
O1 - Hosts: 64.15.124.236 sjc-v68.sjc.youtube.com
O1 - Hosts: 64.15.124.237 sjc-v69.sjc.youtube.com
O1 - Hosts: 64.15.124.238 sjc-v70.sjc.youtube.com
O1 - Hosts: 64.15.124.239 sjc-v71.sjc.youtube.com
O1 - Hosts: 64.15.124.240 sjc-v72.sjc.youtube.com
O1 - Hosts: 64.15.124.241 sjc-v73.sjc.youtube.com
O1 - Hosts: 64.15.124.242 sjc-v74.sjc.youtube.com
O1 - Hosts: 64.15.124.243 sjc-v75.sjc.youtube.com
O1 - Hosts: 64.15.124.244 sjc-v76.sjc.youtube.com
O1 - Hosts: 64.15.125.16 sjc-v77.sjc.youtube.com
O1 - Hosts: 64.15.125.17 sjc-v78.sjc.youtube.com
O1 - Hosts: 64.15.125.18 sjc-v79.sjc.youtube.com
O1 - Hosts: 64.15.125.19 sjc-v80.sjc.youtube.com
O1 - Hosts: 64.15.125.20 sjc-v81.sjc.youtube.com
O1 - Hosts: 64.15.125.21 sjc-v82.sjc.youtube.com
O1 - Hosts: 64.15.125.22 sjc-v83.sjc.youtube.com
O1 - Hosts: 64.15.125.23 sjc-v84.sjc.youtube.com
O1 - Hosts: 64.15.125.24 sjc-v85.sjc.youtube.com
O1 - Hosts: 64.15.125.25 sjc-v86.sjc.youtube.com
O1 - Hosts: 64.15.125.26 sjc-v87.sjc.youtube.com
O1 - Hosts: 64.15.125.27 sjc-v88.sjc.youtube.com
O1 - Hosts: 64.15.125.28 sjc-v89.sjc.youtube.com
O1 - Hosts: 64.15.125.29 sjc-v90.sjc.youtube.com
O1 - Hosts: 64.15.125.30 sjc-v91.sjc.youtube.com
O1 - Hosts: 64.15.125.31 sjc-v92.sjc.youtube.com
O1 - Hosts: 64.15.125.32 sjc-v93.sjc.youtube.com
O1 - Hosts: 64.15.125.33 sjc-v94.sjc.youtube.com
O1 - Hosts: 64.15.125.34 sjc-v95.sjc.youtube.com
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - D:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - D:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "D:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "D:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "D:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SpeedBitVideoAccelerator] "D:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Gigaget] "C:\Program Files\Giganology\Gigaget\GigagetShell.exe" /s
O4 - HKLM\..\Run: [msgdiscoveryx] "C:\Program Files\MessengerDiscovery\msgdiscoveryx.exe"
O4 - HKLM\..\Run: [Samsung Common SM] "D:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKCU\..\Run: [StartCCC] D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DownloadAccelerator] "D:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Ali.ALI-1354113D545\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Clean Traces - D:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download All by Gigaget - C:\Program Files\Giganology\Gigaget\getallurl.htm
O8 - Extra context menu item: &Download by Gigaget - C:\Program Files\Giganology\Gigaget\geturl.htm
O8 - Extra context menu item: &Download with &DAP - D:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - D:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (file missing)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3356470F-1EF0-4386-9CB1-96BFDC43047C}: NameServer = 208.67.222.222
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Update Service (gupdate1c8e44be7896822) (gupdate1c8e44be7896822) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - D:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - D:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Symantec Core LC - Unknown owner - D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - D:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe
--
End of file - 12715 bytes
Bu da fixlemem gerekenler
O1 lerin hepsi
O8 - Extra context menu item: &Clean Traces - D:\ Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download All by Gi gaget - C:\Program Files\Giganology\Gigaget\getal lurl.htm
O8 - Extra context menu item: &Download by Gigage t - C:\Program Files\Giganology\Gigaget\geturl.htm
O8 - Extra context menu item: &Download with &DAP - D:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - D:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11C F-AAA5-00401C608501} - D:\Program Files\Java\jre1 .6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - { 08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Progra m Files\Java\jre1.6.0_07 \bin\ssv.dll
Doğru olmuş mu?
-
quote:
Orjinalden alıntı: Danilo Thann
serji bak bakalım doğru yapıyormuyum
Bu logum
Bu da fixlemem gerekenler
Doğru olmuş mu?
O1'ler yalnizca IP adresleri yanlis oldugunda fixlenmeli. Onlari fixlememelisin.
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - D:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O8'ler de kullanilan bir program degilse fixlenmeli.
-
Slm Serji :)
Acil Fix'e ihtiyacım var yardımcı olursan sevinirim
Şimdiden teşekkürler
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:47:24, on 11.10.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
F:\Program Files\Bonjour\mDNSResponder.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
F:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
F:\WINDOWS\RTHDCPL.EXE
F:\WINDOWS\VM_STI.EXE
F:\Program Files\iTunes\iTunesHelper.exe
F:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Internet Download Manager\IDMan.exe
F:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
F:\Program Files\Messenger\msmsgs.exe
F:\Program Files\ManyCam 2.3\ManyCam.exe
F:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
F:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
F:\Program Files\Internet Download Manager\IEMonitor.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Documents and Settings\Death Oath¹\Belgelerim\Downloads\Programs\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://tr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - F:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Bağı Yardımı - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Killak - {1F88A6F5-908C-4C28-9A81-829953C5F5C5} - F:\WINDOWS\system32\LSYSTI~1.DLL
O2 - BHO: MSIEPlugin - {4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF} - F:\Documents and Settings\All Users\Application Data\uPlayMe\plugins\MSIE.dll (file missing)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - F:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Mirar - {FA2735FF-DF21-4853-9000-2DC4B83556A0} - F:\WINDOWS\system32\winii75.dll
O3 - Toolbar: Mirar - {FA2735FE-DF21-4853-9000-2DC4B83556A0} - F:\WINDOWS\system32\winii75.dll
O4 - HKLM\..\Run: [ATIPTA] F:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "F:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [JMB36X IDE Setup] F:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] F:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [nTrayFw] F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [BigDogPath] F:\WINDOWS\VM_STI.EXE A4 Tech USB PC Camera
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "F:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] F:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MsnMsgr] "F:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Camfrog] "F:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" 1 F:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ManyCam] "F:\Program Files\ManyCam 2.3\ManyCam.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = F:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = F:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O8 - Extra context menu item: Add to Banner Ad Blocker - F:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Bütün linkleri IDM ile indir - F:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: FLV video içeriğini IDM ile indir - F:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: IDM ile indir - F:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - F:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - F:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: F:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,F:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,F:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,F:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Adobe LM Service - Adobe Systems - F:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - F:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - F:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - F:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: iPod Service - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
--
End of file - 8898 bytes
-
Teşekkürler yavaş yavaş öğrenicem artık -
quote:
Orjinalden alıntı: Yuni
Slm Serji :)
Acil Fix'e ihtiyacım var yardımcı olursan sevinirim
Şimdiden teşekkürler
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://tr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Bağı Yardımı - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Killak - {1F88A6F5-908C-4C28-9A81-829953C5F5C5} - F:\WINDOWS\system32\LSYSTI~1.DLL
O2 - BHO: MSIEPlugin - {4B0FAF5A-67C4-4625-AE07-B0DBADA16EBF} - F:\Documents and Settings\All Users\Application Data\uPlayMe\plugins\MSIE.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Mirar - {FA2735FF-DF21-4853-9000-2DC4B83556A0} - F:\WINDOWS\system32\winii75.dll
O3 - Toolbar: Mirar - {FA2735FE-DF21-4853-9000-2DC4B83556A0} - F:\WINDOWS\system32\winii75.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BigDogPath] F:\WINDOWS\VM_STI.EXE A4 Tech USB PC Camera
O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Camfrog] "F:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" 1 F:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ManyCam] "F:\Program Files\ManyCam 2.3\ManyCam.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
Fixten sonra yeniden baslatip bir log daha gonder cnku sistemde Trojan var
-
quote:
Orjinalden alıntı: serji
Fixten sonra yeniden baslatip bir log daha gonder cnku sistemde Trojan var
Teşekkürler, buda yeni log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:11:20, on 11.10.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Bonjour\mDNSResponder.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
F:\WINDOWS\RTHDCPL.EXE
F:\Program Files\iTunes\iTunesHelper.exe
F:\Program Files\Internet Download Manager\IDMan.exe
F:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
F:\Program Files\Internet Download Manager\IEMonitor.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Documents and Settings\Death Oath¹\Belgelerim\Downloads\Programs\HiJackThis.exe
F:\Program Files\Windows Live\Messenger\usnsvc.exe
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - F:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - F:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O4 - HKLM\..\Run: [ATIPTA] F:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "F:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [JMB36X IDE Setup] F:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] F:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [nTrayFw] F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "F:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [IDMan] F:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MsnMsgr] "F:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Camfrog] "F:\Program Files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" 1 F:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [ATICCC] "F:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = F:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = F:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O8 - Extra context menu item: Bütün linkleri IDM ile indir - F:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: FLV video içeriğini IDM ile indir - F:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: IDM ile indir - F:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - F:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - F:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: F:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,F:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,F:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,F:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Adobe LM Service - Adobe Systems - F:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - F:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - F:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - F:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: iPod Service - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - F:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
--
End of file - 5697 bytes
-
quote:
Orjinalden alıntı: Yuni
tamamdir onu hallettik simdi.
Combofix adli programi indirin.
http://www.guvenlikuzmanim.com/dosyalar/ComboFix.exe
1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
4. ComboFix çalışmaya başladıktan sonra sizden 1 ya da 2 tuşuna basmanız istenecektir. Devam etmek için 1 tuşuna basın.
5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
6. Bu işlemler sırasında internet bağlantınız kesilecektir. Bu normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
7. Biraz sabırlı olmanız gerekebilir çünkü tam 41 aşama söz konusudur.
8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:53:56, on 11.10.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\SERCAN\Downloads\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.live.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: Youtube Dünya Capinda IP leri toplam 2859 adet ....
O1 - Hosts: 208.65.153.251 uk.youtube.com
O1 - Hosts: 208.65.153.253 de.youtube.com
O1 - Hosts: 208.117.236.70 youtube.com
O1 - Hosts: 208.117.236.70www.youtube.com
O1 - Hosts: 74.125.65.118 img.youtube.com
O1 - Hosts: 64.15.124.143 sjc-v1.sjc.youtube.com
O1 - Hosts: 64.15.124.144 sjc-v2.sjc.youtube.com
O1 - Hosts: 64.15.124.145 sjc-v3.sjc.youtube.com
O1 - Hosts: 64.15.124.146 sjc-v4.sjc.youtube.com
O1 - Hosts: 64.15.124.147 sjc-v5.sjc.youtube.com
O1 - Hosts: 64.15.124.148 sjc-v6.sjc.youtube.com
O1 - Hosts: 64.15.124.149 sjc-v7.sjc.youtube.com
O1 - Hosts: 64.15.124.150 sjc-v8.sjc.youtube.com
O1 - Hosts: 64.15.124.151 sjc-v9.sjc.youtube.com
O1 - Hosts: 64.15.124.152 sjc-v10.sjc.youtube.com
O1 - Hosts: 64.15.124.153 sjc-v11.sjc.youtube.com
O1 - Hosts: 64.15.124.154 sjc-v12.sjc.youtube.com
O1 - Hosts: 64.15.124.155 sjc-v13.sjc.youtube.com
O1 - Hosts: 64.15.124.156 sjc-v14.sjc.youtube.com
O1 - Hosts: 64.15.124.157 sjc-v15.sjc.youtube.com
O1 - Hosts: 64.15.124.158 sjc-v16.sjc.youtube.com
O1 - Hosts: 64.15.124.159 sjc-v17.sjc.youtube.com
O1 - Hosts: 64.15.124.160 sjc-v18.sjc.youtube.com
O1 - Hosts: 64.15.124.161 sjc-v19.sjc.youtube.com
O1 - Hosts: 64.15.124.162 sjc-v20.sjc.youtube.com
O1 - Hosts: 64.15.124.163 sjc-v21.sjc.youtube.com
O1 - Hosts: 64.15.124.164 sjc-v22.sjc.youtube.com
O1 - Hosts: 64.15.124.165 sjc-v23.sjc.youtube.com
O1 - Hosts: 64.15.124.166 sjc-v24.sjc.youtube.com
O1 - Hosts: 64.15.124.167 sjc-v25.sjc.youtube.com
O1 - Hosts: 64.15.124.168 sjc-v26.sjc.youtube.com
O1 - Hosts: 64.15.124.169 sjc-v27.sjc.youtube.com
O1 - Hosts: 64.15.124.170 sjc-v28.sjc.youtube.com
O1 - Hosts: 64.15.124.171 sjc-v29.sjc.youtube.com
O1 - Hosts: 64.15.124.172 sjc-v30.sjc.youtube.com
O1 - Hosts: 64.15.124.173 sjc-v31.sjc.youtube.com
O1 - Hosts: 64.15.124.174 sjc-v32.sjc.youtube.com
O1 - Hosts: 64.15.124.175 sjc-v33.sjc.youtube.com
O1 - Hosts: 64.15.124.176 sjc-v34.sjc.youtube.com
O1 - Hosts: 64.15.124.177 sjc-v35.sjc.youtube.com
O1 - Hosts: 64.15.124.178 sjc-v36.sjc.youtube.com
O1 - Hosts: 64.15.124.179 sjc-v37.sjc.youtube.com
O1 - Hosts: 64.15.124.180 sjc-v38.sjc.youtube.com
O1 - Hosts: 64.15.124.207 sjc-v39.sjc.youtube.com
O1 - Hosts: 64.15.124.208 sjc-v40.sjc.youtube.com
O1 - Hosts: 64.15.124.209 sjc-v41.sjc.youtube.com
O1 - Hosts: 64.15.124.210 sjc-v42.sjc.youtube.com
O1 - Hosts: 64.15.124.211 sjc-v43.sjc.youtube.com
O1 - Hosts: 64.15.124.212 sjc-v44.sjc.youtube.com
O1 - Hosts: 64.15.124.213 sjc-v45.sjc.youtube.com
O1 - Hosts: 64.15.124.214 sjc-v46.sjc.youtube.com
O1 - Hosts: 64.15.124.215 sjc-v47.sjc.youtube.com
O1 - Hosts: 64.15.124.216 sjc-v48.sjc.youtube.com
O1 - Hosts: 64.15.124.217 sjc-v49.sjc.youtube.com
O1 - Hosts: 64.15.124.218 sjc-v50.sjc.youtube.com
O1 - Hosts: 64.15.124.219 sjc-v51.sjc.youtube.com
O1 - Hosts: 64.15.124.220 sjc-v52.sjc.youtube.com
O1 - Hosts: 64.15.124.221 sjc-v53.sjc.youtube.com
O1 - Hosts: 64.15.124.222 sjc-v54.sjc.youtube.com
O1 - Hosts: 64.15.124.223 sjc-v55.sjc.youtube.com
O1 - Hosts: 64.15.124.224 sjc-v56.sjc.youtube.com
O1 - Hosts: 64.15.124.225 sjc-v57.sjc.youtube.com
O1 - Hosts: 64.15.124.226 sjc-v58.sjc.youtube.com
O1 - Hosts: 64.15.124.227 sjc-v59.sjc.youtube.com
O1 - Hosts: 64.15.124.228 sjc-v60.sjc.youtube.com
O1 - Hosts: 64.15.124.229 sjc-v61.sjc.youtube.com
O1 - Hosts: 64.15.124.230 sjc-v62.sjc.youtube.com
O1 - Hosts: 64.15.124.231 sjc-v63.sjc.youtube.com
O1 - Hosts: 64.15.124.232 sjc-v64.sjc.youtube.com
O1 - Hosts: 64.15.124.233 sjc-v65.sjc.youtube.com
O1 - Hosts: 64.15.124.234 sjc-v66.sjc.youtube.com
O1 - Hosts: 64.15.124.235 sjc-v67.sjc.youtube.com
O1 - Hosts: 64.15.124.236 sjc-v68.sjc.youtube.com
O1 - Hosts: 64.15.124.237 sjc-v69.sjc.youtube.com
O1 - Hosts: 64.15.124.238 sjc-v70.sjc.youtube.com
O1 - Hosts: 64.15.124.239 sjc-v71.sjc.youtube.com
O1 - Hosts: 64.15.124.240 sjc-v72.sjc.youtube.com
O1 - Hosts: 64.15.124.241 sjc-v73.sjc.youtube.com
O1 - Hosts: 64.15.124.242 sjc-v74.sjc.youtube.com
O1 - Hosts: 64.15.124.243 sjc-v75.sjc.youtube.com
O1 - Hosts: 64.15.124.244 sjc-v76.sjc.youtube.com
O1 - Hosts: 64.15.125.16 sjc-v77.sjc.youtube.com
O1 - Hosts: 64.15.125.17 sjc-v78.sjc.youtube.com
O1 - Hosts: 64.15.125.18 sjc-v79.sjc.youtube.com
O1 - Hosts: 64.15.125.19 sjc-v80.sjc.youtube.com
O1 - Hosts: 64.15.125.20 sjc-v81.sjc.youtube.com
O1 - Hosts: 64.15.125.21 sjc-v82.sjc.youtube.com
O1 - Hosts: 64.15.125.22 sjc-v83.sjc.youtube.com
O1 - Hosts: 64.15.125.23 sjc-v84.sjc.youtube.com
O1 - Hosts: 64.15.125.24 sjc-v85.sjc.youtube.com
O1 - Hosts: 64.15.125.25 sjc-v86.sjc.youtube.com
O1 - Hosts: 64.15.125.26 sjc-v87.sjc.youtube.com
O1 - Hosts: 64.15.125.27 sjc-v88.sjc.youtube.com
O1 - Hosts: 64.15.125.28 sjc-v89.sjc.youtube.com
O1 - Hosts: 64.15.125.29 sjc-v90.sjc.youtube.com
O1 - Hosts: 64.15.125.30 sjc-v91.sjc.youtube.com
O1 - Hosts: 64.15.125.31 sjc-v92.sjc.youtube.com
O1 - Hosts: 64.15.125.32 sjc-v93.sjc.youtube.com
O1 - Hosts: 64.15.125.33 sjc-v94.sjc.youtube.com
O1 - Hosts: 64.15.125.34 sjc-v95.sjc.youtube.com
O2 - BHO: Adobe PDF Reader Bağı Yardımı - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
--
End of file - 7914 bytes
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:02:46, on 11.10.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Users\SERCAN\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.live.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: Youtube Dünya Capinda IP leri toplam 2859 adet ....
O1 - Hosts: 208.65.153.251 uk.youtube.com
O1 - Hosts: 208.65.153.253 de.youtube.com
O1 - Hosts: 208.117.236.70 youtube.com
O1 - Hosts: 208.117.236.70www.youtube.com
O1 - Hosts: 74.125.65.118 img.youtube.com
O1 - Hosts: 64.15.124.143 sjc-v1.sjc.youtube.com
O1 - Hosts: 64.15.124.144 sjc-v2.sjc.youtube.com
O1 - Hosts: 64.15.124.145 sjc-v3.sjc.youtube.com
O1 - Hosts: 64.15.124.146 sjc-v4.sjc.youtube.com
O1 - Hosts: 64.15.124.147 sjc-v5.sjc.youtube.com
O1 - Hosts: 64.15.124.148 sjc-v6.sjc.youtube.com
O1 - Hosts: 64.15.124.149 sjc-v7.sjc.youtube.com
O1 - Hosts: 64.15.124.150 sjc-v8.sjc.youtube.com
O1 - Hosts: 64.15.124.151 sjc-v9.sjc.youtube.com
O1 - Hosts: 64.15.124.152 sjc-v10.sjc.youtube.com
O1 - Hosts: 64.15.124.153 sjc-v11.sjc.youtube.com
O1 - Hosts: 64.15.124.154 sjc-v12.sjc.youtube.com
O1 - Hosts: 64.15.124.155 sjc-v13.sjc.youtube.com
O1 - Hosts: 64.15.124.156 sjc-v14.sjc.youtube.com
O1 - Hosts: 64.15.124.157 sjc-v15.sjc.youtube.com
O1 - Hosts: 64.15.124.158 sjc-v16.sjc.youtube.com
O1 - Hosts: 64.15.124.159 sjc-v17.sjc.youtube.com
O1 - Hosts: 64.15.124.160 sjc-v18.sjc.youtube.com
O1 - Hosts: 64.15.124.161 sjc-v19.sjc.youtube.com
O1 - Hosts: 64.15.124.162 sjc-v20.sjc.youtube.com
O1 - Hosts: 64.15.124.163 sjc-v21.sjc.youtube.com
O1 - Hosts: 64.15.124.164 sjc-v22.sjc.youtube.com
O1 - Hosts: 64.15.124.165 sjc-v23.sjc.youtube.com
O1 - Hosts: 64.15.124.166 sjc-v24.sjc.youtube.com
O1 - Hosts: 64.15.124.167 sjc-v25.sjc.youtube.com
O1 - Hosts: 64.15.124.168 sjc-v26.sjc.youtube.com
O1 - Hosts: 64.15.124.169 sjc-v27.sjc.youtube.com
O1 - Hosts: 64.15.124.170 sjc-v28.sjc.youtube.com
O1 - Hosts: 64.15.124.171 sjc-v29.sjc.youtube.com
O1 - Hosts: 64.15.124.172 sjc-v30.sjc.youtube.com
O1 - Hosts: 64.15.124.173 sjc-v31.sjc.youtube.com
O1 - Hosts: 64.15.124.174 sjc-v32.sjc.youtube.com
O1 - Hosts: 64.15.124.175 sjc-v33.sjc.youtube.com
O1 - Hosts: 64.15.124.176 sjc-v34.sjc.youtube.com
O1 - Hosts: 64.15.124.177 sjc-v35.sjc.youtube.com
O1 - Hosts: 64.15.124.178 sjc-v36.sjc.youtube.com
O1 - Hosts: 64.15.124.179 sjc-v37.sjc.youtube.com
O1 - Hosts: 64.15.124.180 sjc-v38.sjc.youtube.com
O1 - Hosts: 64.15.124.207 sjc-v39.sjc.youtube.com
O1 - Hosts: 64.15.124.208 sjc-v40.sjc.youtube.com
O1 - Hosts: 64.15.124.209 sjc-v41.sjc.youtube.com
O1 - Hosts: 64.15.124.210 sjc-v42.sjc.youtube.com
O1 - Hosts: 64.15.124.211 sjc-v43.sjc.youtube.com
O1 - Hosts: 64.15.124.212 sjc-v44.sjc.youtube.com
O1 - Hosts: 64.15.124.213 sjc-v45.sjc.youtube.com
O1 - Hosts: 64.15.124.214 sjc-v46.sjc.youtube.com
O1 - Hosts: 64.15.124.215 sjc-v47.sjc.youtube.com
O1 - Hosts: 64.15.124.216 sjc-v48.sjc.youtube.com
O1 - Hosts: 64.15.124.217 sjc-v49.sjc.youtube.com
O1 - Hosts: 64.15.124.218 sjc-v50.sjc.youtube.com
O1 - Hosts: 64.15.124.219 sjc-v51.sjc.youtube.com
O1 - Hosts: 64.15.124.220 sjc-v52.sjc.youtube.com
O1 - Hosts: 64.15.124.221 sjc-v53.sjc.youtube.com
O1 - Hosts: 64.15.124.222 sjc-v54.sjc.youtube.com
O1 - Hosts: 64.15.124.223 sjc-v55.sjc.youtube.com
O1 - Hosts: 64.15.124.224 sjc-v56.sjc.youtube.com
O1 - Hosts: 64.15.124.225 sjc-v57.sjc.youtube.com
O1 - Hosts: 64.15.124.226 sjc-v58.sjc.youtube.com
O1 - Hosts: 64.15.124.227 sjc-v59.sjc.youtube.com
O1 - Hosts: 64.15.124.228 sjc-v60.sjc.youtube.com
O1 - Hosts: 64.15.124.229 sjc-v61.sjc.youtube.com
O1 - Hosts: 64.15.124.230 sjc-v62.sjc.youtube.com
O1 - Hosts: 64.15.124.231 sjc-v63.sjc.youtube.com
O1 - Hosts: 64.15.124.232 sjc-v64.sjc.youtube.com
O1 - Hosts: 64.15.124.233 sjc-v65.sjc.youtube.com
O1 - Hosts: 64.15.124.234 sjc-v66.sjc.youtube.com
O1 - Hosts: 64.15.124.235 sjc-v67.sjc.youtube.com
O1 - Hosts: 64.15.124.236 sjc-v68.sjc.youtube.com
O1 - Hosts: 64.15.124.237 sjc-v69.sjc.youtube.com
O1 - Hosts: 64.15.124.238 sjc-v70.sjc.youtube.com
O1 - Hosts: 64.15.124.239 sjc-v71.sjc.youtube.com
O1 - Hosts: 64.15.124.240 sjc-v72.sjc.youtube.com
O1 - Hosts: 64.15.124.241 sjc-v73.sjc.youtube.com
O1 - Hosts: 64.15.124.242 sjc-v74.sjc.youtube.com
O1 - Hosts: 64.15.124.243 sjc-v75.sjc.youtube.com
O1 - Hosts: 64.15.124.244 sjc-v76.sjc.youtube.com
O1 - Hosts: 64.15.125.16 sjc-v77.sjc.youtube.com
O1 - Hosts: 64.15.125.17 sjc-v78.sjc.youtube.com
O1 - Hosts: 64.15.125.18 sjc-v79.sjc.youtube.com
O1 - Hosts: 64.15.125.19 sjc-v80.sjc.youtube.com
O1 - Hosts: 64.15.125.20 sjc-v81.sjc.youtube.com
O1 - Hosts: 64.15.125.21 sjc-v82.sjc.youtube.com
O1 - Hosts: 64.15.125.22 sjc-v83.sjc.youtube.com
O1 - Hosts: 64.15.125.23 sjc-v84.sjc.youtube.com
O1 - Hosts: 64.15.125.24 sjc-v85.sjc.youtube.com
O1 - Hosts: 64.15.125.25 sjc-v86.sjc.youtube.com
O1 - Hosts: 64.15.125.26 sjc-v87.sjc.youtube.com
O1 - Hosts: 64.15.125.27 sjc-v88.sjc.youtube.com
O1 - Hosts: 64.15.125.28 sjc-v89.sjc.youtube.com
O1 - Hosts: 64.15.125.29 sjc-v90.sjc.youtube.com
O1 - Hosts: 64.15.125.30 sjc-v91.sjc.youtube.com
O1 - Hosts: 64.15.125.31 sjc-v92.sjc.youtube.com
O1 - Hosts: 64.15.125.32 sjc-v93.sjc.youtube.com
O1 - Hosts: 64.15.125.33 sjc-v94.sjc.youtube.com
O1 - Hosts: 64.15.125.34 sjc-v95.sjc.youtube.com
O2 - BHO: Adobe PDF Reader Bağı Yardımı - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
--
End of file - 7682 bytes
-
quote:
Orjinalden alıntı: peterfamilyguy
Sag tiklayip "Yonetici olarak calistir" tiklayip o sekilde bir log gonderir misin? Burada bir cok bilgi eksik. -
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:53:28, on 11.10.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\SERCAN\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.live.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: Youtube Dünya Capinda IP leri toplam 2859 adet ....
O1 - Hosts: 208.65.153.251 uk.youtube.com
O1 - Hosts: 208.65.153.253 de.youtube.com
O1 - Hosts: 208.117.236.70 youtube.com
O1 - Hosts: 208.117.236.70www.youtube.com
O1 - Hosts: 74.125.65.118 img.youtube.com
O1 - Hosts: 64.15.124.143 sjc-v1.sjc.youtube.com
O1 - Hosts: 64.15.124.144 sjc-v2.sjc.youtube.com
O1 - Hosts: 64.15.124.145 sjc-v3.sjc.youtube.com
O1 - Hosts: 64.15.124.146 sjc-v4.sjc.youtube.com
O1 - Hosts: 64.15.124.147 sjc-v5.sjc.youtube.com
O1 - Hosts: 64.15.124.148 sjc-v6.sjc.youtube.com
O1 - Hosts: 64.15.124.149 sjc-v7.sjc.youtube.com
O1 - Hosts: 64.15.124.150 sjc-v8.sjc.youtube.com
O1 - Hosts: 64.15.124.151 sjc-v9.sjc.youtube.com
O1 - Hosts: 64.15.124.152 sjc-v10.sjc.youtube.com
O1 - Hosts: 64.15.124.153 sjc-v11.sjc.youtube.com
O1 - Hosts: 64.15.124.154 sjc-v12.sjc.youtube.com
O1 - Hosts: 64.15.124.155 sjc-v13.sjc.youtube.com
O1 - Hosts: 64.15.124.156 sjc-v14.sjc.youtube.com
O1 - Hosts: 64.15.124.157 sjc-v15.sjc.youtube.com
O1 - Hosts: 64.15.124.158 sjc-v16.sjc.youtube.com
O1 - Hosts: 64.15.124.159 sjc-v17.sjc.youtube.com
O1 - Hosts: 64.15.124.160 sjc-v18.sjc.youtube.com
O1 - Hosts: 64.15.124.161 sjc-v19.sjc.youtube.com
O1 - Hosts: 64.15.124.162 sjc-v20.sjc.youtube.com
O1 - Hosts: 64.15.124.163 sjc-v21.sjc.youtube.com
O1 - Hosts: 64.15.124.164 sjc-v22.sjc.youtube.com
O1 - Hosts: 64.15.124.165 sjc-v23.sjc.youtube.com
O1 - Hosts: 64.15.124.166 sjc-v24.sjc.youtube.com
O1 - Hosts: 64.15.124.167 sjc-v25.sjc.youtube.com
O1 - Hosts: 64.15.124.168 sjc-v26.sjc.youtube.com
O1 - Hosts: 64.15.124.169 sjc-v27.sjc.youtube.com
O1 - Hosts: 64.15.124.170 sjc-v28.sjc.youtube.com
O1 - Hosts: 64.15.124.171 sjc-v29.sjc.youtube.com
O1 - Hosts: 64.15.124.172 sjc-v30.sjc.youtube.com
O1 - Hosts: 64.15.124.173 sjc-v31.sjc.youtube.com
O1 - Hosts: 64.15.124.174 sjc-v32.sjc.youtube.com
O1 - Hosts: 64.15.124.175 sjc-v33.sjc.youtube.com
O1 - Hosts: 64.15.124.176 sjc-v34.sjc.youtube.com
O1 - Hosts: 64.15.124.177 sjc-v35.sjc.youtube.com
O1 - Hosts: 64.15.124.178 sjc-v36.sjc.youtube.com
O1 - Hosts: 64.15.124.179 sjc-v37.sjc.youtube.com
O1 - Hosts: 64.15.124.180 sjc-v38.sjc.youtube.com
O1 - Hosts: 64.15.124.207 sjc-v39.sjc.youtube.com
O1 - Hosts: 64.15.124.208 sjc-v40.sjc.youtube.com
O1 - Hosts: 64.15.124.209 sjc-v41.sjc.youtube.com
O1 - Hosts: 64.15.124.210 sjc-v42.sjc.youtube.com
O1 - Hosts: 64.15.124.211 sjc-v43.sjc.youtube.com
O1 - Hosts: 64.15.124.212 sjc-v44.sjc.youtube.com
O1 - Hosts: 64.15.124.213 sjc-v45.sjc.youtube.com
O1 - Hosts: 64.15.124.214 sjc-v46.sjc.youtube.com
O1 - Hosts: 64.15.124.215 sjc-v47.sjc.youtube.com
O1 - Hosts: 64.15.124.216 sjc-v48.sjc.youtube.com
O1 - Hosts: 64.15.124.217 sjc-v49.sjc.youtube.com
O1 - Hosts: 64.15.124.218 sjc-v50.sjc.youtube.com
O1 - Hosts: 64.15.124.219 sjc-v51.sjc.youtube.com
O1 - Hosts: 64.15.124.220 sjc-v52.sjc.youtube.com
O1 - Hosts: 64.15.124.221 sjc-v53.sjc.youtube.com
O1 - Hosts: 64.15.124.222 sjc-v54.sjc.youtube.com
O1 - Hosts: 64.15.124.223 sjc-v55.sjc.youtube.com
O1 - Hosts: 64.15.124.224 sjc-v56.sjc.youtube.com
O1 - Hosts: 64.15.124.225 sjc-v57.sjc.youtube.com
O1 - Hosts: 64.15.124.226 sjc-v58.sjc.youtube.com
O1 - Hosts: 64.15.124.227 sjc-v59.sjc.youtube.com
O1 - Hosts: 64.15.124.228 sjc-v60.sjc.youtube.com
O1 - Hosts: 64.15.124.229 sjc-v61.sjc.youtube.com
O1 - Hosts: 64.15.124.230 sjc-v62.sjc.youtube.com
O1 - Hosts: 64.15.124.231 sjc-v63.sjc.youtube.com
O1 - Hosts: 64.15.124.232 sjc-v64.sjc.youtube.com
O1 - Hosts: 64.15.124.233 sjc-v65.sjc.youtube.com
O1 - Hosts: 64.15.124.234 sjc-v66.sjc.youtube.com
O1 - Hosts: 64.15.124.235 sjc-v67.sjc.youtube.com
O1 - Hosts: 64.15.124.236 sjc-v68.sjc.youtube.com
O1 - Hosts: 64.15.124.237 sjc-v69.sjc.youtube.com
O1 - Hosts: 64.15.124.238 sjc-v70.sjc.youtube.com
O1 - Hosts: 64.15.124.239 sjc-v71.sjc.youtube.com
O1 - Hosts: 64.15.124.240 sjc-v72.sjc.youtube.com
O1 - Hosts: 64.15.124.241 sjc-v73.sjc.youtube.com
O1 - Hosts: 64.15.124.242 sjc-v74.sjc.youtube.com
O1 - Hosts: 64.15.124.243 sjc-v75.sjc.youtube.com
O1 - Hosts: 64.15.124.244 sjc-v76.sjc.youtube.com
O1 - Hosts: 64.15.125.16 sjc-v77.sjc.youtube.com
O1 - Hosts: 64.15.125.17 sjc-v78.sjc.youtube.com
O1 - Hosts: 64.15.125.18 sjc-v79.sjc.youtube.com
O1 - Hosts: 64.15.125.19 sjc-v80.sjc.youtube.com
O1 - Hosts: 64.15.125.20 sjc-v81.sjc.youtube.com
O1 - Hosts: 64.15.125.21 sjc-v82.sjc.youtube.com
O1 - Hosts: 64.15.125.22 sjc-v83.sjc.youtube.com
O1 - Hosts: 64.15.125.23 sjc-v84.sjc.youtube.com
O1 - Hosts: 64.15.125.24 sjc-v85.sjc.youtube.com
O1 - Hosts: 64.15.125.25 sjc-v86.sjc.youtube.com
O1 - Hosts: 64.15.125.26 sjc-v87.sjc.youtube.com
O1 - Hosts: 64.15.125.27 sjc-v88.sjc.youtube.com
O1 - Hosts: 64.15.125.28 sjc-v89.sjc.youtube.com
O1 - Hosts: 64.15.125.29 sjc-v90.sjc.youtube.com
O1 - Hosts: 64.15.125.30 sjc-v91.sjc.youtube.com
O1 - Hosts: 64.15.125.31 sjc-v92.sjc.youtube.com
O1 - Hosts: 64.15.125.32 sjc-v93.sjc.youtube.com
O1 - Hosts: 64.15.125.33 sjc-v94.sjc.youtube.com
O1 - Hosts: 64.15.125.34 sjc-v95.sjc.youtube.com
O2 - BHO: Adobe PDF Reader Bağı Yardımı - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
--
End of file - 8274 bytes
-
quote:
Orjinalden alıntı: peterfamilyguy
O2 - BHO: Adobe PDF Reader Bağı Yardımı - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Bunlarin disinda bir sorun gozukmuyor. -
combofix log u
ComboFix 08-10-10.09 - Panturk 2008-10-11 16:44:00.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1254.1.1033.18.1473 [GMT 3:00]
Running from: C:\Documents and Settings\Panturk\Desktop\ComboFix.exe
* Created a new restore point
[COLOR=RED][B]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/B][/COLOR]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\SkypeComm.dll
C:\WINDOWS\system32\wshell.dll
C:\WINDOWS\winhelp.ini
.
((((((((((((((((((((((((( Files Created from 2008-09-11 to 2008-10-11 )))))))))))))))))))))))))))))))
.
2008-10-10 21:20 . 2008-10-10 21:20 <DIR> d-------- C:\Documents and Settings\Panturk\Application Data\Leadertech
2008-10-04 23:32 . 2007-04-15 00:05 991,232 --a------ C:\WINDOWS\system32\imageviewer2.ocx
2008-10-04 23:32 . 2000-05-22 00:00 608,448 --a------ C:\WINDOWS\system32\comctl32.ocx
2008-10-04 23:32 . 2004-03-08 23:00 224,016 --a------ C:\WINDOWS\system32\tabctl32.ocx
2008-10-04 23:32 . 1996-01-12 00:00 200,704 --a------ C:\WINDOWS\system32\threed32.ocx
2008-10-04 23:32 . 1998-06-24 00:00 164,144 --a------ C:\WINDOWS\system32\comct232.ocx
2008-10-04 23:32 . 1999-09-16 09:04 151,552 --a------ C:\WINDOWS\system32\ccrpfd6.ocx
2008-10-04 23:32 . 2000-05-01 23:02 110,592 --a------ C:\WINDOWS\system32\ccrpbds6.dll
2008-10-04 23:32 . 2000-07-09 18:15 106,496 --a------ C:\WINDOWS\system32\mbprgbar.ocx
2008-10-04 23:27 . 2008-10-04 23:27 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-10-01 22:33 . 2008-10-01 22:33 47,784 --a------ C:\Documents and Settings\Panturk\Application Data\GDIPFONTCACHEV1.DAT
2008-09-16 21:25 . 2008-09-16 21:25 <DIR> d-------- C:\Documents and Settings\Panturk\Application Data\TuneUp Software
2008-09-16 21:25 . 2008-09-16 21:25 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-09-16 21:25 . 2007-12-20 10:41 29,440 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-09-16 21:24 . 2008-09-16 21:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-09-12 21:54 . 2008-09-12 21:57 <DIR> d-------- C:\WINDOWS\NV3964676.TMP
2008-09-12 21:16 . 2008-09-12 21:16 <DIR> dr-h----- C:\Documents and Settings\Panturk\Application Data\SecuROM
2008-09-12 21:15 . 2008-09-12 23:07 669,184 --a------ C:\WINDOWS\system32\pbsvc.exe
2008-09-12 17:54 . 2003-03-19 06:14 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-11 13:48 --------- d-----w C:\Program Files\cFosSpeed
2008-10-11 13:44 --------- d-----w C:\Documents and Settings\Panturk\Application Data\DMCache
2008-10-11 12:35 24,944 ----a-w C:\WINDOWS\system32\drivers\GVTDrv.sys
2008-10-11 12:33 16,608 ----a-w C:\WINDOWS\gdrv.sys
2008-10-10 18:17 --------- d-----w C:\Documents and Settings\Panturk\Application Data\LimeWire
2008-10-02 00:35 --------- d-----w C:\Documents and Settings\Panturk\Application Data\Yahoo!
2008-10-02 00:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-09-16 18:23 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-09-12 20:07 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-09-12 20:07 22,328 ----a-w C:\Documents and Settings\Panturk\Application Data\PnkBstrK.sys
2008-09-01 15:05 --------- d-----w C:\Documents and Settings\Panturk\Application Data\Hamachi
2008-09-01 12:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-31 22:04 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-08-31 22:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-08-19 22:57 --------- d-----w C:\Documents and Settings\Panturk\Application Data\uTorrent
2008-08-18 19:01 --------- d-----w C:\Program Files\Gigabyte
2008-08-16 19:20 --------- d-----w C:\Documents and Settings\Panturk\Application Data\InterVideo
2008-08-16 19:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-08-16 19:17 --------- d-----w C:\Program Files\InterVideo Information Service
2008-08-16 19:17 --------- d-----w C:\Program Files\Common Files\Ulead
2008-08-16 19:16 --------- d-----w C:\Program Files\InterVideo
2008-08-16 19:16 --------- d-----w C:\Program Files\Common Files\InterVideo
2008-08-16 19:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
2008-08-16 19:15 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-08-14 22:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-14 21:22 --------- d-----w C:\Program Files\Bret Taylor
2008-08-14 21:22 --------- d-----w C:\Documents and Settings\Panturk\Application Data\Bret Taylor
2008-05-12 18:57 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008051220080513\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 1688872]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-13 68856]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [2008-06-21 2594224]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"Stickies"="C:\Program Files\Bret Taylor\Stickies\\Stickies.exe" [2007-03-14 335872]
"SkinClock"="E:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe" [2008-09-18 529408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="C:\WINDOWS\JM\JMInsIDE.exe" [2006-10-30 36864]
"36X Raid Configurer"="C:\WINDOWS\system32\JMRaidSetup.exe" [2007-02-06 1953792]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-16 13529088]
"iTunesHelper"="E:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 267048]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="E:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 2213160]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"cFosSpeed"="C:\Program Files\cFosSpeed\cFosSpeed.exe" [2008-02-14 863448]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 36352]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-05-27 413696]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-05-09 1443072]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-03-20 213936]
"EasyTuneVPro"="C:\Program Files\Gigabyte\ET5Pro\ETcall.exe" [2007-07-26 20480]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-16 86016]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 C:\WINDOWS\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2008-05-16 C:\WINDOWS\system32\nwiz.exe]
C:\Documents and Settings\Panturk\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
"msacm.divxa32"= msaud32_divx.acm
"msacm.ac3filter"= ac3filter.acm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"E:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"E:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"E:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
R1 nltdi;nltdi;C:\WINDOWS\system32\drivers\nltdi.sys [2007-04-23 82200]
R2 NwSapAgent;SAP Agent;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 PD91Agent;PD91Agent;C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe [2008-04-16 689416]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 GVTDrv;GVTDrv;C:\WINDOWS\system32\Drivers\GVTDrv.sys [2008-10-11 24944]
R3 MarkFun_NT;MarkFun_NT;C:\Program Files\Gigabyte\ET5Pro\markfun.w32 [2007-08-21 17912]
S2 GEST Service;GEST Service for program management.;C:\Program Files\Gigabyte\EnergySaver\GSvr.exe [2008-07-18 80392]
S3 PD91Engine;PD91Engine;C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe [2008-04-16 894216]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-09-16 306432]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd385391-e70f-11dc-a9a3-001a4d461f82}]
\Shell\AutoRun\command - D:\Autorun.exe
*Newly Created Service* - MARKFUN_NT
.
Contents of the 'Scheduled Tasks' folder
2008-09-16 C:\WINDOWS\Tasks\1-Click Maintenance.job
- E:\Program Files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 15:17]
2008-10-02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]
2008-10-11 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 12:20]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Panturk\Application Data\Mozilla\Firefox\Profiles\z37unot0.default\
FF -: plugin - C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\npdjvu.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\nppl3260.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\nprpjplug.dll
FF -: plugin - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
FF -: plugin - E:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - e:\Program Files\Real Alternative\browser\plugins\nppl3260.dll
FF -: plugin - e:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,http://www.gmer.net
Rootkit scan 2008-10-11 16:47:50
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MarkFun_NT]
"ImagePath"="\??\C:\Program Files\Gigabyte\ET5Pro\markfun.w32"
.
------------------------ Other Running Processes ------------------------
.
E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\cFosSpeed\spd.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
E:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
E:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Gigabyte\ET5Pro\GUI.exe
C:\Program Files\Bret Taylor\Stickies\Stickies.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\AirTies\ADSL Hizmet Programı\AirTies_util3.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
.
**************************************************************************
.
Completion time: 2008-10-11 16:52:14 - machine was rebooted
ComboFix-quarantined-files.txt 2008-10-11 13:52:07
Pre-Run: 957.632.512 bytes free
Post-Run: 1,147,375,616 bytes free
197 --- E O F --- 2008-09-10 12:49:13
-
quote:
Orjinalden alıntı: Panturk
combofix log u
Perlovga Removal Tool adlı programı masaüstünüze indirin.
http://www.guvenlikuzmanim.com/dosyalar/perlovga.exe
Programı çalıştırıp Start tıklayın. Daha sonra bilgisayarınızı zaman kaybetmeden yeniden başlatın.
Daha sonra bir HJ logu daha gonder: -
quote:
Orjinalden alıntı: serji
tamamdir onu hallettik simdi.
Combofix adli programi indirin.
http://www.guvenlikuzmanim.com/dosyalar/ComboFix.exe
1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
4. ComboFix çalışmaya başladıktan sonra sizden 1 ya da 2 tuşuna basmanız istenecektir. Devam etmek için 1 tuşuna basın.
5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
6. Bu işlemler sırasında internet bağlantınız kesilecektir. Bu normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
7. Biraz sabırlı olmanız gerekebilir çünkü tam 41 aşama söz konusudur.
8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.
serji kardeşim bende mi bunu uygulayacağım.
bana en yakın (en kolay) bu geldi
-
serji kardeşim, sırasıyla bit defender-SUPERAntiSpyware Scan Log ve hijackthis loglarını gönderiyorum, ne yapmalıyım
bit defender
//-----------------------------------------------------------------
//
// Product BitDefender Free Edition v10
// Product 10.2
//
// Created on: 11/10/2008 00:17:45
//
//-----------------------------------------------------------------
Virus Statistics
Scan path : C:\
D:\
E:\
Folders : 6310
Files : 22336
Memory processes scanned : 39
Archives : 3
Runtime packers : 1600
Identified viruses : 7
Infected files : 326
Memory processes infected : 1
Suspect files : 0
Warnings : 0
Disinfected files : 0
Deleted files : 0
Moved files : 324
I/O errors : 15
Scan time : 00:09:28
Scan speed (files/sec) : 39
Spyware Statistics
Registry keys scanned : 1650
Registry keys infected : 0
Cookies scanned : 3
Cookies infected : 0
Spyware files infected : 0
Spyware threats detected : 0
Virus definitions : 553501
Scan plugins : 16
Archive plugins : 41
Unpack plugins : 6
Mail plugins : 6
System plugins : 5
Virus scan options
Detection
[X] Scan boot sectors
[X] Memory Processes
[ ] Scan archives
[X] Scan runtime packers
[X] Scan email
File mask
[X] Programs
[ ] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;
Action
Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user
Second action
[ ] Ignore
[ ] Delete
[X] Move to quarantine
[ ] Prompt user
Virus scan options
[X] Enable warnings
[ ] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\full_scan\1223677065.log
Spyware scan options
[X] Scan for riskware
[ ] Skip dial and applications from scan
[X] Registry keys
[X] Cookies
Summary:
<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (memory dump) Infected: Trojan.Delf.AAM
<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (memory dump) Disinfection failed
<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (memory dump) Move failed
<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (disk) Infected: BehavesLike:Win32.ExplorerHijack
<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (disk) Disinfection failed
<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (disk) Move failed
<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (full dump) Infected: Trojan.Delf.AAM
<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (full dump) Disinfection failed
<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (full dump) Move failed
C:\Documents and Settings\Administrator\Belgelerim\GomPlayer.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim\GomPlayer.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim\GomPlayer.exe Moved
C:\Documents and Settings\Administrator\Belgelerim\GTA Vice City User Files.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim\GTA Vice City User Files.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim\GTA Vice City User Files.exe Moved
C:\Documents and Settings\Administrator\Belgelerim\Müziğim.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim\Müziğim.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim\Müziğim.exe Moved
C:\Documents and Settings\Administrator\Belgelerim\NFS Most Wanted\redo.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim\NFS Most Wanted\redo.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim\NFS Most Wanted\redo.exe Moved
C:\Documents and Settings\Administrator\Belgelerim\NFS Most Wanted.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim\NFS Most Wanted.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim\NFS Most Wanted.exe Moved
C:\Documents and Settings\Administrator\Belgelerim\Resimlerim\Resim.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim\Resimlerim\Resim.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim\Resimlerim\Resim.exe Moved
C:\Documents and Settings\Administrator\Belgelerim\Resimlerim.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim\Resimlerim.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim\Resimlerim.exe Moved
C:\Documents and Settings\Administrator\Belgelerim\Updater.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim\Updater.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim\Updater.exe Moved
C:\Documents and Settings\Administrator\Belgelerim.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim.exe Moved
C:\Documents and Settings\Administrator\Desktop\perlovga.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Desktop\perlovga.exe Disinfection failed
C:\Documents and Settings\Administrator\Desktop\perlovga.exe Moved
C:\Documents and Settings\Administrator\Desktop.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Desktop.exe Disinfection failed
C:\Documents and Settings\Administrator\Desktop.exe Moved
C:\Documents and Settings\Administrator\Local Settings\temp\services.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Local Settings\temp\services.exe Disinfection failed
C:\Documents and Settings\Administrator\Local Settings\temp\services.exe Moved
C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Quarantine\services.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Quarantine\services.exe Disinfection failed
C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Quarantine\services.exe Moved
C:\Documents and Settings\All Users\Belgeler\Müziğim\Örnek Müzik.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\All Users\Belgeler\Müziğim\Örnek Müzik.exe Disinfection failed
C:\Documents and Settings\All Users\Belgeler\Müziğim\Örnek Müzik.exe Moved
C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe Disinfection failed
C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe Moved
C:\Program Files\AIMP2\System\bass_cda.dll Infected: Trojan.Peed.Gen
C:\Program Files\AIMP2\System\bass_cda.dll Disinfection failed
C:\Program Files\AIMP2\System\bass_cda.dll Moved
C:\Program Files\AIMP2.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\AIMP2.exe Disinfection failed
C:\Program Files\AIMP2.exe Moved
C:\Program Files\AntiVir PersonalEdition Classic.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\AntiVir PersonalEdition Classic.exe Disinfection failed
C:\Program Files\AntiVir PersonalEdition Classic.exe Moved
C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}.exe Disinfection failed
C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}.exe Moved
C:\Program Files\InstallShield Installation Information\{9B94BE6F-7CA3-4C40-A266-62667FF746CC}.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\InstallShield Installation Information\{9B94BE6F-7CA3-4C40-A266-62667FF746CC}.exe Disinfection failed
C:\Program Files\InstallShield Installation Information\{9B94BE6F-7CA3-4C40-A266-62667FF746CC}.exe Moved
C:\Program Files\InstallShield Installation Information.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\InstallShield Installation Information.exe Disinfection failed
C:\Program Files\InstallShield Installation Information.exe Moved
C:\Program Files\SRS Labs\Audio Sandbox\DriverSupport.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\SRS Labs\Audio Sandbox\DriverSupport.exe Disinfection failed
C:\Program Files\SRS Labs\Audio Sandbox\DriverSupport.exe Moved
C:\Program Files\SRS Labs\Audio Sandbox.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\SRS Labs\Audio Sandbox.exe Disinfection failed
C:\Program Files\SRS Labs\Audio Sandbox.exe Moved
C:\Program Files\SRS Labs.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\SRS Labs.exe Disinfection failed
C:\Program Files\SRS Labs.exe Moved
C:\Program Files\Uninstall Information.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\Uninstall Information.exe Disinfection failed
C:\Program Files\Uninstall Information.exe Moved
C:\Program Files\WindowsUpdate.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\WindowsUpdate.exe Disinfection failed
C:\Program Files\WindowsUpdate.exe Moved
D:\KUCUK OYUNLAR\AlignIt\Align It!.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\AlignIt\Align It!.exe Disinfection failed
D:\KUCUK OYUNLAR\AlignIt\Align It!.exe Moved
D:\KUCUK OYUNLAR\AlignIt.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\AlignIt.exe Disinfection failed
D:\KUCUK OYUNLAR\AlignIt.exe Moved
D:\KUCUK OYUNLAR\BARMEN.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\BARMEN.exe Disinfection failed
D:\KUCUK OYUNLAR\BARMEN.exe Moved
D:\KUCUK OYUNLAR\bulmaca.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\bulmaca.exe Disinfection failed
D:\KUCUK OYUNLAR\bulmaca.exe Moved
D:\KUCUK OYUNLAR\chs32x86.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\chs32x86.exe Disinfection failed
D:\KUCUK OYUNLAR\chs32x86.exe Moved
D:\KUCUK OYUNLAR\ColorLinez\Color Linez.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\ColorLinez\Color Linez.exe Disinfection failed
D:\KUCUK OYUNLAR\ColorLinez\Color Linez.exe Moved
D:\KUCUK OYUNLAR\Damas\damas.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\Damas\damas.exe Disinfection failed
D:\KUCUK OYUNLAR\Damas\damas.exe Moved
D:\KUCUK OYUNLAR\Damas.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\Damas.exe Disinfection failed
D:\KUCUK OYUNLAR\Damas.exe Moved
D:\KUCUK OYUNLAR\darts.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\darts.exe Disinfection failed
D:\KUCUK OYUNLAR\darts.exe Moved
D:\KUCUK OYUNLAR\DxBall\DX-Ball 2.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\DxBall\DX-Ball 2.exe Disinfection failed
D:\KUCUK OYUNLAR\DxBall\DX-Ball 2.exe Moved
D:\KUCUK OYUNLAR\DxBall\DX-Ball Game.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\DxBall\DX-Ball Game.exe Disinfection failed
D:\KUCUK OYUNLAR\DxBall\DX-Ball Game.exe Moved
D:\KUCUK OYUNLAR\DxBall.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\DxBall.exe Disinfection failed
D:\KUCUK OYUNLAR\DxBall.exe Moved
D:\KUCUK OYUNLAR\Iftar2000.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\Iftar2000.exe Disinfection failed
D:\KUCUK OYUNLAR\Iftar2000.exe Moved
D:\KUCUK OYUNLAR\KEMAN.EXE Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\KEMAN.EXE Disinfection failed
D:\KUCUK OYUNLAR\KEMAN.EXE Moved
D:\KUCUK OYUNLAR\KingNET.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\KingNET.exe Disinfection failed
D:\KUCUK OYUNLAR\KingNET.exe Moved
D:\KUCUK OYUNLAR\NBA.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\NBA.exe Disinfection failed
D:\KUCUK OYUNLAR\NBA.exe Moved
D:\KUCUK OYUNLAR\ORG.EXE Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\ORG.EXE Disinfection failed
D:\KUCUK OYUNLAR\ORG.EXE Moved
D:\KUCUK OYUNLAR\OYUN\40 Oyun\fatdez_90210\SETUP.EXE Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\40 Oyun\fatdez_90210\SETUP.EXE Disinfection failed
D:\KUCUK OYUNLAR\OYUN\40 Oyun\fatdez_90210\SETUP.EXE Moved
D:\KUCUK OYUNLAR\OYUN\40 Oyun\nightmare_on_sesame_street\setup.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\40 Oyun\nightmare_on_sesame_street\setup.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\40 Oyun\nightmare_on_sesame_street\setup.exe Moved
D:\KUCUK OYUNLAR\OYUN\40 Oyun\takin_care_of_business.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\40 Oyun\takin_care_of_business.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\40 Oyun\takin_care_of_business.exe Moved
D:\KUCUK OYUNLAR\OYUN\40 Oyun.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\40 Oyun.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\40 Oyun.exe Moved
D:\KUCUK OYUNLAR\OYUN\CALLUS\CALLUS95.EXE Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\CALLUS\CALLUS95.EXE Disinfection failed
D:\KUCUK OYUNLAR\OYUN\CALLUS\CALLUS95.EXE Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Dave.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Dave.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Dave.exe Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\DX-Ball.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\DX-Ball.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\DX-Ball.exe Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Dyna.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Dyna.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Dyna.exe Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar\PROGRAM\ds.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar\PROGRAM\ds.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar\PROGRAM\ds.exe Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar\PROGRAM.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar\PROGRAM.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar\PROGRAM.exe Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar.exe Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\VOLFIED\Data.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\VOLFIED\Data.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\VOLFIED\Data.exe Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\VOLFIED.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\VOLFIED.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\VOLFIED.exe Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR.exe Moved
D:\KUCUK OYUNLAR\OYUN\VPOOL2\Reg32a.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\VPOOL2\Reg32a.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\VPOOL2\Reg32a.exe Moved
D:\KUCUK OYUNLAR\OYUN\VPOOL2\vp2.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\VPOOL2\vp2.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\VPOOL2\vp2.exe Moved
D:\KUCUK OYUNLAR\OYUN.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN.exe Moved
D:\KUCUK OYUNLAR\pishti.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\pishti.exe Disinfection failed
D:\KUCUK OYUNLAR\pishti.exe Moved
D:\KUCUK OYUNLAR\SoloTest.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\SoloTest.exe Disinfection failed
D:\KUCUK OYUNLAR\SoloTest.exe Moved
D:\KUCUK OYUNLAR\TE.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\TE.exe Disinfection failed
D:\KUCUK OYUNLAR\TE.exe Moved
D:\KUCUK OYUNLAR\Toplar1.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\Toplar1.exe Disinfection failed
D:\KUCUK OYUNLAR\Toplar1.exe Moved
D:\KUCUK OYUNLAR.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR.exe Disinfection failed
D:\KUCUK OYUNLAR.exe Moved
D:\MERVE'NİN SUNUMLARI.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\MERVE'NİN SUNUMLARI.exe Disinfection failed
D:\MERVE'NİN SUNUMLARI.exe Moved
D:\muzik\FİLM MÜZİKLERİ.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\FİLM MÜZİKLERİ.exe Disinfection failed
D:\muzik\FİLM MÜZİKLERİ.exe Moved
D:\muzik\SESLER\Doğa Sesleri.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\SESLER\Doğa Sesleri.exe Disinfection failed
D:\muzik\SESLER\Doğa Sesleri.exe Moved
D:\muzik\SESLER\Matrix.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\SESLER\Matrix.exe Disinfection failed
D:\muzik\SESLER\Matrix.exe Moved
D:\muzik\SESLER\MOHAA\amb.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\SESLER\MOHAA\amb.exe Disinfection failed
D:\muzik\SESLER\MOHAA\amb.exe Moved
D:\muzik\SESLER\MOHAA.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\SESLER\MOHAA.exe Disinfection failed
D:\muzik\SESLER\MOHAA.exe Moved
D:\muzik\SESLER.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\SESLER.exe Disinfection failed
D:\muzik\SESLER.exe Moved
D:\muzik\YABANCI\POWER HITS 15.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YABANCI\POWER HITS 15.exe Disinfection failed
D:\muzik\YABANCI\POWER HITS 15.exe Moved
D:\muzik\YABANCI\yabancı.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YABANCI\yabancı.exe Disinfection failed
D:\muzik\YABANCI\yabancı.exe Moved
D:\muzik\YABANCI.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YABANCI.exe Disinfection failed
D:\muzik\YABANCI.exe Moved
D:\muzik\YERLİ\C-Ç.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\C-Ç.exe Disinfection failed
D:\muzik\YERLİ\C-Ç.exe Moved
D:\muzik\YERLİ\D.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\D.exe Disinfection failed
D:\muzik\YERLİ\D.exe Moved
D:\muzik\YERLİ\E\eskiler.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\E\eskiler.exe Disinfection failed
D:\muzik\YERLİ\E\eskiler.exe Moved
D:\muzik\YERLİ\E.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\E.exe Disinfection failed
D:\muzik\YERLİ\E.exe Moved
D:\muzik\YERLİ\F_G.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\F_G.exe Disinfection failed
D:\muzik\YERLİ\F_G.exe Moved
D:\muzik\YERLİ\H\hepsi.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\H\hepsi.exe Disinfection failed
D:\muzik\YERLİ\H\hepsi.exe Moved
D:\muzik\YERLİ\H.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\H.exe Disinfection failed
D:\muzik\YERLİ\H.exe Moved
D:\muzik\YERLİ\I-İ.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\I-İ.exe Disinfection failed
D:\muzik\YERLİ\I-İ.exe Moved
D:\muzik\YERLİ\K.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\K.exe Disinfection failed
D:\muzik\YERLİ\K.exe Moved
D:\muzik\YERLİ\M\MELİH GÖRGÜN\YOLUN GÜLLE DOLSUN.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\M\MELİH GÖRGÜN\YOLUN GÜLLE DOLSUN.exe Disinfection failed
D:\muzik\YERLİ\M\MELİH GÖRGÜN\YOLUN GÜLLE DOLSUN.exe Moved
D:\muzik\YERLİ\M\MELİH GÖRGÜN.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\M\MELİH GÖRGÜN.exe Disinfection failed
D:\muzik\YERLİ\M\MELİH GÖRGÜN.exe Moved
D:\muzik\YERLİ\M\murat kekilli.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\M\murat kekilli.exe Disinfection failed
D:\muzik\YERLİ\M\murat kekilli.exe Moved
D:\muzik\YERLİ\M.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\M.exe Disinfection failed
D:\muzik\YERLİ\M.exe Moved
D:\muzik\YERLİ\Müzik\YILDIZ TİLBE türküler.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\Müzik\YILDIZ TİLBE türküler.exe Disinfection failed
D:\muzik\YERLİ\Müzik\YILDIZ TİLBE türküler.exe Moved
D:\muzik\YERLİ\Müzik.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\Müzik.exe Disinfection failed
D:\muzik\YERLİ\Müzik.exe Moved
D:\muzik\YERLİ\O-Ö.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\O-Ö.exe Disinfection failed
D:\muzik\YERLİ\O-Ö.exe Moved
D:\muzik\YERLİ\P.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\P.exe Disinfection failed
D:\muzik\YERLİ\P.exe Moved
D:\muzik\YERLİ\R.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\R.exe Disinfection failed
D:\muzik\YERLİ\R.exe Moved
D:\muzik\YERLİ\S-Ş\sagopa.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\S-Ş\sagopa.exe Disinfection failed
D:\muzik\YERLİ\S-Ş\sagopa.exe Moved
D:\muzik\YERLİ\S-Ş.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\S-Ş.exe Disinfection failed
D:\muzik\YERLİ\S-Ş.exe Moved
D:\muzik\YERLİ\T.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\T.exe Disinfection failed
D:\muzik\YERLİ\T.exe Moved
D:\muzik\YERLİ\U-Ü.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\U-Ü.exe Disinfection failed
D:\muzik\YERLİ\U-Ü.exe Moved
D:\muzik\YERLİ\V.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\V.exe Disinfection failed
D:\muzik\YERLİ\V.exe Moved
D:\muzik\YERLİ\Y\YILMAZ ERDOĞAN_SON.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\Y\YILMAZ ERDOĞAN_SON.exe Disinfection failed
D:\muzik\YERLİ\Y\YILMAZ ERDOĞAN_SON.exe Moved
D:\muzik\YERLİ\Y\yuksel özkasap.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\Y\yuksel özkasap.exe Disinfection failed
D:\muzik\YERLİ\Y\yuksel özkasap.exe Moved
D:\muzik\YERLİ\Y.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\Y.exe Disinfection failed
D:\muzik\YERLİ\Y.exe Moved
D:\muzik\YERLİ\Z.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\Z.exe Disinfection failed
D:\muzik\YERLİ\Z.exe Moved
D:\muzik\YERLİ\~EMREDEN GELEN.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\~EMREDEN GELEN.exe Disinfection failed
D:\muzik\YERLİ\~EMREDEN GELEN.exe Moved
D:\muzik\YERLİ.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ.exe Disinfection failed
D:\muzik\YERLİ.exe Moved
D:\muzik.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik.exe Disinfection failed
D:\muzik.exe Moved
D:\Resim.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\Resim.exe Disinfection failed
D:\Resim.exe Moved
D:\SLAYTLAR.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\SLAYTLAR.exe Disinfection failed
D:\SLAYTLAR.exe Moved
D:\VİDEO.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\VİDEO.exe Disinfection failed
D:\VİDEO.exe Moved
D:\çizgi film\Arthur.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\Arthur.exe Disinfection failed
D:\çizgi film\Arthur.exe Moved
D:\çizgi film\Ayı Kardeş.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\Ayı Kardeş.exe Disinfection failed
D:\çizgi film\Ayı Kardeş.exe Moved
D:\çizgi film\Aşçı Fare.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\Aşçı Fare.exe Disinfection failed
D:\çizgi film\Aşçı Fare.exe Moved
D:\çizgi film\barnd yard.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\barnd yard.exe Disinfection failed
D:\çizgi film\barnd yard.exe Moved
D:\çizgi film\fare sehri.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\fare sehri.exe Disinfection failed
D:\çizgi film\fare sehri.exe Moved
D:\çizgi film\Küçük Kahraman.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\Küçük Kahraman.exe Disinfection failed
D:\çizgi film\Küçük Kahraman.exe Moved
D:\çizgi film\LOONEY.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\LOONEY.exe Disinfection failed
D:\çizgi film\LOONEY.exe Moved
D:\çizgi film\Road_Runner_En_Sevilen_Bolumler7.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\Road_Runner_En_Sevilen_Bolumler7.exe Disinfection failed
D:\çizgi film\Road_Runner_En_Sevilen_Bolumler7.exe Moved
D:\çizgi film\Shrek 3.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\Shrek 3.exe Disinfection failed
D:\çizgi film\Shrek 3.exe Moved
D:\çizgi film\SOUTHPARK\SouthPark\Season 1.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\SOUTHPARK\SouthPark\Season 1.exe Disinfection failed
D:\çizgi film\SOUTHPARK\SouthPark\Season 1.exe Moved
D:\çizgi film\SOUTHPARK\SouthPark.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\SOUTHPARK\SouthPark.exe Disinfection failed
D:\çizgi film\SOUTHPARK\SouthPark.exe Moved
D:\çizgi film\SOUTHPARK.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\SOUTHPARK.exe Disinfection failed
D:\çizgi film\SOUTHPARK.exe Moved
D:\çizgi film\Tilki renart.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\Tilki renart.exe Disinfection failed
D:\çizgi film\Tilki renart.exe Moved
D:\çizgi film\Çılgın Dostlar.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\Çılgın Dostlar.exe Disinfection failed
D:\çizgi film\Çılgın Dostlar.exe Moved
D:\çizgi film.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film.exe Disinfection failed
D:\çizgi film.exe Moved
E:\Ara Dosyalar\HALK BANKASI.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Ara Dosyalar\HALK BANKASI.exe Disinfection failed
E:\Ara Dosyalar\HALK BANKASI.exe Moved
E:\Ara Dosyalar\OTEL ALINAN.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Ara Dosyalar\OTEL ALINAN.exe Disinfection failed
E:\Ara Dosyalar\OTEL ALINAN.exe Moved
E:\Ara Dosyalar\Yeni Klasör.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Ara Dosyalar\Yeni Klasör.exe Disinfection failed
E:\Ara Dosyalar\Yeni Klasör.exe Moved
E:\Ara Dosyalar.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Ara Dosyalar.exe Disinfection failed
E:\Ara Dosyalar.exe Moved
E:\Eğitim.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Eğitim.exe Disinfection failed
E:\Eğitim.exe Moved
E:\Film-Diziler\28 Hafta Sonra.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\28 Hafta Sonra.exe Disinfection failed
E:\Film-Diziler\28 Hafta Sonra.exe Moved
E:\Film-Diziler\BEYAZ MELEK.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\BEYAZ MELEK.exe Disinfection failed
E:\Film-Diziler\BEYAZ MELEK.exe Moved
E:\Film-Diziler\Cast Away(yeni hayat)\1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\Cast Away(yeni hayat)\1.exe Disinfection failed
E:\Film-Diziler\Cast Away(yeni hayat)\1.exe Moved
E:\Film-Diziler\Cast Away(yeni hayat)\2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\Cast Away(yeni hayat)\2.exe Disinfection failed
E:\Film-Diziler\Cast Away(yeni hayat)\2.exe Moved
E:\Film-Diziler\Cast Away(yeni hayat).exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\Cast Away(yeni hayat).exe Disinfection failed
E:\Film-Diziler\Cast Away(yeni hayat).exe Moved
E:\Film-Diziler\DİZİ\prison break\4.sezon\5.bölüm.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\DİZİ\prison break\4.sezon\5.bölüm.exe Disinfection failed
E:\Film-Diziler\DİZİ\prison break\4.sezon\5.bölüm.exe Moved
E:\Film-Diziler\DİZİ\prison break\4.sezon.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\DİZİ\prison break\4.sezon.exe Disinfection failed
E:\Film-Diziler\DİZİ\prison break\4.sezon.exe Moved
E:\Film-Diziler\DİZİ\prison break.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\DİZİ\prison break.exe Disinfection failed
E:\Film-Diziler\DİZİ\prison break.exe Moved
E:\Film-Diziler\DİZİ.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\DİZİ.exe Disinfection failed
E:\Film-Diziler\DİZİ.exe Moved
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy\CD-1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy\CD-1.exe Disinfection failed
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy\CD-1.exe Moved
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy\CD-2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy\CD-2.exe Disinfection failed
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy\CD-2.exe Moved
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy.exe Disinfection failed
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy.exe Moved
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER.exe Disinfection failed
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER.exe Moved
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ\Şans Kapıyı Kırınca\disk-1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ\Şans Kapıyı Kırınca\disk-1.exe Disinfection failed
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ\Şans Kapıyı Kırınca\disk-1.exe Moved
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ\Şans Kapıyı Kırınca.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ\Şans Kapıyı Kırınca.exe Disinfection failed
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ\Şans Kapıyı Kırınca.exe Moved
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ.exe Disinfection failed
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ.exe Moved
E:\Film-Diziler\FİLM\009 SAVAŞ FİLMLERİ.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\009 SAVAŞ FİLMLERİ.exe Disinfection failed
E:\Film-Diziler\FİLM\009 SAVAŞ FİLMLERİ.exe Moved
E:\Film-Diziler\FİLM\010 2008 FİLMLER.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\010 2008 FİLMLER.exe Disinfection failed
E:\Film-Diziler\FİLM\010 2008 FİLMLER.exe Moved
E:\Film-Diziler\FİLM\30 gün.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\30 gün.exe Disinfection failed
E:\Film-Diziler\FİLM\30 gün.exe Moved
E:\Film-Diziler\FİLM\BUYUK KARSILASMA.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\BUYUK KARSILASMA.exe Disinfection failed
E:\Film-Diziler\FİLM\BUYUK KARSILASMA.exe Moved
E:\Film-Diziler\FİLM\cinayet gecesi.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\cinayet gecesi.exe Disinfection failed
E:\Film-Diziler\FİLM\cinayet gecesi.exe Moved
E:\Film-Diziler\FİLM\fearless.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\fearless.exe Disinfection failed
E:\Film-Diziler\FİLM\fearless.exe Moved
E:\Film-Diziler\FİLM.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM.exe Disinfection failed
E:\Film-Diziler\FİLM.exe Moved
E:\Film-Diziler\help 2008.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\help 2008.exe Disinfection failed
E:\Film-Diziler\help 2008.exe Moved
E:\Film-Diziler\kanlı pinokyo.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\kanlı pinokyo.exe Disinfection failed
E:\Film-Diziler\kanlı pinokyo.exe Moved
E:\Film-Diziler\Lost Highway.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\Lost Highway.exe Disinfection failed
E:\Film-Diziler\Lost Highway.exe Moved
E:\Film-Diziler\macera adası.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\macera adası.exe Disinfection failed
E:\Film-Diziler\macera adası.exe Moved
E:\Film-Diziler\PATTON\hjsplit shareme\hjsplit.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\PATTON\hjsplit shareme\hjsplit.exe Disinfection failed
E:\Film-Diziler\PATTON\hjsplit shareme\hjsplit.exe Moved
E:\Film-Diziler\PATTON.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\PATTON.exe Disinfection failed
E:\Film-Diziler\PATTON.exe Moved
E:\Film-Diziler\The.Thin.Red.Line.1998.DVDRip.XViD.iNT-JoLLyRoGeR\CD1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\The.Thin.Red.Line.1998.DVDRip.XViD.iNT-JoLLyRoGeR\CD1.exe Disinfection failed
E:\Film-Diziler\The.Thin.Red.Line.1998.DVDRip.XViD.iNT-JoLLyRoGeR\CD1.exe Moved
E:\Film-Diziler\The.Thin.Red.Line.1998.DVDRip.XViD.iNT-JoLLyRoGeR.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\The.Thin.Red.Line.1998.DVDRip.XViD.iNT-JoLLyRoGeR.exe Disinfection failed
E:\Film-Diziler\The.Thin.Red.Line.1998.DVDRip.XViD.iNT-JoLLyRoGeR.exe Moved
E:\Film-Diziler\wall E.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\wall E.exe Disinfection failed
E:\Film-Diziler\wall E.exe Moved
E:\Film-Diziler\yol muhabbeti.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\yol muhabbeti.exe Disinfection failed
E:\Film-Diziler\yol muhabbeti.exe Moved
E:\Film-Diziler\ölümün sesi.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\ölümün sesi.exe Disinfection failed
E:\Film-Diziler\ölümün sesi.exe Moved
E:\Film-Diziler\şamar oğlanı.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\şamar oğlanı.exe Disinfection failed
E:\Film-Diziler\şamar oğlanı.exe Moved
E:\Film-Diziler.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler.exe Disinfection failed
E:\Film-Diziler.exe Moved
E:\Games\Batak3\Batak.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Batak3\Batak.exe Disinfection failed
E:\Games\Batak3\Batak.exe Moved
E:\Games\Batak3.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Batak3.exe Disinfection failed
E:\Games\Batak3.exe Moved
E:\Games\battak\baTTak.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\battak\baTTak.exe Disinfection failed
E:\Games\battak\baTTak.exe Moved
E:\Games\cool of duty 4\Crack\iw3sp.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\cool of duty 4\Crack\iw3sp.exe Disinfection failed
E:\Games\cool of duty 4\Crack\iw3sp.exe Moved
E:\Games\cool of duty 4\Crack\rzr-cod4.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\cool of duty 4\Crack\rzr-cod4.exe Disinfection failed
E:\Games\cool of duty 4\Crack\rzr-cod4.exe Moved
E:\Games\cool of duty 4\Crack.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\cool of duty 4\Crack.exe Disinfection failed
E:\Games\cool of duty 4\Crack.exe Moved
E:\Games\cool of duty 4\Setup\Data\iw3mp.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\cool of duty 4\Setup\Data\iw3mp.exe Disinfection failed
E:\Games\cool of duty 4\Setup\Data\iw3mp.exe Moved
E:\Games\cool of duty 4\Setup\rsrc\ereg.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\cool of duty 4\Setup\rsrc\ereg.exe Disinfection failed
E:\Games\cool of duty 4\Setup\rsrc\ereg.exe Moved
E:\Games\cool of duty 4.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\cool of duty 4.exe Disinfection failed
E:\Games\cool of duty 4.exe Moved
E:\Games\F1 2002\f1_2002.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\F1 2002\f1_2002.exe Disinfection failed
E:\Games\F1 2002\f1_2002.exe Moved
E:\Games\F1 2002\Support\F1 2002_Code.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\F1 2002\Support\F1 2002_Code.exe Disinfection failed
E:\Games\F1 2002\Support\F1 2002_Code.exe Moved
E:\Games\F1 2002\Support\F1 2002_eReg.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\F1 2002\Support\F1 2002_eReg.exe Disinfection failed
E:\Games\F1 2002\Support\F1 2002_eReg.exe Moved
E:\Games\F1 2002\Support\F1 2002_EZ.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\F1 2002\Support\F1 2002_EZ.exe Disinfection failed
E:\Games\F1 2002\Support\F1 2002_EZ.exe Moved
E:\Games\F1 2002\Support\F1 2002_uninst.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\F1 2002\Support\F1 2002_uninst.exe Disinfection failed
E:\Games\F1 2002\Support\F1 2002_uninst.exe Moved
E:\Games\F1 2002\Support\go_ez.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\F1 2002\Support\go_ez.exe Disinfection failed
E:\Games\F1 2002\Support\go_ez.exe Moved
E:\Games\F1 2002\Telemetry\f12002_telemetry.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\F1 2002\Telemetry\f12002_telemetry.exe Disinfection failed
E:\Games\F1 2002\Telemetry\f12002_telemetry.exe Moved
E:\Games\Firefly Studios\Stronghold Crusader\pcchk.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Firefly Studios\Stronghold Crusader\pcchk.exe Disinfection failed
E:\Games\Firefly Studios\Stronghold Crusader\pcchk.exe Moved
E:\Games\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe Disinfection failed
E:\Games\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe Moved
E:\Games\Firefly Studios\Stronghold Crusader.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Firefly Studios\Stronghold Crusader.exe Disinfection failed
E:\Games\Firefly Studios\Stronghold Crusader.exe Moved
E:\Games\Firefly Studios.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Firefly Studios.exe Disinfection failed
E:\Games\Firefly Studios.exe Moved
E:\Games\FlatOut 2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\FlatOut 2.exe Disinfection failed
E:\Games\FlatOut 2.exe Moved
E:\Games\GTA4\gta-vc.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\GTA4\gta-vc.exe Disinfection failed
E:\Games\GTA4\gta-vc.exe Moved
E:\Games\GTA4.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\GTA4.exe Disinfection failed
E:\Games\GTA4.exe Moved
E:\Games\kingnet\KingNET.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\kingnet\KingNET.exe Disinfection failed
E:\Games\kingnet\KingNET.exe Moved
E:\Games\kingnet.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\kingnet.exe Disinfection failed
E:\Games\kingnet.exe Moved
E:\Games\Need For Speed Underground\3DSetup\3DSetup.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\3DSetup\3DSetup.exe Disinfection failed
E:\Games\Need For Speed Underground\3DSetup\3DSetup.exe Moved
E:\Games\Need For Speed Underground\eauninstall.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\eauninstall.exe Disinfection failed
E:\Games\Need For Speed Underground\eauninstall.exe Moved
E:\Games\Need For Speed Underground\Speed.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\Speed.exe Disinfection failed
E:\Games\Need For Speed Underground\Speed.exe Moved
E:\Games\Need For Speed Underground\Support\EasyInfo.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\Support\EasyInfo.exe Disinfection failed
E:\Games\Need For Speed Underground\Support\EasyInfo.exe Moved
E:\Games\Need For Speed Underground\Support\EReg.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\Support\EReg.exe Disinfection failed
E:\Games\Need For Speed Underground\Support\EReg.exe Moved
E:\Games\Need For Speed Underground\Support\go_ez.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\Support\go_ez.exe Disinfection failed
E:\Games\Need For Speed Underground\Support\go_ez.exe Moved
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_code.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_code.exe Disinfection failed
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_code.exe Moved
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_EZ.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_EZ.exe Disinfection failed
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_EZ.exe Moved
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_uninst.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_uninst.exe Disinfection failed
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_uninst.exe Moved
E:\Games\Need for Speed Underground 2\eauninstall.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need for Speed Underground 2\eauninstall.exe Disinfection failed
E:\Games\Need for Speed Underground 2\eauninstall.exe Moved
E:\Games\Need for Speed Underground 2\speed2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need for Speed Underground 2\speed2.exe Disinfection failed
E:\Games\Need for Speed Underground 2\speed2.exe Moved
E:\Games\Need for Speed Underground 2\Support\EasyInfo.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need for Speed Underground 2\Support\EasyInfo.exe Disinfection failed
E:\Games\Need for Speed Underground 2\Support\EasyInfo.exe Moved
E:\Games\Need for Speed Underground 2\Support\EReg.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need for Speed Underground 2\Support\EReg.exe Disinfection failed
E:\Games\Need for Speed Underground 2\Support\EReg.exe Moved
E:\Games\Need for Speed Underground 2\Support\Need for Speed Underground 2_code.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need for Speed Underground 2\Support\Need for Speed Underground 2_code.exe Disinfection failed
E:\Games\Need for Speed Underground 2\Support\Need for Speed Underground 2_code.exe Moved
E:\Games\Need for Speed Underground 2\Support\Need for Speed Underground 2_uninst.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need for Speed Underground 2\Support\Need for Speed Underground 2_uninst.exe Disinfection failed
E:\Games\Need for Speed Underground 2\Support\Need for Speed Underground 2_uninst.exe Moved
E:\Games\Need for Speed Underground 2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need for Speed Underground 2.exe Disinfection failed
E:\Games\Need for Speed Underground 2.exe Moved
E:\Games\Need For Speed Underground.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground.exe Disinfection failed
E:\Games\Need For Speed Underground.exe Moved
E:\Games\pes 2008\pes\Crack\PES2008.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\pes 2008\pes\Crack\PES2008.exe Disinfection failed
E:\Games\pes 2008\pes\Crack\PES2008.exe Moved
E:\Games\pes 2008\pes\PES2008.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\pes 2008\pes\PES2008.exe Disinfection failed
E:\Games\pes 2008\pes\PES2008.exe Moved
E:\Games\pes 2008\PES2008.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\pes 2008\PES2008.exe Disinfection failed
E:\Games\pes 2008\PES2008.exe Moved
E:\Games\pes 2008.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\pes 2008.exe Disinfection failed
E:\Games\pes 2008.exe Moved
E:\Games\Rise of Nations\nations.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Rise of Nations\nations.exe Disinfection failed
E:\Games\Rise of Nations\nations.exe Moved
E:\Games.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games.exe Disinfection failed
E:\Games.exe Moved
E:\Kitaplar.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Kitaplar.exe Disinfection failed
E:\Kitaplar.exe Moved
E:\Picture\ATATÜRK RESİMLERİ.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Picture\ATATÜRK RESİMLERİ.exe Disinfection failed
E:\Picture\ATATÜRK RESİMLERİ.exe Moved
E:\Picture\BMW.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Picture\BMW.exe Disinfection failed
E:\Picture\BMW.exe Moved
E:\Picture\komik resimler.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Picture\komik resimler.exe Disinfection failed
E:\Picture\komik resimler.exe Moved
E:\Picture.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Picture.exe Disinfection failed
E:\Picture.exe Moved
E:\Program Yedekler\ceviri\SOZLUK.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\ceviri\SOZLUK.exe Disinfection failed
E:\Program Yedekler\ceviri\SOZLUK.exe Moved
E:\Program Yedekler\ceviri\tring\tring\ingtur.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\ceviri\tring\tring\ingtur.exe Disinfection failed
E:\Program Yedekler\ceviri\tring\tring\ingtur.exe Moved
E:\Program Yedekler\ceviri\tring\tring\Turing.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\ceviri\tring\tring\Turing.exe Disinfection failed
E:\Program Yedekler\ceviri\tring\tring\Turing.exe Moved
E:\Program Yedekler\ceviri\tring\tring\Turingg.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\ceviri\tring\tring\Turingg.exe Disinfection failed
E:\Program Yedekler\ceviri\tring\tring\Turingg.exe Moved
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\autorun.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\autorun.exe Disinfection failed
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\autorun.exe Moved
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\Cewiri\setup.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\Cewiri\setup.exe Disinfection failed
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\Cewiri\setup.exe Moved
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\crack\Crack.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\crack\Crack.exe Disinfection failed
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\crack\Crack.exe Moved
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\crack\cracked.dll Infected: Backdoor.Grabilka.C
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\crack\cracked.dll Disinfection failed
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\crack\cracked.dll Moved
E:\Program Yedekler\ceviri.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\ceviri.exe Disinfection failed
E:\Program Yedekler\ceviri.exe Moved
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Adobe DNG Converter\Adobe DNG Converter.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Adobe DNG Converter\Adobe DNG Converter.exe Disinfection failed
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Adobe DNG Converter\Adobe DNG Converter.exe Moved
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Adobe(R) Photoshop(R) CS2\setup.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Adobe(R) Photoshop(R) CS2\setup.exe Disinfection failed
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Adobe(R) Photoshop(R) CS2\setup.exe Moved
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\CRACK\keygen.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\CRACK\keygen.exe Disinfection failed
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\CRACK\keygen.exe Moved
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Setup.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Setup.exe Disinfection failed
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Setup.exe Moved
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\GomWiz.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\GomWiz.exe Disinfection failed
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\GomWiz.exe Moved
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\GrLauncher.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\GrLauncher.exe Disinfection failed
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\GrLauncher.exe Moved
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\RtParser.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\RtParser.exe Disinfection failed
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\RtParser.exe Moved
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\ShellRegister.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\ShellRegister.exe Disinfection failed
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\ShellRegister.exe Moved
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\srt2smi.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\srt2smi.exe Disinfection failed
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\srt2smi.exe Moved
E:\Program Yedekler\kurulan prog\gom player.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\gom player.exe Disinfection failed
E:\Program Yedekler\kurulan prog\gom player.exe Moved
E:\Program Yedekler\kurulan prog\srs srs srs srs\SRS Audio Sandbox 1.9.0.4\patch.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\srs srs srs srs\SRS Audio Sandbox 1.9.0.4\patch.exe Disinfection failed
E:\Program Yedekler\kurulan prog\srs srs srs srs\SRS Audio Sandbox 1.9.0.4\patch.exe Moved
E:\Program Yedekler\kurulan prog\srs srs srs srs\SRS Audio Sandbox 1.9.0.4.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\srs srs srs srs\SRS Audio Sandbox 1.9.0.4.exe Disinfection failed
E:\Program Yedekler\kurulan prog\srs srs srs srs\SRS Audio Sandbox 1.9.0.4.exe Moved
E:\Program Yedekler\kurulan prog\srs srs srs srs.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\srs srs srs srs.exe Disinfection failed
E:\Program Yedekler\kurulan prog\srs srs srs srs.exe Moved
E:\Program Yedekler\kurulan prog.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog.exe Disinfection failed
E:\Program Yedekler\kurulan prog.exe Moved
E:\Program Yedekler\KÜÇÜLTME PROG\iview399.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\KÜÇÜLTME PROG\iview399.exe Disinfection failed
E:\Program Yedekler\KÜÇÜLTME PROG\iview399.exe Moved
E:\Program Yedekler\PROGRAMLAR\cam driver\Bin\demo32.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\cam driver\Bin\demo32.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\cam driver\Bin\demo32.exe Moved
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\amcap.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\amcap.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\amcap.exe Moved
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\StillCap.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\StillCap.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\StillCap.exe Moved
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\VMCap.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\VMCap.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\VMCap.exe Moved
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\VM_STI.EXE Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\VM_STI.EXE Disinfection failed
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\VM_STI.EXE Moved
E:\Program Yedekler\PROGRAMLAR\cam driver\setup.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\cam driver\setup.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\cam driver\setup.exe Moved
E:\Program Yedekler\PROGRAMLAR\codec\mplayerc.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\codec\mplayerc.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\codec\mplayerc.exe Moved
E:\Program Yedekler\PROGRAMLAR\msn müzik programları\MSN_Polygamy.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\msn müzik programları\MSN_Polygamy.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\msn müzik programları\MSN_Polygamy.exe Moved
E:\Program Yedekler\PROGRAMLAR\N27032\NOD32 UpdateViewer2.07.4.0.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\N27032\NOD32 UpdateViewer2.07.4.0.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\N27032\NOD32 UpdateViewer2.07.4.0.exe Moved
E:\Program Yedekler\PROGRAMLAR\Total_Video_Converter_v3.01__full\Total_Video_Converter_v3[1].01\keygen.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\Total_Video_Converter_v3.01__full\Total_Video_Converter_v3[1].01\keygen.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\Total_Video_Converter_v3.01__full\Total_Video_Converter_v3[1].01\keygen.exe Moved
E:\Program Yedekler\PROGRAMLAR\youtube indir\ffmpeg.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\youtube indir\ffmpeg.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\youtube indir\ffmpeg.exe Moved
E:\Program Yedekler\PROGRAMLAR\youtube indir\VDownloader.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\youtube indir\VDownloader.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\youtube indir\VDownloader.exe Moved
E:\Program Yedekler\webshots\webshots-3D.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-3D.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-3D.exe Moved
E:\Program Yedekler\webshots\webshots-afhoriz.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-afhoriz.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-afhoriz.exe Moved
E:\Program Yedekler\webshots\webshots-angels1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-angels1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-angels1.exe Moved
E:\Program Yedekler\webshots\webshots-astro.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-astro.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-astro.exe Moved
E:\Program Yedekler\webshots\webshots-babies1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-babies1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-babies1.exe Moved
E:\Program Yedekler\webshots\webshots-baroq1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-baroq1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-baroq1.exe Moved
E:\Program Yedekler\webshots\webshots-camping1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-camping1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-camping1.exe Moved
E:\Program Yedekler\webshots\webshots-castles1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-castles1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-castles1.exe Moved
E:\Program Yedekler\webshots\webshots-castles2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-castles2.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-castles2.exe Moved
E:\Program Yedekler\webshots\webshots-chrart1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-chrart1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-chrart1.exe Moved
E:\Program Yedekler\webshots\webshots-chrart2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-chrart2.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-chrart2.exe Moved
E:\Program Yedekler\webshots\webshots-chrart3.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-chrart3.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-chrart3.exe Moved
E:\Program Yedekler\webshots\webshots-ctyscpe1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-ctyscpe1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-ctyscpe1.exe Moved
E:\Program Yedekler\webshots\webshots-ctyscpe2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-ctyscpe2.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-ctyscpe2.exe Moved
E:\Program Yedekler\webshots\webshots-dpspac1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-dpspac1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-dpspac1.exe Moved
E:\Program Yedekler\webshots\webshots-endsky.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-endsky.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-endsky.exe Moved
E:\Program Yedekler\webshots\webshots-endsky2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-endsky2.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-endsky2.exe Moved
E:\Program Yedekler\webshots\webshots-farbar1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-farbar1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-farbar1.exe Moved
E:\Program Yedekler\webshots\webshots-farbar2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-farbar2.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-farbar2.exe Moved
E:\Program Yedekler\webshots\webshots-fire1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-fire1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-fire1.exe Moved
E:\Program Yedekler\webshots\webshots-firewks1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-firewks1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-firewks1.exe Moved
E:\Program Yedekler\webshots\webshots-firewks2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-firewks2.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-firewks2.exe Moved
E:\Program Yedekler\webshots\webshots-flower1r.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-flower1r.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-flower1r.exe Moved
E:\Program Yedekler\webshots\webshots-flower2r.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-flower2r.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-flower2r.exe Moved
E:\Program Yedekler\webshots\webshots-flower3r.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-flower3r.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-flower3r.exe Moved
E:\Program Yedekler\webshots\webshots-flower4r.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-flower4r.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-flower4r.exe Moved
E:\Program Yedekler\webshots\webshots-forcnat1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-forcnat1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-forcnat1.exe Moved
E:\Program Yedekler\webshots\webshots-france1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-france1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-france1.exe Moved
E:\Program Yedekler\webshots\webshots-hawaii1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-hawaii1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-hawaii1.exe Moved
E:\Program Yedekler\webshots\webshots-impres1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-impres1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-impres1.exe Moved
E:\Program Yedekler\webshots\webshots-islands1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-islands1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-islands1.exe Moved
E:\Program Yedekler\webshots\webshots-islands2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-islands2.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-islands2.exe Moved
E:\Program Yedekler\webshots\webshots-lighth2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-lighth2.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-lighth2.exe Moved
E:\Program Yedekler\webshots\webshots-love1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-love1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-love1.exe Moved
E:\Program Yedekler\webshots\webshots-nature1r.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-nature1r.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-nature1r.exe Moved
E:\Program Yedekler\webshots\webshots-nature2r.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-nature2r.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-nature2r.exe Moved
E:\Program Yedekler\webshots\webshots-nature3r.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-nature3r.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-nature3r.exe Moved
E:\Program Yedekler\webshots\webshots-nature4.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-nature4.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-nature4.exe Moved
E:\Program Yedekler\webshots\webshots-nature5.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-nature5.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-nature5.exe Moved
E:\Program Yedekler\webshots\webshots-nature6.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-nature6.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-nature6.exe Moved
E:\Program Yedekler\webshots\webshots-nature7.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-nature7.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-nature7.exe Moved
E:\Program Yedekler\webshots\webshots-plnmon1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-plnmon1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-plnmon1.exe Moved
E:\Program Yedekler\webshots\webshots-rainfst1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-rainfst1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-rainfst1.exe Moved
E:\Program Yedekler\webshots\webshots-renais1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-renais1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-renais1.exe Moved
E:\Program Yedekler\webshots\webshots-space1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-space1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-space1.exe Moved
E:\Program Yedekler\webshots\webshots-spiachi1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-spiachi1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-spiachi1.exe Moved
E:\Program Yedekler\webshots\webshots-sunsky1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-sunsky1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-sunsky1.exe Moved
E:\Program Yedekler\webshots\webshots-sunsky3.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-sunsky3.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-sunsky3.exe Moved
E:\Program Yedekler\webshots\webshots-textures.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-textures.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-textures.exe Moved
E:\Program Yedekler\webshots\webshots-thruages.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-thruages.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-thruages.exe Moved
E:\Program Yedekler\webshots\webshots-trees1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-trees1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-trees1.exe Moved
E:\Program Yedekler\webshots\webshots-windm1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-windm1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-windm1.exe Moved
E:\Program Yedekler\webshots\webshots-winter1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-winter1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-winter1.exe Moved
E:\Program Yedekler\webshots\webshots-wldbrdg1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-wldbrdg1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-wldbrdg1.exe Moved
E:\Program Yedekler\İNGİLİZCE.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\İNGİLİZCE.exe Disinfection failed
E:\Program Yedekler\İNGİLİZCE.exe Moved
E:\Program Yedekler.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler.exe Disinfection failed
E:\Program Yedekler.exe Moved
E:\Resimler\13.01.2008 BOĞAZKÖPRÜ.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Resimler\13.01.2008 BOĞAZKÖPRÜ.exe Disinfection failed
E:\Resimler\13.01.2008 BOĞAZKÖPRÜ.exe Moved
E:\Resimler\erciyes b k ö y.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Resimler\erciyes b k ö y.exe Disinfection failed
E:\Resimler\erciyes b k ö y.exe Moved
E:\Resimler\POZANTI 26.08.08.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Resimler\POZANTI 26.08.08.exe Disinfection failed
E:\Resimler\POZANTI 26.08.08.exe Moved
E:\Resimler\TATİL 06.07.08.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Resimler\TATİL 06.07.08.exe Disinfection failed
E:\Resimler\TATİL 06.07.08.exe Moved
E:\Resimler\ÜRGÜP13,3,07.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Resimler\ÜRGÜP13,3,07.exe Disinfection failed
E:\Resimler\ÜRGÜP13,3,07.exe Moved
E:\Resimler.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Resimler.exe Disinfection failed
E:\Resimler.exe Moved
E:\Video\KARIŞIK VIDEO.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Video\KARIŞIK VIDEO.exe Disinfection failed
E:\Video\KARIŞIK VIDEO.exe Moved
E:\Video\MY VIDEO\6600 VIDEO.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Video\MY VIDEO\6600 VIDEO.exe Disinfection failed
E:\Video\MY VIDEO\6600 VIDEO.exe Moved
E:\Video\MY VIDEO.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Video\MY VIDEO.exe Disinfection failed
E:\Video\MY VIDEO.exe Moved
E:\Video\o\KİM.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Video\o\KİM.exe Disinfection failed
E:\Video\o\KİM.exe Moved
E:\Video\o.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Video\o.exe Disinfection failed
E:\Video\o.exe Moved
E:\Video.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Video.exe Disinfection failed
E:\Video.exe Moved
E:\Yeni Klasör\NFS Carbon.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Yeni Klasör\NFS Carbon.exe Disinfection failed
E:\Yeni Klasör\NFS Carbon.exe Moved
E:\Yeni Klasör\NFS Most Wanted\RESUL.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Yeni Klasör\NFS Most Wanted\RESUL.exe Disinfection failed
E:\Yeni Klasör\NFS Most Wanted\RESUL.exe Moved
E:\Yeni Klasör.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Yeni Klasör.exe Disinfection failed
E:\Yeni Klasör.exe Moved
SUPERAntiSpyware Scan Log
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 10/11/2008 at 01:23 AM
Application Version : 4.21.1004
Core Rules Database Version : 3555
Trace Rules Database Version: 1543
Scan type : Complete Scan
Total Scan Time : 00:41:00
Memory items scanned : 457
Memory threats detected : 0
Registry items scanned : 4515
Registry threats detected : 0
File items scanned : 73447
File threats detected : 2
Rootkit.NVMini
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DRIVERS\ISDRV118.SYS.VIR
C:\WINDOWS\SYSTEM32\DRIVERS\ISDRV118.SYS
hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:36:32, on 11.10.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
F2 - REG:system.ini: Shell=explorer.exe "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
--
End of file - 4445 bytes
-
absolutely33 senin Hijack sonucları normal geldi bana ama serji ustamız söyler doğrusunu
Ip işlemleri
Bu mesaj IP'si ile atılan mesajları ara Bu kullanıcının son IP'si ile atılan mesajları ara Bu mesaj IP'si ile kullanıcı ara Bu kullanıcının son IP'si ile kullanıcı ara
KAPAT X
Bu mesaj IP'si ile atılan mesajları ara Bu kullanıcının son IP'si ile atılan mesajları ara Bu mesaj IP'si ile kullanıcı ara Bu kullanıcının son IP'si ile kullanıcı ara
KAPAT X
