Üye Girişi
Bağlan Google+ ile Bağlan Facebook ile Bağlan
Yeni Kayıt
Tüm Forumlar
  • Tüm Forumlar
  • İşletim Sistemleri ve Yazılımlar
  • Yazılım Genel
  • Güvenlik Programları
  • Bu Konuda
Şimdi Ara

HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+ (451. sayfa)

Sıcak Fırsatlarda Tıklananlar
Editörün Seçtiği Fırsatlar
Daha Fazla
Bu Konudaki Kullanıcılar: Daha Az
3 Misafir - 3 Masaüstü
5 sn
9.878
Cevap
17
Favori
1.234.477
Tıklama
Daha Fazla
İstatistik
  • Konu İstatistikleri Yükleniyor
Konuya Özel
0 oy
Öne Çıkar
Cevapla
Sayfa: önceki 449450451452453
Sayfaya Git
Git
sonraki
Giriş
Mesaj
  • arkadaşlar msn üzerinden pc'ye virüs girdi msnden herkese bi site adresi yolluyo ileti olarak acaba bu programla düzeltebilirmiyim yoksa başka bi programlamı denemeliyim?
  • Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:10:04, on 26.11.2009
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v7.00 (7.00.6002.18005)
    Boot mode: Normal

    Running processes:
    C:\Windows\VMSnap3.exe
    C:\Windows\Domino.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files (x86)\Internet Explorer\ieuser.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
    C:\Users\Styric\Desktop\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O13 - Gopher Prefix:
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6C23CCF7-3648-4887-BE76-F349BC53BCC0}: NameServer = 208.67.222.222,208.67.220.220
    O17 - HKLM\System\CS1\Services\Tcpip\..\{6C23CCF7-3648-4887-BE76-F349BC53BCC0}: NameServer = 208.67.222.222,208.67.220.220
    O17 - HKLM\System\CS2\Services\Tcpip\..\{6C23CCF7-3648-4887-BE76-F349BC53BCC0}: NameServer = 208.67.222.222,208.67.220.220
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 5570 bytes

    çook teşekkürler..




  • quote:

    Orijinalden alıntı: piasemen

    hocam teşekkürler dediklerinizi yaptım...

    yanlız bir sorum daha olacak bu onularda bilgi sahibi olduğunuzu düşünerek soruyorum..benim bilgisayarımda msn mesengerı çalıştıramıyorum daha doğrusu indiriyorum kuruyrum sigesini açmak için tıklıyorum harddisk çalışıyor ışığı yanıyor bilgisayar tıır tıkır bişeyler yapıyor ama oturum açma penceresi ekrana gelmiyor live writer live mail diğer tüm live dosyalarını açabiliyorum ama mesenger perncersi açılmıyor defalarca program ekle kaldırddan kaldırıp terar yükledim ama oturum açma penceresini göremiyorum.dediğim gibi simgeyi tıklayınca bilgisayar çalışıyor tıkır tıkır bişeylr yapıyor ama açılmıyor ne yapabilirim? şimdiden teşekkürler...

    baska bir kullanici hesabi ile acmayi deneyin bakalim.




  • quote:

    Orijinalden alıntı: mukremin84

    selamlar... son birkaç ayda bilgisayarda ara ara kasılmalar başladı (oyun oynarken, windows vs.). msn'i açamıyorum ve hotmail'in sitesine giriş yapamıyorum. bunlardan başka yeni ortaya çıkan bir durum var. oyun sırasında her yarım saatte bir sanki alt+tab tuşuna basmışım gibi windows'a dönüyor. o sırada birşey açılıyor sanki ama ne olduğu belli değil. yardımların için şimdiden teşekkürler, iyi çalışmalar... 

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 208.180.60.126:8080 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar  
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll 
      O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll 
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll  
      O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k  
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') 
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') 
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') 
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')


    ComboFix adlı programı masaüstünüze indirin.

    http://www.buraksonmez.com/dosyalar/ComboFix.exe

    1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
    2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
    3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
    4. ComboFix çalışmaya başladıktan sonra Evet butonuna tıklayın.
    5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
    6. Bu işlemler sırasında internet bağlantınız kesilecek ve masaüstünüz kaybolacaktır. Bunlar normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
    7. Biraz sabırlı olmanız gerekebilir çünkü tam 50 aşama söz konusudur.
    8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
    9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.


    quote:

    Orijinalden alıntı: Ocean Blue

    Merhaba emeğinize sağlık yararlı işler yapıyorsunuz bu günlerde benimde biraz sıkıntım var genelde memnunum ama yinede bir kontrol edebilirseniz memnun olurum şimdiden teşekkür ederim kolay gelsin..

    Kolay gelsin. 

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll  
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
      O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll 
      O2 - BHO: Groove GFS Browser Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll 
      O2 - BHO: Groove GFS Browser Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll



    quote:

    Orijinalden alıntı: asli07

    arkadaşlar msn üzerinden pc'ye virüs girdi msnden herkese bi site adresi yolluyo ileti olarak acaba bu programla düzeltebilirmiyim yoksa başka bi programlamı denemeliyim?

    Bununla duzeltebiliriz.


    quote:

    Orijinalden alıntı: Styric
    çook teşekkürler.. 

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=userinit.exe 
      O1 - Hosts: ::1 localhost 
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
      O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll




  • quote:

    Orijinalden alıntı: serji


    quote:

    Orijinalden alıntı: sercawres

    Bilgisayarda ne kadar virus varsa taradım ve kaldırdım hepsini fakat virus programıyla taradığımda bulduğu bir hata var ve bu hatayı düzeltmiyor virus programı. Hata şu verdiği network adresi güvenlik açıkları diye bir hata. Bilgisayarımda internet hızım yavaşladı. Ayrıca her gün girdiğim mahkeme kararıyla engellenmemiş siteler var yani herkesin girebildiği fakat bunlara herkes girebilirken ben giremiyorum, açılmıyorlar ve hoparlörlerden şişe kapağı açılırmış gibi bir ses geliyor düzensiz aralıklarla. Yardımlarınız için şimdiden teşekkür ederim. 

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local  
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll 
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)  
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
      O2 - BHO: TBSB03223 - {B4806C1A-FE8A-4008-9DA3-8CEDB6E82C10} - C:\Program Files\WebMoney ****or\wmadvisor.dll 
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll 
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll  
      O3 - Toolbar: WebMoney ****or - {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} - C:\Program Files\WebMoney ****or\wmadvisor.dll  
      O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe  
      O4 - HKLM\..\Run: [wmagent.exe] "C:\Program Files\WebMoney Agent\wmagent.exe"  
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"  
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 
      O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll 
      O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll 
      O9 - Extra button: WebMoney ****or - {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} - C:\Program Files\WebMoney ****or\wmadvisor.dll 
      O9 - Extra 'Tools' menuitem: WebMoney ****or - {3AFFD7F7-FD3D-4C9D-8F83-03296A1A8840} - C:\Program Files\WebMoney ****or\wmadvisor.dll 
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL  
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe


    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    ComboFix adlı programı masaüstünüze indirin.

    http://www.buraksonmez.com/dosyalar/ComboFix.exe

    1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
    2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
    3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
    4. ComboFix çalışmaya başladıktan sonra Evet butonuna tıklayın.
    5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
    6. Bu işlemler sırasında internet bağlantınız kesilecek ve masaüstünüz kaybolacaktır. Bunlar normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
    7. Biraz sabırlı olmanız gerekebilir çünkü tam 50 aşama söz konusudur.
    8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
    9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.


    @serji

    Erken cevap yazmanıza rağmen, aciliyetten dolayı format atmam gerekti. Sorunum halledilmiştir. Çok teşekkür ederim ilginiz ve alakanız için. Hayırlı bayramlar dilerim..




  • Malware'la ilgili logu aşağıda size gönderiyorum, gizli dosyaları görememe sorunum tekrar oluştu bu arada.

    quote:

    Malwarebytes' Anti-Malware 1.41
    Veritabanı sürümü: 3206
    Windows 5.1.2600 Service Pack 3

    21.11.2009 17:26:19
    mbam-log-2009-11-21 (17-26-19).txt

    Tarama biçimi: Gelişmiş Tarama (C:\|D:\|)
    Taranan öğeler: 136147
    Geçen süre: 20 minute(s), 5 second(s)

    Etkilenmiş Hafıza İşlemleri: 1
    Etkilenmiş Hafıza Modülleri: 1
    Etkilenmiş Kayıt Anahtarları: 3
    Etkilenmiş Kayıt Değerleri: 2
    Etkilenmiş Kayıt Verisi Öğeleri: 4
    Etkilenmiş Klasörler: 0
    Etkilenmiş Dosyalar: 94

    Etkilenmiş Hafıza İşlemleri:
    C:\WINDOWS\AhnRpta.exe (Trojan.Backdoor) -> Unloaded process successfully.

    Etkilenmiş Hafıza Modülleri:
    C:\WINDOWS\system32\softqq1.dll (Trojan.Agent) -> Delete on reboot.

    Etkilenmiş Kayıt Anahtarları:
    HKEY_CLASSES_ROOT\CLSID\{b03a4be6-5e5a-483e-b9b3-c484d4b20b72} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\NOD32KVBIT (Trojan.Frethog) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully.

    Etkilenmiş Kayıt Değerleri:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{b03a4be6-5e5a-483e-b9b3-c484d4b20b72} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cdoosoft (Spyware.OnlineGames) -> Quarantined and deleted successfully.

    Etkilenmiş Kayıt Verisi Öğeleri:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

    Etkilenmiş Klasörler:
    (Herhangi bir tehlikeli öğe bulunmadı)

    Etkilenmiş Dosyalar:
    C:\WINDOWS\system32\softqq1.dll (Trojan.Agent) -> Delete on reboot.
    C:\3n8awsyg.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\a2g21.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\mwfubaob.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\pbudsara.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\uqgvf.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\6ruaqx.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\9b9w3.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\C\hjvjte.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\D\6ruaqx.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Qoobox\Quarantine\D\9b9w3.exe.vir (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP11\A0014742.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP11\A0014768.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP11\A0014780.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP11\A0014794.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP11\A0014822.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP12\A0015022.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP13\A0015033.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP14\A0015048.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP14\A0015059.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP14\A0015098.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP14\A0015237.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP14\A0015238.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP14\A0015241.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012740.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012759.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012765.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012778.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012784.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012785.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012794.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012797.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012825.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012851.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012882.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012889.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012906.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012900.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0013912.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0013932.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0013938.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0013998.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0014011.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0014027.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0014030.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0014038.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0014039.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0014053.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0014056.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0014071.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0014091.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0014097.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0014104.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0014112.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0013970.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0013991.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    D:\mwfubaob.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\pbudsara.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\uqgvf.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    D:\a2g21.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP11\A0014743.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP11\A0014770.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP11\A0014782.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP11\A0014796.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP11\A0014823.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP12\A0015024.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP13\A0015034.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP14\A0015049.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP14\A0015062.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP14\A0015100.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP14\A0015246.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP14\A0015247.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012743.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012762.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012780.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012799.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012863.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012829.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012853.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012862.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012883.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0012903.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0013934.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0013973.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0013993.exe (Worm.Taterf) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0014013.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0014032.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0014059.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    D:\System Volume Information\_restore{1A55F49F-B94A-46A1-8934-265A67CB4DC0}\RP7\A0014099.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\softqq0.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Ali Burak\Local Settings\temp\cvasds0.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Ali Burak\Local Settings\temp\cvasds1.dll (Spyware.OnlineGames) -> Delete on reboot.
    C:\Documents and Settings\Ali Burak\Local Settings\temp\herss.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    C:\WINDOWS\AhnRpta.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.




  • laptopı normal kullanırken birden tekrar başladı ve mavi ekran hatası verdi, nv4_mini.sys hatası yazıyordu. Bilgisayarı tekrar başlattığımda dikine çizgiler oluştu ekranda.
    Ekran kartını kaldırıp tekrar güncel sürücüyü kurdum. Ama bu seferde açmamaya başladı windowsu. Driverı kuramadığım için sadece 1024x768 mpde çalışabiliyorum. Ekran kartım nvidia geforce go 7400.
    Forumdaki benzer yorumları okuyunca virüsle ilgili bişey olduğunu düşündüm. HijackThis Log file aşağıda. Yardımları bekliyorum

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 01:10:48, on 29.11.2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18241)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Documents and Settings\Cagin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Program Files\Azureus\Azureus.exe
    C:\Program Files\Java\jre6\bin\javaw.exe
    C:\Documents and Settings\Cagin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Cagin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Cagin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Cagin\Desktop\HiJackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F7D579A7-50C5-4EDA-A5FB-6167285503EA}: NameServer = 208.67.222.222,208.67.220.220
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

    --
    End of file - 8041 bytes




  • hacı bu ne ya 2006dan beri kolay gelsin
  • Merhaba arkadaşlar.
    Şurdaki sorunum nedeniyle bir de Hijack taraması yapayım dedim.
    http://forum.donanimhaber.com/m_35543047/tm.htm
    Sonuç şu. Ne yapmam gerek acaba?



    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:12:11, on 29.11.2009
    Platform: Unknown Windows (WinNT 6.01.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\FastStone Capture\FSCapture.exe
    C:\Program Files\Java\jre6\bin\javaw.exe
    C:\Program Files\AvaFind\AvaFind.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    E:\Program Arşivi\Güvenlik\Genel Virüs Çözümleri\Genel Virüs Çözümleri.exe
    C:\Users\Fatih\AppData\Local\Temp\ir_ext_temp_0\autorun.exe
    C:\Users\Fatih\AppData\Local\temp\ir_ext_temp_0\AutoPlay\Docs\HijackThis_.exe
    C:\Program Files\Opera\Opera.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [AvaFind] "C:\Program Files\AvaFind\AvaFind.exe" /minimized
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Local Service')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Local Service')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-21-2871820261-2741599786-1716942400-501\..\Run: [QuickTime Task] "C:\Program Files\Pure Codec\QTTask.exe" -atboottime (User 'Guest')
    O4 - Startup: FastStone Capture.lnk = C:\Program Files\FastStone Capture\FSCapture.exe
    O4 - Startup: JDownloader.lnk = C:\Program Files\JDownloader\JDownloader.exe
    O8 - Extra context menu item: &FlashGet ile indir - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: &Tümünü FlashGet ile indir - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{262ABE5C-6B92-450A-A975-76B3DFDB22D2}: NameServer = 208.67.222.222,208.67.220.220
    O17 - HKLM\System\CS1\Services\Tcpip\..\{262ABE5C-6B92-450A-A975-76B3DFDB22D2}: NameServer = 208.67.222.222,208.67.220.220
    O17 - HKLM\System\CS2\Services\Tcpip\..\{262ABE5C-6B92-450A-A975-76B3DFDB22D2}: NameServer = 208.67.222.222,208.67.220.220
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

    --
    End of file - 7564 bytes



    < Bu mesaj bu kişi tarafından değiştirildi PHI -- 29 Kasım 2009; 12:17:08 >




  • Hocam kusura bakma yoruyorum senide virüs uyarısı veriyor kaspersky herhalde bi sorun varmı bakabilirmisin ?
    Örnek olarak: dllhost.exe dosyasına truva atı Trojan.Win32.Swisyn.nau uyarısı veriyor 

    Logfile of Trend Micro HijackThis v2.0.2 
      Scan saved at 14:30:29, on 29.11.2009 
      Platform: Windows XP SP3 (WinNT 5.01.2600) 
      MSIE: Internet Explorer v8.00 (8.00.6001.18702) 
      Boot mode: Normal 
       
      Running processes: 
      C:\WINDOWS\System32\smss.exe 
      C:\WINDOWS\system32\winlogon.exe 
      C:\WINDOWS\system32\services.exe 
      C:\WINDOWS\system32\lsass.exe 
      C:\WINDOWS\system32\nvsvc32.exe 
      C:\WINDOWS\system32\svchost.exe 
      C:\WINDOWS\System32\svchost.exe 
      C:\WINDOWS\Explorer.EXE 
      C:\WINDOWS\system32\spoolsv.exe 
      C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe 
      C:\WINDOWS\system32\bgsvcgen.exe 
      C:\Program Files\Topos\cFosSpeed\spd.exe 
      C:\Program Files\GameTracker\GSInGameService.exe 
      C:\WINDOWS\System32\svchost.exe 
      c:\program files\mouse recorder\MacroService.exe 
      C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe 
      c:\program files\mouse recorder\MacroServiceWnd.exe 
      C:\Program Files\Analog Devices\Core\smax4pnp.exe 
      C:\WINDOWS\system32\UnlockerAssistant.exe 
      C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe 
      C:\Program Files\A4Tech\Mouse\Amoumain.exe 
      C:\Program Files\Topos\cFosSpeed\cFosSpeed.exe 
      C:\Program Files\Taskbar Shuffle\taskbarshuffle.exe 
      C:\Program Files\DAEMON Tools Lite\daemon.exe 
      C:\Program Files\Internet Download Manager\IDMan.exe 
      C:\WINDOWS\system32\ctfmon.exe 
      C:\Documents and Settings\Administrator\Application Data\dllhost.exe 
      C:\Program Files\Internet Download Manager\IEMonitor.exe 
      C:\Program Files\seba14mods\µtorrent 1.8.5 (build 17091) Leecher Pack\utorrent 1.8.5 (17091)_mult10_leecher.exe 
      C:\WINDOWS\system32\svchost.exe 
      C:\Program Files\Mozilla Firefox 3.6 Beta 1\firefox.exe 
      C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe 
      C:\Program Files\IObit\Game Booster\GameBooster.exe 
      C:\Documents and Settings\Administrator\Belgelerim\Karşıdan Yüklenenler\HiJackThis.exe 
       
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =  
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =  
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local 
      O1 - Hosts: 209.85.229.100 www.youtube.com 
      O1 - Hosts: 209.85.229.100 youtube.com 
      O1 - Hosts: 209.85.229.100 tr.youtube.com 
      O1 - Hosts: 209.85.229.100 fr.youtube.com 
      O1 - Hosts: 209.85.229.100 au.youtube.com 
      O1 - Hosts: 209.85.229.100 ca.youtube.com 
      O1 - Hosts: 208.117.236.71 m.youtube.com 
      O1 - Hosts: 74.125.65.118 img.youtube.com 
      O1 - Hosts: 209.85.165.102 gdata.youtube.com 
      O1 - Hosts: 208.117.236.71 ru.youtube.com 
      O1 - Hosts: 208.117.236.70 youtube.com 
      O1 - Hosts: 74.125.65.118 img.youtube.com 
      O1 - Hosts: 88.255.41.21 fr.youtube.com 
      O1 - Hosts: 88.255.41.21 www.fr.youtube.com 
      O1 - Hosts: 74.125.95.138 de.youtube.com 
      O1 - Hosts: 209.85.129.104 help.youtube.com 
      O1 - Hosts: 209.85.129.104 www.help.youtube.com 
      O1 - Hosts: 74.125.13.80 v1.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.0.147 v2.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.86 v3.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.89 v4.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.92 v5.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.95 v6.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.98 v7.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.101 v8.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.97.17 v9.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.97.84 v10.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.87 v11.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.90 v12.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.93 v13.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.96 v14.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.99 v15.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.97.38 v16.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.82 v17.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.85 v18.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.88 v19.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.91 v20.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.94 v21.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.97 v22.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.100 v23.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.103 v24.lscache1.c.youtube.com 
      O1 - Hosts: 74.125.13.80 v1.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.83 v2.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.86 v3.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.89 v4.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.92 v5.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.95 v6.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.98 v7.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.101 v8.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.81 v9.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.84 v10.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.87 v11.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.90 v12.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.93 v13.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.96 v14.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.99 v15.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.102 v16.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.82 v17.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.85 v18.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.88 v19.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.91 v20.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.94 v21.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.97 v22.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.100 v23.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.13.103 v24.lscache2.c.youtube.com 
      O1 - Hosts: 74.125.99.80 v1.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.83 v2.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.86 v3.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.89 v4.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.92 v5.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.95 v6.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.98 v7.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.101 v8.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.81 v9.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.84 v10.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.87 v11.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.90 v12.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.93 v13.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.97.32 v14.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.99 v15.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.102 v16.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.82 v17.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.85 v18.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.88 v19.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.91 v20.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.94 v21.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.97 v22.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.100 v23.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.103 v24.lscache3.c.youtube.com 
      O1 - Hosts: 74.125.99.80 v1.lscache4.c.youtube.com 
      O1 - Hosts: 74.125.99.83 v2.lscache4.c.youtube.com 
      O1 - Hosts: 74.125.99.86 v3.lscache4.c.youtube.com 
      O1 - Hosts: 74.125.99.89 v4.lscache4.c.youtube.com 
      O1 - Hosts: 74.125.99.92 v5.lscache4.c.youtube.com 
      O1 - Hosts: 74.125.99.95 v6.lscache4.c.youtube.com 
      O1 - Hosts: 74.125.99.98 v7.lscache4.c.youtube.com 
      O1 - Hosts: 74.125.99.101 v8.lscache4.c.youtube.com 
      O1 - Hosts: 74.125.99.81 v9.lscache4.c.youtube.com 
      O1 - Hosts: 74.125.99.84 v10.lscache4.c.youtube.com 
      O1 - Hosts: 74.125.99.87 v11.lscache4.c.youtube.com 
      O1 - Hosts: 74.125.99.90 v12.lscache4.c.youtube.com 
      O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll 
      O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll 
      O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll 
      O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe 
      O4 - HKLM\..\Run: [UnlockerAssistant] "C:\WINDOWS\system32\UnlockerAssistant.exe" 
      O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" 
      O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe 
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup 
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit 
      O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\Topos\cFosSpeed\cFosSpeed.exe 
      O4 - HKCU\..\Run: [Taskbar Shuffle] C:\Program Files\Taskbar Shuffle\taskbarshuffle.exe 
      O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun 
      O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot 
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe 
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') 
      O8 - Extra context menu item: Açılır Pencere Engelleyicisine ekle - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm 
      O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm 
      O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm 
      O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm 
      O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 
      O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll 
      O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll 
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe 
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe 
      O17 - HKLM\System\CCS\Services\Tcpip\..\{B23870ED-13F2-4FA2-979A-0F6C1A9728CB}: NameServer = 4.2.2.1,4.2.2.3 
      O20 - AppInit_DLLs: ?,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll 
      O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe 
      O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe 
      O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\Topos\cFosSpeed\spd.exe 
      O23 - Service: GS In-Game Service - ClanServers Hosting LLC - C:\Program Files\GameTracker\GSInGameService.exe 
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe 
      O23 - Service: Macro Expert - Grass Software - c:\program files\mouse recorder\MacroService.exe 
      O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe 
      O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe 
      O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe 
       
      -- 
      End of file - 11256 bytes



    < Bu mesaj bu kişi tarafından değiştirildi MinaTo -- 29 Kasım 2009; 14:36:50 >




  • 3 yılı doldurmuş mükemmel bir çalışma.. Tebriği fazlasıyla hakediyor..
    Benim sorunum Eset ile iglili aslında Eset va kalıntıları! Bir türlü farklı bir anti-vir kuramıyorum ve Eset'i kaldırmama rağmen sistem ve internet bariz yavaş.
    Şimdiden yardımlarınız için çok teşekkürler.

    Bu da benim log

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:18:06, on 29.11.2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.18828)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\explorer.exe
    C:\Program Files\Multimedia Keyboard Driver\V5\StartAutorun.exe
    C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Multimedia Keyboard Driver\V5\KMConfig.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Windows\FixCamera.exe
    C:\Windows\tsnp2std.exe
    C:\Windows\vsnp2std.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Multimedia Keyboard Driver\V5\KMProcess.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\msconfig.exe
    C:\Users\TEKKRAL\Desktop\HiJackThis.exe
    C:\Windows\system32\SearchFilterHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: Shell=explorer.exe
    O1 - Hosts: 208.117.236.70 youtube.com
    O1 - Hosts: 208.117.236.70www.youtube.com
    O1 - Hosts: 74.125.65.118 img.youtube.com
    O1 - Hosts: 64.15.124.143 sjc-v1.sjc.youtube.com
    O1 - Hosts: 64.15.124.144 sjc-v2.sjc.youtube.com
    O1 - Hosts: 64.15.124.145 sjc-v3.sjc.youtube.com
    O1 - Hosts: 64.15.124.146 sjc-v4.sjc.youtube.com
    O1 - Hosts: 64.15.124.147 sjc-v5.sjc.youtube.com
    O1 - Hosts: 64.15.124.148 sjc-v6.sjc.youtube.com
    O1 - Hosts: 64.15.124.149 sjc-v7.sjc.youtube.com
    O1 - Hosts: 64.15.124.150 sjc-v8.sjc.youtube.com
    O1 - Hosts: 64.15.124.151 sjc-v9.sjc.youtube.com
    O1 - Hosts: 64.15.124.152 sjc-v10.sjc.youtube.com
    O1 - Hosts: 64.15.124.153 sjc-v11.sjc.youtube.com
    O1 - Hosts: 64.15.124.154 sjc-v12.sjc.youtube.com
    O1 - Hosts: 64.15.124.155 sjc-v13.sjc.youtube.com
    O1 - Hosts: 64.15.124.156 sjc-v14.sjc.youtube.com
    O1 - Hosts: 64.15.124.157 sjc-v15.sjc.youtube.com
    O1 - Hosts: 64.15.124.158 sjc-v16.sjc.youtube.com
    O1 - Hosts: 64.15.124.159 sjc-v17.sjc.youtube.com
    O1 - Hosts: 64.15.124.160 sjc-v18.sjc.youtube.com
    O1 - Hosts: 64.15.124.161 sjc-v19.sjc.youtube.com
    O1 - Hosts: 64.15.124.162 sjc-v20.sjc.youtube.com
    O1 - Hosts: 64.15.124.163 sjc-v21.sjc.youtube.com
    O1 - Hosts: 64.15.124.164 sjc-v22.sjc.youtube.com
    O1 - Hosts: 64.15.124.165 sjc-v23.sjc.youtube.com
    O1 - Hosts: 64.15.124.166 sjc-v24.sjc.youtube.com
    O1 - Hosts: 64.15.124.167 sjc-v25.sjc.youtube.com
    O1 - Hosts: 64.15.124.168 sjc-v26.sjc.youtube.com
    O1 - Hosts: 64.15.124.169 sjc-v27.sjc.youtube.com
    O1 - Hosts: 64.15.124.170 sjc-v28.sjc.youtube.com
    O1 - Hosts: 64.15.124.171 sjc-v29.sjc.youtube.com
    O1 - Hosts: 64.15.124.172 sjc-v30.sjc.youtube.com
    O1 - Hosts: 64.15.124.173 sjc-v31.sjc.youtube.com
    O1 - Hosts: 64.15.124.174 sjc-v32.sjc.youtube.com
    O1 - Hosts: 64.15.124.175 sjc-v33.sjc.youtube.com
    O1 - Hosts: 64.15.124.176 sjc-v34.sjc.youtube.com
    O1 - Hosts: 64.15.124.177 sjc-v35.sjc.youtube.com
    O1 - Hosts: 64.15.124.178 sjc-v36.sjc.youtube.com
    O1 - Hosts: 64.15.124.179 sjc-v37.sjc.youtube.com
    O1 - Hosts: 64.15.124.180 sjc-v38.sjc.youtube.com
    O1 - Hosts: 64.15.124.207 sjc-v39.sjc.youtube.com
    O1 - Hosts: 64.15.124.208 sjc-v40.sjc.youtube.com
    O1 - Hosts: 64.15.124.209 sjc-v41.sjc.youtube.com
    O1 - Hosts: 64.15.124.210 sjc-v42.sjc.youtube.com
    O1 - Hosts: 64.15.124.211 sjc-v43.sjc.youtube.com
    O1 - Hosts: 64.15.124.212 sjc-v44.sjc.youtube.com
    O1 - Hosts: 64.15.124.213 sjc-v45.sjc.youtube.com
    O1 - Hosts: 64.15.124.214 sjc-v46.sjc.youtube.com
    O1 - Hosts: 64.15.124.215 sjc-v47.sjc.youtube.com
    O1 - Hosts: 64.15.124.216 sjc-v48.sjc.youtube.com
    O1 - Hosts: 64.15.124.217 sjc-v49.sjc.youtube.com
    O1 - Hosts: 64.15.124.218 sjc-v50.sjc.youtube.com
    O1 - Hosts: 64.15.124.219 sjc-v51.sjc.youtube.com
    O1 - Hosts: 64.15.124.220 sjc-v52.sjc.youtube.com
    O1 - Hosts: 64.15.124.221 sjc-v53.sjc.youtube.com
    O1 - Hosts: 64.15.124.222 sjc-v54.sjc.youtube.com
    O1 - Hosts: 64.15.124.223 sjc-v55.sjc.youtube.com
    O1 - Hosts: 64.15.124.224 sjc-v56.sjc.youtube.com
    O1 - Hosts: 64.15.124.225 sjc-v57.sjc.youtube.com
    O1 - Hosts: 64.15.124.226 sjc-v58.sjc.youtube.com
    O1 - Hosts: 64.15.124.227 sjc-v59.sjc.youtube.com
    O1 - Hosts: 64.15.124.228 sjc-v60.sjc.youtube.com
    O1 - Hosts: 64.15.124.229 sjc-v61.sjc.youtube.com
    O1 - Hosts: 64.15.124.230 sjc-v62.sjc.youtube.com
    O1 - Hosts: 64.15.124.231 sjc-v63.sjc.youtube.com
    O1 - Hosts: 64.15.124.232 sjc-v64.sjc.youtube.com
    O1 - Hosts: 64.15.124.233 sjc-v65.sjc.youtube.com
    O1 - Hosts: 64.15.124.234 sjc-v66.sjc.youtube.com
    O1 - Hosts: 64.15.124.235 sjc-v67.sjc.youtube.com
    O1 - Hosts: 64.15.124.236 sjc-v68.sjc.youtube.com
    O1 - Hosts: 64.15.124.237 sjc-v69.sjc.youtube.com
    O1 - Hosts: 64.15.124.238 sjc-v70.sjc.youtube.com
    O1 - Hosts: 64.15.124.239 sjc-v71.sjc.youtube.com
    O1 - Hosts: 64.15.124.240 sjc-v72.sjc.youtube.com
    O1 - Hosts: 64.15.124.241 sjc-v73.sjc.youtube.com
    O1 - Hosts: 64.15.124.242 sjc-v74.sjc.youtube.com
    O1 - Hosts: 64.15.124.243 sjc-v75.sjc.youtube.com
    O1 - Hosts: 64.15.124.244 sjc-v76.sjc.youtube.com
    O1 - Hosts: 64.15.125.16 sjc-v77.sjc.youtube.com
    O1 - Hosts: 64.15.125.17 sjc-v78.sjc.youtube.com
    O1 - Hosts: 64.15.125.18 sjc-v79.sjc.youtube.com
    O1 - Hosts: 64.15.125.19 sjc-v80.sjc.youtube.com
    O1 - Hosts: 64.15.125.20 sjc-v81.sjc.youtube.com
    O1 - Hosts: 64.15.125.21 sjc-v82.sjc.youtube.com
    O1 - Hosts: 64.15.125.22 sjc-v83.sjc.youtube.com
    O1 - Hosts: 64.15.125.23 sjc-v84.sjc.youtube.com
    O1 - Hosts: 64.15.125.24 sjc-v85.sjc.youtube.com
    O1 - Hosts: 64.15.125.25 sjc-v86.sjc.youtube.com
    O1 - Hosts: 64.15.125.26 sjc-v87.sjc.youtube.com
    O1 - Hosts: 64.15.125.27 sjc-v88.sjc.youtube.com
    O1 - Hosts: 64.15.125.28 sjc-v89.sjc.youtube.com
    O1 - Hosts: 64.15.125.29 sjc-v90.sjc.youtube.com
    O1 - Hosts: 64.15.125.30 sjc-v91.sjc.youtube.com
    O1 - Hosts: 64.15.125.31 sjc-v92.sjc.youtube.com
    O1 - Hosts: 64.15.125.32 sjc-v93.sjc.youtube.com
    O1 - Hosts: 64.15.125.33 sjc-v94.sjc.youtube.com
    O1 - Hosts: 64.15.125.34 sjc-v95.sjc.youtube.com
    O1 - Hosts: 64.15.125.35 sjc-v96.sjc.youtube.com
    O1 - Hosts: 64.15.125.36 sjc-v97.sjc.youtube.com
    O1 - Hosts: 64.15.125.37 sjc-v98.sjc.youtube.com
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live ID Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [KMConfig] "C:\Program Files\Multimedia Keyboard Driver\V5\StartAutorun.exe" KMConfig.exe
    O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe" /r
    O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
    O4 - HKLM\..\Run: [tsnp2std] C:\Windows\tsnp2std.exe
    O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user')
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) -http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) -http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldtr-tr.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} -http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15110/CTPID.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B5ECBC12-4E8B-4096-90D2-5468299B0CCA}: NameServer = 4.2.2.3,4.2.2.4
    O21 - SSODL: Java - True - (no file)
    O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
    O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
    O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.EXE
    O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
    O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Multimedia Keyboard Driver\V5\KMWDSrv.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

    --
    End of file - 13483 bytes




  • quote:

    Orijinalden alıntı: sercawres
    @serji

    Erken cevap yazmanıza rağmen, aciliyetten dolayı format atmam gerekti. Sorunum halledilmiştir. Çok teşekkür ederim ilginiz ve alakanız için. Hayırlı bayramlar dilerim..

    Rica ederim. Sorun çözüldüyse problem yok. Size de iyi bayramlar.
  • quote:

    Orijinalden alıntı: djinn_inc

    Malware'la ilgili logu aşağıda size gönderiyorum, gizli dosyaları görememe sorunum tekrar oluştu bu arada.

    ComboFix logu gonderir misiniz tekrar.


    quote:

    Orijinalden alıntı: alnitak

    laptopı normal kullanırken birden tekrar başladı ve mavi ekran hatası verdi, nv4_mini.sys hatası yazıyordu. Bilgisayarı tekrar başlattığımda dikine çizgiler oluştu ekranda.
    Ekran kartını kaldırıp tekrar güncel sürücüyü kurdum. Ama bu seferde açmamaya başladı windowsu. Driverı kuramadığım için sadece 1024x768 mpde çalışabiliyorum. Ekran kartım nvidia geforce go 7400.
    Forumdaki benzer yorumları okuyunca virüsle ilgili bişey olduğunu düşündüm. HijackThis Log file aşağıda. Yardımları bekliyorum 

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll 
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
      O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll 
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll 
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll 
      O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll  
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe 
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') 
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')  
      O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 
      O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html 
      O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html 
      O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html 
      O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html 
      O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html 
      O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html 
      O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html 
      O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html 
      O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL  
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe


    ComboFix adlı programı masaüstünüze indirin.

    http://www.buraksonmez.com/dosyalar/ComboFix.exe

    1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
    2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
    3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
    4. ComboFix çalışmaya başladıktan sonra Evet butonuna tıklayın.
    5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
    6. Bu işlemler sırasında internet bağlantınız kesilecek ve masaüstünüz kaybolacaktır. Bunlar normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
    7. Biraz sabırlı olmanız gerekebilir çünkü tam 50 aşama söz konusudur.
    8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
    9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.


    quote:

    Orijinalden alıntı: mehmetali.yildiz

    hacı bu ne ya 2006dan beri kolay gelsin

    Elimden geldiği kadar yardımcı olmaya çalışıyorum.




  • quote:

    Orijinalden alıntı: PHI

    Merhaba arkadaşlar.
    Şurdaki sorunum nedeniyle bir de Hijack taraması yapayım dedim.
    http://forum.donanimhaber.com/m_35543047/tm.htm
    Sonuç şu. Ne yapmam gerek acaba? 

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =  
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) 
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll


    ComboFix adlı programı masaüstünüze indirin.

    http://www.buraksonmez.com/dosyalar/ComboFix.exe

    1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
    2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
    3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
    4. ComboFix çalışmaya başladıktan sonra Evet butonuna tıklayın.
    5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
    6. Bu işlemler sırasında internet bağlantınız kesilecek ve masaüstünüz kaybolacaktır. Bunlar normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
    7. Biraz sabırlı olmanız gerekebilir çünkü tam 50 aşama söz konusudur.
    8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
    9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.


    quote:

    Orijinalden alıntı: burak_166

    Hocam kusura bakma yoruyorum senide virüs uyarısı veriyor kaspersky herhalde bi sorun varmı bakabilirmisin ?
    Örnek olarak: dllhost.exe dosyasına truva atı Trojan.Win32.Swisyn.nau uyarısı veriyor


    ComboFix adlı programı masaüstünüze indirin.

    http://www.buraksonmez.com/dosyalar/ComboFix.exe

    1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
    2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
    3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
    4. ComboFix çalışmaya başladıktan sonra Evet butonuna tıklayın.
    5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
    6. Bu işlemler sırasında internet bağlantınız kesilecek ve masaüstünüz kaybolacaktır. Bunlar normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
    7. Biraz sabırlı olmanız gerekebilir çünkü tam 50 aşama söz konusudur.
    8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
    9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.




  • quote:

    Orijinalden alıntı: tekkral34

    3 yılı doldurmuş mükemmel bir çalışma.. Tebriği fazlasıyla hakediyor..
    Benim sorunum Eset ile iglili aslında Eset va kalıntıları! Bir türlü farklı bir anti-vir kuramıyorum ve Eset'i kaldırmama rağmen sistem ve internet bariz yavaş.
    Şimdiden yardımlarınız için çok teşekkürler.

    Bu da benim log

    Asagidakilerin disinda; hangi hatayi veriyor farkli bir antivirus kurarken? Asagidaki klasorleri silmeyi deneyin:

    C:\Program Files\ESET
    C:\Documents and Settings\All Users\Application Data\ESET
    C:\Documents and Settings\%USER%\Application Data\ESET 

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: Shell=explorer.exe  
      O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll  
      O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll 
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
      O2 - BHO: Windows Live ID Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll 
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll 
      O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll 
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll  
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"  
      O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe 
      O4 - HKLM\..\Run: [tsnp2std] C:\Windows\tsnp2std.exe 
      O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe  
      O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL 
      O13 - Gopher Prefix:




  • quote:

    Orijinalden alıntı: serji


    quote:

    Orijinalden alıntı: tekkral34

    3 yılı doldurmuş mükemmel bir çalışma.. Tebriği fazlasıyla hakediyor..
    Benim sorunum Eset ile iglili aslında Eset va kalıntıları! Bir türlü farklı bir anti-vir kuramıyorum ve Eset'i kaldırmama rağmen sistem ve internet bariz yavaş.
    Şimdiden yardımlarınız için çok teşekkürler.

    Bu da benim log

    Asagidakilerin disinda; hangi hatayi veriyor farkli bir antivirus kurarken? Asagidaki klasorleri silmeyi deneyin:

    C:\Program Files\ESET
    C:\Documents and Settings\All Users\Application Data\ESET
    C:\Documents and Settings\%USER%\Application Data\ESET 

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: Shell=explorer.exe  
      O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll  
      O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll 
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
      O2 - BHO: Windows Live ID Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll 
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll 
      O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll 
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll  
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"  
      O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe 
      O4 - HKLM\..\Run: [tsnp2std] C:\Windows\tsnp2std.exe 
      O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe  
      O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL 
      O13 - Gopher Prefix:



    Onları kaldırdığımda da sorun çözülmedi..
    Aldığım hata şu: "eset nod32 file on access scanner" sistemde kurulu göründüğü için farklı bir anti-vir kuramıyorum. :(
    Ayrıca fixlenmesi gereken dosyaları ayıkladığınız için teşekkürler.




  • Bugün büyük ihtimalle msn den virüs yedim.
    Kaspersky ı kurdum rndll.exe trojan win32. generic falan buldu karantinaya aldı.
    Şimdi napıcam bilmiyorum.


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:19:40, on 30.11.2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0013)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\VM_STI.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Pando Networks\Media Booster\PMB.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Hotspot Shield\bin\openvpnas.exe
    C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Internet Download Manager\IEMonitor.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe
    C:\Documents and Settings\gouzzz\Desktop\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.freeart1cile.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =http://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =http://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=%s
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
    O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
    O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
    O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
    O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
    O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
    O4 - Global Startup: TrayMin200.exe.lnk = ?
    O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
    O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
    O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
    O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
    O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
    O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
    O9 - Extra button: &Sanal klavye - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
    O9 - Extra button: URL ko&ntrolü - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) -http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {C044CD87-DFB0-4130-A5E4-49361106FBC8} (HanSetupCtrl1010 Class) -http://id.hangame.com/common/HanSetup1020.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) -http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O16 - DPF: {F8160836-0C11-4CA4-AD87-944542C7BCBD} (PubPlugin Class) -http://hancdn.hangame.com/pub/plii/real/PubPlugin.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9AD3DC8D-0108-4638-9E9E-28B569CBEBA3}: NameServer = 208.67.222.222,208.67.220.220
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
    O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
    O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
    O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

    --
    End of file - 8574 bytes




  • 2 gün önce online counter strike oynayabilmek için sXe inject yükledim.sXe nin bi sonucu olarak win başlarken otomatik olarak çalışma talimatı verilen bi exe (baslangic_serverlist.exe) ile karşılaştım,engellemesi devam ediyor.

    Ve bu başlangıç da çalıştırılan programları incelerken b.exe yi gördüm onuda engelledim.b.exe nin hikayeside: keygen ararken virüs bulaşıyor msa.exe olarak. bu virüsde b.exe olarak çoğalıyor pc'mde. Zarar vermeden silmiştim,ama başlangıç programlarında durduğunu yeni farkettim.

    1) Malware ile tarattım ve bi kaç virüs bulundu ve temizledimhttp://img4.imageshack.us/img4/7694/adszgri.jpg

    2) Hi jack this loglarıda aşşağıda,teşekkürler


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:06:48, on 30.11.2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18319)
    Boot mode: Normal

    Running processes:
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Users\SAMSUNG\Desktop\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
    O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
    O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - Startup: OtomatikServerList.lnk = C:\Program Files\valve\platform\baslangic_serverlist.exe
    O8 - Extra context menu item: &FlashGet ile indir - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: &Tümünü FlashGet ile indir - C:\Program Files\FlashGet\jc_all.htm
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O13 - Gopher Prefix:
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{140530AC-FB8A-4940-BDBE-8134D357FEF9}: NameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{140530AC-FB8A-4940-BDBE-8134D357FEF9}: NameServer = 192.168.1.1
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
    O23 - Service: Rezip - Unknown owner - C:\Windows\SYSTEM32\Rezip.exe

    --
    End of file - 6531 bytes



    < Bu mesaj bu kişi tarafından değiştirildi ToImagine -- 2 Aralık 2009; 2:49:11 >




  • Hijack açılırken bi uyarı verdi,yönetici olarak çalıştırıp tekrar Hijack açtım ve logları tekrar aldım buyrun:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:31:56, on 30.11.2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18319)
    Boot mode: Normal

    Running processes:
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
    C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
    C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\PROGRA~1\samsung\SAMSUN~1\SUPNOT~1.EXE
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\SAMSUNG\Desktop\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
    O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
    O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Startup: OtomatikServerList.lnk = C:\Program Files\valve\platform\baslangic_serverlist.exe
    O8 - Extra context menu item: &FlashGet ile indir - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: &Tümünü FlashGet ile indir - C:\Program Files\FlashGet\jc_all.htm
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O13 - Gopher Prefix:
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{140530AC-FB8A-4940-BDBE-8134D357FEF9}: NameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{140530AC-FB8A-4940-BDBE-8134D357FEF9}: NameServer = 192.168.1.1
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
    O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
    O23 - Service: Rezip - Unknown owner - C:\Windows\SYSTEM32\Rezip.exe

    --
    End of file - 7398 bytes




  • çok yavaş.... yardım lütfen

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:43:41, on 30.11.2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    C:\WINDOWS\system32\FsUsbExService.Exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://google.com.tr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: fruttinet - {7533bff0-490a-8258-5f6c-427865e637fe} - C:\WINDOWS\system32\5037a796-bb51-8c07-ff91-1af12af35431.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Bunu Bloga Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: Windows Live Writer içinde &Bunu Web Günlüğüne Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

    --
    End of file - 6083 bytes




    • 
Sayfa: önceki 449450451452453
Sayfaya Git
Git
sonraki
- x
Bildirim
mesajınız kopyalandı (ctrl+v) yapıştırmak istediğiniz yere yapıştırabilirsiniz.
Hizmet kalitesi için çerezleri kullanabiliriz. DH’ye girerek kullanım izni vermiş sayılırsınız.
Anladım Veri Politikamız