- x
HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+
9879 Cevap1053380 Görüntüleme19 Favori
Bu konudaki kullanıcılar: hiç
  Seçkin Yorumlar Sistem Belirtin Yazdır
Sayfa: <<     87 [89] 91 92 93 94 95 96      >>
Arama Terimi: Yazarı:
Konu içi arama ayarları
Sadece Arananın bulduğu yerler
Arama terimleri En önemli Üst minimum sıralama: /1000

Arama tercihlerinizi belirlediyseniz yukarıdaki kutuya arama terimini yazıp "Konu içi ara" butonuna tıklayınız.
Giriş
Mesaj


255 Mesaj
11 Ekim 2008; 18:21:23 

serji kardeşim, sırasıyla bit defender-SUPERAntiSpyware Scan Log ve hijackthis loglarını gönderiyorum, ne yapmalıyım


bit defender


//-----------------------------------------------------------------
//
// Product BitDefender Free Edition v10
// Product 10.2
//
// Created on: 11/10/2008 00:17:45
//
//-----------------------------------------------------------------


Virus Statistics

Scan path : C:\
D:\
E:\
Folders : 6310
Files : 22336
Memory processes scanned : 39
Archives : 3
Runtime packers : 1600
Identified viruses : 7
Infected files : 326
Memory processes infected : 1
Suspect files : 0
Warnings : 0
Disinfected files : 0
Deleted files : 0
Moved files : 324
I/O errors : 15
Scan time : 00:09:28
Scan speed (files/sec) : 39

Spyware Statistics

Registry keys scanned : 1650
Registry keys infected : 0
Cookies scanned : 3
Cookies infected : 0
Spyware files infected : 0
Spyware threats detected : 0


Virus definitions : 553501
Scan plugins : 16
Archive plugins : 41
Unpack plugins : 6
Mail plugins : 6
System plugins : 5

Virus scan options

Detection
[X] Scan boot sectors
[X] Memory Processes
[ ] Scan archives
[X] Scan runtime packers
[X] Scan email

File mask
[X] Programs
[ ] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[X] Move to quarantine
[ ] Prompt user

Virus scan options
[X] Enable warnings
[ ] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\Documents and Settings\All Users\Application Data\Bitdefender\Desktop\Profiles\Logs\full_scan\1223677065.log

Spyware scan options

[X] Scan for riskware
[ ] Skip dial and applications from scan
[X] Registry keys
[X] Cookies


Summary:

<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (memory dump) Infected: Trojan.Delf.AAM
<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (memory dump) Disinfection failed
<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (memory dump) Move failed
<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (disk) Infected: BehavesLike:Win32.ExplorerHijack
<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (disk) Disinfection failed
<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (disk) Move failed
<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (full dump) Infected: Trojan.Delf.AAM
<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (full dump) Disinfection failed
<System>=>C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe (full dump) Move failed
C:\Documents and Settings\Administrator\Belgelerim\GomPlayer.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim\GomPlayer.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim\GomPlayer.exe Moved
C:\Documents and Settings\Administrator\Belgelerim\GTA Vice City User Files.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim\GTA Vice City User Files.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim\GTA Vice City User Files.exe Moved
C:\Documents and Settings\Administrator\Belgelerim\Müziğim.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim\Müziğim.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim\Müziğim.exe Moved
C:\Documents and Settings\Administrator\Belgelerim\NFS Most Wanted\redo.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim\NFS Most Wanted\redo.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim\NFS Most Wanted\redo.exe Moved
C:\Documents and Settings\Administrator\Belgelerim\NFS Most Wanted.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim\NFS Most Wanted.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim\NFS Most Wanted.exe Moved
C:\Documents and Settings\Administrator\Belgelerim\Resimlerim\Resim.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim\Resimlerim\Resim.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim\Resimlerim\Resim.exe Moved
C:\Documents and Settings\Administrator\Belgelerim\Resimlerim.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim\Resimlerim.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim\Resimlerim.exe Moved
C:\Documents and Settings\Administrator\Belgelerim\Updater.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim\Updater.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim\Updater.exe Moved
C:\Documents and Settings\Administrator\Belgelerim.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Belgelerim.exe Disinfection failed
C:\Documents and Settings\Administrator\Belgelerim.exe Moved
C:\Documents and Settings\Administrator\Desktop\perlovga.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Desktop\perlovga.exe Disinfection failed
C:\Documents and Settings\Administrator\Desktop\perlovga.exe Moved
C:\Documents and Settings\Administrator\Desktop.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Desktop.exe Disinfection failed
C:\Documents and Settings\Administrator\Desktop.exe Moved
C:\Documents and Settings\Administrator\Local Settings\temp\services.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\Administrator\Local Settings\temp\services.exe Disinfection failed
C:\Documents and Settings\Administrator\Local Settings\temp\services.exe Moved
C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Quarantine\services.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Quarantine\services.exe Disinfection failed
C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Quarantine\services.exe Moved
C:\Documents and Settings\All Users\Belgeler\Müziğim\Örnek Müzik.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Documents and Settings\All Users\Belgeler\Müziğim\Örnek Müzik.exe Disinfection failed
C:\Documents and Settings\All Users\Belgeler\Müziğim\Örnek Müzik.exe Moved
C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe Disinfection failed
C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe Moved
C:\Program Files\AIMP2\System\bass_cda.dll Infected: Trojan.Peed.Gen
C:\Program Files\AIMP2\System\bass_cda.dll Disinfection failed
C:\Program Files\AIMP2\System\bass_cda.dll Moved
C:\Program Files\AIMP2.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\AIMP2.exe Disinfection failed
C:\Program Files\AIMP2.exe Moved
C:\Program Files\AntiVir PersonalEdition Classic.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\AntiVir PersonalEdition Classic.exe Disinfection failed
C:\Program Files\AntiVir PersonalEdition Classic.exe Moved
C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}.exe Disinfection failed
C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}.exe Moved
C:\Program Files\InstallShield Installation Information\{9B94BE6F-7CA3-4C40-A266-62667FF746CC}.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\InstallShield Installation Information\{9B94BE6F-7CA3-4C40-A266-62667FF746CC}.exe Disinfection failed
C:\Program Files\InstallShield Installation Information\{9B94BE6F-7CA3-4C40-A266-62667FF746CC}.exe Moved
C:\Program Files\InstallShield Installation Information.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\InstallShield Installation Information.exe Disinfection failed
C:\Program Files\InstallShield Installation Information.exe Moved
C:\Program Files\SRS Labs\Audio Sandbox\DriverSupport.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\SRS Labs\Audio Sandbox\DriverSupport.exe Disinfection failed
C:\Program Files\SRS Labs\Audio Sandbox\DriverSupport.exe Moved
C:\Program Files\SRS Labs\Audio Sandbox.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\SRS Labs\Audio Sandbox.exe Disinfection failed
C:\Program Files\SRS Labs\Audio Sandbox.exe Moved
C:\Program Files\SRS Labs.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\SRS Labs.exe Disinfection failed
C:\Program Files\SRS Labs.exe Moved
C:\Program Files\Uninstall Information.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\Uninstall Information.exe Disinfection failed
C:\Program Files\Uninstall Information.exe Moved
C:\Program Files\WindowsUpdate.exe Infected: BehavesLike:Win32.ExplorerHijack
C:\Program Files\WindowsUpdate.exe Disinfection failed
C:\Program Files\WindowsUpdate.exe Moved
D:\KUCUK OYUNLAR\AlignIt\Align It!.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\AlignIt\Align It!.exe Disinfection failed
D:\KUCUK OYUNLAR\AlignIt\Align It!.exe Moved
D:\KUCUK OYUNLAR\AlignIt.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\AlignIt.exe Disinfection failed
D:\KUCUK OYUNLAR\AlignIt.exe Moved
D:\KUCUK OYUNLAR\BARMEN.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\BARMEN.exe Disinfection failed
D:\KUCUK OYUNLAR\BARMEN.exe Moved
D:\KUCUK OYUNLAR\bulmaca.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\bulmaca.exe Disinfection failed
D:\KUCUK OYUNLAR\bulmaca.exe Moved
D:\KUCUK OYUNLAR\chs32x86.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\chs32x86.exe Disinfection failed
D:\KUCUK OYUNLAR\chs32x86.exe Moved
D:\KUCUK OYUNLAR\ColorLinez\Color Linez.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\ColorLinez\Color Linez.exe Disinfection failed
D:\KUCUK OYUNLAR\ColorLinez\Color Linez.exe Moved
D:\KUCUK OYUNLAR\Damas\damas.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\Damas\damas.exe Disinfection failed
D:\KUCUK OYUNLAR\Damas\damas.exe Moved
D:\KUCUK OYUNLAR\Damas.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\Damas.exe Disinfection failed
D:\KUCUK OYUNLAR\Damas.exe Moved
D:\KUCUK OYUNLAR\darts.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\darts.exe Disinfection failed
D:\KUCUK OYUNLAR\darts.exe Moved
D:\KUCUK OYUNLAR\DxBall\DX-Ball 2.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\DxBall\DX-Ball 2.exe Disinfection failed
D:\KUCUK OYUNLAR\DxBall\DX-Ball 2.exe Moved
D:\KUCUK OYUNLAR\DxBall\DX-Ball Game.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\DxBall\DX-Ball Game.exe Disinfection failed
D:\KUCUK OYUNLAR\DxBall\DX-Ball Game.exe Moved
D:\KUCUK OYUNLAR\DxBall.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\DxBall.exe Disinfection failed
D:\KUCUK OYUNLAR\DxBall.exe Moved
D:\KUCUK OYUNLAR\Iftar2000.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\Iftar2000.exe Disinfection failed
D:\KUCUK OYUNLAR\Iftar2000.exe Moved
D:\KUCUK OYUNLAR\KEMAN.EXE Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\KEMAN.EXE Disinfection failed
D:\KUCUK OYUNLAR\KEMAN.EXE Moved
D:\KUCUK OYUNLAR\KingNET.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\KingNET.exe Disinfection failed
D:\KUCUK OYUNLAR\KingNET.exe Moved
D:\KUCUK OYUNLAR\NBA.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\NBA.exe Disinfection failed
D:\KUCUK OYUNLAR\NBA.exe Moved
D:\KUCUK OYUNLAR\ORG.EXE Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\ORG.EXE Disinfection failed
D:\KUCUK OYUNLAR\ORG.EXE Moved
D:\KUCUK OYUNLAR\OYUN\40 Oyun\fatdez_90210\SETUP.EXE Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\40 Oyun\fatdez_90210\SETUP.EXE Disinfection failed
D:\KUCUK OYUNLAR\OYUN\40 Oyun\fatdez_90210\SETUP.EXE Moved
D:\KUCUK OYUNLAR\OYUN\40 Oyun\nightmare_on_sesame_street\setup.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\40 Oyun\nightmare_on_sesame_street\setup.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\40 Oyun\nightmare_on_sesame_street\setup.exe Moved
D:\KUCUK OYUNLAR\OYUN\40 Oyun\takin_care_of_business.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\40 Oyun\takin_care_of_business.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\40 Oyun\takin_care_of_business.exe Moved
D:\KUCUK OYUNLAR\OYUN\40 Oyun.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\40 Oyun.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\40 Oyun.exe Moved
D:\KUCUK OYUNLAR\OYUN\CALLUS\CALLUS95.EXE Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\CALLUS\CALLUS95.EXE Disinfection failed
D:\KUCUK OYUNLAR\OYUN\CALLUS\CALLUS95.EXE Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Dave.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Dave.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Dave.exe Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\DX-Ball.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\DX-Ball.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\DX-Ball.exe Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Dyna.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Dyna.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Dyna.exe Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar\PROGRAM\ds.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar\PROGRAM\ds.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar\PROGRAM\ds.exe Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar\PROGRAM.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar\PROGRAM.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar\PROGRAM.exe Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\Monstar.exe Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\VOLFIED\Data.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\VOLFIED\Data.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\VOLFIED\Data.exe Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\VOLFIED.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\VOLFIED.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR\VOLFIED.exe Moved
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\KÜÇÜK OYUNLAR.exe Moved
D:\KUCUK OYUNLAR\OYUN\VPOOL2\Reg32a.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\VPOOL2\Reg32a.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\VPOOL2\Reg32a.exe Moved
D:\KUCUK OYUNLAR\OYUN\VPOOL2\vp2.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN\VPOOL2\vp2.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN\VPOOL2\vp2.exe Moved
D:\KUCUK OYUNLAR\OYUN.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\OYUN.exe Disinfection failed
D:\KUCUK OYUNLAR\OYUN.exe Moved
D:\KUCUK OYUNLAR\pishti.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\pishti.exe Disinfection failed
D:\KUCUK OYUNLAR\pishti.exe Moved
D:\KUCUK OYUNLAR\SoloTest.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\SoloTest.exe Disinfection failed
D:\KUCUK OYUNLAR\SoloTest.exe Moved
D:\KUCUK OYUNLAR\TE.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\TE.exe Disinfection failed
D:\KUCUK OYUNLAR\TE.exe Moved
D:\KUCUK OYUNLAR\Toplar1.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR\Toplar1.exe Disinfection failed
D:\KUCUK OYUNLAR\Toplar1.exe Moved
D:\KUCUK OYUNLAR.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\KUCUK OYUNLAR.exe Disinfection failed
D:\KUCUK OYUNLAR.exe Moved
D:\MERVE'NİN SUNUMLARI.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\MERVE'NİN SUNUMLARI.exe Disinfection failed
D:\MERVE'NİN SUNUMLARI.exe Moved
D:\muzik\FİLM MÜZİKLERİ.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\FİLM MÜZİKLERİ.exe Disinfection failed
D:\muzik\FİLM MÜZİKLERİ.exe Moved
D:\muzik\SESLER\Doğa Sesleri.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\SESLER\Doğa Sesleri.exe Disinfection failed
D:\muzik\SESLER\Doğa Sesleri.exe Moved
D:\muzik\SESLER\Matrix.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\SESLER\Matrix.exe Disinfection failed
D:\muzik\SESLER\Matrix.exe Moved
D:\muzik\SESLER\MOHAA\amb.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\SESLER\MOHAA\amb.exe Disinfection failed
D:\muzik\SESLER\MOHAA\amb.exe Moved
D:\muzik\SESLER\MOHAA.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\SESLER\MOHAA.exe Disinfection failed
D:\muzik\SESLER\MOHAA.exe Moved
D:\muzik\SESLER.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\SESLER.exe Disinfection failed
D:\muzik\SESLER.exe Moved
D:\muzik\YABANCI\POWER HITS 15.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YABANCI\POWER HITS 15.exe Disinfection failed
D:\muzik\YABANCI\POWER HITS 15.exe Moved
D:\muzik\YABANCI\yabancı.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YABANCI\yabancı.exe Disinfection failed
D:\muzik\YABANCI\yabancı.exe Moved
D:\muzik\YABANCI.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YABANCI.exe Disinfection failed
D:\muzik\YABANCI.exe Moved
D:\muzik\YERLİ\C-Ç.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\C-Ç.exe Disinfection failed
D:\muzik\YERLİ\C-Ç.exe Moved
D:\muzik\YERLİ\D.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\D.exe Disinfection failed
D:\muzik\YERLİ\D.exe Moved
D:\muzik\YERLİ\E\eskiler.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\E\eskiler.exe Disinfection failed
D:\muzik\YERLİ\E\eskiler.exe Moved
D:\muzik\YERLİ\E.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\E.exe Disinfection failed
D:\muzik\YERLİ\E.exe Moved
D:\muzik\YERLİ\F_G.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\F_G.exe Disinfection failed
D:\muzik\YERLİ\F_G.exe Moved
D:\muzik\YERLİ\H\hepsi.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\H\hepsi.exe Disinfection failed
D:\muzik\YERLİ\H\hepsi.exe Moved
D:\muzik\YERLİ\H.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\H.exe Disinfection failed
D:\muzik\YERLİ\H.exe Moved
D:\muzik\YERLİ\I-İ.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\I-İ.exe Disinfection failed
D:\muzik\YERLİ\I-İ.exe Moved
D:\muzik\YERLİ\K.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\K.exe Disinfection failed
D:\muzik\YERLİ\K.exe Moved
D:\muzik\YERLİ\M\MELİH GÖRGÜN\YOLUN GÜLLE DOLSUN.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\M\MELİH GÖRGÜN\YOLUN GÜLLE DOLSUN.exe Disinfection failed
D:\muzik\YERLİ\M\MELİH GÖRGÜN\YOLUN GÜLLE DOLSUN.exe Moved
D:\muzik\YERLİ\M\MELİH GÖRGÜN.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\M\MELİH GÖRGÜN.exe Disinfection failed
D:\muzik\YERLİ\M\MELİH GÖRGÜN.exe Moved
D:\muzik\YERLİ\M\murat kekilli.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\M\murat kekilli.exe Disinfection failed
D:\muzik\YERLİ\M\murat kekilli.exe Moved
D:\muzik\YERLİ\M.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\M.exe Disinfection failed
D:\muzik\YERLİ\M.exe Moved
D:\muzik\YERLİ\Müzik\YILDIZ TİLBE türküler.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\Müzik\YILDIZ TİLBE türküler.exe Disinfection failed
D:\muzik\YERLİ\Müzik\YILDIZ TİLBE türküler.exe Moved
D:\muzik\YERLİ\Müzik.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\Müzik.exe Disinfection failed
D:\muzik\YERLİ\Müzik.exe Moved
D:\muzik\YERLİ\O-Ö.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\O-Ö.exe Disinfection failed
D:\muzik\YERLİ\O-Ö.exe Moved
D:\muzik\YERLİ\P.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\P.exe Disinfection failed
D:\muzik\YERLİ\P.exe Moved
D:\muzik\YERLİ\R.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\R.exe Disinfection failed
D:\muzik\YERLİ\R.exe Moved
D:\muzik\YERLİ\S-Ş\sagopa.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\S-Ş\sagopa.exe Disinfection failed
D:\muzik\YERLİ\S-Ş\sagopa.exe Moved
D:\muzik\YERLİ\S-Ş.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\S-Ş.exe Disinfection failed
D:\muzik\YERLİ\S-Ş.exe Moved
D:\muzik\YERLİ\T.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\T.exe Disinfection failed
D:\muzik\YERLİ\T.exe Moved
D:\muzik\YERLİ\U-Ü.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\U-Ü.exe Disinfection failed
D:\muzik\YERLİ\U-Ü.exe Moved
D:\muzik\YERLİ\V.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\V.exe Disinfection failed
D:\muzik\YERLİ\V.exe Moved
D:\muzik\YERLİ\Y\YILMAZ ERDOĞAN_SON.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\Y\YILMAZ ERDOĞAN_SON.exe Disinfection failed
D:\muzik\YERLİ\Y\YILMAZ ERDOĞAN_SON.exe Moved
D:\muzik\YERLİ\Y\yuksel özkasap.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\Y\yuksel özkasap.exe Disinfection failed
D:\muzik\YERLİ\Y\yuksel özkasap.exe Moved
D:\muzik\YERLİ\Y.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\Y.exe Disinfection failed
D:\muzik\YERLİ\Y.exe Moved
D:\muzik\YERLİ\Z.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\Z.exe Disinfection failed
D:\muzik\YERLİ\Z.exe Moved
D:\muzik\YERLİ\~EMREDEN GELEN.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ\~EMREDEN GELEN.exe Disinfection failed
D:\muzik\YERLİ\~EMREDEN GELEN.exe Moved
D:\muzik\YERLİ.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik\YERLİ.exe Disinfection failed
D:\muzik\YERLİ.exe Moved
D:\muzik.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\muzik.exe Disinfection failed
D:\muzik.exe Moved
D:\Resim.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\Resim.exe Disinfection failed
D:\Resim.exe Moved
D:\SLAYTLAR.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\SLAYTLAR.exe Disinfection failed
D:\SLAYTLAR.exe Moved
D:\VİDEO.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\VİDEO.exe Disinfection failed
D:\VİDEO.exe Moved
D:\çizgi film\Arthur.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\Arthur.exe Disinfection failed
D:\çizgi film\Arthur.exe Moved
D:\çizgi film\Ayı Kardeş.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\Ayı Kardeş.exe Disinfection failed
D:\çizgi film\Ayı Kardeş.exe Moved
D:\çizgi film\Aşçı Fare.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\Aşçı Fare.exe Disinfection failed
D:\çizgi film\Aşçı Fare.exe Moved
D:\çizgi film\barnd yard.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\barnd yard.exe Disinfection failed
D:\çizgi film\barnd yard.exe Moved
D:\çizgi film\fare sehri.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\fare sehri.exe Disinfection failed
D:\çizgi film\fare sehri.exe Moved
D:\çizgi film\Küçük Kahraman.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\Küçük Kahraman.exe Disinfection failed
D:\çizgi film\Küçük Kahraman.exe Moved
D:\çizgi film\LOONEY.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\LOONEY.exe Disinfection failed
D:\çizgi film\LOONEY.exe Moved
D:\çizgi film\Road_Runner_En_Sevilen_Bolumler7.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\Road_Runner_En_Sevilen_Bolumler7.exe Disinfection failed
D:\çizgi film\Road_Runner_En_Sevilen_Bolumler7.exe Moved
D:\çizgi film\Shrek 3.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\Shrek 3.exe Disinfection failed
D:\çizgi film\Shrek 3.exe Moved
D:\çizgi film\SOUTHPARK\SouthPark\Season 1.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\SOUTHPARK\SouthPark\Season 1.exe Disinfection failed
D:\çizgi film\SOUTHPARK\SouthPark\Season 1.exe Moved
D:\çizgi film\SOUTHPARK\SouthPark.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\SOUTHPARK\SouthPark.exe Disinfection failed
D:\çizgi film\SOUTHPARK\SouthPark.exe Moved
D:\çizgi film\SOUTHPARK.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\SOUTHPARK.exe Disinfection failed
D:\çizgi film\SOUTHPARK.exe Moved
D:\çizgi film\Tilki renart.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\Tilki renart.exe Disinfection failed
D:\çizgi film\Tilki renart.exe Moved
D:\çizgi film\Çılgın Dostlar.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film\Çılgın Dostlar.exe Disinfection failed
D:\çizgi film\Çılgın Dostlar.exe Moved
D:\çizgi film.exe Infected: BehavesLike:Win32.ExplorerHijack
D:\çizgi film.exe Disinfection failed
D:\çizgi film.exe Moved
E:\Ara Dosyalar\HALK BANKASI.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Ara Dosyalar\HALK BANKASI.exe Disinfection failed
E:\Ara Dosyalar\HALK BANKASI.exe Moved
E:\Ara Dosyalar\OTEL ALINAN.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Ara Dosyalar\OTEL ALINAN.exe Disinfection failed
E:\Ara Dosyalar\OTEL ALINAN.exe Moved
E:\Ara Dosyalar\Yeni Klasör.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Ara Dosyalar\Yeni Klasör.exe Disinfection failed
E:\Ara Dosyalar\Yeni Klasör.exe Moved
E:\Ara Dosyalar.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Ara Dosyalar.exe Disinfection failed
E:\Ara Dosyalar.exe Moved
E:\Eğitim.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Eğitim.exe Disinfection failed
E:\Eğitim.exe Moved
E:\Film-Diziler\28 Hafta Sonra.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\28 Hafta Sonra.exe Disinfection failed
E:\Film-Diziler\28 Hafta Sonra.exe Moved
E:\Film-Diziler\BEYAZ MELEK.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\BEYAZ MELEK.exe Disinfection failed
E:\Film-Diziler\BEYAZ MELEK.exe Moved
E:\Film-Diziler\Cast Away(yeni hayat)\1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\Cast Away(yeni hayat)\1.exe Disinfection failed
E:\Film-Diziler\Cast Away(yeni hayat)\1.exe Moved
E:\Film-Diziler\Cast Away(yeni hayat)\2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\Cast Away(yeni hayat)\2.exe Disinfection failed
E:\Film-Diziler\Cast Away(yeni hayat)\2.exe Moved
E:\Film-Diziler\Cast Away(yeni hayat).exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\Cast Away(yeni hayat).exe Disinfection failed
E:\Film-Diziler\Cast Away(yeni hayat).exe Moved
E:\Film-Diziler\DİZİ\prison break\4.sezon\5.bölüm.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\DİZİ\prison break\4.sezon\5.bölüm.exe Disinfection failed
E:\Film-Diziler\DİZİ\prison break\4.sezon\5.bölüm.exe Moved
E:\Film-Diziler\DİZİ\prison break\4.sezon.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\DİZİ\prison break\4.sezon.exe Disinfection failed
E:\Film-Diziler\DİZİ\prison break\4.sezon.exe Moved
E:\Film-Diziler\DİZİ\prison break.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\DİZİ\prison break.exe Disinfection failed
E:\Film-Diziler\DİZİ\prison break.exe Moved
E:\Film-Diziler\DİZİ.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\DİZİ.exe Disinfection failed
E:\Film-Diziler\DİZİ.exe Moved
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy\CD-1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy\CD-1.exe Disinfection failed
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy\CD-1.exe Moved
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy\CD-2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy\CD-2.exe Disinfection failed
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy\CD-2.exe Moved
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy.exe Disinfection failed
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER\Troy.exe Moved
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER.exe Disinfection failed
E:\Film-Diziler\FİLM\007 FAVORİ FİLMLER.exe Moved
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ\Şans Kapıyı Kırınca\disk-1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ\Şans Kapıyı Kırınca\disk-1.exe Disinfection failed
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ\Şans Kapıyı Kırınca\disk-1.exe Moved
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ\Şans Kapıyı Kırınca.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ\Şans Kapıyı Kırınca.exe Disinfection failed
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ\Şans Kapıyı Kırınca.exe Moved
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ.exe Disinfection failed
E:\Film-Diziler\FİLM\008 TÜRK FİLMLERİ.exe Moved
E:\Film-Diziler\FİLM\009 SAVAŞ FİLMLERİ.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\009 SAVAŞ FİLMLERİ.exe Disinfection failed
E:\Film-Diziler\FİLM\009 SAVAŞ FİLMLERİ.exe Moved
E:\Film-Diziler\FİLM\010 2008 FİLMLER.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\010 2008 FİLMLER.exe Disinfection failed
E:\Film-Diziler\FİLM\010 2008 FİLMLER.exe Moved
E:\Film-Diziler\FİLM\30 gün.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\30 gün.exe Disinfection failed
E:\Film-Diziler\FİLM\30 gün.exe Moved
E:\Film-Diziler\FİLM\BUYUK KARSILASMA.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\BUYUK KARSILASMA.exe Disinfection failed
E:\Film-Diziler\FİLM\BUYUK KARSILASMA.exe Moved
E:\Film-Diziler\FİLM\cinayet gecesi.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\cinayet gecesi.exe Disinfection failed
E:\Film-Diziler\FİLM\cinayet gecesi.exe Moved
E:\Film-Diziler\FİLM\fearless.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM\fearless.exe Disinfection failed
E:\Film-Diziler\FİLM\fearless.exe Moved
E:\Film-Diziler\FİLM.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\FİLM.exe Disinfection failed
E:\Film-Diziler\FİLM.exe Moved
E:\Film-Diziler\help 2008.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\help 2008.exe Disinfection failed
E:\Film-Diziler\help 2008.exe Moved
E:\Film-Diziler\kanlı pinokyo.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\kanlı pinokyo.exe Disinfection failed
E:\Film-Diziler\kanlı pinokyo.exe Moved
E:\Film-Diziler\Lost Highway.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\Lost Highway.exe Disinfection failed
E:\Film-Diziler\Lost Highway.exe Moved
E:\Film-Diziler\macera adası.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\macera adası.exe Disinfection failed
E:\Film-Diziler\macera adası.exe Moved
E:\Film-Diziler\PATTON\hjsplit shareme\hjsplit.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\PATTON\hjsplit shareme\hjsplit.exe Disinfection failed
E:\Film-Diziler\PATTON\hjsplit shareme\hjsplit.exe Moved
E:\Film-Diziler\PATTON.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\PATTON.exe Disinfection failed
E:\Film-Diziler\PATTON.exe Moved
E:\Film-Diziler\The.Thin.Red.Line.1998.DVDRip.XViD.iNT-JoLLyRoGeR\CD1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\The.Thin.Red.Line.1998.DVDRip.XViD.iNT-JoLLyRoGeR\CD1.exe Disinfection failed
E:\Film-Diziler\The.Thin.Red.Line.1998.DVDRip.XViD.iNT-JoLLyRoGeR\CD1.exe Moved
E:\Film-Diziler\The.Thin.Red.Line.1998.DVDRip.XViD.iNT-JoLLyRoGeR.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\The.Thin.Red.Line.1998.DVDRip.XViD.iNT-JoLLyRoGeR.exe Disinfection failed
E:\Film-Diziler\The.Thin.Red.Line.1998.DVDRip.XViD.iNT-JoLLyRoGeR.exe Moved
E:\Film-Diziler\wall E.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\wall E.exe Disinfection failed
E:\Film-Diziler\wall E.exe Moved
E:\Film-Diziler\yol muhabbeti.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\yol muhabbeti.exe Disinfection failed
E:\Film-Diziler\yol muhabbeti.exe Moved
E:\Film-Diziler\ölümün sesi.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\ölümün sesi.exe Disinfection failed
E:\Film-Diziler\ölümün sesi.exe Moved
E:\Film-Diziler\şamar oğlanı.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler\şamar oğlanı.exe Disinfection failed
E:\Film-Diziler\şamar oğlanı.exe Moved
E:\Film-Diziler.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Film-Diziler.exe Disinfection failed
E:\Film-Diziler.exe Moved
E:\Games\Batak3\Batak.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Batak3\Batak.exe Disinfection failed
E:\Games\Batak3\Batak.exe Moved
E:\Games\Batak3.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Batak3.exe Disinfection failed
E:\Games\Batak3.exe Moved
E:\Games\battak\baTTak.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\battak\baTTak.exe Disinfection failed
E:\Games\battak\baTTak.exe Moved
E:\Games\cool of duty 4\Crack\iw3sp.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\cool of duty 4\Crack\iw3sp.exe Disinfection failed
E:\Games\cool of duty 4\Crack\iw3sp.exe Moved
E:\Games\cool of duty 4\Crack\rzr-cod4.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\cool of duty 4\Crack\rzr-cod4.exe Disinfection failed
E:\Games\cool of duty 4\Crack\rzr-cod4.exe Moved
E:\Games\cool of duty 4\Crack.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\cool of duty 4\Crack.exe Disinfection failed
E:\Games\cool of duty 4\Crack.exe Moved
E:\Games\cool of duty 4\Setup\Data\iw3mp.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\cool of duty 4\Setup\Data\iw3mp.exe Disinfection failed
E:\Games\cool of duty 4\Setup\Data\iw3mp.exe Moved
E:\Games\cool of duty 4\Setup\rsrc\ereg.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\cool of duty 4\Setup\rsrc\ereg.exe Disinfection failed
E:\Games\cool of duty 4\Setup\rsrc\ereg.exe Moved
E:\Games\cool of duty 4.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\cool of duty 4.exe Disinfection failed
E:\Games\cool of duty 4.exe Moved
E:\Games\F1 2002\f1_2002.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\F1 2002\f1_2002.exe Disinfection failed
E:\Games\F1 2002\f1_2002.exe Moved
E:\Games\F1 2002\Support\F1 2002_Code.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\F1 2002\Support\F1 2002_Code.exe Disinfection failed
E:\Games\F1 2002\Support\F1 2002_Code.exe Moved
E:\Games\F1 2002\Support\F1 2002_eReg.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\F1 2002\Support\F1 2002_eReg.exe Disinfection failed
E:\Games\F1 2002\Support\F1 2002_eReg.exe Moved
E:\Games\F1 2002\Support\F1 2002_EZ.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\F1 2002\Support\F1 2002_EZ.exe Disinfection failed
E:\Games\F1 2002\Support\F1 2002_EZ.exe Moved
E:\Games\F1 2002\Support\F1 2002_uninst.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\F1 2002\Support\F1 2002_uninst.exe Disinfection failed
E:\Games\F1 2002\Support\F1 2002_uninst.exe Moved
E:\Games\F1 2002\Support\go_ez.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\F1 2002\Support\go_ez.exe Disinfection failed
E:\Games\F1 2002\Support\go_ez.exe Moved
E:\Games\F1 2002\Telemetry\f12002_telemetry.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\F1 2002\Telemetry\f12002_telemetry.exe Disinfection failed
E:\Games\F1 2002\Telemetry\f12002_telemetry.exe Moved
E:\Games\Firefly Studios\Stronghold Crusader\pcchk.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Firefly Studios\Stronghold Crusader\pcchk.exe Disinfection failed
E:\Games\Firefly Studios\Stronghold Crusader\pcchk.exe Moved
E:\Games\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe Disinfection failed
E:\Games\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe Moved
E:\Games\Firefly Studios\Stronghold Crusader.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Firefly Studios\Stronghold Crusader.exe Disinfection failed
E:\Games\Firefly Studios\Stronghold Crusader.exe Moved
E:\Games\Firefly Studios.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Firefly Studios.exe Disinfection failed
E:\Games\Firefly Studios.exe Moved
E:\Games\FlatOut 2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\FlatOut 2.exe Disinfection failed
E:\Games\FlatOut 2.exe Moved
E:\Games\GTA4\gta-vc.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\GTA4\gta-vc.exe Disinfection failed
E:\Games\GTA4\gta-vc.exe Moved
E:\Games\GTA4.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\GTA4.exe Disinfection failed
E:\Games\GTA4.exe Moved
E:\Games\kingnet\KingNET.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\kingnet\KingNET.exe Disinfection failed
E:\Games\kingnet\KingNET.exe Moved
E:\Games\kingnet.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\kingnet.exe Disinfection failed
E:\Games\kingnet.exe Moved
E:\Games\Need For Speed Underground\3DSetup\3DSetup.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\3DSetup\3DSetup.exe Disinfection failed
E:\Games\Need For Speed Underground\3DSetup\3DSetup.exe Moved
E:\Games\Need For Speed Underground\eauninstall.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\eauninstall.exe Disinfection failed
E:\Games\Need For Speed Underground\eauninstall.exe Moved
E:\Games\Need For Speed Underground\Speed.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\Speed.exe Disinfection failed
E:\Games\Need For Speed Underground\Speed.exe Moved
E:\Games\Need For Speed Underground\Support\EasyInfo.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\Support\EasyInfo.exe Disinfection failed
E:\Games\Need For Speed Underground\Support\EasyInfo.exe Moved
E:\Games\Need For Speed Underground\Support\EReg.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\Support\EReg.exe Disinfection failed
E:\Games\Need For Speed Underground\Support\EReg.exe Moved
E:\Games\Need For Speed Underground\Support\go_ez.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\Support\go_ez.exe Disinfection failed
E:\Games\Need For Speed Underground\Support\go_ez.exe Moved
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_code.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_code.exe Disinfection failed
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_code.exe Moved
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_EZ.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_EZ.exe Disinfection failed
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_EZ.exe Moved
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_uninst.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_uninst.exe Disinfection failed
E:\Games\Need For Speed Underground\Support\Need For Speed Underground_uninst.exe Moved
E:\Games\Need for Speed Underground 2\eauninstall.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need for Speed Underground 2\eauninstall.exe Disinfection failed
E:\Games\Need for Speed Underground 2\eauninstall.exe Moved
E:\Games\Need for Speed Underground 2\speed2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need for Speed Underground 2\speed2.exe Disinfection failed
E:\Games\Need for Speed Underground 2\speed2.exe Moved
E:\Games\Need for Speed Underground 2\Support\EasyInfo.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need for Speed Underground 2\Support\EasyInfo.exe Disinfection failed
E:\Games\Need for Speed Underground 2\Support\EasyInfo.exe Moved
E:\Games\Need for Speed Underground 2\Support\EReg.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need for Speed Underground 2\Support\EReg.exe Disinfection failed
E:\Games\Need for Speed Underground 2\Support\EReg.exe Moved
E:\Games\Need for Speed Underground 2\Support\Need for Speed Underground 2_code.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need for Speed Underground 2\Support\Need for Speed Underground 2_code.exe Disinfection failed
E:\Games\Need for Speed Underground 2\Support\Need for Speed Underground 2_code.exe Moved
E:\Games\Need for Speed Underground 2\Support\Need for Speed Underground 2_uninst.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need for Speed Underground 2\Support\Need for Speed Underground 2_uninst.exe Disinfection failed
E:\Games\Need for Speed Underground 2\Support\Need for Speed Underground 2_uninst.exe Moved
E:\Games\Need for Speed Underground 2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need for Speed Underground 2.exe Disinfection failed
E:\Games\Need for Speed Underground 2.exe Moved
E:\Games\Need For Speed Underground.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Need For Speed Underground.exe Disinfection failed
E:\Games\Need For Speed Underground.exe Moved
E:\Games\pes 2008\pes\Crack\PES2008.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\pes 2008\pes\Crack\PES2008.exe Disinfection failed
E:\Games\pes 2008\pes\Crack\PES2008.exe Moved
E:\Games\pes 2008\pes\PES2008.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\pes 2008\pes\PES2008.exe Disinfection failed
E:\Games\pes 2008\pes\PES2008.exe Moved
E:\Games\pes 2008\PES2008.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\pes 2008\PES2008.exe Disinfection failed
E:\Games\pes 2008\PES2008.exe Moved
E:\Games\pes 2008.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\pes 2008.exe Disinfection failed
E:\Games\pes 2008.exe Moved
E:\Games\Rise of Nations\nations.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games\Rise of Nations\nations.exe Disinfection failed
E:\Games\Rise of Nations\nations.exe Moved
E:\Games.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Games.exe Disinfection failed
E:\Games.exe Moved
E:\Kitaplar.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Kitaplar.exe Disinfection failed
E:\Kitaplar.exe Moved
E:\Picture\ATATÜRK RESİMLERİ.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Picture\ATATÜRK RESİMLERİ.exe Disinfection failed
E:\Picture\ATATÜRK RESİMLERİ.exe Moved
E:\Picture\BMW.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Picture\BMW.exe Disinfection failed
E:\Picture\BMW.exe Moved
E:\Picture\komik resimler.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Picture\komik resimler.exe Disinfection failed
E:\Picture\komik resimler.exe Moved
E:\Picture.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Picture.exe Disinfection failed
E:\Picture.exe Moved
E:\Program Yedekler\ceviri\SOZLUK.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\ceviri\SOZLUK.exe Disinfection failed
E:\Program Yedekler\ceviri\SOZLUK.exe Moved
E:\Program Yedekler\ceviri\tring\tring\ingtur.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\ceviri\tring\tring\ingtur.exe Disinfection failed
E:\Program Yedekler\ceviri\tring\tring\ingtur.exe Moved
E:\Program Yedekler\ceviri\tring\tring\Turing.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\ceviri\tring\tring\Turing.exe Disinfection failed
E:\Program Yedekler\ceviri\tring\tring\Turing.exe Moved
E:\Program Yedekler\ceviri\tring\tring\Turingg.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\ceviri\tring\tring\Turingg.exe Disinfection failed
E:\Program Yedekler\ceviri\tring\tring\Turingg.exe Moved
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\autorun.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\autorun.exe Disinfection failed
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\autorun.exe Moved
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\Cewiri\setup.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\Cewiri\setup.exe Disinfection failed
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\Cewiri\setup.exe Moved
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\crack\Crack.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\crack\Crack.exe Disinfection failed
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\crack\Crack.exe Moved
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\crack\cracked.dll Infected: Backdoor.Grabilka.C
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\crack\cracked.dll Disinfection failed
E:\Program Yedekler\ceviri\tunka_metin Çeviri\Tunka_Metin Çeviri\crack\cracked.dll Moved
E:\Program Yedekler\ceviri.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\ceviri.exe Disinfection failed
E:\Program Yedekler\ceviri.exe Moved
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Adobe DNG Converter\Adobe DNG Converter.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Adobe DNG Converter\Adobe DNG Converter.exe Disinfection failed
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Adobe DNG Converter\Adobe DNG Converter.exe Moved
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Adobe(R) Photoshop(R) CS2\setup.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Adobe(R) Photoshop(R) CS2\setup.exe Disinfection failed
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Adobe(R) Photoshop(R) CS2\setup.exe Moved
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\CRACK\keygen.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\CRACK\keygen.exe Disinfection failed
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\CRACK\keygen.exe Moved
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Setup.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Setup.exe Disinfection failed
E:\Program Yedekler\kurulan prog\Adobe Photoshop Pro CS2 v9.0 Full ISO + WORKING Keygen\Setup.exe Moved
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\GomWiz.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\GomWiz.exe Disinfection failed
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\GomWiz.exe Moved
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\GrLauncher.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\GrLauncher.exe Disinfection failed
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\GrLauncher.exe Moved
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\RtParser.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\RtParser.exe Disinfection failed
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\RtParser.exe Moved
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\ShellRegister.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\ShellRegister.exe Disinfection failed
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\ShellRegister.exe Moved
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\srt2smi.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\srt2smi.exe Disinfection failed
E:\Program Yedekler\kurulan prog\gom player\GomPlayer(kurulu)\srt2smi.exe Moved
E:\Program Yedekler\kurulan prog\gom player.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\gom player.exe Disinfection failed
E:\Program Yedekler\kurulan prog\gom player.exe Moved
E:\Program Yedekler\kurulan prog\srs srs srs srs\SRS Audio Sandbox 1.9.0.4\patch.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\srs srs srs srs\SRS Audio Sandbox 1.9.0.4\patch.exe Disinfection failed
E:\Program Yedekler\kurulan prog\srs srs srs srs\SRS Audio Sandbox 1.9.0.4\patch.exe Moved
E:\Program Yedekler\kurulan prog\srs srs srs srs\SRS Audio Sandbox 1.9.0.4.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\srs srs srs srs\SRS Audio Sandbox 1.9.0.4.exe Disinfection failed
E:\Program Yedekler\kurulan prog\srs srs srs srs\SRS Audio Sandbox 1.9.0.4.exe Moved
E:\Program Yedekler\kurulan prog\srs srs srs srs.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog\srs srs srs srs.exe Disinfection failed
E:\Program Yedekler\kurulan prog\srs srs srs srs.exe Moved
E:\Program Yedekler\kurulan prog.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\kurulan prog.exe Disinfection failed
E:\Program Yedekler\kurulan prog.exe Moved
E:\Program Yedekler\KÜÇÜLTME PROG\iview399.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\KÜÇÜLTME PROG\iview399.exe Disinfection failed
E:\Program Yedekler\KÜÇÜLTME PROG\iview399.exe Moved
E:\Program Yedekler\PROGRAMLAR\cam driver\Bin\demo32.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\cam driver\Bin\demo32.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\cam driver\Bin\demo32.exe Moved
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\amcap.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\amcap.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\amcap.exe Moved
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\StillCap.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\StillCap.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\StillCap.exe Moved
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\VMCap.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\VMCap.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\VMCap.exe Moved
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\VM_STI.EXE Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\VM_STI.EXE Disinfection failed
E:\Program Yedekler\PROGRAMLAR\cam driver\Driver\VM_STI.EXE Moved
E:\Program Yedekler\PROGRAMLAR\cam driver\setup.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\cam driver\setup.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\cam driver\setup.exe Moved
E:\Program Yedekler\PROGRAMLAR\codec\mplayerc.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\codec\mplayerc.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\codec\mplayerc.exe Moved
E:\Program Yedekler\PROGRAMLAR\msn müzik programları\MSN_Polygamy.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\msn müzik programları\MSN_Polygamy.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\msn müzik programları\MSN_Polygamy.exe Moved
E:\Program Yedekler\PROGRAMLAR\N27032\NOD32 UpdateViewer2.07.4.0.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\N27032\NOD32 UpdateViewer2.07.4.0.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\N27032\NOD32 UpdateViewer2.07.4.0.exe Moved
E:\Program Yedekler\PROGRAMLAR\Total_Video_Converter_v3.01__full\Total_Video_Converter_v3[1].01\keygen.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\Total_Video_Converter_v3.01__full\Total_Video_Converter_v3[1].01\keygen.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\Total_Video_Converter_v3.01__full\Total_Video_Converter_v3[1].01\keygen.exe Moved
E:\Program Yedekler\PROGRAMLAR\youtube indir\ffmpeg.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\youtube indir\ffmpeg.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\youtube indir\ffmpeg.exe Moved
E:\Program Yedekler\PROGRAMLAR\youtube indir\VDownloader.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\PROGRAMLAR\youtube indir\VDownloader.exe Disinfection failed
E:\Program Yedekler\PROGRAMLAR\youtube indir\VDownloader.exe Moved
E:\Program Yedekler\webshots\webshots-3D.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-3D.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-3D.exe Moved
E:\Program Yedekler\webshots\webshots-afhoriz.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-afhoriz.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-afhoriz.exe Moved
E:\Program Yedekler\webshots\webshots-angels1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-angels1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-angels1.exe Moved
E:\Program Yedekler\webshots\webshots-astro.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-astro.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-astro.exe Moved
E:\Program Yedekler\webshots\webshots-babies1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-babies1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-babies1.exe Moved
E:\Program Yedekler\webshots\webshots-baroq1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-baroq1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-baroq1.exe Moved
E:\Program Yedekler\webshots\webshots-camping1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-camping1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-camping1.exe Moved
E:\Program Yedekler\webshots\webshots-castles1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-castles1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-castles1.exe Moved
E:\Program Yedekler\webshots\webshots-castles2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-castles2.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-castles2.exe Moved
E:\Program Yedekler\webshots\webshots-chrart1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-chrart1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-chrart1.exe Moved
E:\Program Yedekler\webshots\webshots-chrart2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-chrart2.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-chrart2.exe Moved
E:\Program Yedekler\webshots\webshots-chrart3.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-chrart3.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-chrart3.exe Moved
E:\Program Yedekler\webshots\webshots-ctyscpe1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-ctyscpe1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-ctyscpe1.exe Moved
E:\Program Yedekler\webshots\webshots-ctyscpe2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-ctyscpe2.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-ctyscpe2.exe Moved
E:\Program Yedekler\webshots\webshots-dpspac1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-dpspac1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-dpspac1.exe Moved
E:\Program Yedekler\webshots\webshots-endsky.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-endsky.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-endsky.exe Moved
E:\Program Yedekler\webshots\webshots-endsky2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-endsky2.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-endsky2.exe Moved
E:\Program Yedekler\webshots\webshots-farbar1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-farbar1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-farbar1.exe Moved
E:\Program Yedekler\webshots\webshots-farbar2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-farbar2.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-farbar2.exe Moved
E:\Program Yedekler\webshots\webshots-fire1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-fire1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-fire1.exe Moved
E:\Program Yedekler\webshots\webshots-firewks1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-firewks1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-firewks1.exe Moved
E:\Program Yedekler\webshots\webshots-firewks2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-firewks2.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-firewks2.exe Moved
E:\Program Yedekler\webshots\webshots-flower1r.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-flower1r.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-flower1r.exe Moved
E:\Program Yedekler\webshots\webshots-flower2r.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-flower2r.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-flower2r.exe Moved
E:\Program Yedekler\webshots\webshots-flower3r.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-flower3r.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-flower3r.exe Moved
E:\Program Yedekler\webshots\webshots-flower4r.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-flower4r.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-flower4r.exe Moved
E:\Program Yedekler\webshots\webshots-forcnat1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-forcnat1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-forcnat1.exe Moved
E:\Program Yedekler\webshots\webshots-france1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-france1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-france1.exe Moved
E:\Program Yedekler\webshots\webshots-hawaii1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-hawaii1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-hawaii1.exe Moved
E:\Program Yedekler\webshots\webshots-impres1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-impres1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-impres1.exe Moved
E:\Program Yedekler\webshots\webshots-islands1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-islands1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-islands1.exe Moved
E:\Program Yedekler\webshots\webshots-islands2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-islands2.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-islands2.exe Moved
E:\Program Yedekler\webshots\webshots-lighth2.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-lighth2.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-lighth2.exe Moved
E:\Program Yedekler\webshots\webshots-love1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-love1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-love1.exe Moved
E:\Program Yedekler\webshots\webshots-nature1r.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-nature1r.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-nature1r.exe Moved
E:\Program Yedekler\webshots\webshots-nature2r.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-nature2r.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-nature2r.exe Moved
E:\Program Yedekler\webshots\webshots-nature3r.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-nature3r.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-nature3r.exe Moved
E:\Program Yedekler\webshots\webshots-nature4.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-nature4.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-nature4.exe Moved
E:\Program Yedekler\webshots\webshots-nature5.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-nature5.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-nature5.exe Moved
E:\Program Yedekler\webshots\webshots-nature6.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-nature6.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-nature6.exe Moved
E:\Program Yedekler\webshots\webshots-nature7.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-nature7.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-nature7.exe Moved
E:\Program Yedekler\webshots\webshots-plnmon1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-plnmon1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-plnmon1.exe Moved
E:\Program Yedekler\webshots\webshots-rainfst1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-rainfst1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-rainfst1.exe Moved
E:\Program Yedekler\webshots\webshots-renais1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-renais1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-renais1.exe Moved
E:\Program Yedekler\webshots\webshots-space1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-space1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-space1.exe Moved
E:\Program Yedekler\webshots\webshots-spiachi1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-spiachi1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-spiachi1.exe Moved
E:\Program Yedekler\webshots\webshots-sunsky1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-sunsky1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-sunsky1.exe Moved
E:\Program Yedekler\webshots\webshots-sunsky3.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-sunsky3.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-sunsky3.exe Moved
E:\Program Yedekler\webshots\webshots-textures.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-textures.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-textures.exe Moved
E:\Program Yedekler\webshots\webshots-thruages.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-thruages.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-thruages.exe Moved
E:\Program Yedekler\webshots\webshots-trees1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-trees1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-trees1.exe Moved
E:\Program Yedekler\webshots\webshots-windm1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-windm1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-windm1.exe Moved
E:\Program Yedekler\webshots\webshots-winter1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-winter1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-winter1.exe Moved
E:\Program Yedekler\webshots\webshots-wldbrdg1.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\webshots\webshots-wldbrdg1.exe Disinfection failed
E:\Program Yedekler\webshots\webshots-wldbrdg1.exe Moved
E:\Program Yedekler\İNGİLİZCE.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler\İNGİLİZCE.exe Disinfection failed
E:\Program Yedekler\İNGİLİZCE.exe Moved
E:\Program Yedekler.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Program Yedekler.exe Disinfection failed
E:\Program Yedekler.exe Moved
E:\Resimler\13.01.2008 BOĞAZKÖPRÜ.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Resimler\13.01.2008 BOĞAZKÖPRÜ.exe Disinfection failed
E:\Resimler\13.01.2008 BOĞAZKÖPRÜ.exe Moved
E:\Resimler\erciyes b k ö y.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Resimler\erciyes b k ö y.exe Disinfection failed
E:\Resimler\erciyes b k ö y.exe Moved
E:\Resimler\POZANTI 26.08.08.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Resimler\POZANTI 26.08.08.exe Disinfection failed
E:\Resimler\POZANTI 26.08.08.exe Moved
E:\Resimler\TATİL 06.07.08.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Resimler\TATİL 06.07.08.exe Disinfection failed
E:\Resimler\TATİL 06.07.08.exe Moved
E:\Resimler\ÜRGÜP13,3,07.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Resimler\ÜRGÜP13,3,07.exe Disinfection failed
E:\Resimler\ÜRGÜP13,3,07.exe Moved
E:\Resimler.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Resimler.exe Disinfection failed
E:\Resimler.exe Moved
E:\Video\KARIŞIK VIDEO.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Video\KARIŞIK VIDEO.exe Disinfection failed
E:\Video\KARIŞIK VIDEO.exe Moved
E:\Video\MY VIDEO\6600 VIDEO.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Video\MY VIDEO\6600 VIDEO.exe Disinfection failed
E:\Video\MY VIDEO\6600 VIDEO.exe Moved
E:\Video\MY VIDEO.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Video\MY VIDEO.exe Disinfection failed
E:\Video\MY VIDEO.exe Moved
E:\Video\o\KİM.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Video\o\KİM.exe Disinfection failed
E:\Video\o\KİM.exe Moved
E:\Video\o.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Video\o.exe Disinfection failed
E:\Video\o.exe Moved
E:\Video.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Video.exe Disinfection failed
E:\Video.exe Moved
E:\Yeni Klasör\NFS Carbon.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Yeni Klasör\NFS Carbon.exe Disinfection failed
E:\Yeni Klasör\NFS Carbon.exe Moved
E:\Yeni Klasör\NFS Most Wanted\RESUL.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Yeni Klasör\NFS Most Wanted\RESUL.exe Disinfection failed
E:\Yeni Klasör\NFS Most Wanted\RESUL.exe Moved
E:\Yeni Klasör.exe Infected: BehavesLike:Win32.ExplorerHijack
E:\Yeni Klasör.exe Disinfection failed
E:\Yeni Klasör.exe Moved





SUPERAntiSpyware Scan Log



SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/11/2008 at 01:23 AM

Application Version : 4.21.1004

Core Rules Database Version : 3555
Trace Rules Database Version: 1543

Scan type : Complete Scan
Total Scan Time : 00:41:00

Memory items scanned : 457
Memory threats detected : 0
Registry items scanned : 4515
Registry threats detected : 0
File items scanned : 73447
File threats detected : 2

Rootkit.NVMini
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DRIVERS\ISDRV118.SYS.VIR
C:\WINDOWS\SYSTEM32\DRIVERS\ISDRV118.SYS





hijackthis


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:36:32, on 11.10.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
F2 - REG:system.ini: Shell=explorer.exe "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

--
End of file - 4445 bytes


_____________________________



1493 Mesaj
11 Ekim 2008; 18:29:05 

absolutely33 senin Hijack sonucları normal geldi bana ama serji ustamız söyler doğrusunu


_____________________________

Former: Izmir University Of Economics
Computer Engineering
---
Current: Warsaw University of Technology
Computer Science


8789 Mesaj
11 Ekim 2008; 18:42:22 


quote:

Orjinalden alıntı: absolutely33
serji kardeşim bende mi bunu uygulayacağım.
bana en yakın (en kolay) bu geldi

evet bu

Combofix'ten sonra HJ ile asagidakini fixle:

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k


_____________________________



 
1763 Mesaj
11 Ekim 2008; 19:07:12 

Serji benim hijack sonuçlarım böyle.. Bilgisayarı açarken aşırı bir yavaş açılıyor. Yani masaüstüne çok geç geliyor. Onun dışında klasörlere girerken çift tıkladığımda normala göre geç girdiğini hisssediyorum. Sebebini çözemedim bir türlü. Birde kaspersky ile taratırken hidden object diyor ama bılamıyor birşet sanıtım yardımcı olursan sevinirim.




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:58:52, on 11.10.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\ArcSoft\TotalMedia Theatre\CancelAutoPlay.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Winamp\winamp.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
C:\Users\Burak Ozgur\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.5470\swg.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Windows\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {0FC8B38E-9293-424C-9D0E-CE60775679CF} (SubClassEditCtrlContainer Class) - https://sube.garanti.co...b/JaguarEditControl.CAB
O16 - DPF: {BD966829-738E-471C-AB53-2A0008D161E7} (TebEdit Control) - https://esube.teb.com.tr/bireysel/TebEdit.cab
O16 - DPF: {D5D17C21-1719-4640-B0B2-4F3262419920} (JaguarEditControl-ISBANK) - https://www.isbank.com....b/JaguarEdit4ISBv27.CAB
O20 - AppInit_DLLs: APSHook.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10096 bytes


_____________________________



584 Mesaj
11 Ekim 2008; 19:50:14 


quote:

Orjinalden alıntı: serji



Perlovga Removal Tool adlı programı masaüstünüze indirin.

http://www.guvenlikuzma...m/dosyalar/perlovga.exe

Programı çalıştırıp Start tıklayın. Daha sonra bilgisayarınızı zaman kaybetmeden yeniden başlatın.

Daha sonra bir HJ logu daha gonder:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:45:08, on 11.10.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
E:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\cFosSpeed\cFosSpeed.exe
C:\Program Files\cFosSpeed\spd.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
E:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Program Files\Gigabyte\ET5Pro\GUI.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bret Taylor\Stickies\Stickies.exe
E:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
C:\Program Files\AirTies\ADSL Hizmet Programy\AirTies_util3.exe
E:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Opera\opera.exe
E:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\devenv.exe
C:\Documents and Settings\Panturk\Desktop\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "E:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [EasyTuneVPro] C:\Program Files\Gigabyte\ET5Pro\ETcall.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Stickies] C:\Program Files\Bret Taylor\Stickies\\Stickies.exe
O4 - HKCU\..\Run: [SkinClock] E:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AirTies ADSL Hizmet Programy.lnk
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Update Scheduler for Proteus Professional 7.lnk = ?
O8 - Extra context menu item: &Download with &DAP - E:\Program Files\DAP Premium\dapextie.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download &all with DAP - E:\Program Files\DAP Premium\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {D0BB3ACE-4ED3-4D65-BB86-1A0C6CAF351F} (AvaLaunch Control) - http://212.175.239.246:81/avaLaunch94.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{40CCC87D-60AF-4CDE-B421-E2A0BACF9500}: NameServer = 208.67.222.222,208.67.220.220
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\Gigabyte\EnergySaver\GSvr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - E:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - E:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 10285 bytes


_____________________________

Karanlıklara sitem edecegimize, hepimiz karanlıkta bir mum yaksak, karanlıklar aydınlıga dönerdi.


17 Mesaj
11 Ekim 2008; 21:50:15 

Sevgili Serji Kardeşim. Yine başımda büyük bir bela var ve yine yardımına ihtiyacım var. Sağolasın ramazanda bir malware virüsü bulaşmıştı sayende temizledik. Şimdi de laptopta xp'li sistemime bir trojan bulaştı. Trojanın ismi win32 psw.onlinegames.nmy. Forumda bazı çözümlere ulaştım ama hiçbiri benim derdime çare olmadı. Bilgisayarda Nod32 kurulu, c ve d sürücülerinde autorun.inf dosyasını bulup karantinaya alıyor. Ama çözüm olmuyor sürekli tekrar ediyor bunu. Ağ üzerinden diğer makinemde yüklü olan avast ile silmeye çalıştım, o da virüsü buluyor karantinaya alıyor ama çözüm olmuyor. Ben log dosyasını gönderiyorum. Umarım formata gerek kalmadan bir çözüm bulabiliriz. Görüşmek üzere... Kolay gelsin.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:39:50, on 09.10.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\BisonCam\BisonTrayIcon.exe
C:\WINDOWS\BisonCam\BisonHK.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HotKey_Driver\HotKeyDriver.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 1611 bytes


_____________________________

Eski Nick: muratgrb


8789 Mesaj
11 Ekim 2008; 23:12:38 


quote:

Orjinalden alıntı: BuRCo

Serji benim hijack sonuçlarım böyle.. Bilgisayarı açarken aşırı bir yavaş açılıyor. Yani masaüstüne çok geç geliyor. Onun dışında klasörlere girerken çift tıkladığımda normala göre geç girdiğini hisssediyorum. Sebebini çözemedim bir türlü. Birde kaspersky ile taratırken hidden object diyor ama bılamıyor birşet sanıtım yardımcı olursan sevinirim.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost 
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.5470\swg.dll 
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll 
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" 


Burada bir sorun gozukmuyor fakat bir de Bitdefender ile taratir misin sistemi?

Daha sonra da super antispyware:

* Bilgisayarınızı taramak için Bitdefender Çevrimiçi Tarama açın.

http://www.bitdefender.com/scan8/ie.html

* I agree ve sonra da Scan tıklayın. (Ayarları değiştirmeyin)
* Tarama bittikten sonra Detected Problems sekmesini tıklayın ve Click here to export the scan report.
* Raporu HTML olarak kaydettikten sonra mesajınıza ekleyerek bize gönderin.

SuperAntiSpyware adlı programı indirip kurun.

http://www.superantispy...ds/SUPERAntiSpyware.exe

* SUPERAntiSypware.exe çift tıklayın ve programı varsayılan ayarlarıyla kurun.
* Masaüstünüzde programın ikonu oluşacaktır. Programı çalıştırmak için ikona çift tıklayın.
* Eğer güncellemeniz için soru sorarsa Evet tıklayın. Eğer sormazsa, taratmadan önce kendiniz Check for Updates butonuna tıklayarak güncelleştirin.
* Configuration and Preferences sekmesi altında Preferences butonuna tıklayın.
* General and Startup sekmesine tıklayın ve Start-up Options altında Start SUPERAntiSpyware when Windows starts seçeneğinin seçili olmadığından emin olun.
* Scanning Control sekmesine gelin ve Scanner Options altında yalnızca aşağıdakilerin işaretli olduğundan emin olun. (Diğerlerini işaretsiz bırakın.)

# Close browsers before scanning.
# Scan for tracking cookies.
# Terminate memory threats before quarantining.
* Close butonuna tıklayarak programı kapatın.
* Henüz sisteminizi taratmayın.

Şimdi tekrar programı çalıştırın:

* Ana menüde Scan for Harmful Software altında Scan your computer tıklayın.
* Sol tarafta C:\Fixed Drive işaretli olduğundan emin olun.
* Sağ tarafta Complete Scan altında Perform Complete Scan seçin ve Next tıklayın.
* Tarama işlemi bittikten sonra zararlı yazılımları içeren bir tarama özeti açılacak. OK tıklayın.
* Herşeyin işaretli olduğundan emin olun ve Next tıklayın.
* Quarantine and Removal is Complete şeklinde bir uyarı alacaksınız. OK tıklayın ve ana menüye dönmek için Finish tıklayın.
* Eğer yeniden başlatmanız gerektiği söylenirse, Yes tıklayıp bilgisayarınızı yeniden başlatın.
* İşlem sonuçlarını öğrenmek için:
# Preferences tıklayın ve Statistics/Logs sekmesine gelin.
# Scanner Logs altında SUPERAntiSpyware Scan Log çift tıklayın.
# Eğer birden fazla log varsa, güncel olanı seçin ve View log tıklayın. Bir yazı dosyası açılacaktır.
# Açılan dosyayı kaydedip mesajınıza ekleyerek bize gönderin.
* Close tıklayarak programı kapatın.


_____________________________



8789 Mesaj
11 Ekim 2008; 23:15:10 


quote:

Orjinalden alıntı: Panturk

O4 - HKCU\..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe" /background

Bunu fixlesen yeterli. Viruslere elveda dedik.


quote:

Orjinalden alıntı: muratgrb

Sevgili Serji Kardeşim. Yine başımda büyük bir bela var ve yine yardımına ihtiyacım var. Sağolasın ramazanda bir malware virüsü bulaşmıştı sayende temizledik. Şimdi de laptopta xp'li sistemime bir trojan bulaştı. Trojanın ismi win32 psw.onlinegames.nmy. Forumda bazı çözümlere ulaştım ama hiçbiri benim derdime çare olmadı. Bilgisayarda Nod32 kurulu, c ve d sürücülerinde autorun.inf dosyasını bulup karantinaya alıyor. Ama çözüm olmuyor sürekli tekrar ediyor bunu. Ağ üzerinden diğer makinemde yüklü olan avast ile silmeye çalıştım, o da virüsü buluyor karantinaya alıyor ama çözüm olmuyor. Ben log dosyasını gönderiyorum. Umarım formata gerek kalmadan bir çözüm bulabiliriz. Görüşmek üzere... Kolay gelsin.

HijackThis logunda bir sorun gozukuyor. ComboFix'i dener misin?

Combofix adli programi indirin.

http://www.guvenlikuzma...m/dosyalar/ComboFix.exe

1. Tüm açık pencerelerinizi ve programlarınızı kapatın.
2. Antivirüs ve Antispyware programlarınızı geçici olarak kapatın veya devre dışı bırakın.
3. ComboFix.exe üzerine çift tıklayın ve programı açın. Programı açtıktan sonra kesinlikle hiç bir işlem yapmayın. 1-2 dakikalık bir mola verin.
4. ComboFix çalışmaya başladıktan sonra sizden 1 ya da 2 tuşuna basmanız istenecektir. Devam etmek için 1 tuşuna basın.
5. ComboFix olası bir aksilik durumunda sistemizi geri yükleyebilmek amacıyla Kayıt Defterinizin bir yedeğini alacak ve bir sistem geri yükleme noktası oluşturacaktır.
6. Bu işlemler sırasında internet bağlantınız kesilecektir. Bu normaldir. Ayrıca sistem saatiniz de değişecektir. Fakat tüm bunlar geçicidir. İşlemler bittikten sonra hepsi orjinal haline geri döndürülecektir.
7. Biraz sabırlı olmanız gerekebilir çünkü tam 41 aşama söz konusudur.
8. Son olarak ComboFix işlemlerin sonucunu içeren bir rapor hazırlayacaktır. Bu sırada masaüstünüz kaybolabilir. Fakat kısa sürede geri yüklenecektir. İşlemler bittikten sonra ComboFix kapanacak ve size bir rapor açılacaktır. Bu raporu C:\ComboFix.txt bulabilirsiniz.
9. C:\ComboFix.txt dosyasını mesajınıza ekleyerek bize gönderin.


_____________________________



584 Mesaj
12 Ekim 2008; 3:28:45 

@serji allah razı olsun senden hissedilir bir performans artışı oldu pc de. kardeş tek başına uğrşıyorsun hakikaten emeğin büyük. elimizden birşey gelsede yardımcı olabilsek sana... tekrardan sağolasın emeğine sağlık.


_____________________________

Karanlıklara sitem edecegimize, hepimiz karanlıkta bir mum yaksak, karanlıklar aydınlıga dönerdi.


345 Mesaj
12 Ekim 2008; 5:26:17 

Serji herşeyden önce büyük yardımların için teşekkürler.Konunun sayfa sayısından da anlaşıldığı üzere yılmadan usanmadan insanların sorunlarına çözüm getirmeye çabalıyorsun.
Benim probleme gelince;vista kullanıyorum.Ama nedendir bilmem bilgisayar açıldığında ya da yeniden başlattığımda windows açıldıktan sonra işlem yapması epey bi zaman alıyo,sanki arka planda gizliden bi program çalışıyomuş gibi kasılıyo makine,menülerin açılması filan da uzun oluyo bu zaman diliminde.
Bu açılış faslı (genelde bikaç dakikadan aşağı sürmüyo) geçtiğinde makine normale dönüyo.Ayrıca windows kapanırken de epey bi beklemek gerekiyo.
Şimdiden teşekkürler...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:07:34, on 12.10.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Users\sony\Desktop\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Update Helper - {77D7E795-33C5-4323-974D-A2A49AB75517} - C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.20.0\gears.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKCU\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.20.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.20.0\gears.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c8e07d8cd2fc84) (gupdate1c8e07d8cd2fc84) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9408 bytes


_____________________________



345 Mesaj
12 Ekim 2008; 5:36:53 

Ha bu arada 'nod32' ile tarattım,herhangi bişey çıkmadı.Ayrıca 'Advanced WindowsCare V2 Personal' ve 'ccleaner' ile temizledim epeyce.Bu temizliklerden sonra laptopun performans genel olarak iyileşti gibi ama başlangıç ve kapanışta sistemin kasmasında bi değişiklik olmadı.
Bu durumun nedeni ne olabilir ki acep


_____________________________



 
13 Mesaj
12 Ekim 2008; 11:08:58 

serji kardeş bir bakarmısın.teşekkürler.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:00, on 2008-10-12
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\YASİN\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=101908 serial=DR12CRK-9614948-NRT lang=EN
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.c.../qtactivex/qtplugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macr.../cabs/flash/swflash.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.c...ol/unagi/ampx_en_dl.cab
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 2991 bytes


_____________________________



8789 Mesaj
12 Ekim 2008; 12:21:13 


quote:

Orjinalden alıntı: Panturk

@serji allah razı olsun senden hissedilir bir performans artışı oldu pc de. kardeş tek başına uğrşıyorsun hakikaten emeğin büyük. elimizden birşey gelsede yardımcı olabilsek sana... tekrardan sağolasın emeğine sağlık.

Rica ederim kardesim. Allah hepimizden razi olsun. Bu sene OSS var malum. Dualarinizda arada yer verirseniz en buyuk yardimi etmis olursunuz. Bir sorun olursa ben tekrar buradayim. Kolay gelsin.


quote:

Orjinalden alıntı: attila1907

Serji herşeyden önce büyük yardımların için teşekkürler.Konunun sayfa sayısından da anlaşıldığı üzere yılmadan usanmadan insanların sorunlarına çözüm getirmeye çabalıyorsun.
Benim probleme gelince;vista kullanıyorum.Ama nedendir bilmem bilgisayar açıldığında ya da yeniden başlattığımda windows açıldıktan sonra işlem yapması epey bi zaman alıyo,sanki arka planda gizliden bi program çalışıyomuş gibi kasılıyo makine,menülerin açılması filan da uzun oluyo bu zaman diliminde.
Bu açılış faslı (genelde bikaç dakikadan aşağı sürmüyo) geçtiğinde makine normale dönüyo.Ayrıca windows kapanırken de epey bi beklemek gerekiyo.
Şimdiden teşekkürler...

Rica ederim. Dedigin sekilde kasmaya sebep olabilecek bir sorun gozume carpmadi. HijackThis acip - Open Misc Tools Section - generate Startup Log tiklayip cikan logu da gonderebilir misin? Orasi daha detayli oldugu icin daha cok bilgi sahibi oalbiliriz.


_____________________________



8789 Mesaj
12 Ekim 2008; 12:25:23 


quote:

Orjinalden alıntı: bera beran

serji kardeş bir bakarmısın.teşekkürler.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896


Bunlar haricinde temizdir sistem. Gule gule kullan


_____________________________



345 Mesaj
12 Ekim 2008; 14:00:42 

Bu da ayrıntılı olanı Serji kardeş:


StartupList report, 12.10.2008, 13:54:11
StartupList version: 1.52.2
Started from : C:\Users\sony\Downloads\HijackThis\HiJackThis.EXE
Detected: Windows Vista SP1 (WinNT 6.00.1905)
Detected: Internet Explorer v7.00 (7.00.6001.18000)
* Using default options
==================================================

Running processes:

C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Windows\system32\conime.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Users\sony\Downloads\HijackThis\HiJackThis.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\Windows\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

NWEReboot =

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

NvSvc = RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
NvMediaCenter = RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
NvCplDaemon = RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
ISBMgr.exe = C:\Program Files\Sony\ISB Utility\ISBMgr.exe

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
=

--------------------------------------------------

Load/Run keys from C:\Windows\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

--------------------------------------------------

Shell & screensaver key from C:\Windows\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Google Update Helper - C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll - {77D7E795-33C5-4323-974D-A2A49AB75517}
(no name) - c:\program files\google\googletoolbar1.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
(no name) - C:\Program Files\Windows Live Toolbar\msntb.dll - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
Browser Address Error Redirector - C:\PROGRA~1\GOOGLE~1\BAE.dll - {CA6319C0-31B7-401E-A518-A07C3DB8F777}
Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.20.0\gears.dll - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}

--------------------------------------------------

Enumerating Task Scheduler jobs:

GoogleUpdateTaskMachine.job
User_Feed_Synchronization-{813D40C1-55A6-402F-8E8A-117F61A911EE}.job
Windows Live Toolbar Güncelleştirmelerini Denetle.job

--------------------------------------------------

Enumerating Download Program Files:

[{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}]
CODEBASE = http://fpdownload.macro...r/current/ultrashim.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\Windows\system32\NLAapi.dll
NameSpace #2: C:\Windows\system32\napinsp.dll
NameSpace #3: C:\Windows\system32\pnrpnsp.dll
NameSpace #4: C:\Windows\system32\pnrpnsp.dll
NameSpace #5: C:\Program Files\Bonjour\mdnsNSP.dll
NameSpace #6: C:\Windows\system32\wshbth.dll

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\Users\sony\AppData\Local\Temp\~nsu.tmp\Au_.exe||C:\Users\sony\AppData\Local\Temp\~nsu.tmp||C:\Users\sony\AppData\Local\Temp\nsw1102.tmp\BcNsisHelper.dll||C:\Users\sony\AppData\Local\Temp\nsw1102.tmp\System.dll||C:\Users\sony\AppData\Local\Temp\nsw1102.tmp\||C:\Users\sony\AppData\Local\Temp\~nsu.tmp\Au_.exe||C:\Users\sony\AppData\Local\Temp\~nsu.tmp|||t

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:\Windows\system32\webcheck.dll

--------------------------------------------------
End of report, 6.732 bytes
Report generated in 0,062 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only


_____________________________



 
591 Mesaj
12 Ekim 2008; 17:45:18 

eline saglik.gercekten cok isime yaradi.


_____________________________



8789 Mesaj
12 Ekim 2008; 18:27:28 


quote:

Orjinalden alıntı: attila1907

Bu da ayrıntılı olanı Serji kardeş:

generate startrup log butonunun yaninda ilk secenegi de isaretleyip oyle gonderir misin?(Full) Guvenlikle ilgili bir sorun gibi gozukmuyor. Calisan programlarla ilgili gibi ama bakalim.


_____________________________



345 Mesaj
12 Ekim 2008; 18:39:35 


quote:

Orjinalden alıntı: serji



generate startrup log butonunun yaninda ilk secenegi de isaretleyip oyle gonderir misin?(Full) Guvenlikle ilgili bir sorun gibi gozukmuyor. Calisan programlarla ilgili gibi ama bakalim.


Bak onu bilmiyodum

İşte bu da full olanı:


StartupList report, 12.10.2008, 18:31:13
StartupList version: 1.52.2
Started from : C:\Users\sony\Downloads\HijackThis\HiJackThis.EXE
Detected: Windows Vista SP1 (WinNT 6.00.1905)
Detected: Internet Explorer v7.00 (7.00.6001.18000)
* Using default options
* Showing rarely important sections
==================================================

Running processes:

C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Users\sony\Downloads\HijackThis\HiJackThis.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\Windows\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

NWEReboot =

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

NvSvc = RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
NvMediaCenter = RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
NvCplDaemon = RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
ISBMgr.exe = C:\Program Files\Sony\ISB Utility\ISBMgr.exe

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
=

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\Windows\system32\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = C:\Windows\system32\ie4uinit.exe -UserIconConfig

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = C:\Windows\system32\ie4uinit.exe -BaseSettings

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

--------------------------------------------------

Load/Run keys from C:\Windows\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

--------------------------------------------------

Shell & screensaver key from C:\Windows\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\Windows\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\Windows\Explorer\Explorer.exe: not present
C:\Windows\System\Explorer.exe: not present
C:\Windows\System32\Explorer.exe: not present
C:\Windows\Command\Explorer.exe: not present
C:\Windows\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: *Registry key not found*
.shb: *Registry key not found*
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Verifying REGEDIT.EXE integrity:

- Regedit.exe found in C:\Windows
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename NOT OK: 'REGEDIT.EXE.MUI'
- File description: 'Registry Editor'

Registry check failed!

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Google Update Helper - C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll - {77D7E795-33C5-4323-974D-A2A49AB75517}
(no name) - c:\program files\google\googletoolbar1.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
(no name) - C:\Program Files\Windows Live Toolbar\msntb.dll - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
Browser Address Error Redirector - C:\PROGRA~1\GOOGLE~1\BAE.dll - {CA6319C0-31B7-401E-A518-A07C3DB8F777}
Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.4.20.0\gears.dll - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}

--------------------------------------------------

Enumerating Task Scheduler jobs:

GoogleUpdateTaskMachine.job
User_Feed_Synchronization-{813D40C1-55A6-402F-8E8A-117F61A911EE}.job
Windows Live Toolbar Güncelleştirmelerini Denetle.job

--------------------------------------------------

Enumerating Download Program Files:

[{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}]
CODEBASE = http://fpdownload.macro...r/current/ultrashim.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\Windows\system32\NLAapi.dll
NameSpace #2: C:\Windows\system32\napinsp.dll
NameSpace #3: C:\Windows\system32\pnrpnsp.dll
NameSpace #4: C:\Windows\system32\pnrpnsp.dll
NameSpace #5: C:\Program Files\Bonjour\mdnsNSP.dll
NameSpace #6: C:\Windows\system32\wshbth.dll

--------------------------------------------------

Enumerating Windows NT/2000/XP services

@%SystemRoot%\system32\aelupsvc.dll,-1: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Apple Mobile Device: "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" (autostart)
@%SystemRoot%\system32\audiosrv.dll,-204: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\audiosrv.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
@%SystemRoot%\system32\bfe.dll,-1001: %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
@%SystemRoot%\system32\qmgr.dll,-1000: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Bonjour Service: "C:\Program Files\Bonjour\mDNSResponder.exe" (autostart)
@%systemroot%\system32\browser.dll,-100: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\System32\bthserv.dll,-101: %SystemRoot%\system32\svchost.exe -k bthsvcs (autostart)
Symantec Lic NetConnect service: "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (autostart)
@%SystemRoot%\system32\cryptsvc.dll,-1001: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
@oleres.dll,-5012: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
@%SystemRoot%\system32\dhcpcsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
@%SystemRoot%\System32\dnsapi.dll,-101: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
@%systemroot%\system32\dps.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork (autostart)
EAMON: system32\DRIVERS\eamon.sys (autostart)
@%SystemRoot%\ehome\ehstart.dll,-101: %windir%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
Eset Service: "C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe" (autostart)
@%SystemRoot%\system32\emdmgmt.dll,-1000: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\wevtsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
@comres.dll,-2450: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
@%systemroot%\system32\fdrespub.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
@gpapi.dll,-112: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Google Update Service (gupdate1c8e07d8cd2fc84): "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (autostart)
@%SystemRoot%\System32\hidserv.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\ikeext.dll,-501: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\system32\iphlpsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k NetSvcs (autostart)
@comres.dll,-2946: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
@%systemroot%\system32\srvsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
@%systemroot%\system32\wkssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Link-Layer Topology Discovery Mapper I/O Driver: system32\DRIVERS\lltdio.sys (autostart)
@%SystemRoot%\system32\lmhsvc.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
UAC File Virtualization: \SystemRoot\system32\drivers\luafv.sys (autostart)
mdmxsdk: system32\DRIVERS\mdmxsdk.sys (autostart)
@%systemroot%\system32\mmcss.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\system32\FirewallAPI.dll,-23090: %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
@%SystemRoot%\system32\netprof.dll,-246: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
@%SystemRoot%\System32\nlasvc.dll,-1: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
@%SystemRoot%\system32\nsisvc.dll,-200: %systemroot%\system32\svchost.exe -k LocalService (autostart)
Parvdm: \SystemRoot\system32\drivers\parvdm.sys (autostart)
@%SystemRoot%\system32\pcasvc.dll,-1: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
PEAUTH: system32\drivers\peauth.sys (autostart)
@%SystemRoot%\system32\umpnpmgr.dll,-100: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
PnkBstrA: C:\Windows\system32\PnkBstrA.exe (autostart)
@%SystemRoot%\System32\polstore.dll,-5010: %SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted (autostart)
@%systemroot%\system32\profsvc.dll,-300: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
regi: system32\drivers\regi.sys (autostart)
@oleres.dll,-5010: %SystemRoot%\system32\svchost.exe -k rpcss (autostart)
Link-Layer Topology Discovery Responder: system32\DRIVERS\rspndr.sys (autostart)
@%SystemRoot%\system32\samsrv.dll,-1: %SystemRoot%\system32\lsass.exe (autostart)
@%SystemRoot%\system32\schedsvc.dll,-100: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\system32\seclogon.dll,-7001: %windir%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\system32\Sens.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\System32\shsvcs.dll,-12288: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\system32\SLsvc.exe,-101: %SystemRoot%\system32\SLsvc.exe (autostart)
@%systemroot%\system32\spoolsv.exe,-1: %SystemRoot%\System32\spoolsv.exe (autostart)
SigmaTel Audio Service: C:\Windows\system32\stacsv.exe (autostart)
@%SystemRoot%\system32\wiaservc.dll,-9: %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
@%SystemRoot%\system32\sysmain.dll,-1000: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\TabSvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\tbssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
TCP/IP Registry Compatibility: System32\drivers\tcpipreg.sys (autostart)
@%SystemRoot%\System32\termsrv.dll,-268: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
@%SystemRoot%\System32\shsvcs.dll,-8192: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\system32\trkwks.dll,-1: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\dwm.exe,-2000: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
VAIO Event Service: C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (autostart)
VAIO Entertainment Database Service: "C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe" (autostart)
VAIO Entertainment File Import Service: C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (autostart)
@%SystemRoot%\system32\w32time.dll,-200: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
@%SystemRoot%\System32\wersvc.dll,-100: %SystemRoot%\System32\svchost.exe -k WerSvcGroup (autostart)
@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103: %SystemRoot%\System32\svchost.exe -k secsvcs (autostart)
@%Systemroot%\system32\wbem\wmisvc.dll,-205: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\System32\wlansvc.dll,-257: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\System32\wscsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
@%systemroot%\system32\SearchIndexer.exe,-103: %systemroot%\system32\SearchIndexer.exe /Embedding (autostart)
@%systemroot%\system32\wuaueng.dll,-105: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\system32\wudfsvc.dll,-1000: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
XAudio: system32\DRIVERS\xaudio.sys (autostart)
XAudioService: %SystemRoot%\system32\DRIVERS\xaudio.exe (autostart)


--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:\Windows\system32\webcheck.dll

--------------------------------------------------
End of report, 16.519 bytes
Report generated in 0,156 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only


_____________________________



8789 Mesaj
12 Ekim 2008; 18:54:56 


quote:

Orjinalden alıntı: attila1907

Burada da cok fazla bisey yok. Baslat - calistir - msconfig yazip entera bas. Baslangic sekmesinden tum isaretleri kaldirip uygula ve yeniden baslat. Bir bak bakalim performans nasil.


_____________________________



345 Mesaj
12 Ekim 2008; 19:17:49 

quote:

Orjinalden alıntı: serji



Burada da cok fazla bisey yok. Baslat - calistir - msconfig yazip entera bas. Baslangic sekmesinden tum isaretleri kaldirip uygula ve yeniden baslat. Bir bak bakalim performans nasil.

Onu düşünmüştüm daha önce,hatta bazı programları da startup sekmesinden kaldırmıştım.Ama aşağıdaki ekteki programları kaldırırsam bi zararı filan olur mu diye kaldırmamıştım,bi de sen kontrol edebilir misin şimdi bunlardan bazıları gerekli olabili mi?
Sana da epey zahmet verdim bu arada teşekkürler...


0


local://upfiles/292721/4049EB5B28214A699445505D9A0062B9.jpg


Ekteki dosya (1)


< Bu mesaj bu kişi tarafından değiştirildi attila1907 -- 12 Ekim 2008; 19:31:23 >


_____________________________



8789 Mesaj
12 Ekim 2008; 20:14:13 

Estag. Sorun degil. ISB Utilitity harcinde kaldirirsanbir sorun olmaz. ISB hakkinda tam emin degilim fakat yine de bir sorun olacagini sanmiyorum.


_____________________________



345 Mesaj
12 Ekim 2008; 23:55:19 

Evet dediğin gibi yaptım ama yine aynı durum devam ediyo.Herhangi bir klasör ya da örneğin internet explorer filan açmayı denediğimde anlamsız bi şekilde kasılıyo makine,task managerda cpu usage %90-%100ü filan vuruyo,yarım saat menüleri yüklemeye çalışıyo(sanki oyun ara videosu filan yüklüyo bana )en azından bi 5 dakka geçtikten sonra kendine geliyo.Gerçekten çok sinir bozucu bişey. Acaba vista olmasından filan mı diycem ama benim gibi bu durumla karşılaşan çok fazla kişi görmedim forumda.Olsaydı söylerlerdi heralde .Neyse artık böyleidare edicez heralde artık ya da dayanamayıp xp ye geçicem galiba...
Bu arada yardımların için tekrar teşekkürler serji kardeşim



< Bu mesaj bu kişi tarafından değiştirildi attila1907 -- 13 Ekim 2008; 0:11:05 >


_____________________________



8789 Mesaj
13 Ekim 2008; 0:53:23 


quote:

Orjinalden alıntı: attila1907

Evet dediğin gibi yaptım ama yine aynı durum devam ediyo.Herhangi bir klasör ya da örneğin internet explorer filan açmayı denediğimde anlamsız bi şekilde kasılıyo makine,task managerda cpu usage %90-%100ü filan vuruyo,yarım saat menüleri yüklemeye çalışıyo(sanki oyun ara videosu filan yüklüyo bana )en azından bi 5 dakka geçtikten sonra kendine geliyo.Gerçekten çok sinir bozucu bişey. Acaba vista olmasından filan mı diycem ama benim gibi bu durumla karşılaşan çok fazla kişi görmedim forumda.Olsaydı söylerlerdi heralde .Neyse artık böyleidare edicez heralde artık ya da dayanamayıp xp ye geçicem galiba...
Bu arada yardımların için tekrar teşekkürler serji kardeşim

Pek fazla da yardimci olamadim ama yne de rica ederim Bu arada sahsi kanaatim XP'ye gecmenin cok cok daha iyi olacagi yonunde. Karar sana kalmis.


_____________________________



 
17 Mesaj
13 Ekim 2008; 9:50:47 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:39:29, on 13.10.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ColorSoft\AntiARP\AntiARPClientLoader.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\VM305_STI.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Admin\Belgelerim\Downloads\Programs\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-682003330-308236825-839522115-1003\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook....ebookPhotoUploader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/c.../srl_bin/sysreqlab3.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com.../resources/MSNPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://tam1deii.spaces....hotoUpload/MsnPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macr...yer/current/swflash.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein....ivex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{D042DBAD-4666-4FBC-88C4-25E17610DEB3}: NameServer = 208.67.222.222
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AntiARP Client Loader (AntiARPClientLoader) - Unknown owner - C:\Program Files\ColorSoft\AntiARP\AntiARPClientLoader.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 8242 bytes



Hocam Merhaba burada ne yapmam gereketiği hakkında bilgi verirseniz çok sevinirim. birde WLLoginproxy.exe diye birşey var bende bu nedir acaba bilginiz var mı? Teşekkürler..


_____________________________

Yalnızlığım, İnsanların Geveze Hatalarımı Övmesiyle Başladı...!


4357 Mesaj
13 Ekim 2008; 11:55:56 

WLLoginproxy.exe dns değiştirdiysen çıkan birşey olması lazım.

Ben birşey soracağım rundll32.exe virüsü D diskinde barınabilir mi?


_____________________________



8789 Mesaj
13 Ekim 2008; 12:38:22 


quote:

Orjinalden alıntı: Tam1Deli
Hocam Merhaba burada ne yapmam gereketiği hakkında bilgi verirseniz çok sevinirim. birde WLLoginproxy.exe diye birşey var bende bu nedir acaba bilginiz var mı? Teşekkürler..

* HijackThis adlı programı açın.
* Do a system scan only seçeneğine tıklayın.
* Aşağıdaki satırları işaretleyin.

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll 
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll 
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll 
O4 - HKLM\..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305) 
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') 
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe 
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html 
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL 
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 


* CTRL+ALT+DEL basıp işlemler sekmesine gelin. Kullanıcı Adınızın karşısındaki HijackThis.exe ve explorer.exe hariç tüm işlemleri sonlandırın. HijackThis hariç tüm programları, pencereleri kapatın ve Fix Checked butonuna tıklayın. Ardından bilgisayarınızı hemen yeniden başlatın.

WLLoginproxy.exe ise Windows Live'in bir bilesenidir. Cok da onemli bir sey degil.


quote:

Orjinalden alıntı: Hayalét

WLLoginproxy.exe dns değiştirdiysen çıkan birşey olması lazım.

Ben birşey soracağım rundll32.exe virüsü D diskinde barınabilir mi?

Elbette barinabilir. Emin olmak icin bir log gonderebilirsin.


_____________________________



4357 Mesaj
13 Ekim 2008; 12:43:46 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:39:09, on 13.10.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Analog Devices\ADSL USB MODEM\dslmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\uTorrent\uTorrent.exe
D:\Programlar\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [9xadiras] 9xadiras.exe
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NodLogin] C:\Program Files\ESET\ESET Smart Security\nodlogin.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ATI CATALYST Sistem Tepsisi.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft..._site.cab?1223472824031
O17 - HKLM\System\CCS\Services\Tcpip\..\{31937667-013A-4E8B-8A24-A49DD5C858DF}: NameServer = 208.67.222.222 208.67.220.220
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

--
End of file - 5816 bytes


_____________________________



8789 Mesaj
13 Ekim 2008; 13:48:47 

Burada bir sorun gozukmuyor. Yalnizca Rundll32 dosyasini taratmak istiyorsan:

Virustotal sitesini ziyaret edin.

http://www.virustotal.com/tr/

* Gözat tıklayın ve dosyayı seçip Aç tıklayın.
* Gönderme işlemi dosyanın boyutuna bağlı olarak zaman alabilir, o yüzden lütfen biraz sabırlı olun.
* İşlem tamamlandıktan sonra sonuçları notdefterine kopyalayıp yapıştırın veya bir ekran görüntüsü alarak mesajınıza ekleyerek bize gönderin.

Tüm Bilgisayarı taratmak için:

* Bilgisayarınızı taramak için Bitdefender Çevrimiçi Tarama açın.

http://www.bitdefender.com/scan8/ie.html

* I agree ve sonra da Scan tıklayın. (Ayarları değiştirmeyin)
* Tarama bittikten sonra Detected Problems sekmesini tıklayın ve Click here to export the scan report.
* Raporu HTML olarak kaydettikten sonra mesajınıza ekleyerek bize gönderin.


_____________________________



4357 Mesaj
13 Ekim 2008; 15:28:04 

File size: 33280 bytes
MD5...: 1152b625b77f5aaef39edc7e27f87a11
SHA1..: 28ced101d502344c64a248c135438ea688d6df83
SHA256: bd8fb0259c8f6e362357483ee50f3c0f71cd1e1bcf5b2d987abbfde1b3ac9101
SHA512: 03eaf42e81bcc80e4b9c1f328654b37bfd5841a8ac5a25151b5c21d653a2c402
ba728080aff8e4a8df46f5fd187eecf8f98144859d1635c81b8ef0ffb10fc222
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1001bdc
timedatestamp.....: 0x41107dbc (Wed Aug 04 06:10:04 2004)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x126a 0x1400 5.98 d23d916294ae430dcb18bcac5a53b9e7
.data 0x3000 0x38 0x200 0.25 a7f7e8f7f41d7ffb4b369fe282510650
.rsrc 0x4000 0x6738 0x6800 5.64 9398bde424226a040801fe4be8fb5768

( 5 imports )
> msvcrt.dll: _except_handler3, _wtoi, _vsnwprintf
> KERNEL32.dll: FreeLibrary, LocalFree, lstrlenA, WideCharToMultiByte, LocalAlloc, lstrlenW, GetProcAddress, FormatMessageW, GetLastError, LoadLibraryW, ActivateActCtx, CreateActCtxW, SearchPathW, GetFileAttributesW, ReleaseActCtx, DeactivateActCtx, SetErrorMode, ExitProcess, GetModuleHandleW, GetStartupInfoW, GetCommandLineW, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter
> GDI32.dll: GetStockObject
> USER32.dll: RegisterClassW, LoadStringW, CharNextW, SetClassLongW, LoadIconW, DefWindowProcW, CreateWindowExW, MessageBoxW, LoadCursorW, DestroyWindow
> IMAGEHLP.dll: ImageDirectoryEntryToData

( 0 exports )



Rundll32.exe dosyasında böyle birşeyler çıktı.


Buda tarama sonuçları

http://rapid share.com/files/153578653/tarama.html



< Bu mesaj bu kişi tarafından değiştirildi Hayalét -- 13 Ekim 2008; 16:03:16 >


_____________________________



 
223 Mesaj
13 Ekim 2008; 16:40:20 


quote:

Orjinalden alıntı: serji



R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: Adobe PDF Reader Bağı Yardımı - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

Burada bir sorun gozukmuyor. HJ acip Misc Tools Section - Generate Startup Log tiklayip o logu da bir gonder bakalin.

dedigin gibi yaptım

StartupList report, 13.10.2008, 16:36:08
StartupList version: 1.52.2
Started from : C:\Documents and Settings\m.c\Desktop\Analyze.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Unable to get Internet Explorer version!
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\LckFldService.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Eset\nod32kui.exe
E:\GaMeS\Warcraft III[1.22]\w3dr.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\seba14mods\utorrent 1.6.1. build 490 Leecher Pack\utorrent 1.6.1 (490)__mult10_leecher.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\m.c\Desktop\Analyze.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programlar\Başlangıç]
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

RTHDCPL = RTHDCPL.EXE
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
nod32kui = "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
w3dr.exe = E:\GaMeS\Warcraft III[1.22]\w3dr.exe
NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe
UnlockerAssistant = "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
=

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

[AdobeUpdater]
=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\system32\logon.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll - {00C6482D-C502-44C8-8409-FCE54AD9C208}
(no name) - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - (no file) - {7E853D72-626A-48EC-A868-BA8D5E23E045}

--------------------------------------------------

Enumerating Task Scheduler jobs:

AppleSoftwareUpdate.job

--------------------------------------------------

Enumerating Download Program Files:

[WUWebControl Class]
InProcServer32 = C:\WINDOWS\system32\wuweb.dll
CODEBASE = http://www.update.micro..._site.cab?1213796040781

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx
CODEBASE = http://download.macrome.../cabs/flash/swflash.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #5: C:\Program Files\Bonjour\mdnsNSP.dll

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll

--------------------------------------------------
End of report, 5.119 bytes
Report generated in 0,016 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only


_____________________________



255 Mesaj
13 Ekim 2008; 18:27:05 


serji kardeşim,
Combofix'ten sonra HJ ile asagidakini fixledim.

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

kardeşim birde pc yi açtığımda hoşgeldiniz yazısından sonra mavi ekran geliyo bi kaç defa kapatıp açınca masa üstü geliyor bu nedir anlamadım, kafayı yemek üzereyim
mavi ekranda aşağıdaki yazıyo bi bakarmısın;

sorun algılandı ve windows kapatıldı
....
....
....

teknik bilgiler;

STOP:0x00000050(0xC45D6F00,0x00000000,0xBAB78FF0,0X00000000)
nvmini.sys-address BAB78FF0 badse at BAB78000,datestamp 46381e21



en son haliyle HJ logunu gönderiyorum


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:58, on 2008-10-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\STacSV.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
F2 - REG:system.ini: Shell=explorer.exe "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\services.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

--
End of file - 4009 bytes


_____________________________


Uzaklaştırılmış
Süresiz olarak uzaklaştırıldı.
13 Ekim 2008; 18:49:22 

Burak abiciim benim .log a dabi bakabilirsen sevinirim.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:45:20, on 13.10.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\VMSnap3.exe
C:\WINDOWS\Domino.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Documents and Settings\Yasemin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Yasemin\Desktop\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O1 - Hosts: 208.117.236.70 youtube.com
O1 - Hosts: 208.117.236.70 www.youtube.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.1\EasyGifAnimator_Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.1\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.exe
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Yasemin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com.../resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macr.../cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D26C9AAF-1D11-4F05-8A94-C0380AD6688D}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (OfcPfwSvc) - Unknown owner - C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Unknown owner - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe (file missing)

--
End of file - 10149 bytes


 
13 Mesaj
13 Ekim 2008; 19:27:51 

Öncelikle merhaba;

Bende supheleniyorum bu aralar pc kafayı yemekle meşgul. Eğer yardımcı olursan sevinirim.Bu arada bir kaç daha program sölemişin onlarıdamı yukleyip taratcaz...Konunun gerisindeyim kusura bakma.(:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:18:48, on 13.10.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Keymaestro\Multimedia Keyboard\nhksrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Keymaestro\Multimedia Keyboard\MMKeybd.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Keymaestro\Multimedia Keyboard\TrayMon.exe
C:\Program Files\Keymaestro\Onscreen Display\OSD.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\FlashGet\FlashGet.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Keymaestro\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &FlashGet ile indir - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: &Tümünü FlashGet ile indir - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Bunu Web Günlüğüne Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Windows Live Writer içinde &Bunu Web Günlüğüne Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.c...cabs/FPDC_2.3.7.109.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.micro..._site.cab?1208326170518
O16 - DPF: {D0BB3ACE-4ED3-4D65-BB86-1A0C6CAF351F} (AvaLaunch Control) - http://212.175.239.246:81/avaLaunch94.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E09A24EF-68CD-4B52-80C5-9D8C6D99A250}: NameServer = 4.2.2.3
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Keymaestro\Multimedia Keyboard\nhksrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 10246 bytes


_____________________________



8789 Mesaj
13 Ekim 2008; 22:04:01 


quote:

Orjinalden alıntı: Hayalét
Rundll32.exe dosyasında böyle birşeyler çıktı.


Buda tarama sonuçları

http://rapid share.com/files/153578653/tarama.html


Bir de burada tarayip sonuclari atar misin? http://virusscan.jotti.org

Bitdefender bazi viruslu dosyalari bulup silmis.


_____________________________



8789 Mesaj
13 Ekim 2008; 22:09:27 


quote:

Orjinalden alıntı: m5

dedigin gibi yaptım

Burada da bir sorun gozukmuyor. Firefox'u acip Google girdiginde de hic bir islem yapmadan beklediginde aciyor mu?


quote:

Orjinalden alıntı: absolutely33


serji kardeşim,
Combofix'ten sonra HJ ile asagidakini fixledim.

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

kardeşim birde pc yi açtığımda hoşgeldiniz yazısından sonra mavi ekran geliyo bi kaç defa kapatıp açınca masa üstü geliyor bu nedir anlamadım, kafayı yemek üzereyim
mavi ekranda aşağıdaki yazıyo bi bakarmısın;

sorun algılandı ve windows kapatıldı

Sistemde hala virus var maalesef. Su islemleri yapmani istiyorum:

* Bilgisayarınızı taramak için Bitdefender Çevrimiçi Tarama açın.

http://www.bitdefender.com/scan8/ie.html

* I agree ve sonra da Scan tıklayın. (Ayarları değiştirmeyin)
* Tarama bittikten sonra Detected Problems sekmesini tıklayın ve Click here to export the scan report.
* Raporu HTML olarak kaydettikten sonra mesajınıza ekleyerek bize gönderin.

SuperAntiSpyware adlı programı indirip kurun.

http://www.superantispy...ds/SUPERAntiSpyware.exe

* SUPERAntiSypware.exe çift tıklayın ve programı varsayılan ayarlarıyla kurun.
* Masaüstünüzde programın ikonu oluşacaktır. Programı çalıştırmak için ikona çift tıklayın.
* Eğer güncellemeniz için soru sorarsa Evet tıklayın. Eğer sormazsa, taratmadan önce kendiniz Check for Updates butonuna tıklayarak güncelleştirin.
* Configuration and Preferences sekmesi altında Preferences butonuna tıklayın.
* General and Startup sekmesine tıklayın ve Start-up Options altında Start SUPERAntiSpyware when Windows starts seçeneğinin seçili olmadığından emin olun.
* Scanning Control sekmesine gelin ve Scanner Options altında yalnızca aşağıdakilerin işaretli olduğundan emin olun. (Diğerlerini işaretsiz bırakın.)

# Close browsers before scanning.
# Scan for tracking cookies.
# Terminate memory threats before quarantining.
* Close butonuna tıklayarak programı kapatın.
* Henüz sisteminizi taratmayın.

Şimdi tekrar programı çalıştırın:

* Ana menüde Scan for Harmful Software altında Scan your computer tıklayın.
* Sol tarafta C:\Fixed Drive işaretli olduğundan emin olun.
* Sağ tarafta Complete Scan altında Perform Complete Scan seçin ve Next tıklayın.
* Tarama işlemi bittikten sonra zararlı yazılımları içeren bir tarama özeti açılacak. OK tıklayın.
* Herşeyin işaretli olduğundan emin olun ve Next tıklayın.
* Quarantine and Removal is Complete şeklinde bir uyarı alacaksınız. OK tıklayın ve ana menüye dönmek için Finish tıklayın.
* Eğer yeniden başlatmanız gerektiği söylenirse, Yes tıklayıp bilgisayarınızı yeniden başlatın.
* İşlem sonuçlarını öğrenmek için:
# Preferences tıklayın ve Statistics/Logs sekmesine gelin.
# Scanner Logs altında SUPERAntiSpyware Scan Log çift tıklayın.
# Eğer birden fazla log varsa, güncel olanı seçin ve View log tıklayın. Bir yazı dosyası açılacaktır.
# Açılan dosyayı kaydedip mesajınıza ekleyerek bize gönderin.
* Close tıklayarak programı kapatın.


_____________________________



8789 Mesaj
13 Ekim 2008; 22:11:42 


quote:

Orjinalden alıntı: Bay PiPo..!

Burak abiciim benim .log a dabi bakabilirsen sevinirim.

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll 
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll 
O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.exe
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" 
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" 
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe 
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') 
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 


_____________________________



8789 Mesaj
13 Ekim 2008; 22:13:56 


quote:

Orjinalden alıntı: Flaruz

Öncelikle merhaba;

Bende supheleniyorum bu aralar pc kafayı yemekle meşgul. Eğer yardımcı olursan sevinirim.Bu arada bir kaç daha program sölemişin onlarıdamı yukleyip taratcaz...Konunun gerisindeyim kusura bakma.(:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll 
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll 
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll 
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" 
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') 
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 


Cok da fazla sorun gozukmuyor. Ama bir fixle bakalim. Eger sorun cozulmezse (bir dahakine daha ayrintili belirtirsen daha iyi olur ) diger adimlara geceriz.


_____________________________



4357 Mesaj
14 Ekim 2008; 9:12:18 

Bitdefender güncelleme dosyalarınıdamı silmiş ne etmiş güncelleme yapamıyorum.Flash güncellemesi yüklenemedi diyor.


_____________________________



393 Mesaj
14 Ekim 2008; 12:33:53 

benim raporuda incelerseniz sevinirim

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:26:32, on 14.10.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\OturanBoga\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/...stomize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O1 - Hosts: TT Jacker :)
O1 - Hosts: 195.8.214.141 dailymotion.com
O1 - Hosts: 195.8.214.142 dailymotion.com
O1 - Hosts: 195.8.214.140 www.dailymotion.com
O1 - Hosts: 208.117.236.70 youtube.com
O1 - Hosts: 208.117.236.70 www.youtube.com
O1 - Hosts: 74.125.65.118 img.youtube.com
O1 - Hosts: 64.15.124.143 sjc-v1.sjc.youtube.com
O1 - Hosts: 64.15.124.144 sjc-v2.sjc.youtube.com
O1 - Hosts: 64.15.124.145 sjc-v3.sjc.youtube.com
O1 - Hosts: 64.15.124.146 sjc-v4.sjc.youtube.com
O1 - Hosts: 64.15.124.147 sjc-v5.sjc.youtube.com
O1 - Hosts: 64.15.124.148 sjc-v6.sjc.youtube.com
O1 - Hosts: 64.15.124.149 sjc-v7.sjc.youtube.com
O1 - Hosts: 64.15.124.150 sjc-v8.sjc.youtube.com
O1 - Hosts: 64.15.124.151 sjc-v9.sjc.youtube.com
O1 - Hosts: 67.228.223.62 mp3hanesi.com
O1 - Hosts: 67.228.223.62 mp3hanesi.net
O1 - Hosts: 67.228.223.62 mp3hanesi.org
O1 - Hosts: 67.228.223.62 www.mp3hanesi.com
O1 - Hosts: 67.228.223.62 www.mp3hanesi.net
O1 - Hosts: 67.228.223.62 www.mp3hanesi.org
O1 - Hosts: 75.126.2.88 forumtr.com
O1 - Hosts: 75.126.2.88 www.forumtr.com
O1 - Hosts: 64.15.124.152 sjc-v10.sjc.youtube.com
O1 - Hosts: 64.15.124.153 sjc-v11.sjc.youtube.com
O1 - Hosts: 64.15.124.154 sjc-v12.sjc.youtube.com
O1 - Hosts: 64.15.124.155 sjc-v13.sjc.youtube.com
O1 - Hosts: 64.15.124.156 sjc-v14.sjc.youtube.com
O1 - Hosts: 64.15.124.157 sjc-v15.sjc.youtube.com
O1 - Hosts: 64.15.124.158 sjc-v16.sjc.youtube.com
O1 - Hosts: 64.15.124.159 sjc-v17.sjc.youtube.com
O1 - Hosts: 64.15.124.160 sjc-v18.sjc.youtube.com
O1 - Hosts: 64.15.124.161 sjc-v19.sjc.youtube.com
O1 - Hosts: 64.15.124.162 sjc-v20.sjc.youtube.com
O1 - Hosts: 64.15.124.163 sjc-v21.sjc.youtube.com
O1 - Hosts: 64.15.124.164 sjc-v22.sjc.youtube.com
O1 - Hosts: 64.15.124.165 sjc-v23.sjc.youtube.com
O1 - Hosts: 64.15.124.166 sjc-v24.sjc.youtube.com
O1 - Hosts: 64.15.124.167 sjc-v25.sjc.youtube.com
O1 - Hosts: 64.15.124.168 sjc-v26.sjc.youtube.com
O1 - Hosts: 64.15.124.169 sjc-v27.sjc.youtube.com
O1 - Hosts: 64.15.124.170 sjc-v28.sjc.youtube.com
O1 - Hosts: 64.15.124.171 sjc-v29.sjc.youtube.com
O1 - Hosts: 64.15.124.172 sjc-v30.sjc.youtube.com
O1 - Hosts: 64.15.124.173 sjc-v31.sjc.youtube.com
O1 - Hosts: 64.15.124.174 sjc-v32.sjc.youtube.com
O1 - Hosts: 64.15.124.175 sjc-v33.sjc.youtube.com
O1 - Hosts: 64.15.124.176 sjc-v34.sjc.youtube.com
O1 - Hosts: 64.15.124.177 sjc-v35.sjc.youtube.com
O1 - Hosts: 64.15.124.178 sjc-v36.sjc.youtube.com
O1 - Hosts: 64.15.124.179 sjc-v37.sjc.youtube.com
O1 - Hosts: 64.15.124.180 sjc-v38.sjc.youtube.com
O1 - Hosts: 64.15.124.207 sjc-v39.sjc.youtube.com
O1 - Hosts: 64.15.124.208 sjc-v40.sjc.youtube.com
O1 - Hosts: 64.15.124.209 sjc-v41.sjc.youtube.com
O1 - Hosts: 64.15.124.210 sjc-v42.sjc.youtube.com
O1 - Hosts: 64.15.124.211 sjc-v43.sjc.youtube.com
O1 - Hosts: 64.15.124.212 sjc-v44.sjc.youtube.com
O1 - Hosts: 64.15.124.213 sjc-v45.sjc.youtube.com
O1 - Hosts: 64.15.124.214 sjc-v46.sjc.youtube.com
O1 - Hosts: 64.15.124.215 sjc-v47.sjc.youtube.com
O1 - Hosts: 64.15.124.216 sjc-v48.sjc.youtube.com
O1 - Hosts: 64.15.124.217 sjc-v49.sjc.youtube.com
O1 - Hosts: 64.15.124.218 sjc-v50.sjc.youtube.com
O1 - Hosts: 64.15.124.219 sjc-v51.sjc.youtube.com
O1 - Hosts: 64.15.124.220 sjc-v52.sjc.youtube.com
O1 - Hosts: 64.15.124.221 sjc-v53.sjc.youtube.com
O1 - Hosts: 64.15.124.222 sjc-v54.sjc.youtube.com
O1 - Hosts: 64.15.124.223 sjc-v55.sjc.youtube.com
O1 - Hosts: 64.15.124.224 sjc-v56.sjc.youtube.com
O1 - Hosts: 64.15.124.225 sjc-v57.sjc.youtube.com
O1 - Hosts: 64.15.124.226 sjc-v58.sjc.youtube.com
O1 - Hosts: 64.15.124.227 sjc-v59.sjc.youtube.com
O1 - Hosts: 64.15.124.228 sjc-v60.sjc.youtube.com
O1 - Hosts: 64.15.124.229 sjc-v61.sjc.youtube.com
O1 - Hosts: 64.15.124.230 sjc-v62.sjc.youtube.com
O1 - Hosts: 64.15.124.231 sjc-v63.sjc.youtube.com
O1 - Hosts: 64.15.124.232 sjc-v64.sjc.youtube.com
O1 - Hosts: 64.15.124.233 sjc-v65.sjc.youtube.com
O1 - Hosts: 64.15.124.234 sjc-v66.sjc.youtube.com
O1 - Hosts: 64.15.124.235 sjc-v67.sjc.youtube.com
O1 - Hosts: 64.15.124.236 sjc-v68.sjc.youtube.com
O1 - Hosts: 64.15.124.237 sjc-v69.sjc.youtube.com
O1 - Hosts: 64.15.124.238 sjc-v70.sjc.youtube.com
O1 - Hosts: 64.15.124.239 sjc-v71.sjc.youtube.com
O1 - Hosts: 64.15.124.240 sjc-v72.sjc.youtube.com
O1 - Hosts: 64.15.124.241 sjc-v73.sjc.youtube.com
O1 - Hosts: 64.15.124.242 sjc-v74.sjc.youtube.com
O1 - Hosts: 64.15.124.243 sjc-v75.sjc.youtube.com
O1 - Hosts: 64.15.124.244 sjc-v76.sjc.youtube.com
O1 - Hosts: 64.15.125.16 sjc-v77.sjc.youtube.com
O1 - Hosts: 64.15.125.17 sjc-v78.sjc.youtube.com
O1 - Hosts: 64.15.125.18 sjc-v79.sjc.youtube.com
O1 - Hosts: 64.15.125.19 sjc-v80.sjc.youtube.com
O1 - Hosts: 64.15.125.20 sjc-v81.sjc.youtube.com
O1 - Hosts: 64.15.125.21 sjc-v82.sjc.youtube.com
O1 - Hosts: 64.15.125.22 sjc-v83.sjc.youtube.com
O1 - Hosts: 64.15.125.23 sjc-v84.sjc.youtube.com
O1 - Hosts: 64.15.125.24 sjc-v85.sjc.youtube.com
O1 - Hosts: 64.15.125.25 sjc-v86.sjc.youtube.com
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\OturanBoga\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: µTorrent.lnk = C:\Program Files\uTorrent\uTorrent.exe
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0FC8B38E-9293-424C-9D0E-CE60775679CF} (SubClassEditCtrlContainer Class) - https://sube.garanti.co...b/JaguarEditControl.CAB
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefe...ources/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare...canner/wlscbase9563.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symante...nt/common/bin/cabsa.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macr.../cabs/flash/swflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6333E3B9-747E-408A-8E8B-7BD8A5D2EE0E}: NameServer = 4.2.2.1,4.2.2.5
O17 - HKLM\System\CS1\Services\Tcpip\..\{6333E3B9-747E-408A-8E8B-7BD8A5D2EE0E}: NameServer = 4.2.2.1,4.2.2.5
O20 - Winlogon Notify: pmnnLFvu - pmnnLFvu.dll (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 11868 bytes


_____________________________



 
13 Mesaj
14 Ekim 2008; 12:46:16 

Tşkler. İyiki varsın işinde başarılar dilerim.(:


quote:

Orjinalden alıntı: serji
Cok da fazla sorun gozukmuyor. Ama bir fixle bakalim. Eger sorun cozulmezse (bir dahakine daha ayrintili belirtirsen daha iyi olur ) diger adimlara geceriz.



_____________________________