Yeni Kayıt
Konudaki Resimler
|
Hızlı 
Bildirim
Bilgisayar komutlara 10 dk sonra tepki veriyor...
Sıcak Fırsatlarda Tıklananlar
Editörün Seçtiği Fırsatlar
Daha Fazla 
Bu Konudaki Kullanıcılar:
Daha Az 
2 Misafir - 2 Masaüstü
Giriş
Mesaj
-
-
bu yazıyı kaç saatte yazdın merak ettim 
-
yuh yaaa bende yardım edecek birileri çıktı diye sevinmiştim...
Mozillayı açmak 10 dk, foruma girmek 10 dk, yazıyı yazmak ve yeni konu açmak 20 dk...
Ama virüslerle uğraşmak paha biçilemez...
-
bilgisayarını güncel bi antivirüs programıyla tarattır. adware vs varsa onları uygun bir program aracılığıyla kaldır(bkz google). isteğe bağlı klasik disk birleştiricisi aracınıda kullanabilirsin.
olmadı format at uğraşma. -
quote:
Orijinalden alıntı: dioeth
bilgisayarını güncel bi antivirüs programıyla tarattır. adware vs varsa onları uygun bir program aracılığıyla kaldır(bkz google). isteğe bağlı klasik disk birleştiricisi aracınıda kullanabilirsin.
olmadı format at uğraşma.
Format atmak hiç aklıma gelmemiş ti saol yaa...
Norman, Malwarebytes, Avira ve Combo dahası var mı... -
@01mrt
mevcut yöntemleri kullanman işe yaramıyorsa eğer, format atmaktan başka bi çözüm yolun olacak mı ? olacaksa eğer pm at bende öğreneyim hoca. -
güvenli moddda başlıorsa o şekilde tarat
olmadı hdd yi başka pcye tak g data i.s ile tarat.
olmadı ö. bilgileri yedekle format at. -
@01mrt
Log da çok fazla virüs bulaştığını gösteriyor,
Aşağıdaki adresten DR.WEB ücretsiz virüs temizleme programını masaüstüne indir, güvenli modda başlatıp, "tam tarama" seçeneğini işaretleyip çıkan virüslerin tümünü sil.
http://www.gezginler.net/modules/mydownloads/singlefile.php?download=dr.web-cureit&lid=3108 -
Merhaba;
Dr.Web'le tarama yaptım ama pek bişey bulamadı, sadece karantinadakileri buldu...
Biraz düzelme var gibi hala bi ağırlık mevcut...
Ayrıca doctusda bir takım işlemler açıklanmış onlarıda yaptım...
http://doctus.org/showthread.php?t=21692.html
En son aldığım log bu...
ComboFix 10-06-25.04 - MuRaT 26.06.2010 20:07:49.7.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1254.90.1055.18.1791.1371 [GMT 3:00]
Running from: c:\documents and settings\MuRaT\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
Infected copy of c:\windows\system32\kernel32.dll was found and disinfected
Restored copy from - c:\windows\ERDNT\cache\kernel32.dll
.
((((((((((((((((((((((((( Files Created from 2010-05-26 to 2010-06-26 )))))))))))))))))))))))))))))))
.
2010-06-25 20:59 . 2010-06-25 20:59 -------- d-----w- c:\documents and settings\MuRaT\Application Data\GlarySoft
2010-06-25 19:09 . 2010-06-25 19:09 -------- d-----w- c:\documents and settings\MuRaT\Application Data\IObit
2010-06-21 18:56 . 2010-06-26 17:20 -------- d-----w- c:\documents and settings\MuRaT\Application Data\AIMP
2010-06-14 10:03 . 2010-06-14 10:03 -------- d-----w- c:\documents and settings\MuRaT\Application Data\ImgBurn
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-26 17:20 . 2009-05-10 15:08 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-06-26 16:51 . 2009-06-15 15:38 -------- d-----w- c:\documents and settings\MuRaT\Application Data\TeraCopy
2010-06-25 21:06 . 2010-06-25 19:08 -------- d-----w- c:\program files\Wise Registry Cleaner
2010-06-25 20:26 . 2009-03-30 10:33 -------- d-----w- c:\documents and settings\MuRaT\Application Data\Media Player Classic
2010-06-25 19:09 . 2010-06-25 19:09 -------- d-----w- c:\program files\IObit
2010-06-25 19:05 . 2010-06-25 19:04 -------- d-----w- c:\program files\Glary Utilities
2010-06-25 19:05 . 2010-06-25 19:05 -------- d-----w- c:\program files\Ask.com
2010-06-25 19:03 . 2010-06-25 19:02 -------- d-----w- c:\program files\CCleaner
2010-06-21 18:30 . 2008-04-15 12:00 84312 ----a-w- c:\windows\system32\perfc01F.dat
2010-06-21 18:30 . 2008-04-15 12:00 441828 ----a-w- c:\windows\system32\perfh01F.dat
2010-06-18 14:03 . 2010-06-18 14:03 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ggsemc_01007.Wdf
2010-06-18 14:03 . 2010-06-18 14:03 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-06-05 08:43 . 2009-09-18 07:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-03 15:17 . 2010-05-16 17:41 -------- d-----w- c:\documents and settings\MuRaT\Application Data\vlc
2010-05-26 14:01 . 2010-05-26 14:01 503808 ----a-w- c:\documents and settings\MuRaT\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-49ad3467-n\msvcp71.dll
2010-05-26 14:01 . 2010-05-26 14:01 499712 ----a-w- c:\documents and settings\MuRaT\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-49ad3467-n\jmc.dll
2010-05-26 14:01 . 2010-05-26 14:01 348160 ----a-w- c:\documents and settings\MuRaT\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-49ad3467-n\msvcr71.dll
2010-05-26 14:01 . 2010-05-26 14:01 61440 ----a-w- c:\documents and settings\MuRaT\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4c94b185-n\decora-sse.dll
2010-05-26 14:01 . 2010-05-26 14:01 12800 ----a-w- c:\documents and settings\MuRaT\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4c94b185-n\decora-d3d.dll
2010-05-16 21:37 . 2010-05-16 20:05 -------- d-----w- c:\documents and settings\MuRaT\Application Data\Audacity
2010-05-10 20:40 . 2009-03-27 19:34 -------- d-----w- c:\program files\Common Files\Java
2010-05-10 20:40 . 2010-05-10 20:40 503808 ----a-w- c:\documents and settings\MuRaT\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3fb19d72-n\msvcp71.dll
2010-05-10 20:40 . 2010-05-10 20:40 499712 ----a-w- c:\documents and settings\MuRaT\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3fb19d72-n\jmc.dll
2010-05-10 20:40 . 2010-05-10 20:40 348160 ----a-w- c:\documents and settings\MuRaT\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3fb19d72-n\msvcr71.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-11-18 15:40 1196936 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-11-18 1196936]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"RocketDock"="c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" [2007-03-18 630784]
"Google Update"="c:\documents and settings\MuRaT\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-01-16 135664]
"MMAgent"="c:\program files\Mobile Master\MMAgent.exe" [2008-06-24 1342912]
"Fraps"="c:\program files\FRAPS\FRAPS.EXE" [2008-01-14 913064]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-15 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VMSnap3"="c:\windows\VMSnap3.EXE" [2006-08-30 49152]
"Domino"="c:\windows\Domino.EXE" [2006-06-28 49152]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2009-10-26 15872]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"RTHDCPL"="RTHDCPL.EXE" [2010-02-22 18791456]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"AIMP2"="c:\program files\AIMP2\AIMP2.exe" [2008-12-30 358400]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]
c:\documents and settings\MuRaT\Start Menu\Programlar\BaŸlang‡\
OneNote 2007 Ekran Krpc ve BaŸlatc.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-19 630784]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-6-1 65536]
UberIcon.lnk - c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-5-21 180224]
Y'z Shadow.lnk - c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe [2006-5-21 155648]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr2.exe"=
"d:\\Program Files\\Ubisoft\\Ghost Recon Advanced Warfighter 2\\graw2.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [26.03.2009 23:28 13696]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [26.03.2009 23:51 108289]
R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [18.09.2009 10:12 113896]
R3 mpfilt;mpfilt;c:\windows\system32\drivers\mpfilt.sys [07.03.2010 21:22 10588]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [30.01.2010 16:27 27632]
R3 TUSB1150;Airties WUS-300 USB Wireless Adapter (TNETW1450);c:\windows\system32\drivers\TUSB1150.sys [26.05.2009 12:05 450944]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [08.03.2010 12:07 1691480]
S3 ATHFMWDL;Philips USB Wireless Adapter Bootloader driver;c:\windows\system32\drivers\Athfmwdl.sys [06.05.2009 15:54 43392]
S3 CPWUA6D;Philips USB Wireless Network Adapter Service;c:\windows\system32\drivers\CPWUA6D1.sys [07.05.2009 11:06 285696]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [30.01.2010 16:28 13224]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [08.11.2009 13:22 332928]
S3 vmfilter303;vmfilter303;c:\windows\system32\drivers\vmfilter303.sys [26.03.2009 23:42 428160]
S3 wlanndi5;wlanndi5 NDIS Protocol Driver;c:\windows\system32\wlanndi5.sys [21.04.2004 17:51 16384]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [07.06.2009 14:08 717296]
.
Contents of the 'Scheduled Tasks' folder
2010-06-26 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-06-25 07:01]
2010-06-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-879983540-1801674531-1003Core.job
- c:\documents and settings\MuRaT\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-16 12:36]
2010-06-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-879983540-1801674531-1003UA.job
- c:\documents and settings\MuRaT\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-16 12:36]
2010-06-26 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-11-18 15:40]
.
.
------- Supplementary Scan -------
.
IE: Microsoft Excel'e &Ver - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {4E32316D-2AB0-408F-97F3-0BC5A95CF30A} = 4.2.2.1,4.2.2.2
FF - ProfilePath - c:\documents and settings\MuRaT\Application Data\Mozilla\Firefox\Profiles\pnw7vyx2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.tr
FF - component: c:\documents and settings\MuRaT\Application Data\Mozilla\Firefox\Profiles\pnw7vyx2.default\extensions\keyscrambler@qfx.software.corporation\components\KeyScramblerIE.dll
FF - plugin: c:\documents and settings\MuRaT\Local Settings\Application Data\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,http://www.gmer.net
Rootkit scan 2010-06-26 20:18
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-1085031214-879983540-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7A6A5BFD-47FA-B036-172A-3DBB72293D79}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(936)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(2520)
c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll
c:\program files\Unlocker\UnlockerHook.dll
c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
c:\windows\system32\ieframe.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\wdfmgr.exe
c:\windows\RTHDCPL.EXE
c:\documents and settings\MuRaT\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe
c:\program files\Mobile Master\MMScan.exe
.
**************************************************************************
.
Completion time: 2010-06-26 20:27:33 - machine was rebooted
ComboFix-quarantined-files.txt 2010-06-26 17:27
ComboFix2.txt 2010-06-21 19:30
Pre-Run: 2.052.595.712 bayt boş
Post-Run: 2.042.036.224 bayt boş
- - End Of File - - D8C209353185C1AA0D1E984039D7AD95
-
birde hijackthis ile taratıp log gönderirmisiniz?
"ask.com" isminde bir reklam programı yapışmış
< Bu mesaj bu kişi tarafından değiştirildi tcebeci -- 28 Haziran 2010; 12:09:58 > -
Ask sanırım, doctustaki programları kurunca oldu...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:33:54, on 28.06.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\Domino.EXE
C:\WINDOWS\VMSnap3.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mobile Master\MMAgent.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Mobile Master\MMScan.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MMAgent] C:\Program Files\Mobile Master\MMAgent.exe
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E32316D-2AB0-408F-97F3-0BC5A95CF30A}: NameServer = 4.2.2.1,4.2.2.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{4E32316D-2AB0-408F-97F3-0BC5A95CF30A}: NameServer = 4.2.2.1,4.2.2.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{4E32316D-2AB0-408F-97F3-0BC5A95CF30A}: NameServer = 4.2.2.1,4.2.2.2
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
--
End of file - 6644 bytes
-
benim bilgisayarımda da aynı problem var bilgisayar 5 dk dan aşağı açılmıyor.başlangıçtaki herşeyi iptal ettim ona rağmen aynı.güncel nod32 antivirüs yüklü.acaba nod 32 mi geç açılmasına neden oluyor? -
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
Bu satırları "fix" leyebilirsin.
Birde Windows XP ye Vista görünümü veren "BricoPacks" programını yüklemişsiniz, bence bu programıda silin.
Son olarak sistem düzelene kazar Avirayı da kaldırmanızı tavsiye edeceğim
@hosting07
Bazan antivirüs programları sisteme tam oturmadığında sorunlar oluşturabiliyor.
< Bu mesaj bu kişi tarafından değiştirildi tcebeci -- 28 Haziran 2010; 13:42:54 >
-
Söylediklerini aynen yaptım, combo log veya hijack raporu eklememi ister misin... -
CCleaner ile "Cleaner" ve "Kayıt defteri" temizliği yapın.
http://download.piriform.com/ccsetup233.exe -
Aynen yaptım, şuan anti virüs programı yok bilgisayarda...
İyi mi yaptık kötü mü...
-
Virüsler genelde açık kapı bulup, antivirüs programlarını felç ediyor. Zaman zaman kaldırıp başka bir antivirüs yüklemek faydalı olabiliyor.
Benimde tavsiyem şimdilik başka bir program ile taratın, örneğin AVG free, nod32, zone alarm vb. Daha sonra tekrar Avirayı temiz bir şekilde kurarsınız.
Sayfa:
1
Ip işlemleri
Bu mesaj IP'si ile atılan mesajları ara Bu kullanıcının son IP'si ile atılan mesajları ara Bu mesaj IP'si ile kullanıcı ara Bu kullanıcının son IP'si ile kullanıcı ara
KAPAT X
Bu mesaj IP'si ile atılan mesajları ara Bu kullanıcının son IP'si ile atılan mesajları ara Bu mesaj IP'si ile kullanıcı ara Bu kullanıcının son IP'si ile kullanıcı ara
KAPAT X
