Üye Girişi
Bağlan Google+ ile Bağlan Facebook ile Bağlan
Yeni Kayıt
Tüm Forumlar
  • Tüm Forumlar
  • İşletim Sistemleri ve Yazılımlar
  • Yazılım Genel
  • Güvenlik Programları
  • Bu Konuda
Şimdi Ara

HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+ (258. sayfa)

Sıcak Fırsatlarda Tıklananlar
Editörün Seçtiği Fırsatlar
Daha Fazla
Bu Konudaki Kullanıcılar: Daha Az
4 Misafir - 4 Masaüstü
5 sn
9.877
Cevap
17
Favori
1.234.490
Tıklama
Daha Fazla
İstatistik
  • Konu İstatistikleri Yükleniyor
Konuya Özel
0 oy
Öne Çıkar
Cevapla
Sayfa: önceki 256257258259260
Sayfaya Git
Git
sonraki
Giriş
Mesaj
  • serji benim sorunum yok ( büyük ihtimalle pc de bir sürü şey wardır 3 senedir format atmadım ama 2-3 ayda bir nod32, spybot search and destroy ve doctor adaware ile taratıp bulduum her şeyi siliorum :D ) sadece sana teşekkür etmek istedim... çok büyük bir hizmette bulunuyorsun süper bir iş çıkartıosun saol saol saol ...

  • quote:

    Orjinalden alıntı: madlive

    Selamlar;
    Öncelikle teşekkür etmek istiyorum. Antivirüs programı kullanmıyorum. Pek sevmiyorum. Her ay format atmaya çalışırım.

    rica ederim.

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =https://login.live.com/ppsecure/sha1auth.srf?lc=1055
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    Viruslerden, zararli yazilimlardan vs. kurtulmanin en etkili yolu format atmaktir fakat antivirus kullanmanizi - yine de israr ediyorsaniz en azindan 2-3 gunde bir hic degilse haftada bir cevrimici tarayicilar ile taratmanizi- tavsiye ederim. Bir keylogger sifre/kredi karti gibi cok onemli kisisel bilgilerinizin calinmasina sebep olabilir.




  • slmlar oncelikle bu çalışma için teşekkürler. büyük emek gerçekten. ben biraz once hijack ile tarattım diğer bölümleri okumamıstım. çıkan sorunların hepsine fix checked dedim :D yani ne varsa allah ne verdiyse. meğerse oyle değilmiş . neyse bi daha yaptım şimdi log su sekilde.:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 05:36:23, on 03.10.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\Program Files\Spyware Terminator\sp_rsser.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\AVG\AVG8\avgtray.exe
    C:\Program Files\AVG\AVG8\avgui.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\PROGRA~1\FREEDO~1\fdm.exe
    D:\TORENT DENİZİ\HiJackThis.exe

    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 1963 bytes




  • quote:

    Orjinalden alıntı: overdozz

    slmlar oncelikle bu çalışma için teşekkürler. büyük emek gerçekten. ben biraz once hijack ile tarattım diğer bölümleri okumamıstım. çıkan sorunların hepsine fix checked dedim :D yani ne varsa allah ne verdiyse. meğerse oyle değilmiş . neyse bi daha yaptım şimdi log su sekilde.:

    Herhangi bir sey kalmamis zaten
  • eyw sağol hojam ..
  • quote:

    Orjinalden alıntı: overdozz

    eyw sağol hojam ..

    rca ederim kolay gelsin.
  • Burak abi bi zahmet benim .log a da bi el at.


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:58:29, on 03.10.2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16711)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\RocketDock\RocketDock.exe
    C:\Users\Bay PiPo..!\Program Files\DNA\btdna.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Opera\opera.exe
    C:\Windows\explorer.exe
    C:\Program Files\Winamp\winamp.exe
    C:\Users\Bay PiPo..!\Documents\İndirilenler\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    O1 - Hosts: TT Jacker :)
    O1 - Hosts: 195.8.214.141 dailymotion.com
    O1 - Hosts: 195.8.214.142 dailymotion.com
    O1 - Hosts: 195.8.214.140www.dailymotion.com
    O1 - Hosts: 208.117.236.70 youtube.com
    O1 - Hosts: 208.117.236.70www.youtube.com
    O1 - Hosts: 74.125.65.118 img.youtube.com
    O1 - Hosts: 64.15.124.143 sjc-v1.sjc.youtube.com
    O1 - Hosts: 64.15.124.144 sjc-v2.sjc.youtube.com
    O1 - Hosts: 64.15.124.145 sjc-v3.sjc.youtube.com
    O1 - Hosts: 64.15.124.146 sjc-v4.sjc.youtube.com
    O1 - Hosts: 64.15.124.147 sjc-v5.sjc.youtube.com
    O1 - Hosts: 64.15.124.148 sjc-v6.sjc.youtube.com
    O1 - Hosts: 64.15.124.149 sjc-v7.sjc.youtube.com
    O1 - Hosts: 64.15.124.150 sjc-v8.sjc.youtube.com
    O1 - Hosts: 64.15.124.151 sjc-v9.sjc.youtube.com
    O1 - Hosts: 67.228.223.62 mp3hanesi.com
    O1 - Hosts: 67.228.223.62 mp3hanesi.net
    O1 - Hosts: 67.228.223.62 mp3hanesi.org
    O1 - Hosts: 67.228.223.62www.mp3hanesi.com
    O1 - Hosts: 67.228.223.62www.mp3hanesi.net
    O1 - Hosts: 67.228.223.62www.mp3hanesi.org
    O1 - Hosts: 75.126.2.88 forumtr.com
    O1 - Hosts: 75.126.2.88www.forumtr.com
    O1 - Hosts: 64.15.124.152 sjc-v10.sjc.youtube.com
    O1 - Hosts: 64.15.124.153 sjc-v11.sjc.youtube.com
    O1 - Hosts: 64.15.124.154 sjc-v12.sjc.youtube.com
    O1 - Hosts: 64.15.124.155 sjc-v13.sjc.youtube.com
    O1 - Hosts: 64.15.124.156 sjc-v14.sjc.youtube.com
    O1 - Hosts: 64.15.124.157 sjc-v15.sjc.youtube.com
    O1 - Hosts: 64.15.124.158 sjc-v16.sjc.youtube.com
    O1 - Hosts: 64.15.124.159 sjc-v17.sjc.youtube.com
    O1 - Hosts: 64.15.124.160 sjc-v18.sjc.youtube.com
    O1 - Hosts: 64.15.124.161 sjc-v19.sjc.youtube.com
    O1 - Hosts: 64.15.124.162 sjc-v20.sjc.youtube.com
    O1 - Hosts: 64.15.124.163 sjc-v21.sjc.youtube.com
    O1 - Hosts: 64.15.124.164 sjc-v22.sjc.youtube.com
    O1 - Hosts: 64.15.124.165 sjc-v23.sjc.youtube.com
    O1 - Hosts: 64.15.124.166 sjc-v24.sjc.youtube.com
    O1 - Hosts: 64.15.124.167 sjc-v25.sjc.youtube.com
    O1 - Hosts: 64.15.124.168 sjc-v26.sjc.youtube.com
    O1 - Hosts: 64.15.124.169 sjc-v27.sjc.youtube.com
    O1 - Hosts: 64.15.124.170 sjc-v28.sjc.youtube.com
    O1 - Hosts: 64.15.124.171 sjc-v29.sjc.youtube.com
    O1 - Hosts: 64.15.124.172 sjc-v30.sjc.youtube.com
    O1 - Hosts: 64.15.124.173 sjc-v31.sjc.youtube.com
    O1 - Hosts: 64.15.124.174 sjc-v32.sjc.youtube.com
    O1 - Hosts: 64.15.124.175 sjc-v33.sjc.youtube.com
    O1 - Hosts: 64.15.124.176 sjc-v34.sjc.youtube.com
    O1 - Hosts: 64.15.124.177 sjc-v35.sjc.youtube.com
    O1 - Hosts: 64.15.124.178 sjc-v36.sjc.youtube.com
    O1 - Hosts: 64.15.124.179 sjc-v37.sjc.youtube.com
    O1 - Hosts: 64.15.124.180 sjc-v38.sjc.youtube.com
    O1 - Hosts: 64.15.124.207 sjc-v39.sjc.youtube.com
    O1 - Hosts: 64.15.124.208 sjc-v40.sjc.youtube.com
    O1 - Hosts: 64.15.124.209 sjc-v41.sjc.youtube.com
    O1 - Hosts: 64.15.124.210 sjc-v42.sjc.youtube.com
    O1 - Hosts: 64.15.124.211 sjc-v43.sjc.youtube.com
    O1 - Hosts: 64.15.124.212 sjc-v44.sjc.youtube.com
    O1 - Hosts: 64.15.124.213 sjc-v45.sjc.youtube.com
    O1 - Hosts: 64.15.124.214 sjc-v46.sjc.youtube.com
    O1 - Hosts: 64.15.124.215 sjc-v47.sjc.youtube.com
    O1 - Hosts: 64.15.124.216 sjc-v48.sjc.youtube.com
    O1 - Hosts: 64.15.124.217 sjc-v49.sjc.youtube.com
    O1 - Hosts: 64.15.124.218 sjc-v50.sjc.youtube.com
    O1 - Hosts: 64.15.124.219 sjc-v51.sjc.youtube.com
    O1 - Hosts: 64.15.124.220 sjc-v52.sjc.youtube.com
    O1 - Hosts: 64.15.124.221 sjc-v53.sjc.youtube.com
    O1 - Hosts: 64.15.124.222 sjc-v54.sjc.youtube.com
    O1 - Hosts: 64.15.124.223 sjc-v55.sjc.youtube.com
    O1 - Hosts: 64.15.124.224 sjc-v56.sjc.youtube.com
    O1 - Hosts: 64.15.124.225 sjc-v57.sjc.youtube.com
    O1 - Hosts: 64.15.124.226 sjc-v58.sjc.youtube.com
    O1 - Hosts: 64.15.124.227 sjc-v59.sjc.youtube.com
    O1 - Hosts: 64.15.124.228 sjc-v60.sjc.youtube.com
    O1 - Hosts: 64.15.124.229 sjc-v61.sjc.youtube.com
    O1 - Hosts: 64.15.124.230 sjc-v62.sjc.youtube.com
    O1 - Hosts: 64.15.124.231 sjc-v63.sjc.youtube.com
    O1 - Hosts: 64.15.124.232 sjc-v64.sjc.youtube.com
    O1 - Hosts: 64.15.124.233 sjc-v65.sjc.youtube.com
    O1 - Hosts: 64.15.124.234 sjc-v66.sjc.youtube.com
    O1 - Hosts: 64.15.124.235 sjc-v67.sjc.youtube.com
    O1 - Hosts: 64.15.124.236 sjc-v68.sjc.youtube.com
    O1 - Hosts: 64.15.124.237 sjc-v69.sjc.youtube.com
    O1 - Hosts: 64.15.124.238 sjc-v70.sjc.youtube.com
    O1 - Hosts: 64.15.124.239 sjc-v71.sjc.youtube.com
    O1 - Hosts: 64.15.124.240 sjc-v72.sjc.youtube.com
    O1 - Hosts: 64.15.124.241 sjc-v73.sjc.youtube.com
    O1 - Hosts: 64.15.124.242 sjc-v74.sjc.youtube.com
    O1 - Hosts: 64.15.124.243 sjc-v75.sjc.youtube.com
    O1 - Hosts: 64.15.124.244 sjc-v76.sjc.youtube.com
    O1 - Hosts: 64.15.125.16 sjc-v77.sjc.youtube.com
    O1 - Hosts: 64.15.125.17 sjc-v78.sjc.youtube.com
    O1 - Hosts: 64.15.125.18 sjc-v79.sjc.youtube.com
    O1 - Hosts: 64.15.125.19 sjc-v80.sjc.youtube.com
    O1 - Hosts: 64.15.125.20 sjc-v81.sjc.youtube.com
    O1 - Hosts: 64.15.125.21 sjc-v82.sjc.youtube.com
    O1 - Hosts: 64.15.125.22 sjc-v83.sjc.youtube.com
    O1 - Hosts: 64.15.125.23 sjc-v84.sjc.youtube.com
    O1 - Hosts: 64.15.125.24 sjc-v85.sjc.youtube.com
    O1 - Hosts: 64.15.125.25 sjc-v86.sjc.youtube.com
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [TopDesk] C:\Program Files\TopDesk\topdesk.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Bay PiPo..!\Program Files\DNA\btdna.exe"
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) -http://sdlc-esd.sun.com/ESD42/JSCDL/jre/6u6-b90/jinstall-6u6-windows-i586-jc.cab?AuthParam=1211885103_f90b6321fa0c79bcc50078a6b202db30&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD42/JSCDL/jre/6u6-b90/jinstall-6u6-windows-i586-jc.cab&File=jinstall-6u6-windows-i586-jc.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{CE566140-C9E5-4B7E-BBE4-56CB1EA3D289}: NameServer = 208.67.222.222,208.67.220.220
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

    --
    End of file - 8473 bytes




  • quote:

    Orjinalden alıntı: Bay PiPo..!

    Burak abi bi zahmet benim .log a da bi el at.

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    O1 - Hosts: TT Jacker :)
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Bay PiPo..!\Program Files\DNA\btdna.exe"




  • Bende bir problem başladı bu aralar sana sormak istiyorum serji.Problemim bilgisayarda hangi setupı açarsam açıyım bilgisayar donuyor bi süre.1 mb ın altındaki setuplar bile donduruyor.Görev yöneticisine bakıyorum her setup için ilk bellek kullanımı 68 K oluyor. Sonra donukluk geçince bellek kullanımıda normale dönüyor.
    Kaspersky ile Tam Tarama yaptım bilgisayar temiz çıktı.Spybotla tarama yaptım temiz çıktı.

    Buda en son log dosyamın sonucu. Şimdiden ilgine teşekkür ediyorum

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 01:48:29, on 04.10.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0013)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Winamp\winamp.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Opera\opera.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
    O4 - HKLM\..\Run: [ASM] "C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" HIDEMAIN
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O9 - Extra button: Ağ trafiği koruma istatistikleri - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe

    --
    End of file - 2593 bytes



    < Bu mesaj bu kişi tarafından değiştirildi fahrettin89 -- 4 Ekim 2008; 1:50:48 >




  • tekrar merhabalar. winampla ilgili ses sorunum hala devam ediyor ve simdi de neredeyse yeni format atmama rahmen bir cok hata iletisi alıyorum.
    internet exploreri acamiyorum 6.0 . virüs olabilecegini dusunuyorum. Dr watson da suan 4 tane uygulama hataları diye yazi var .

    birisi bu
    App: D:\KMP\KMPlayer.exe (pid=2240)

    Özel durum numarası: c0000005 (erişim ihlali)
    diger 3 hata da bu sekilde yazılmıs
    App: C:\Program Files\Internet Explorer\iexplore.exe (pid=2680)

    Özel durum numarası: c0000006 (sayfada GÇ hatası)

    Bu da son log
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 07:11:08, on 04.10.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\ATKKBService.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Documents and Settings\Administrator\Desktop\w3hph.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\system32\drwtsn32.exe
    C:\WINDOWS\system32\drwtsn32.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.daemon-search.com/startpage
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [AirTiesWUS-300] C:\Program Files\AirTies\AirTiesWUS-300\WUS300.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    --
    End of file - 6073 bytes




  • quote:

    Orjinalden alıntı: fahrettin89

    Bende bir problem başladı bu aralar sana sormak istiyorum serji.Problemim bilgisayarda hangi setupı açarsam açıyım bilgisayar donuyor bi süre.1 mb ın altındaki setuplar bile donduruyor.Görev yöneticisine bakıyorum her setup için ilk bellek kullanımı 68 K oluyor. Sonra donukluk geçince bellek kullanımıda normale dönüyor.
    Kaspersky ile Tam Tarama yaptım bilgisayar temiz çıktı.Spybotla tarama yaptım temiz çıktı.

    Buda en son log dosyamın sonucu. Şimdiden ilgine teşekkür ediyorum

    Bilgisayar temiz gözüküyor. Tahminim sistemle ilgili bir problem olmasi. Zaten gordugum kadari ile SP2 yuklu. SP3 yukleyip (eger istemiyorsan SP2 bastan yuklemeyi deneyebilirsin) sonucu gorelim bakalim




  • quote:

    Orjinalden alıntı: recoill

    tekrar merhabalar. winampla ilgili ses sorunum hala devam ediyor ve simdi de neredeyse yeni format atmama rahmen bir cok hata iletisi alıyorum.
    internet exploreri acamiyorum 6.0 . virüs olabilecegini dusunuyorum. Dr watson da suan 4 tane uygulama hataları diye yazi var .

    birisi bu
    App: D:\KMP\KMPlayer.exe (pid=2240)

    Özel durum numarası: c0000005 (erişim ihlali)
    diger 3 hata da bu sekilde yazılmıs
    App: C:\Program Files\Internet Explorer\iexplore.exe (pid=2680)

    Özel durum numarası: c0000006 (sayfada GÇ hatası)

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.daemon-search.com/startpage
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

    Bunlari fixledikten sonra yenidenb aslatip dene bakalim. Ayrica KMPlayeri tamamen kaldirip sitesinden en son surumu indirmeyi dene. Eger IE ile ilgili problemler fixten sonra cozulmezse IE7'yi yuklemeni tavsiye ediyorum.




  • quote:

    Orjinalden alıntı: serji


    quote:

    Orjinalden alıntı: fahrettin89

    Bende bir problem başladı bu aralar sana sormak istiyorum serji.Problemim bilgisayarda hangi setupı açarsam açıyım bilgisayar donuyor bi süre.1 mb ın altındaki setuplar bile donduruyor.Görev yöneticisine bakıyorum her setup için ilk bellek kullanımı 68 K oluyor. Sonra donukluk geçince bellek kullanımıda normale dönüyor.
    Kaspersky ile Tam Tarama yaptım bilgisayar temiz çıktı.Spybotla tarama yaptım temiz çıktı.

    Buda en son log dosyamın sonucu. Şimdiden ilgine teşekkür ediyorum

    Bilgisayar temiz gözüküyor. Tahminim sistemle ilgili bir problem olmasi. Zaten gordugum kadari ile SP2 yuklu. SP3 yukleyip (eger istemiyorsan SP2 bastan yuklemeyi deneyebilirsin) sonucu gorelim bakalim

    Senin mesajını okuyamadan sistem açılışında NTDRL eksik gibi bir hata aldım bu sabah ve format atıp tekrar windowsumu yükledim ve bu belirttiğim durumdan şimdilik kurtuldum.
    Dediğim gibi ilgilendiğin için teşekkür ederim

    Artık başka hatalarda görüşmek üzere




  • quote:

    Orjinalden alıntı: fahrettin89
    Senin mesajını okuyamadan sistem açılışında NTDRL eksik gibi bir hata aldım bu sabah ve format atıp tekrar windowsumu yükledim ve bu belirttiğim durumdan şimdilik kurtuldum.
    Dediğim gibi ilgilendiğin için teşekkür ederim

    Artık başka hatalarda görüşmek üzere

    Formata gerek yoktu ama kurtulmussun olsun. Insallah gerek kalmaz ama olursa da ben burdayim




  • Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:51:35, on 04.10.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\AirTies\ADSL Hizmet Programı\AirTies_util3.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    \?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
    C:\Documents and Settings\AHMET UYANIK\Desktop\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: AirTies ADSL Hizmet Programı.lnk = ?
    O4 - Global Startup: Bluetooth.lnk = ?
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    --
    End of file - 4995 bytes




  • quote:

    Orjinalden alıntı: @DrAgOn

    ???????

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe




  • Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:49:56, on 04.10.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Logitech\G-series Software\LCDMon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
    C:\WINDOWS\system32\devldr32.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Winamp\winamp.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\PROGRA~1\FREEDO~1\fdm.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    F2 - REG:system.ini: Shell=
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
    O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: Free Download Manager ile indir - file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Free Download Manager ile seçileni indir - file://C:\Program Files\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Free Download Manager ile tümünü indir - file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Videoyu Free Download Manager ile indir - file://C:\Program Files\Free Download Manager\dlfvideo.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    --
    End of file - 4203 bytes


    10 dk önce activexdebugger32 trojanını kaldırdım, sorun yok ama içim rahat değil loglarda herhangi bir problem varmı?




  • quote:

    Orjinalden alıntı: ostrich
    10 dk önce activexdebugger32 trojanını kaldırdım, sorun yok ama içim rahat değil loglarda herhangi bir problem varmı?

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    F2 - REG:system.ini: Shell=
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    Evet sorun gozukmuyor icin rahat olsun.




  • Teşekkürler.
  • quote:

    Orjinalden alıntı: ostrich

    Teşekkürler.

    rica ederm kolay gelsin.
    • 
Sayfa: önceki 256257258259260
Sayfaya Git
Git
sonraki
- x
Bildirim
mesajınız kopyalandı (ctrl+v) yapıştırmak istediğiniz yere yapıştırabilirsiniz.
Hizmet kalitesi için çerezleri kullanabiliriz. DH’ye girerek kullanım izni vermiş sayılırsınız.
Anladım Veri Politikamız