Yeni Kayıt
Konudaki Resimler
önceki
|
Hızlı 
Bildirim
HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+ (271. sayfa)
Sıcak Fırsatlarda Tıklananlar
Editörün Seçtiği Fırsatlar
Daha Fazla 
Bu Konudaki Kullanıcılar:
Daha Az 
2 Misafir - 2 Masaüstü
Giriş
Mesaj
-
-
Üstat,
Safe modeda açtım. Denediğim bazı uygulamalar aşağıda;
Firefox - Bariz daha hızlı açılıyor ama interneti deneyemedim çünkü bağlantı yoktu. Herhalde modem programını görmüyor.
Outlook - Çok az daha hızlı.
Klasörler - Daha hızlı açılıyor, özellikle thumbnailler daha hızlı geliyor ama öyle deli gibi fark yok.
Adobe - Daha hızlı.
Media Player - Hiç açmıyor. Media Player Classic ile de denedim olmadı. Bu yüzden kıyaslama yapamıyorum.
Aklıma da başka birşey gelmedi.
Bu arada benim makine normal mode'da biraz hızlanmış. Sağolasın.
Yorumlarını beklerim.
Selamlar -
verdigin linkteki 270 kb lik bir dosyaymis internette avenger exe yazip arattim 3.7 mblik bir dosya cıktı kurdum ama beta versiyonmus tarihi dolmus.
*** Downloadlarda da ariza var sanirim verdigin linkteki dosya download edilirken 770 kb gozukuyor masaustune indiginde 270 330 350 gibi degerlerde oluyor .. Down Em all ie indirirken boyut eşleşmiyor diye bir hata veriyor. Fransız kaldım
< Bu mesaj bu kişi tarafından değiştirildi recoill -- 17 Ekim 2008; 22:33:47 > -
quote:
Orjinalden alıntı: recoill
http://img261.imageshack.us/my.php?image=sddsdddddddddddnx1.jpg
Sürekli resimdeki gibi bir sayfa cıkıyor.. Ondeki uyari mesajinda ignore - Remove all - ve yukardaki carpi işareti olma uzere 3 secenek oluyor ama 3ü de tikladigimda bir dosyayi dl etmem icin download onay kutusu acio ( ücünde de aynı dosyayi indirmeyi onaylama ).
Malwarebytes Antimalware adlı programı indirin.
http://www.guvenlikuzmanim.com/dosyalar/mbam-setup.exe
* Programı kurmak için mbam-setup.exe üzerine çift tıklayın ve programı kurun.
* Malwarebytes Antimalware Güncelle ve Malwarebytes Programını Çalıştır seçeneklerini işaretleyip Finish tıklayın.
* Eğer bir güncelleştirme bulunursa, program otomatik olarak indirip güncelleştirecektir.
* Program yüklendiğinde Tam Tarama seçip Taramaya Başla butonuna tıklayın.
* Tarama işlemi biraz zaman alabilir, o yüzden lütfen biraz sabırlı olun.
* Tarama işlemi bittiğinde, Tamam tıklayın ve Sonuçları Göster tıklayın.
* Herşeyin işaretli olduğundan emin olun ve Seçilileri Temizle tıklayın.
* Temizleme işlemi bittiğinde bir notdefteri penceresi açılacaktır. (Bilgisayarınızı yeniden başlatmanız gerekebilir.)
* Notdefteri dosyasını kaydedip mesajınıza ekleyerek bize gönderin.
NOT: Eğer temizleme işlemi sırasında program bilgisayarı yeniden başlatmanızı isterse Tamam tıklayarak bilgisayarızı yeniden başlatın.
NOT: Programin normal boyutu 714 kb.
quote:
Orjinalden alıntı: linkin_park20
son programı indiriyorum. serji, sorunu çözemesen bile bu karısık dosyalarla ilgilenmen bile bana göre bir teşekkürden fazlasını hakediyor.
Insallah sorunu cozecegiz. Ondan sonra benim de icimrahat olur
-
quote:
Orjinalden alıntı: aoitsukinosuke
Üstat,
Safe modeda açtım. Denediğim bazı uygulamalar aşağıda;
Firefox - Bariz daha hızlı açılıyor ama interneti deneyemedim çünkü bağlantı yoktu. Herhalde modem programını görmüyor.
Outlook - Çok az daha hızlı.
Klasörler - Daha hızlı açılıyor, özellikle thumbnailler daha hızlı geliyor ama öyle deli gibi fark yok.
Adobe - Daha hızlı.
Media Player - Hiç açmıyor. Media Player Classic ile de denedim olmadı. Bu yüzden kıyaslama yapamıyorum.
Aklıma da başka birşey gelmedi.
Bu arada benim makine normal mode'da biraz hızlanmış. Sağolasın.
Yorumlarını beklerim.
Selamlar
Rica ederim. Normal modda bir cok gereksiz servis ve program yuklendigi icin tum islemlerin yavas olmasi cok normal. Fakat asiri bir yavaslik soz konusu ise sisteme agir geliyor demektir. Onerebilecegim bir yol:
baslat - calistir - msconfig yazip entera bas ve baslangic sekmesinde gercekten ihtiyacin olmayan programlari kaldir. Cogu zaman bu yarar, bunu arada kullaniyorum diyoruz fakat programlar birikip genellikle bilgisayari yavaslatiyor. O yuzden iyi bir eleme yapmani tavsiye derim. Kolay gelsin.
-
Malwarebytes' Anti-Malware 1.29
Veritabanı versiyonu: 1279
Windows 5.1.2600 Service Pack 3
17.10.2008 22:59:42
mbam-log-2008-10-17 (22-59-37).txt
Tarama şekli: Derin Tarama (C:\|D:\|)
Taranmış nesneler: 150412
Geçen zaman: 37 minute(s), 57 second(s)
Etkilenmiş Hafıza İşlemleri: 0
Etkilenmiş Hafıza Modülleri: 0
Etkilenmiş Kayıt Anahtarları: 6
Etkilenmiş Kayıt Değerleri: 1
Etkilenmiş Kayıt Veri Dosyaları: 0
Etkilenmiş Klasörler: 0
Etkilenmiş Dosyalar: 34
Etkilenmiş Hafıza İşlemleri:
(Tehlikeli nesne bulunmadı)
Etkilenmiş Hafıza Modülleri:
(Tehlikeli nesne bulunmadı)
Etkilenmiş Kayıt Anahtarları:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\rosqxvmn.bmex (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\rosqxvmn.toolbar.1 (Trojan.FakeAlert) -> No action taken.
Etkilenmiş Kayıt Değerleri:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{bce97a72-640b-4ded-923f-8196fc01f76b} (Trojan.Vundo) -> No action taken.
Etkilenmiş Kayıt Veri Dosyaları:
(Tehlikeli nesne bulunmadı)
Etkilenmiş Klasörler:
(Tehlikeli nesne bulunmadı)
Etkilenmiş Dosyalar:
C:\Documents and Settings\admi\Local Settings\Temporary Internet Files\Content.IE5\9THRJAKO\upd105320[1] (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\admi\Local Settings\Temporary Internet Files\Content.IE5\9THRJAKO\cntr[1] (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\admi\Local Settings\Temporary Internet Files\Content.IE5\BFS5IIE9\nd82m0[1] (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\admi\Local Settings\Temporary Internet Files\Content.IE5\BFS5IIE9\cntr[1] (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\admi\Local Settings\Temporary Internet Files\Content.IE5\BFS5IIE9\cntr[2] (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\omqnvp.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ptumbgqn.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\uaeqhwru.dll.vir (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\geBuVnlL.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\enrqjqyv.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\towxtgmp.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\jdbomitp.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\npgfevyc.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\wvUmliHA.dll.vir (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\veqasw.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\acdjaujb.dll.vir (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\fistza.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\qoMfEvtt.dll.vir (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\trsprc.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\rqRHaAtU.dll.vir (Trojan.Vundo) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\cbXNDVLb.dll.vir (Trojan.Vundo) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\fjboyvlf.dll.vir (Trojan.Vundo) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\igdpyp.dll.vir (Trojan.Vundo) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\iljayf.dll.vir (Trojan.Vundo) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ioexowlc.dll.vir (Trojan.Vundo) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ocvrrltq.dll.vir (Trojan.Vundo) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ododsrtu.dll.vir (Trojan.Vundo) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\pmnnLBsT.dll.vir (Trojan.Vundo) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\pmnoLFxX.dll.vir.vir (Trojan.Vundo) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\snrxdbuj.dll.vir.vir (Trojan.Vundo) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\tborurln.dll.vir (Trojan.Vundo) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\vbzmgj.dll.vir (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\wini104552664.exe (Trojan.FakeAlert) -> No action taken.
seçilenleri temizle sekmesini bulamadım.
-
Üstat,
Yardımların ve sabrın için çok teşekkür ederim.
Sağlıcakla kal.
Selamlar.
quote:
Orjinalden alıntı: serji
quote:
Orjinalden alıntı: aoitsukinosuke
Üstat,
Safe modeda açtım. Denediğim bazı uygulamalar aşağıda;
Firefox - Bariz daha hızlı açılıyor ama interneti deneyemedim çünkü bağlantı yoktu. Herhalde modem programını görmüyor.
Outlook - Çok az daha hızlı.
Klasörler - Daha hızlı açılıyor, özellikle thumbnailler daha hızlı geliyor ama öyle deli gibi fark yok.
Adobe - Daha hızlı.
Media Player - Hiç açmıyor. Media Player Classic ile de denedim olmadı. Bu yüzden kıyaslama yapamıyorum.
Aklıma da başka birşey gelmedi.
Bu arada benim makine normal mode'da biraz hızlanmış. Sağolasın.
Yorumlarını beklerim.
Selamlar
Rica ederim. Normal modda bir cok gereksiz servis ve program yuklendigi icin tum islemlerin yavas olmasi cok normal. Fakat asiri bir yavaslik soz konusu ise sisteme agir geliyor demektir. Onerebilecegim bir yol:
baslat - calistir - msconfig yazip entera bas ve baslangic sekmesinde gercekten ihtiyacin olmayan programlari kaldir. Cogu zaman bu yarar, bunu arada kullaniyorum diyoruz fakat programlar birikip genellikle bilgisayari yavaslatiyor. O yuzden iyi bir eleme yapmani tavsiye derim. Kolay gelsin.
-
quote:
Orjinalden alıntı: aoitsukinosuke
Üstat,
Yardımların ve sabrın için çok teşekkür ederim.
Sağlıcakla kal.
Selamlar.
Rica ederim. Bir sorun olursa ben yine buradayim. Kolay gelsin.
quote:
Orjinalden alıntı: linkin_park20
seçilenleri temizle sekmesini bulamadım.
VundoFix adlı programı indirin.
http://www.guvenlikuzmanim.com/dosyalar/VundoFix.exe
* Programı çalıştırmak için VundoFix.exe çift tıklayın.
* Program açılınca, Scan for Vundo butonuna tıklayın.
* Program taramayı bitirince, Remove Vundo butonuna tıklayın.
* Dosyaları silmek istediğinize dair bir onay mesajı alacaksınız, Yes tıklayın.
* Yes tıkladıktan sonra, masaüstünüz temizleme işlemi bitene kadar kaybolacaktır.
* Temizleme işlemi bittikten sonra program bilgisayarınızı yeniden başlatmanızı isteyecektir, OK tıklayın.
* Bilgisayarınız yeniden başladıktan sonra C:\VundoFix.txt dosyası oluşacaktır. Dosyayı mesajınıza ekleyerek bize gönderin.
-
Nod 32yle tarasam sorun olurmu???????
Ve yine rapor
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "C:\08dgu.com" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
< Bu mesaj bu kişi tarafından değiştirildi fuhrergandhi -- 17 Ekim 2008; 23:34:17 > -
quote:
Orjinalden alıntı: Golday
Nod 32yle tarasam bi sorun olurmu??????????
Hayir olmaz.Fakat NOD32'nin guncel oldugundan emin olun. -
quote:
Orjinalden alıntı: serji
quote:
Orjinalden alıntı: Golday
Nod 32yle tarasam bi sorun olurmu??????????
Hayir olmaz.Fakat NOD32'nin guncel oldugundan emin olun.
Fakat sisteme 2 virüs programı kurmak saglıklı degil bildigim kadarıyla -
Öncelikle avenger exeyi baska bir arkadasin PCye kurup atmasini rica ettim ordan calistirip kullandim hersey normaldi.
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File "C:\WINDOWS\system32\khfdCvtU.dll" deleted successfully.
File "C:\WINDOWS\system32\fccdaYrS.dll" deleted successfully.
Error: file "C:\WINDOWS\system32\wniobe.dll" not found!
Deletion of file "C:\WINDOWS\system32\wniobe.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Error: file "C:\WINDOWS\wniobe.dll" not found!
Deletion of file "C:\WINDOWS\wniobe.dll" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Completed script processing.
*******************
Finished! Terminate.
*********************************************************************************************
>>>>>>>>> Diye bir log aldim daha sonrahttp://www.guvenlikuzmanim.com/dosyalar/perlovga.exe dosyasini acip yeniden baslatinca normal mode ta acilmamaya basladi PC ( birseyi yanlis yaptim sanirim güvenli modetan geri yukleme noktasina döndüm..Sonra Son programi acip kullandim logu yoluuyorum onun icin de
***************
Malwarebytes' Anti-Malware 1.29
Veritabanı versiyonu: 1279
Windows 5.1.2600 Service Pack 2
17.10.2008 23:34:36
mbam-log-2008-10-17 (23-34-36).txt
Tarama şekli: Derin Tarama (C:\|D:\|)
Taranmış nesneler: 54881
Geçen zaman: 7 minute(s), 45 second(s)
Etkilenmiş Hafıza İşlemleri: 0
Etkilenmiş Hafıza Modülleri: 3
Etkilenmiş Kayıt Anahtarları: 12
Etkilenmiş Kayıt Değerleri: 1
Etkilenmiş Kayıt Veri Dosyaları: 2
Etkilenmiş Klasörler: 0
Etkilenmiş Dosyalar: 44
Etkilenmiş Hafıza İşlemleri:
(Tehlikeli nesne bulunmadı)
Etkilenmiş Hafıza Modülleri:
C:\WINDOWS\system32\pmnMghET.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\fccdaYrS.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\mqtgrdxt.dll (Trojan.Vundo.H) -> Delete on reboot.
Etkilenmiş Kayıt Anahtarları:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58e0aca9-5d1b-403a-b87c-212311e3f8ec} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{58e0aca9-5d1b-403a-b87c-212311e3f8ec} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88bf72c3-be20-4ae6-bae6-d33ff4a0771e} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{88bf72c3-be20-4ae6-bae6-d33ff4a0771e} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ad72687b-cf83-4463-8e95-2cb3198ca5f6} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\fccdayrs (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{ad72687b-cf83-4463-8e95-2cb3198ca5f6} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Warning Center (Trojan.Zlob) -> Quarantined and deleted successfully.
Etkilenmiş Kayıt Değerleri:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{ad72687b-cf83-4463-8e95-2cb3198ca5f6} (Trojan.Vundo.H) -> Delete on reboot.
Etkilenmiş Kayıt Veri Dosyaları:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\pmnmghet -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\pmnmghet -> Delete on reboot.
Etkilenmiş Klasörler:
(Tehlikeli nesne bulunmadı)
Etkilenmiş Dosyalar:
C:\WINDOWS\system32\pmnMghET.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\TEhgMnmp.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TEhgMnmp.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lprxaf.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fccdaYrS.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\89MLMZSB\upd105320[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\FT749LI5\CAG1494R (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\LNG2NXTN\nd82m0[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\cbXPGaXN.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\closhcyq.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ddkwwxwq.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ddljrfqw.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\khfEWOGV.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\necddk.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\nosmss.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\opoetxad.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ortwekdi.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\pjrtlj.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\svhsgwbt.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\wbsfhsqe.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\wniobe.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\xdyvnslt.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP19\A0004374.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP19\A0004375.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP19\A0004376.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP19\A0004377.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP19\A0004378.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP19\A0004379.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP19\A0004382.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP19\A0004385.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP19\A0004386.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP19\A0004387.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP20\A0004475.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP20\A0004476.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP20\A0004477.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP20\A0004479.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP21\A0004599.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP21\A0004600.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP22\A0006654.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP22\A0006656.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{753867F8-CE45-4FF2-BB42-D0B84731060E}\RP22\A0006663.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mqtgrdxt.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\dubnbfes.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\khfdCvtU.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
-
Malwarebytes' Anti-Malware 1.29
Veritabanı versiyonu: 1279
Windows 5.1.2600 Service Pack 3
17.10.2008 23:43:19
mbam-log-2008-10-17 (23-43-19).txt
Tarama şekli: Derin Tarama (C:\|D:\|)
Taranmış nesneler: 150501
Geçen zaman: 34 minute(s), 19 second(s)
Etkilenmiş Hafıza İşlemleri: 0
Etkilenmiş Hafıza Modülleri: 0
Etkilenmiş Kayıt Anahtarları: 6
Etkilenmiş Kayıt Değerleri: 1
Etkilenmiş Kayıt Veri Dosyaları: 0
Etkilenmiş Klasörler: 0
Etkilenmiş Dosyalar: 34
Etkilenmiş Hafıza İşlemleri:
(Tehlikeli nesne bulunmadı)
Etkilenmiş Hafıza Modülleri:
(Tehlikeli nesne bulunmadı)
Etkilenmiş Kayıt Anahtarları:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rosqxvmn.bmex (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rosqxvmn.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Etkilenmiş Kayıt Değerleri:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{bce97a72-640b-4ded-923f-8196fc01f76b} (Trojan.Vundo) -> Quarantined and deleted successfully.
Etkilenmiş Kayıt Veri Dosyaları:
(Tehlikeli nesne bulunmadı)
Etkilenmiş Klasörler:
(Tehlikeli nesne bulunmadı)
Etkilenmiş Dosyalar:
C:\Documents and Settings\admi\Local Settings\Temporary Internet Files\Content.IE5\9THRJAKO\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\admi\Local Settings\Temporary Internet Files\Content.IE5\9THRJAKO\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\admi\Local Settings\Temporary Internet Files\Content.IE5\BFS5IIE9\nd82m0[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\admi\Local Settings\Temporary Internet Files\Content.IE5\BFS5IIE9\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\admi\Local Settings\Temporary Internet Files\Content.IE5\BFS5IIE9\cntr[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\omqnvp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ptumbgqn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uaeqhwru.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\geBuVnlL.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\enrqjqyv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\towxtgmp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jdbomitp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\npgfevyc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wvUmliHA.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\veqasw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\acdjaujb.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fistza.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qoMfEvtt.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\trsprc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rqRHaAtU.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\cbXNDVLb.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\fjboyvlf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\igdpyp.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\iljayf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ioexowlc.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ocvrrltq.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ododsrtu.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\pmnnLBsT.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\pmnoLFxX.dll.vir.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\snrxdbuj.dll.vir.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\tborurln.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\vbzmgj.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wini104552664.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
2. ye tarattıgımda bu sefer seçileni kaldırabildi.
-
quote:
Orjinalden alıntı: recoill
Öncelikle avenger exeyi baska bir arkadasin PCye kurup atmasini rica ettim ordan calistirip kullandim hersey normaldi.
Cok guzel. Simdi bilgisayari yeniden baslatip bir HJ logu gonderir misin? -
Tekrar selam o20dekiyine cıktı
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:57:41, on 17.10.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: ashDisp.lnk = C:\Program Files\Alwil Software\Avast4\ashDisp.exe
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O20 - AppInit_DLLs: lprxaf.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 3502 bytes
-
quote:
Orjinalden alıntı: Golday
Fakat sisteme 2 virüs programı kurmak saglıklı degil bildigim kadarıyla
Bitdefender Online Tarama oldugu icin herhangi bir sorun olmaz. Yalnizca tarama sirasinda gecerli av programinizi devre disi birakin.
quote:
Orjinalden alıntı: linkin_park20
2. ye tarattıgımda bu sefer seçileni kaldırabildi.
Bir HJ logu alabilir miyim* -
buyrunuz:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:02, on 18.10.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PalickSoft\HDD Temperature\HDDTSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\PsCtrls.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe
C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\PsImSvc.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\pavsrv51.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\AVENGINE.EXE
c:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\878RMTMon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\PalickSoft\HDD Temperature\HDDTemperature.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\PavBckPT.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\admi\Desktop\VundoFix.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
D:\HiJackThis.exe
O4 - HKLM\..\Run: [High Definition Audio Özellik Sayfası Kısayolu] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\878RMTMon.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2009\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2009\Inicio.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: HDD temperature.lnk = C:\Program Files\PalickSoft\HDD Temperature\HDDTemperature.exe
O4 - Startup: Nikon Monitor.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.04\AMVConverter\grab.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.04\MediaManager\grab.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) -http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -http://linkinpark972.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) -http://cid-cb9aaab6c308a3d4.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) -http://www.live365.com/players/play365.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F551} (Flatcast Viewer 4.15) -http://www.flatcast.com/de/download/NpFv415.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{1056ED04-F5B7-4236-B645-513B70EE815D}: NameServer = 212.57.1.17,212.57.1.18,212.175.13.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{19AE2914-1E5D-4824-BC94-6F7C8CC12266}: NameServer = 212.57.1.17,212.57.1.18,212.175.13.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{22110FD4-E560-4CC7-B3F9-CA9A6A8590FB}: NameServer = 212.57.1.17,212.57.1.18,212.175.13.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{967B224A-EDFC-458A-8FBF-7AD55ED27F89}: NameServer = 212.57.1.17,212.57.1.18,212.175.13.116
O17 - HKLM\System\CS1\Services\Tcpip\..\{1056ED04-F5B7-4236-B645-513B70EE815D}: NameServer = 212.57.1.17,212.57.1.18,212.175.13.116
O17 - HKLM\System\CS2\Services\Tcpip\..\{1056ED04-F5B7-4236-B645-513B70EE815D}: NameServer = 212.57.1.17,212.57.1.18,212.175.13.116
O17 - HKLM\System\CS3\Services\Tcpip\..\{1056ED04-F5B7-4236-B645-513B70EE815D}: NameServer = 212.57.1.17,212.57.1.18,212.175.13.116
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HDD Temperature (HDDTService) - PalickSoft - C:\Program Files\PalickSoft\HDD Temperature\HDDTSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\pavsrv51.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\TPSrv.exe
--
End of file - 9942 bytes
-
En son hali
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:15:26, on 18.10.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\AIMP2\AIMP2.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: ashDisp.lnk = C:\Program Files\Alwil Software\Avast4\ashDisp.exe
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O20 - AppInit_DLLs: lprxaf.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 3157 bytes
-
quote:
Orjinalden alıntı: linkin_park20
buyrunuz:
Tebrikler. Hic bir sorun gozukmuyor. Son durum nasil bilgisayarda?
quote:
Orjinalden alıntı: recoill
En son hali
Guvenli Modda taratip 020 fixler misin? Daha sonar yeniden baslatip bir log daha al. -
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:27:08, on 18.10.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: ashDisp.lnk = C:\Program Files\Alwil Software\Avast4\ashDisp.exe
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 3002 bytes
Normale döndü sanirim Cok sagolasin
Ip işlemleri
Bu mesaj IP'si ile atılan mesajları ara Bu kullanıcının son IP'si ile atılan mesajları ara Bu mesaj IP'si ile kullanıcı ara Bu kullanıcının son IP'si ile kullanıcı ara
KAPAT X
Bu mesaj IP'si ile atılan mesajları ara Bu kullanıcının son IP'si ile atılan mesajları ara Bu mesaj IP'si ile kullanıcı ara Bu kullanıcının son IP'si ile kullanıcı ara
KAPAT X
