Yeni Kayıt
Konudaki Resimler
önceki
|
Hızlı 
Bildirim
HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+ (483. sayfa)
Sıcak Fırsatlarda Tıklananlar
Editörün Seçtiği Fırsatlar
Samsung Galaxy S24 Ultra 17,3 cm (6,8") 12 GB 256 GB Çift SIM Gri 5000 mAh : Amazon.com.tr: Elektronik
https://www.amazon.com.tr/dp/B0CNKGPSBM
10 sa. önce paylaşıldı
Daha Fazla 
Bu Konudaki Kullanıcılar:
Daha Az 
4 Misafir - 4 Masaüstü
Giriş
Mesaj
-
-
@merzitr
Ben size üstte çözümü belirttim ama siz uygulamıyorsunuz.Sisteminizi MalwareBytes ile komple taratın ve sonucu belirtin demiştim.Ad-Aware ve IOBIT 360 Security ile sisteminizi taratmanıza gerek yok.Hatta onları kaldırın. -
-Tcp ip Resetledim
-Winsock repair yaptım
-Yeniden başlattım
-MalvareBytes ile tarattım
-Şimdi bir tarama daha yapıyorum Hijack This ile sonra DNS ayarı yapacağım.
Yaptım; Son sonuçlar
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:16:38, on 08.05.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\RALINK\Common\RalinkRegistryWriter.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\Kutay Can Ağır\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kutay Can Ağır\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kutay Can Ağır\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kutay Can Ağır\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kutay Can Ağır\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kutay Can Ağır\Belgelerim\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Bağı Yardımı - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download using LeechGet - file://C:\Program Files\LeechGet 2009\\AddUrl.html
O8 - Extra context menu item: Download using LeechGet Wizard - file://C:\Program Files\LeechGet 2009\\Wizard.html
O8 - Extra context menu item: Parse with LeechGet - file://C:\Program Files\LeechGet 2009\\Parser.html
O9 - Extra button: Bunu Bloga Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Windows Live Writer içinde &Bunu Web Günlüğüne Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) -http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229862858625
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1229862547906
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) -http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.116.148,85.255.112.10
O17 - HKLM\System\CS3\Services\Tcpip\..\{28AE57B6-4FE5-4475-83A0-544709BBB98E}: NameServer = 85.255.116.148,85.255.112.10
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: NameServer = 85.255.114.34,85.255.112.9
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\RALINK\Common\RalinkRegistryWriter.exe
--
End of file - 9428 bytes
-
bunu da analiz eder misiniz?
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:13:22, on 08.05.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\VMSnap3.EXE
C:\WINDOWS\Domino.EXE
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
D:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\mspaint.exe
F:\CryptLoad_1.1.6\CryptLoad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://www.maxiwe.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://www.maxiwe.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.maxiwe.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
O4 - HKLM\..\Run: [HostControl] C:\Documents and Settings\Altın Elektronik\Application Data\HostControl.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [IDMan] D:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CurrentVersion] C:\RECYCLER\S-1-5-21-0324232222-888888379-781133308-1995\recyclebin.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Bütün linkleri IDM ile indir - D:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download link using &BitComet - res://D:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: FLV video içeriğini IDM ile indir - D:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: IDM ile indir - D:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Tüm Linkleri BitComet Kullanarak İndir - res://D:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Tüm Videoları BitComet Kullanarak İndir - res://D:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O9 - Extra button: Bunu Bloga Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Windows Live Writer içinde &Bunu Web Günlüğüne Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0BE25634-8514-4CDF-AF72-6560533E71D5} (SmartNet.WEB) -https://esube.bankasya.com.tr/BenimAsyamWeb/includes/cap/SmartNet.cab
O16 - DPF: {0FC8B38E-9293-424C-9D0E-CE60775679CF} (SubClassEditCtrlContainer Class) -https://sube.garanti.com.tr/lib/JaguarEditControl.CAB
O16 - DPF: {4975D552-DB29-4E77-BFDA-84B6E8B16304} (RTNetLauncher Control) -http://www.yapikrediyatirim.com.tr/RealTrade/RTNetLauncher.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238582132921
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AE821655-0487-4DE6-A96D-E0E760C168CC}: NameServer = 208.67.222.222,208.67.220.220
O22 - SharedTaskScheduler: Browseui önceden yükleyicisi - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Bileşen Katergorileri önbellek daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Güncelleme Hizmeti (gupdate1c9ceb16bf70e7a) (gupdate1c9ceb16bf70e7a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
--
End of file - 9138 bytes
-
@Macros
85.255.114.34,85.255.112.9
85.255.116.148,85.255.112.10
Bu DNS'ler hakkında bilginiz varmı ? Bu DNS'leri sizmi giriyorsunuz.Ve şuanda durum nasıl ?
@Ebrar21
O4 - HKCU\..\Run: [CurrentVersion] C:\RECYCLER\S-1-5-21-0324232222-888888379-781133308-1995\recyclebin.exe
O16 - DPF: {0BE25634-8514-4CDF-AF72-6560533E71D5} (SmartNet.WEB) -https://esube.bankasya.com.tr/BenimAsyamWeb/includes/cap/SmartNet.cab
O16 - DPF: {4975D552-DB29-4E77-BFDA-84B6E8B16304} (RTNetLauncher Control) -http://www.yapikrediyatirim.com.tr/RealTrade/RTNetLauncher.cab
O4 - HKLM\..\Run: [HostControl] C:\Documents and Settings\Altın Elektronik\Application Data\HostControl.exe
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
Satırlarını fix'leyip,MalwareBytes ile sisteminizi komple taratırmısınız.
-
Tekrar merhaba, güvenli kip te derin tarama yaptırdım, bu raporu verdi, istediğin buydu sanırım. Bide şimdi normal çalıştırmaya başladım bu proğram kendi kendine şunu gösterip duruyo sağ alttan, bilmem şu Ip siteye bağlanılması başarıyla engellendi diye bu bi anlam ifade edermi bilmiyorum. Tekrar saol kolay gelsin.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Veritabanı sürümü: 4052
Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385
08.05.2010 19:09:35
mbam-log-2010-05-08 (19-09-35).txt
Tarama kipi: Derin tarama (C:\|D:\|E:\|)
Taranmış öğeler: 307810
Geçen süre: 28 dakika, 41 saniye
Etkilenmiş Hafıza İşlemleri: 0
Etkilenmiş Hafıza Modülleri: 0
Etkilenmiş Kayıt Anahtarları: 4
Etkilenmiş Kayıt Değerleri: 1
Etkilenmiş Veri Öğeleri: 0
Etkilenmiş Klasörler: 0
Etkilenmiş Dosyalar: 4
Etkilenmiş Hafıza İşlemleri:
( Zararlı öğe tespit edilmedi)
Etkilenmiş Hafıza Modülleri:
( Zararlı öğe tespit edilmedi)
Etkilenmiş Kayıt Anahtarları:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f334c7b0-8774-4d5b-bd7a-4f448d03a1ae} (Adware.SkyLab) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{f334c7b0-8774-4d5b-bd7a-4f448d03a1ae} (Adware.SkyLab) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2863e737-dd3f-4280-9af8-e9e79c16f312} (Adware.SkyMediaPack) -> No action taken.
HKEY_CURRENT_USER\Software\SkyMedia (Adware.SkyMedia) -> No action taken.
Etkilenmiş Kayıt Değerleri:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iemapd8 (Adware.Agent.N) -> No action taken.
Etkilenmiş Veri Öğeleri:
( Zararlı öğe tespit edilmedi)
Etkilenmiş Klasörler:
( Zararlı öğe tespit edilmedi)
Etkilenmiş Dosyalar:
C:\Program Files (x86)\Master Audio Suite\license.exe (Trojan.MultiDropper) -> No action taken.
C:\Users\merzitr\Desktop\CoreCodec.CoreAVC.Professional.Edition.v2.0.0.0\KeyGen\KeyGen.exe (Trojan.Agent) -> No action taken.
C:\Users\merzitr\Desktop\Malwarebytes' Anti-Malware v1.46 Final\FFF-MBAM145.exe (Spyware.Banker) -> No action taken.
C:\Users\merzitr\AppData\Local\iemapd8\iemapd8.dll (Adware.Agent.N) -> No action taken.
-
@merzitr
Lütfen korsan yazılım kullanmamaya özen gösterin.Zaten MalwareBytes tarama amaçlı kullanım için idealdir paralı sürümüne gerek yoktur yani Free sürümü yeticektir.IP Engellemesi'nin bir zararı olmaz ama bu uyarılar çok rahatsız ederse MalwareBytes ayarlarından IP Korumasını kapatabilirsiniz.Peki şuan durum nasıl ?
< Bu mesaj bu kişi tarafından değiştirildi Guest-299648FEF -- 8 Mayıs 2010; 20:09:37 > -
S.a hocam öncelikle sorunum cpu nun %100 kullanılması bilgisayarımın performansı ve özellikleri yüksek olmasına ragmen online oynadıgım ko oyununu açtıgımda cpu %100 kullanıo we explorer da da aynı %100 cpu kullanıo haliyle oyunda takılmalar, internette takılmalar we herhangi bişey kullanmama izin wermiyor ve tarama yaptım hiç bir virüs trojen bulamadı.. log kayıtları aşagıda yardıım edersen sevinirim şimdiden tşkür. selametle..
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:44:12, on 08.05.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20583)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AC Tool\ACTool.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Admin\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = ^^ ShaneXP Lite ^^
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\Visual Style\Vdrive\vsdrv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - S-1-5-18 Startup: RocketDock.lnk = C:\WINDOWS\Visual Style\RocketDock\RocketDock.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: UberIcon.lnk = C:\WINDOWS\Visual Style\UberIcon\UberIcon Manager.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: Vdrive.lnk = C:\WINDOWS\Visual Style\Vdrive\vsdrv.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: WinInfo.lnk = C:\WINDOWS\Visual Style\WinInfo\wininfo.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: YzShadow.lnk = C:\WINDOWS\Visual Style\YzShadow\YzShadow.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: RocketDock.lnk = C:\WINDOWS\Visual Style\RocketDock\RocketDock.exe (User 'Default user')
O4 - .DEFAULT Startup: UberIcon.lnk = C:\WINDOWS\Visual Style\UberIcon\UberIcon Manager.exe (User 'Default user')
O4 - .DEFAULT Startup: Vdrive.lnk = C:\WINDOWS\Visual Style\Vdrive\vsdrv.exe (User 'Default user')
O4 - .DEFAULT Startup: WinInfo.lnk = C:\WINDOWS\Visual Style\WinInfo\wininfo.exe (User 'Default user')
O4 - .DEFAULT Startup: YzShadow.lnk = C:\WINDOWS\Visual Style\YzShadow\YzShadow.exe (User 'Default user')
O4 - .DEFAULT User Startup: RocketDock.lnk = C:\WINDOWS\Visual Style\RocketDock\RocketDock.exe (User 'Default user')
O4 - .DEFAULT User Startup: UberIcon.lnk = C:\WINDOWS\Visual Style\UberIcon\UberIcon Manager.exe (User 'Default user')
O4 - .DEFAULT User Startup: Vdrive.lnk = C:\WINDOWS\Visual Style\Vdrive\vsdrv.exe (User 'Default user')
O4 - .DEFAULT User Startup: WinInfo.lnk = C:\WINDOWS\Visual Style\WinInfo\wininfo.exe (User 'Default user')
O4 - .DEFAULT User Startup: YzShadow.lnk = C:\WINDOWS\Visual Style\YzShadow\YzShadow.exe (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) -http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F560} (Flatcast Viewer 5.2) -http://92.51.137.94/objects/NpFv522.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{83521A55-EABA-4ED0-8305-E7390DA94F88}: NameServer = 4.2.2.2,4.2.2.1
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 7340 bytes
< Bu mesaj bu kişi tarafından değiştirildi goldx_milo -- 9 Mayıs 2010; 0:02:19 >
-
sevgili arkadaŞLAR bilgisaayarımdan hiçbir verim alamaz oldum.Anamdan doğdum daha böyle bişey görmedim, antivirüsle ilgili hiç bir faaliyetime izin vermiyor. zınk kırmızılı çarpı işareti yok açamıyoruz yok bilmem ne en son kablosuzda bağlanamaz oldum, ama iyi bir ders oldu paralı sürüm bir anti virüs alacağım. neyse ocağınıza düştüm ne yapabiliriz d: yi formatlamak istemiyorum benim çocuğun doğumdan itibaren fotografları var.Yardım edenden etmeyenden Allah razı olsun.
yapabildiğim kadarı ile
hijackthis sonucu böyle
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:04:46, on 09.05.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\OGUZ HOCA\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\Program Files\AVEO\AVEO UVC Filter Driver Kit\AveoSTI.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\DOCUME~1\OGUZHO~1\LOCALS~1\Temp\afmal.exe
C:\DOCUME~1\OGUZHO~1\LOCALS~1\Temp\winggxwn.exe
C:\Documents and Settings\OGUZ HOCA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\OGUZ HOCA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\OGUZ HOCA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: winesm32.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O17 - HKLM\System\CCS\Services\Tcpip\..\{119E420D-1822-419F-8235-E555A14A1539}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{6AEC9ABE-D11B-4F89-8524-98CA932D5F17}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS1\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS2\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS3\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS4\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS5\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS6\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS7\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS8\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS9\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS10\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS11\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS12\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS13\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS14\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS15\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS16\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS17\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS18\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS19\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS20\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS21\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS22\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS23\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS24\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS25\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS26\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS27\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS28\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS29\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS30\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS31\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS32\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS33\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS34\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS35\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS36\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS37\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS38\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS39\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS40\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS41\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS42\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS43\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS44\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS45\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS46\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS47\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS48\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS49\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS50\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS51\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS52\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS53\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS54\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS55\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS56\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS57\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS58\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS59\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS60\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS61\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS62\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS63\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS64\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS65\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS66\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS67\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS68\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS69\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS70\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS71\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS72\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS73\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS74\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS75\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS76\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS77\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS78\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS79\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS80\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS81\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS82\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS83\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS84\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS85\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS86\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS87\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS88\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS89\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS90\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS91\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS92\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS93\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS94\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS95\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS96\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS97\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS98\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS99\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CS101\Services\Tcpip\..\{03C211E5-0F72-4D13-BA6C-97A9427FB655}: NameServer = 4.2.2.5,4.2.2.6
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: Eset Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
--
End of file - 14016 bytes
-
ayrıca bilgisayar yanmak üzere fan tarafından fırın kapağından gelen kokular gibi koku gelmeye başladı ayrıca laptop kullanıyorum -
@matetech
C:\DOCUME~1\OGUZHO~1\LOCALS~1\Temp\afmal.exe
C:\DOCUME~1\OGUZHO~1\LOCALS~1\Temp\winggxwn.exe
O4 - Startup: winesm32.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
Satırlarını fix'ledikten sonra,TCP/IP Repair programınla TCP/IP Repair ve Winsock Repair'a tıklayın.Programı kapatırken sisteminizi tekrardan başlatmak isticek kabul edin.Sisteminiz tekrar başladıktan sonra MalwareBytes ile sisteminizi komple taratın.Daha sonra Baslattan Çalıştır'a gpedit.msc yazın çalıştırın.Daha sonra Kullanıcı Yapılandırması > Yönetim Şablonları > Sistem > Sistem-Ctrl+Alt+Del Seçeneğine gelip buradan Görev Yöneticisini Devre Kaldir özelliklerinine tikliyoruz ve 3.yeri işaretliyoruz.Böylece Görev Yöneticisi'nide açmış oluyoruz.Daha sonra durumu bildiriniz.
-
yine aynı şekilde devre dışı bırakıldı diyor hocam -
varmı bi terslik :D
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 02:41:01, on 09.05.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Documents and Settings\SAMET\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\SAMET\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Documents and Settings\SAMET\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\eksplorasi.exe"
O1 - Hosts file is located at: C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts file is located at: C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
O1 - Hosts: <html lang='en'>
O1 - Hosts: <head>
O1 - Hosts: <meta name="description" content="Yahoo! GeoCities offers you a free web site and all the tools you need to build a dynamic site. Features include easy-to-use site building tools, online help, web site statistics, secure and reliable hosting, and an intuitive control panel.">
O1 - Hosts: <title>Yahoo! GeoCities: Get a web site with easy-to-use site building tools.</title>
O1 - Hosts: <link rel="stylesheet" type="text/css" media="all" href="http://l.yimg.com/a/combo?yui/2.5.2/build/reset-fonts-grids/reset-fonts-grids.css&smbiz/css/headfoot_6.css&smbiz/css/ysbs_glossary_1.css">
O1 - Hosts: <link rel="stylesheet" type="text/css" media="all" href="http://us.i1.yimg.com/us.yimg.com/lib/smbiz/css/geocities_84954.css">
O1 - Hosts: <style>
O1 - Hosts: h1 { line-height:30px;height:30px; padding-left:15px; font-weight:bold;font-size:1.6em;color:#1f296a;}
O1 - Hosts: .services li { margin-left:1.0em; padding-left:0.5em; background:url("http://l.yimg.com/a/lib/smbiz/i/geo_bullet_3x3_1.gif") no-repeat 0 0.5em; margin-bottom:0.5em;margin-left:1.5em;margin-right:0.5em;width:6em}
O1 - Hosts: .services li {float:left; width:17em; font-size:116%;margin-top:0.8em}
O1 - Hosts: .services { font-size:116%; padding-bottom:20px }
O1 - Hosts: .learnmore a {color:#2882DE;font-size:16px}
O1 - Hosts: .image_web {float:right; margin:15px 0 0 15px}
O1 - Hosts: p {margin:20px;font-size:1em;}
O1 - Hosts: h2 {margin:20px 0 0 20px;color:#1F296;font-weight:bold;font-size:1.25em;color:#1f296a;}
O1 - Hosts: h3 {margin:20px;color:#1F296;font-weight:bold;font-size:1.15em;color:#1f296a;}
O1 - Hosts: li.rule {border-top:solid 1px #DBE1E6;}
O1 - Hosts: </style>
O1 - Hosts: </head>
O1 - Hosts: <body>
O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE -->
O1 - Hosts: <div class="ez-mw" style ="height:900px;width:905px">
O1 - Hosts: <div class="ez-wri ez-oh" style="width:900px">
O1 - Hosts: <div class="ez-box">
O1 - Hosts: <link type="text/css" rel="stylesheet" href="http://l.yimg.com/a/lib/uh/15/css/uh-1.0.28.css">
O1 - Hosts: <style type="text/css">
O1 - Hosts: div#headerblock div{font-family:arial;}
O1 - Hosts: </style>
O1 - Hosts: <div id="ygma"><div id="ygmaheader"><div class="bd sp"><div id="ymenu" class="ygmaclr"><div id="mepanel"><ul id="mepanel-nav"><li class="me1"><em>New User? <a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://us.ard.yahoo.com/SIG=15u88cce2/M=650008.13654023.13693397.13153904/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098940/L=HzY9i9j8aIuVH8pzSp2qoCoWz37hF0qhZ1wABADc/B=RCQ9Atj8a20-/J=1252091740846210/K=88LB2KvJxEkW95HaZ4xf4Q/A=5836007/R=2/SIG=13j8rdsqp/*https://edit.yahoo.com/config/eval_register?.done=http://smallbusiness.yahoo.com%2findex.html&.src=smbiz&.intl=us" data-href="http://us.ard.yahoo.com/SIG=15u88cce2/M=650008.13654023.13693397.13153904/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098940/L=HzY9i9j8aIuVH8pzSp2qoCoWz37hF0qhZ1wABADc/B=RCQ9Atj8a20-/J=1252091740846210/K=88LB2KvJxEkW95HaZ4xf4Q/A=5836007/R=2/SIG=13j8rdsqp/*https://edit.yahoo.com/config/eval_register?.done=http://smallbusiness.yahoo.com%2findex.html&.src=smbiz&.intl=us">Sign Up</a></em></li><li class="me2"><a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://us.ard.yahoo.com/SIG=15u88cce2/M=650008.13654023.13693397.13153904/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098940/L=HzY9i9j8aIuVH8pzSp2qoCoWz37hF0qhZ1wABADc/B=RCQ9Atj8a20-/J=1252091740846210/K=88LB2KvJxEkW95HaZ4xf4Q/A=5836007/R=3/SIG=13cm6p12o/*https://login.yahoo.com/config/login?.done=http://geocities.yahoo.com&.src=smbiz&.intl=us" data-href="http://us.ard.yahoo.com/SIG=15u88cce2/M=650008.13654023.13693397.13153904/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098940/L=HzY9i9j8aIuVH8pzSp2qoCoWz37hF0qhZ1wABADc/B=RCQ9Atj8a20-/J=1252091740846210/K=88LB2KvJxEkW95HaZ4xf4Q/A=5836007/R=3/SIG=13cm6p12o/*https://login.yahoo.com/config/login?.done=http://geocities.yahoo.com&.src=smbiz&.intl=us">Sign In</a></li>
O1 - Hosts: <li class="me3"><a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=7/SIG=11hjute28/*http://help.yahoo.com/l/us/yahoo/geocities/" target="_top" title="Yahoo! Help Central" data-href="http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=7/SIG=11hjute28/*http://help.yahoo.com/l/us/yahoo/geocities/" target="_top" title="Yahoo! Help Central">Help</a></li>
O1 - Hosts: </ul></div><div id="ygmapromo"><a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://us.ard.yahoo.com/SIG=15vud5jbf/M=650008.13445975.13532322.12832737/D=smallbiz/S=2023010636:HPRM2/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=0Qw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5706923/R=0/SIG=117bakia1/*http://toolbar.yahoo.com/?.cpdl=ushdl" target="_top" data-href="http://us.ard.yahoo.com/SIG=15vud5jbf/M=650008.13445975.13532322.12832737/D=smallbiz/S=2023010636:HPRM2/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=0Qw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5706923/R=0/SIG=117bakia1/*http://toolbar.yahoo.com/?.cpdl=ushdl" target="_top">Get Yahoo! Toolbar<abbr title="Yahoo! Toolbar"></abbr></a>
O1 - Hosts: <script language=javascript>
O1 - Hosts: if(window.yzq_d==null)window.yzq_d=new Object();
O1 - Hosts: window.yzq_d['0Qw4Atj8a20-']='&U=13hn349r9%2fN%3d0Qw4Atj8a20-%2fC%3d650008.13445975.13532322.12832737%2fD%3dHPRM2%2fB%3d5706923%2fV%3d1';
O1 - Hosts: </script>
O1 - Hosts: <noscript><img width=1 height=1 alt="" src="http://us.bc.yahoo.com/b?P=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48&T=144j596l3%2fX%3d1252090825%2fE%3d2023010636%2fR%3dsmallbiz%2fK%3d5%2fV%3d2.1%2fW%3dH%2fY%3dYAHOO%2fF%3d1861688409%2fQ%3d-1%2fS%3d1%2fJ%3d8B68FCD8&U=13hn349r9%2fN%3d0Qw4Atj8a20-%2fC%3d650008.13445975.13532322.12832737%2fD%3dHPRM2%2fB%3d5706923%2fV%3d1"></noscript></div>
O1 - Hosts: <div id="pa"><div id="pa-wrapper"><ul id="pa2-nav" class="sp"><li class="pa1 sp"><a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=8/SIG=10jmd0d5u/*http://yahoo.com/" title="Yahoo!" target="_top" data-href="http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=8/SIG=10jmd0d5u/*http://yahoo.com/" title="Yahoo!" target="_top">Yahoo!</a></li><li class="pa2 sp"><a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=9/SIG=10n3m6b64/*http://mail.yahoo.com" title="Yahoo! Mail" target="_top" data-href="http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252098025/L=j.Ah_9j8aIuVH8pzSp2qoCg9z37hF0qhY8gACN48/B=zgw4Atj8a20-/J=1252090825225621/K=pmFpaSqI9UgVSmAu3nNNgw/A=5836006/R=9/SIG=10n3m6b64/*http://mail.yahoo.com" title="Yahoo! Mail" target="_top">Mail</a></li></ul><div id="pa-left" class="sp"></div><ul id="pa-nav" class="sp"><li class="pa3 sp"><a class="sp" href="http://us.ard.yahoo.com/SIG=15uqalioe/M=650008.13654021.13693393.13153902/D=smallbiz/S=2023010636:HEAD/Y=YAHOO/EXP=1252
O1 - Hosts: <script language=javascript>
O1 - Hosts: if(window.yzq_d==null)window.yzq_d=new Object();
O1 - Hosts: window.yzq_d['zgw4Atj8a20-']='&U=13gmetml2%2fN%3dzgw4Atj8a20-%2fC%3d650008.13654021.13693393.13153902%2fD%3dHEAD%2fB%3d5836006%2fV%3d1';
O1 - Hosts: </script>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: <div class="ez-wr" style="width:898px;margin-top:1.5em">
O1 - Hosts: <Div class="ez-l2a" id="wrapper">
O1 - Hosts: <div class="ez-l2a-1 " style="width:898px">
O1 - Hosts: <div class="ez-box">
O1 - Hosts: <div class="ez-wr" >
O1 - Hosts: <div class="ez-box" style="width:898px">
O1 - Hosts: <h1>Sorry, the GeoCities web site you were trying to reach is no longer available.</h1>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: <div class="ez-wr">
O1 - Hosts: <div class="ez-box" id="boxyahoourls">
O1 - Hosts: <p> GeoCities has closed, but there's a lot more to explore on Yahoo!</p>
O1 - Hosts: <h2>Visit one of these popular Yahoo! sites:</h2>
O1 - Hosts: <ul class= "services">
O1 - Hosts: <li><a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://mail.yahoo.com" data-href="http://mail.yahoo.com">Yahoo! Mail</a></li>
O1 - Hosts: <li><a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://smallbusiness.yahoo.com/webhosting" data-href="http://smallbusiness.yahoo.com/webhosting">Web Hosting</a></li>
O1 - Hosts: <li><a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://news.yahoo.com" data-href="http://news.yahoo.com">News</a></li>
O1 - Hosts: <li><a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://games.yahoo.com" data-href="http://games.yahoo.com">Games</a></li>
O1 - Hosts: <li><a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://sports.yahoo.com/" data-href="http://sports.yahoo.com/">Sports</a> </li>
O1 - Hosts: <li><a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://movies.yahoo.com" data-href="http://movies.yahoo.com">Movies</a></li>
O1 - Hosts: <li><a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://finance.yahoo.com" data-href="http://finance.yahoo.com">Finance</a></li>
O1 - Hosts: <li><a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://maps.yahoo.com" data-href="http://maps.yahoo.com">Maps</a></li>
O1 - Hosts: </ul>
O1 - Hosts: </div>
O1 - Hosts: <li class="rule"><!----></li>
O1 - Hosts: <p>The GeoCities site you were looking for may have been preserved in the Internet Archive's Wayback Machine. To find out, <a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://www.archive.org/web/web.php" target="_blank" data-href="http://www.archive.org/web/web.php" target="_blank">visit Archive.org</a> and enter the site's web address in the field provided.</p>
O1 - Hosts: <li class="rule"><!----></li>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: <div class="ez-wr">
O1 - Hosts: <div class="ez-box" style="text-align:center; margin-top:25px;">
O1 - Hosts: <font size="-2" face="verdana">Copyright © 2009 <a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://yahoo.com/" data-href="http://yahoo.com/">Yahoo!</a> Inc. All rights reserved.
O1 - Hosts: <ul>
O1 - Hosts: <li style="display:inline;"><a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://privacy.yahoo.com/privacy/us/geo/" data-href="http://privacy.yahoo.com/privacy/us/geo/">Privacy Policy</a></li> -
O1 - Hosts: <li style="display:inline;"><a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://docs.yahoo.com/info/copyright/copyright.html" data-href="http://docs.yahoo.com/info/copyright/copyright.html">Copyright Policy</a></li> -
O1 - Hosts: <li style="display:inline;"><a target="_top" href="http://docs.yahoo.com/info/guidelines/community.html">Guidelines</a
O1 - Hosts: ></li> -
O1 - Hosts: <li style="display:inline;"><a target="_top" href="http://smallbusiness.yahoo.com/tos/tos.php">Terms of Service
O1 - Hosts: </a></li> -
O1 - Hosts: <li style="display:inline;"><a data-test="test" rel="nofollow" style="word-wrap: break-word; text-decoration: underline;" target="_blank" onclick="return dhExternalLinkRedirect(this)" href="/ExternalLinkRedirect?module=pgdcode&messageId=39638359&url=http://help.yahoo.com/help/us/geo/" data-href="http://help.yahoo.com/help/us/geo/">Help</a></li>
O1 - Hosts: </ul>
O1 - Hosts: </font>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: </body>
O1 - Hosts: </html>
O1 - Hosts: <!-- text below generated by server. PLEASE REMOVE --></object></layer></div></span></style></noscript></table></script></applet>
O1 - Hosts: <IMG SRC="http://geo.yahoo.com/serv?s=19190039&t=1272629869&f=us-w2" ALT=1 WIDTH=1 HEIGHT=1>
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Bron-Spizaetus] "C:\WINDOWS\ShellNew\bronstab.exe"
O4 - HKCU\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Empty.pif = ?
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{2761FF08-A2B0-436D-BB9F-3C8C3E73FAEA}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{2761FF08-A2B0-436D-BB9F-3C8C3E73FAEA}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{2761FF08-A2B0-436D-BB9F-3C8C3E73FAEA}: NameServer = 8.8.8.8,8.8.4.4
O22 - SharedTaskScheduler: Browseui önceden yükleyicisi - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Bileşen Katergorileri önbellek daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
--
End of file - 13177 bytes
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:01:22, on 09.05.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\VM303_STI.EXE
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\GlobespanVirata\Adsl\dslstat.exe
C:\Program Files\GlobespanVirata\Adsl\dslagent.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\xp\Belgelerim\Karşıdan Yüklenenler\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://search.localstrike.com.ar/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://search.localstrike.com.ar/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://search.localstrike.com.ar/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
R3 - URLSearchHook: Messenger Plus Live Turkey Toolbar - {15aa633e-1112-41ae-81d2-765a2cc0cc45} - C:\Program Files\Messenger_Plus_Live_Turkey\tbMess.dll
O1 - Hosts: YOUTUBE JACKER Ozkan ATA
O1 - Hosts: 208.117.236.70 youtube.com
O1 - Hosts: 208.117.236.70www.youtube.com
O1 - Hosts: 74.125.65.118 img.youtube.com
O1 - Hosts: 74.125.13.80 v1.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.83 v2.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.86 v3.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.89 v4.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.92 v5.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.95 v6.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.98 v7.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.101 v8.lscache1.c.youtube.com
O1 - Hosts: 74.125.97.17 v9.lscache1.c.youtube.com
O1 - Hosts: 74.125.97.84 v10.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.87 v11.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.90 v12.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.93 v13.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.96 v14.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.99 v15.lscache1.c.youtube.com
O1 - Hosts: 74.125.97.38 v16.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.82 v17.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.85 v18.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.88 v19.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.91 v20.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.94 v21.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.97 v22.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.100 v23.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.103 v24.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.80 v1.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.83 v2.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.86 v3.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.89 v4.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.92 v5.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.95 v6.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.98 v7.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.101 v8.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.81 v9.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.84 v10.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.87 v11.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.90 v12.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.93 v13.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.96 v14.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.99 v15.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.102 v16.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.82 v17.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.85 v18.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.88 v19.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.91 v20.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.94 v21.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.97 v22.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.100 v23.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.103 v24.lscache2.c.youtube.com
O1 - Hosts: 74.125.99.80 v1.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.83 v2.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.86 v3.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.89 v4.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.92 v5.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.95 v6.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.98 v7.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.101 v8.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.81 v9.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.84 v10.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.87 v11.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.90 v12.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.93 v13.lscache3.c.youtube.com
O1 - Hosts: 74.125.97.32 v14.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.99 v15.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.102 v16.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.82 v17.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.85 v18.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.88 v19.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.91 v20.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.94 v21.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.97 v22.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.100 v23.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.103 v24.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.80 v1.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.83 v2.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.86 v3.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.89 v4.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.92 v5.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.95 v6.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.98 v7.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.101 v8.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.81 v9.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.84 v10.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.87 v11.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.90 v12.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.93 v13.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.96 v14.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.99 v15.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.102 v16.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.82 v17.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.85 v18.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.88 v19.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.91 v20.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.94 v21.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.97 v22.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.100 v23.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.103 v24.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.16 v1.lscache5.c.youtube.com
O2 - BHO: Messenger Plus Live Turkey Toolbar - {15aa633e-1112-41ae-81d2-765a2cc0cc45} - C:\Program Files\Messenger_Plus_Live_Turkey\tbMess.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Messenger Plus Live Turkey Toolbar - {15aa633e-1112-41ae-81d2-765a2cc0cc45} - C:\Program Files\Messenger_Plus_Live_Turkey\tbMess.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\GlobespanVirata\Adsl\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\GlobespanVirata\Adsl\dslagent.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ServerList.lnk = C:\Program Files\Valve\platform\config\otomatik_list.exe
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BA676CB-BF1B-4388-93C4-2858006F90FF}: NameServer = 4.2.2.2,4.2.2.3
O17 - HKLM\System\CCS\Services\Tcpip\..\{D127770B-3BDA-401A-A0C8-2ABE5DDEFFA9}: NameServer = 195.175.39.40 195.175.39.39
O17 - HKLM\System\CS1\Services\Tcpip\..\{2BA676CB-BF1B-4388-93C4-2858006F90FF}: NameServer = 4.2.2.2,4.2.2.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{2BA676CB-BF1B-4388-93C4-2858006F90FF}: NameServer = 4.2.2.2,4.2.2.3
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 11212 bytes
Umarım Yardımcı Olursun Tskler Sımdıden
-
@matetech
Sisteminizi birde A-Squared ile taratırmısınız.
@ssametalkis
F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\eksplorasi.exe"
O4 - HKLM\..\Run: [Bron-Spizaetus] "C:\WINDOWS\ShellNew\bronstab.exe"
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
Satırlarını fix'leyiniz.
HostXpert programıyla hosts dosyanızı restore edin.Ayrıca sisteminizi MalwareBytes ile komple taratın.Daha sonra durumu bildiriniz.Sisteminizde çok zararlı var.
@rubarxx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://search.localstrike.com.ar/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://search.localstrike.com.ar/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://search.localstrike.com.ar/
R3 - URLSearchHook: Messenger Plus Live Turkey Toolbar - {15aa633e-1112-41ae-81d2-765a2cc0cc45} - C:\Program Files\Messenger_Plus_Live_Turkey\tbMess.dll
O2 - BHO: Messenger Plus Live Turkey Toolbar - {15aa633e-1112-41ae-81d2-765a2cc0cc45} - C:\Program Files\Messenger_Plus_Live_Turkey\tbMess.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O3 - Toolbar: Messenger Plus Live Turkey Toolbar - {15aa633e-1112-41ae-81d2-765a2cc0cc45} - C:\Program Files\Messenger_Plus_Live_Turkey\tbMess.dll
Satırlarını fix'leyiniz.Daha sonra HostXpert programıyla hosts dosyanızı restore edin.Ve sisteminizi MalwareBytes ile komple taratın.
< Bu mesaj bu kişi tarafından değiştirildi Guest-299648FEF -- 9 Mayıs 2010; 15:23:55 >
-
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:34:59, on 09.05.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 3\defragmonitorservice.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 3\defragActivityMonitor.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\System32\dvmurl.dll
O1 - Hosts: 174.36.12.48 forumtr.com
O1 - Hosts: 174.36.12.48www.forumtr.com
O1 - Hosts: 174.36.21.104 terbiyesiz.net
O1 - Hosts: 174.36.21.104www.terbiyesiz.net
O1 - Hosts: 174.36.21.116 divxevi.com
O1 - Hosts: 174.36.21.116 mp3hanesi.org
O1 - Hosts: 174.36.21.116www.divxevi.com
O1 - Hosts: 174.36.21.116www.mp3hanesi.org
O1 - Hosts: 174.36.21.72 terbiyesiz.net
O1 - Hosts: 174.36.21.72www.terbiyesiz.net
O1 - Hosts: 174.36.21.82 mp3hanesi.org
O1 - Hosts: 174.36.21.82 mp3yap.com
O1 - Hosts: 174.36.21.82www.mp3hanesi.org
O1 - Hosts: 174.36.21.82www.mp3yap.com
O1 - Hosts: 174.36.21.87 supercep.org
O1 - Hosts: 174.36.21.87www.supercep.org
O1 - Hosts: 174.36.30.143 terbiyesiz.net
O1 - Hosts: 174.36.30.143www.terbiyesiz.net
O1 - Hosts: 192.121.86.15 piratebay.org
O1 - Hosts: 192.121.86.15 thepiratebay.org
O1 - Hosts: 192.121.86.15www.piratebay.org
O1 - Hosts: 192.121.86.15www.thepiratebay.org
O1 - Hosts: 193.200.241.150 bitturk.com
O1 - Hosts: 193.200.241.150www.bitturk.com
O1 - Hosts: 195.226.152.89 superbahis.com
O1 - Hosts: 195.226.152.89www.superbahis.com
O1 - Hosts: 195.27.154.42 justin.tv
O1 - Hosts: 195.27.154.42www.justin.tv
O1 - Hosts: 195.27.154.83 justin.tv
O1 - Hosts: 195.27.154.83www.justin.tv
O1 - Hosts: 195.47.247.122 footballonsat.com
O1 - Hosts: 195.47.247.122www.footballonsat.com
O1 - Hosts: 195.72.134.100 bwin.com
O1 - Hosts: 195.72.134.100www.bwin.com
O1 - Hosts: 195.72.134.143 poker.bwin.com
O1 - Hosts: 195.72.134.61 help.bwin.com
O1 - Hosts: 195.72.135.28www.bwin.com
O1 - Hosts: 195.72.135.41 bwin.com
O1 - Hosts: 195.72.135.41www.bwin.com
O1 - Hosts: 195.72.135.47 home.bwin.com
O1 - Hosts: 195.72.135.55 casino.bwin.com
O1 - Hosts: 195.72.135.59 games.bwin.com
O1 - Hosts: 195.72.135.65 poker.bwin.com
O1 - Hosts: 195.8.215.136 dailymotion.com
O1 - Hosts: 195.8.215.136www.dailymotion.com
O1 - Hosts: 195.8.215.137 dailymotion.com
O1 - Hosts: 195.8.215.137www.dailymotion.com
O1 - Hosts: 195.8.215.138 dailymotion.com
O1 - Hosts: 195.8.215.138www.dailymotion.com
O1 - Hosts: 195.8.215.139 dailymotion.com
O1 - Hosts: 195.8.215.139www.dailymotion.com
O1 - Hosts: 195.87.101.81 umitbayraktar.com
O1 - Hosts: 199.9.249.10 live.justin.tv
O1 - Hosts: 199.9.249.10www.live.justin.tv
O1 - Hosts: 199.9.249.11 live.justin.tv
O1 - Hosts: 199.9.249.11www.live.justin.tv
O1 - Hosts: 199.9.249.23 justin.tv
O1 - Hosts: 199.9.249.23 live.justin.tv
O1 - Hosts: 199.9.249.23 static-cdn.justin.tv
O1 - Hosts: 199.9.249.23www.justin.tv
O1 - Hosts: 199.9.249.23www.live.justin.tv
O1 - Hosts: 199.9.249.23www.static-cdn.justin.tv
O1 - Hosts: 199.9.249.38 live.justin.tv
O1 - Hosts: 199.9.249.7 ad.justin.tv
O1 - Hosts: 199.9.249.7 justin.tv
O1 - Hosts: 199.9.249.7www.justin.tv
O1 - Hosts: 199.9.251.3 live.justin.tv
O1 - Hosts: 199.9.251.3www.live.justin.tv
O1 - Hosts: 199.9.251.4 live.justin.tv
O1 - Hosts: 199.9.251.4www.live.justin.tv
O1 - Hosts: 199.9.251.5 live.justin.tv
O1 - Hosts: 199.9.251.5www.live.justin.tv
O1 - Hosts: 205.139.209.236 ddfcash.com
O1 - Hosts: 205.139.209.236www.ddfcash.com
O1 - Hosts: 205.188.216.8 shoutcast.com
O1 - Hosts: 205.188.216.8www.shoutcast.com
O1 - Hosts: 205.188.234.120 shoutcast.com
O1 - Hosts: 205.188.234.120www.shoutcast.com
O1 - Hosts: 205.188.234.120 yp.shoutcast.com
O1 - Hosts: 205.196.211.116www.indirge.com
O1 - Hosts: 207.200.100.5 shoutcast.com
O1 - Hosts: 207.200.100.5www.shoutcast.com
O1 - Hosts: 207.200.98.25 yp.shoutcast.com
O1 - Hosts: 207.246.153.235 tube8live.com
O1 - Hosts: 207.246.153.235www.tube8live.com
O1 - Hosts: 207.246.153.236 tube8live.com
O1 - Hosts: 207.246.153.236www.tube8live.com
O1 - Hosts: 208.38.188.130 1001kitap.com
O1 - Hosts: 208.38.188.130www.1001kitap.com
O1 - Hosts: 208.53.166.202 muziksitem.be
O1 - Hosts: 208.53.166.202www.muziksitem.be
O1 - Hosts: 208.72.33.133 imeem.com
O1 - Hosts: 208.72.33.133www.imeem.com
O1 - Hosts: 208.72.33.142 imeem.com
O1 - Hosts: 208.72.33.142www.imeem.com
O1 - Hosts: 208.73.210.121 imbd.com
O1 - Hosts: 208.73.210.121www.imbd.com
O1 - Hosts: 208.73.210.50 mp3kalbi.com
O1 - Hosts: 208.73.210.50www.mp3kalbi.com
O1 - Hosts: 208.88.224.68 media11.tube8.com
O1 - Hosts: 208.88.224.68www.media11.tube8.com
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Local Service')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Local Service')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Web Printing göster veya gizle - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{DAAE36D6-7D52-4904-8B93-BE1FF24EFE82}: NameServer = 208.67.222.222,208.67.220.220
O20 - Winlogon Notify: DfLogon - LogonDll.dll (file missing)
O23 - Service: Ashampoo Defrag Service - Unknown owner - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 3\defragservice.exe
O23 - Service: ASO3DiskOptimizer - Systweak Inc. - C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - F:\recovery\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe
O23 - Service: DFServ - Faronics Corporation - C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: VMLiteService - VMLite, Inc. - C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe
--
End of file - 10661 bytes
Bilgisayarımda son günlerde bir yavaşlama var virüs olmasından şüpheleniyorum. Yorumlarsanız sevinirim.
-
@karasahin07
HostXpert programıyla hosts dosyanızı restore edin.Ve sisteminizi MalwareBytes ile komple taratırmısınız.
< Bu mesaj bu kişi tarafından değiştirildi Guest-299648FEF -- 9 Mayıs 2010; 16:59:10 > -
@innhibitor
C:\Program Files\Aveo\Attune\bin\attune_ce.exe
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} -http://cdn.scan.onecare.live.com/resource/download/scanner/tr-tr/wlscctrl2.cab
Satırlarını fix'leyiniz.MalwareBytes ile sisteminizi komple taratırmısınız. -
Eğer alakasızsa lütfen kusura bakma, daha önce dediğin gibi tüm sistemi dediğin proğramla derin tarama yaptırdım bişey bulunmadı, bi süre güzel hiç bi sorun yk tu daha sonra yine internet yavaşlamaya başladı, bende bütün internet bağlantıları kapalıyken başka biyerde gördüğüm alttaki komutu uyguladım, sonuç aşşağıda sanırım sürekli port açan bi virüse sahibim, bunun için yapabileceğim bişey varmı çare formatmı, şimdiye kadarki yardımların için tekrar teşekkürler.
Microsoft Windows [Sürüm 6.1.7600]
Telif Hakkı (c) 2009 Microsoft Corporation. Tüm hakları saklıdır.
C:\Users\merzitr>netstat
Etkin Bağlantılar
İl.Kr. Yerel Adres Yabancı Adres Durum
TCP 127.0.0.1:1110 merzitr-merzitr:49160 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:49186 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:49190 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:49192 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:49194 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:49211 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:49215 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:49227 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:49301 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:49310 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:49349 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:49389 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:49435 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:49481 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:49507 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:49569 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:49815 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50039 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50329 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50337 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50339 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50341 TIME_WAIT
TCP 127.0.0.1:1110 merzitr-merzitr:50351 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50356 TIME_WAIT
TCP 127.0.0.1:1110 merzitr-merzitr:50360 TIME_WAIT
TCP 127.0.0.1:1110 merzitr-merzitr:50361 TIME_WAIT
TCP 127.0.0.1:1110 merzitr-merzitr:50369 TIME_WAIT
TCP 127.0.0.1:1110 merzitr-merzitr:50377 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50379 TIME_WAIT
TCP 127.0.0.1:1110 merzitr-merzitr:50381 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50387 TIME_WAIT
TCP 127.0.0.1:1110 merzitr-merzitr:50388 TIME_WAIT
TCP 127.0.0.1:1110 merzitr-merzitr:50389 TIME_WAIT
TCP 127.0.0.1:1110 merzitr-merzitr:50390 TIME_WAIT
TCP 127.0.0.1:1110 merzitr-merzitr:50391 TIME_WAIT
TCP 127.0.0.1:1110 merzitr-merzitr:50401 TIME_WAIT
TCP 127.0.0.1:1110 merzitr-merzitr:50407 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50409 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50411 TIME_WAIT
TCP 127.0.0.1:1110 merzitr-merzitr:50413 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50416 TIME_WAIT
TCP 127.0.0.1:1110 merzitr-merzitr:50443 TIME_WAIT
TCP 127.0.0.1:1110 merzitr-merzitr:50480 TIME_WAIT
TCP 127.0.0.1:1110 merzitr-merzitr:50511 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50515 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50519 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50523 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50527 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50529 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50533 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50535 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50537 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50543 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50545 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50549 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50550 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50553 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50554 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50557 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50559 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50561 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50562 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50565 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50567 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50569 ESTABLISHED
TCP 127.0.0.1:1110 merzitr-merzitr:50570 TIME_WAIT
TCP 127.0.0.1:1110 merzitr-merzitr:50573 ESTABLISHED
TCP 127.0.0.1:49160 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:49186 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:49190 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:49192 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:49194 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:49211 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:49215 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:49227 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:49301 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:49310 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:49349 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:49389 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:49435 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:49481 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:49507 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:49569 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:49815 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50039 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50329 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50337 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50339 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50351 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50367 merzitr-merzitr:nfsd-status TIME_WAIT
TCP 127.0.0.1:50377 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50381 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50407 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50409 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50413 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50427 merzitr-merzitr:nfsd-status TIME_WAIT
TCP 127.0.0.1:50453 merzitr-merzitr:nfsd-status TIME_WAIT
TCP 127.0.0.1:50511 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50515 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50519 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50523 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50527 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50529 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50533 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50535 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50537 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50543 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50545 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50549 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50550 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50553 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50554 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50557 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50559 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50561 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50562 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50565 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50567 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50569 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 127.0.0.1:50573 merzitr-merzitr:nfsd-status ESTABLISHED
TCP 192.168.1.2:49161 mu-in-f138:http ESTABLISHED
TCP 192.168.1.2:49187 pz-in-f139:http ESTABLISHED
TCP 192.168.1.2:49191 mu-in-f102:http ESTABLISHED
TCP 192.168.1.2:49193 mu-in-f102:http ESTABLISHED
TCP 192.168.1.2:49195 mu-in-f148:http ESTABLISHED
TCP 192.168.1.2:49212 mu-in-f100:http ESTABLISHED
TCP 192.168.1.2:49216 mu-in-f148:http ESTABLISHED
TCP 192.168.1.2:49228 pz-in-f139:http ESTABLISHED
TCP 192.168.1.2:49302 bw-in-f118:http ESTABLISHED
TCP 192.168.1.2:49312 bw-in-f118:http ESTABLISHED
TCP 192.168.1.2:49350 mu-in-f100:http ESTABLISHED
TCP 192.168.1.2:49390 mu-in-f113:http ESTABLISHED
TCP 192.168.1.2:49436 mu-in-f113:http ESTABLISHED
TCP 192.168.1.2:49482 bw-in-f118:http ESTABLISHED
TCP 192.168.1.2:49508 mu-in-f138:http ESTABLISHED
TCP 192.168.1.2:49570 mu-in-f106:http ESTABLISHED
TCP 192.168.1.2:49816 bw-in-f118:http ESTABLISHED
TCP 192.168.1.2:50040 bw-in-f118:http ESTABLISHED
TCP 192.168.1.2:50128 mu-in-f102:http TIME_WAIT
TCP 192.168.1.2:50220 bw-in-f138:http TIME_WAIT
TCP 192.168.1.2:50282 mu-in-f102:http TIME_WAIT
TCP 192.168.1.2:50286 mu-in-f102:http TIME_WAIT
TCP 192.168.1.2:50292 mu-in-f102:http TIME_WAIT
TCP 192.168.1.2:50323 194.221.68.25:http TIME_WAIT
TCP 192.168.1.2:50330 mu-in-f106:http ESTABLISHED
TCP 192.168.1.2:50338 mu-in-f148:http ESTABLISHED
TCP 192.168.1.2:50340 mu-in-f154:http ESTABLISHED
TCP 192.168.1.2:50352 bw-in-f118:http ESTABLISHED
TCP 192.168.1.2:50378 mu-in-f148:http ESTABLISHED
TCP 192.168.1.2:50382 mu-in-f154:http ESTABLISHED
TCP 192.168.1.2:50408 mu-in-f149:http ESTABLISHED
TCP 192.168.1.2:50410 bw-in-f118:http ESTABLISHED
TCP 192.168.1.2:50414 bw-in-f118:http ESTABLISHED
TCP 192.168.1.2:50438 72.21.202.165:http TIME_WAIT
TCP 192.168.1.2:50440 bw-in-f148:http TIME_WAIT
TCP 192.168.1.2:50503 82.129.37.26:http TIME_WAIT
TCP 192.168.1.2:50512 208.117.241.219:http ESTABLISHED
TCP 192.168.1.2:50518 195.27.182.26:http ESTABLISHED
TCP 192.168.1.2:50522 208.117.244.144:http ESTABLISHED
TCP 192.168.1.2:50525 208.117.241.102:http ESTABLISHED
TCP 192.168.1.2:50528 65.55.227.140:http ESTABLISHED
TCP 192.168.1.2:50532 208.117.241.217:http ESTABLISHED
TCP 192.168.1.2:50534 65.55.227.140:http ESTABLISHED
TCP 192.168.1.2:50536 208.117.244.210:http ESTABLISHED
TCP 192.168.1.2:50539 208.117.241.101:http ESTABLISHED
TCP 192.168.1.2:50544 65.55.227.140:http ESTABLISHED
TCP 192.168.1.2:50546 204.246.232.18:http ESTABLISHED
TCP 192.168.1.2:50551 208.117.241.213:http ESTABLISHED
TCP 192.168.1.2:50552 208.117.241.213:http ESTABLISHED
TCP 192.168.1.2:50555 208.117.241.99:http ESTABLISHED
TCP 192.168.1.2:50556 208.117.241.99:http ESTABLISHED
TCP 192.168.1.2:50558 208.117.244.153:http ESTABLISHED
TCP 192.168.1.2:50560 208.117.244.153:http ESTABLISHED
-
@merzitr
İnternet bağlantınızın yavaşlaması büyük olasılık servis sağlayıcısından,bunun için format atmanıza gerek yok.Servis sağlayıcınızı ararsanız bulunduğunuz bölgede arıza olup olmadığını söylerler.
< Bu mesaj bu kişi tarafından değiştirildi Guest-299648FEF -- 10 Mayıs 2010; 16:30:01 >
Ip işlemleri
Bu mesaj IP'si ile atılan mesajları ara Bu kullanıcının son IP'si ile atılan mesajları ara Bu mesaj IP'si ile kullanıcı ara Bu kullanıcının son IP'si ile kullanıcı ara
KAPAT X
Bu mesaj IP'si ile atılan mesajları ara Bu kullanıcının son IP'si ile atılan mesajları ara Bu mesaj IP'si ile kullanıcı ara Bu kullanıcının son IP'si ile kullanıcı ara
KAPAT X
