HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+

serji · 2006-09-23T14:40:42.0000000+03:00

ÖNEMLİ: Sizlerden ricam yalnızca çok acil ve ihtiyacı olanların loglarını buraya göndermesi. Bunun dışındakiler http://www.hijackthis.de/en sayfasından tarama yaptırıp sonuçları alabilirler. http://www.buraksonmez.com/dosyalar/HiJackThis.exe * Programı masaüstünüze indirin. * Programı çift tıklayarak açın. * Do a system scan and save a log file seçeneğine tıklayın. Bilgisayarınız taranacak ve masaüstünüzde hijackthis.txt adında bir dosya oluşacaktır. O dosyayı mesajınıza ekleyerek gönderin. * Mesajınızda sorununuzu kısa da olsa bir şekilde belirtin. Hiç bir şekilde yorum yapılmayan, sadece log içeren mesajlar yanıtlanmayacaktır . * Logları gönderirken lütfen code etiketleri arasına alarak yollayın. Bunları kullanmadığınız takdirde sayfalar çok uzuyor ve hoş olmayan bir görüntünün oluşmasının yanında, logları okumak ve takip etmek de zorlaşıyor. code etiketleri arasına alınmayan mesajlar yanıtlanmayacaktır . NOT: Lütfen işlemlerden önce eğer önemli verileriniz varsa yedek alın. Bazen özellikle de ağır virüsler bulaşan sistemlerde istenmeyen sonuçlar oluşabiliyor. Bu gibi durumlarda sorumlu kullanıcının kendisidir. NOT1: Logları bıraktığınızda gecikmeli cevap yazabilirim. Lütfen biraz sabırlı olun. En kısa zamanda cevap vermeye çalışıyorum. Genelde toplu olarak cevap yazıyorum haftada bir kontrol ederek. Eğer toplu cevapları dikkatlice inceledikten sonra mesajınıza cevap yazılmadığını görürseniz tekrar gönderebilirsiniz.

aliemreyegin

Binbaşı

1660 Mesaj

Tüm Başarılarını Gör

walal bnim pc çok ağır bi yardım etsen:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:52:57, on 18.08.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Documents and Settings\ALi Emre\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://search.localstrike.com.ar/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://search.localstrike.com.ar/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =ftp://aliemreyegin.al.funpic.de/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O1 - Hosts: 68.178.232.99 sikisvid.com
O1 - Hosts: 74.125.47.138 translate.google.com
O1 - Hosts: 74.125.47.138 translate.google.com.tr
O1 - Hosts: 74.125.159.138 clients1.google.com
O1 - Hosts: 74.125.159.138 clients1.google.com.tr
O1 - Hosts: 74.125.65.139 docs.google.com
O1 - Hosts: 74.125.65.139 docs.google.com.tr
O1 - Hosts: 74.125.47.138 feedburner.google.com
O1 - Hosts: 74.125.47.138 feedburner.google.com.tr
O1 - Hosts: 74.125.67.101 youtube.com
O1 - Hosts: 74.125.67.101www.youtube.com
O1 - Hosts: 74.125.47.138 groups.google.com.tr
O1 - Hosts: 74.125.47.138 groups.google.com
O1 - Hosts: 74.125.47.138 sites.google.com
O1 - Hosts: 74.125.47.138 sites.google.com.tr
O1 - Hosts: 74.125.47.138 video.google.com
O1 - Hosts: 74.125.47.138 video.google.com.tr
O1 - Hosts: 74.125.47.138 books.google.com.tr
O1 - Hosts: 74.125.157.147 analytics.google.com
O1 - Hosts: 74.125.157.147 analytics.google.com.tr
O1 - Hosts: 74.125.45.138 toolbar.google.com
O1 - Hosts: 74.125.45.138 toolbar.google.com.tr
O1 - Hosts: 74.125.45.138 earth.google.com
O1 - Hosts: 74.125.45.138 earth.google.com.tr
O1 - Hosts: 74.125.45.147 google-analytics.com
O1 - Hosts: 74.125.45.147www.google-analytics.com
O1 - Hosts: 74.125.45.147 google-analytics.com
O1 - Hosts: 74.125.45.147www.google-analytics.com
O1 - Hosts: 74.125.45.138 pages.google.com
O1 - Hosts: 74.125.45.138 pages.google.com.tr
O1 - Hosts: 74.125.157.102 www-google-analytics.l.google.com
O1 - Hosts: 68.178.232.99 sikisvid.com
O1 - Hosts: 74.125.47.138 translate.google.com
O1 - Hosts: 74.125.47.138 translate.google.com.tr
O1 - Hosts: 74.125.159.138 clients1.google.com
O1 - Hosts: 74.125.159.138 clients1.google.com.tr
O1 - Hosts: 74.125.65.139 docs.google.com
O1 - Hosts: 74.125.65.139 docs.google.com.tr
O1 - Hosts: 74.125.47.138 feedburner.google.com
O1 - Hosts: 74.125.47.138 feedburner.google.com.tr
O1 - Hosts: 74.125.67.101 youtube.com
O1 - Hosts: 74.125.67.101www.youtube.com
O1 - Hosts: 74.125.47.138 groups.google.com.tr
O1 - Hosts: 74.125.47.138 groups.google.com
O1 - Hosts: 74.125.47.138 sites.google.com
O1 - Hosts: 74.125.47.138 sites.google.com.tr
O1 - Hosts: 74.125.47.138 video.google.com
O1 - Hosts: 74.125.47.138 video.google.com.tr
O1 - Hosts: 74.125.47.138 books.google.com.tr
O1 - Hosts: 74.125.157.147 analytics.google.com
O1 - Hosts: 74.125.157.147 analytics.google.com.tr
O1 - Hosts: 74.125.45.138 toolbar.google.com
O1 - Hosts: 74.125.45.138 toolbar.google.com.tr
O1 - Hosts: 74.125.45.138 earth.google.com
O1 - Hosts: 74.125.45.138 earth.google.com.tr
O1 - Hosts: 74.125.45.147 google-analytics.com
O1 - Hosts: 74.125.45.147www.google-analytics.com
O1 - Hosts: 74.125.45.147 google-analytics.com
O1 - Hosts: 74.125.45.147www.google-analytics.com
O1 - Hosts: 74.125.45.138 pages.google.com
O1 - Hosts: 74.125.45.138 pages.google.com.tr
O1 - Hosts: 74.125.157.102 www-google-analytics.l.google.com
O1 - Hosts: 68.178.232.99 sikisvid.com
O1 - Hosts: 74.125.47.138 translate.google.com
O1 - Hosts: 74.125.47.138 translate.google.com.tr
O1 - Hosts: 74.125.159.138 clients1.google.com
O1 - Hosts: 74.125.159.138 clients1.google.com.tr
O1 - Hosts: 74.125.65.139 docs.google.com
O1 - Hosts: 74.125.65.139 docs.google.com.tr
O1 - Hosts: 74.125.47.138 feedburner.google.com
O1 - Hosts: 74.125.47.138 feedburner.google.com.tr
O1 - Hosts: 74.125.67.101 youtube.com
O1 - Hosts: 74.125.67.101www.youtube.com
O1 - Hosts: 74.125.47.138 groups.google.com.tr
O1 - Hosts: 74.125.47.138 groups.google.com
O1 - Hosts: 74.125.47.138 sites.google.com
O1 - Hosts: 74.125.47.138 sites.google.com.tr
O1 - Hosts: 74.125.47.138 video.google.com
O1 - Hosts: 74.125.47.138 video.google.com.tr
O1 - Hosts: 74.125.47.138 books.google.com.tr
O1 - Hosts: 74.125.157.147 analytics.google.com
O1 - Hosts: 74.125.157.147 analytics.google.com.tr
O1 - Hosts: 74.125.45.138 toolbar.google.com
O1 - Hosts: 74.125.45.138 toolbar.google.com.tr
O1 - Hosts: 74.125.45.138 earth.google.com
O1 - Hosts: 74.125.45.138 earth.google.com.tr
O1 - Hosts: 74.125.45.147 google-analytics.com
O1 - Hosts: 74.125.45.147www.google-analytics.com
O1 - Hosts: 74.125.45.147 google-analytics.com
O1 - Hosts: 74.125.45.147www.google-analytics.com
O1 - Hosts: 74.125.45.138 pages.google.com
O1 - Hosts: 74.125.45.138 pages.google.com.tr
O1 - Hosts: 74.125.157.102 www-google-analytics.l.google.com
O1 - Hosts: 68.178.232.99 sikisvid.com
O1 - Hosts: 74.125.47.138 translate.google.com
O1 - Hosts: 74.125.47.138 translate.google.com.tr
O1 - Hosts: 74.125.159.138 clients1.google.com
O1 - Hosts: 74.125.159.138 clients1.google.com.tr
O1 - Hosts: 74.125.65.139 docs.google.com
O1 - Hosts: 74.125.65.139 docs.google.com.tr
O1 - Hosts: 74.125.47.138 feedburner.google.com
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [Pando Media Booster] "C:\Program Files\Pando Networks\Media Booster\PMB.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe
O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} -http://download.speakychat.com/speakyldr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1273755729843
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E8BF971-AA41-417D-BE1D-B3DCE720C78A}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{AB926DE1-9DDE-44BB-A70A-E23DA91DABE8}: NameServer = 156.154.70.1,156.154.71.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 13900 bytes

Smoch

Yarbay

4668 Mesaj

Tüm Başarılarını Gör

aRiSe*

Yarbay

2195 Mesaj

Tüm Başarılarını Gör

Anti virüs programım sürekli internet tarayıcım açık iken bu uyarıyı veriyor. Nasıl kurtulucağız bu sorundan.
arkadaşlar çok acil lütfen

HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+

Logfile of Trend Micro HijackThis v2.0.2 
  Scan saved at 16:47:05, on 18.08.2010 
  Platform: Windows XP SP3 (WinNT 5.01.2600) 
  MSIE: Internet Explorer v8.00 (8.00.6001.18702) 
  Boot mode: Normal 
   
  Running processes: 
  C:\WINDOWS\System32\smss.exe 
  C:\WINDOWS\system32\winlogon.exe 
  C:\WINDOWS\system32\services.exe 
  C:\WINDOWS\system32\lsass.exe 
  C:\WINDOWS\system32\svchost.exe 
  C:\WINDOWS\System32\svchost.exe 
  C:\WINDOWS\system32\spoolsv.exe 
  C:\DOCUME~1\Burak\LOCALS~1\Temp\svcnost.exe 
  C:\WINDOWS\Explorer.EXE 
  C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe 
  C:\WINDOWS\system32\UnlockerAssistant.exe 
  C:\WINDOWS\system32\mmm.exe 
  C:\Program Files\Vista Drive Icon\DrvIcon.exe 
  C:\Program Files\Winamp\winampa.exe 
  C:\WINDOWS\system32\RunDll32.exe 
  C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe 
  C:\WINDOWS\system32\ctfmon.exe 
  C:\WINDOWS\system32\svchost.exe 
  C:\Program Files\Opera\opera.exe 
  C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
  C:\Program Files\Windows Live\Contacts\wlcomm.exe 
  C:\Documents and Settings\Burak\Desktop\HiJackThis.exe 
   
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =  
  O1 - Hosts: 75.101.163.44 richarddawkins.net 
  O1 - Hosts: 174.129.212.2 richarddawkins.net 
  O1 - Hosts: 75.101.145.87 richarddawkins.net 
  O1 - Hosts: 75.101.163.44 www.richarddawkins.net 
  O1 - Hosts: 174.129.212.2 www.richarddawkins.net 
  O1 - Hosts: 75.101.145.87 www.richarddawkins.net 
  O1 - Hosts: 74.220.202.44 www.sordum.com 
  O1 - Hosts: 74.220.202.44 sordum.com 
  O1 - Hosts: 205.188.87.240 yp.shoutcast.com 
  O1 - Hosts: 68.177.32.34 media.shoutcast.com 
  O1 - Hosts: 68.177.32.33 media.shoutcast.com 
  O1 - Hosts: 205.188.100.58 shoutcast.com 
  O1 - Hosts: 207.200.74.38 shoutcast.com 
  O1 - Hosts: 64.12.79.57 shoutcast.com 
  O1 - Hosts: 205.188.28.1 www.shoutcast.com 
  O1 - Hosts: 74.125.45.118 gdata.youtube.com 
  O1 - Hosts: 74.125.45.118 img.youtube.com 
  O1 - Hosts: 208.65.153.240 m.youtube.com 
  O1 - Hosts: 74.125.95.93 youtube.com 
  O1 - Hosts: 74.125.127.93 youtube.com 
  O1 - Hosts: 74.125.227.1 www.youtube.com 
  O1 - Hosts: 74.125.227.2 www.youtube.com 
  O1 - Hosts: 74.125.227.3 www.youtube.com 
  O1 - Hosts: 74.125.227.4 www.youtube.com 
  O1 - Hosts: 74.125.227.5 www.youtube.com 
  O1 - Hosts: 74.125.227.6 www.youtube.com 
  O1 - Hosts: 74.125.227.7 www.youtube.com 
  O1 - Hosts: 74.125.227.8 www.youtube.com 
  O1 - Hosts: 74.125.227.9 www.youtube.com 
  O1 - Hosts: 74.125.227.10 www.youtube.com 
  O1 - Hosts: 74.125.227.11 www.youtube.com 
  O1 - Hosts: 74.125.227.12 www.youtube.com 
  O1 - Hosts: 74.125.227.13 www.youtube.com 
  O1 - Hosts: 74.125.227.14 www.youtube.com 
  O1 - Hosts: 74.125.227.15 www.youtube.com 
  O1 - Hosts: 74.125.227.0 www.youtube.com 
  O1 - Hosts: 74.125.227.20 help.youtube.com 
  O1 - Hosts: 74.125.227.16 help.youtube.com 
  O1 - Hosts: 74.125.227.17 help.youtube.com 
  O1 - Hosts: 74.125.227.18 help.youtube.com 
  O1 - Hosts: 74.125.227.19 help.youtube.com 
  O1 - Hosts: 208.117.254.80 tc.v1.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.83 tc.v2.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.86 tc.v3.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.89 tc.v4.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.92 tc.v5.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.95 tc.v6.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.98 tc.v7.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.101 tc.v8.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.81 tc.v9.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.84 tc.v10.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.87 tc.v11.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.90 tc.v12.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.93 tc.v13.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.96 tc.v14.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.99 tc.v15.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.102 tc.v16.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.82 tc.v17.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.85 tc.v18.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.88 tc.v19.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.91 tc.v20.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.94 tc.v21.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.97 tc.v22.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.100 tc.v23.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.103 tc.v24.cache1.c.youtube.com 
  O1 - Hosts: 208.117.254.80 tc.v1.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.83 tc.v2.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.86 tc.v3.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.89 tc.v4.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.92 tc.v5.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.95 tc.v6.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.98 tc.v7.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.101 tc.v8.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.81 tc.v9.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.84 tc.v10.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.87 tc.v11.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.90 tc.v12.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.93 tc.v13.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.96 tc.v14.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.99 tc.v15.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.102 tc.v16.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.82 tc.v17.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.85 tc.v18.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.88 tc.v19.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.91 tc.v20.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.94 tc.v21.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.97 tc.v22.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.100 tc.v23.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.103 tc.v24.cache2.c.youtube.com 
  O1 - Hosts: 208.117.254.80 tc.v1.cache3.c.youtube.com 
  O1 - Hosts: 208.117.254.83 tc.v2.cache3.c.youtube.com 
  O1 - Hosts: 208.117.254.86 tc.v3.cache3.c.youtube.com 
  O1 - Hosts: 208.117.254.89 tc.v4.cache3.c.youtube.com 
  O1 - Hosts: 208.117.254.92 tc.v5.cache3.c.youtube.com 
  O1 - Hosts: 208.117.254.95 tc.v6.cache3.c.youtube.com 
  O1 - Hosts: 208.117.254.98 tc.v7.cache3.c.youtube.com 
  O1 - Hosts: 208.117.254.101 tc.v8.cache3.c.youtube.com 
  O1 - Hosts: 208.117.254.81 tc.v9.cache3.c.youtube.com 
  O1 - Hosts: 208.117.254.84 tc.v10.cache3.c.youtube.com 
  O1 - Hosts: 208.117.254.87 tc.v11.cache3.c.youtube.com 
  O1 - Hosts: 208.117.254.90 tc.v12.cache3.c.youtube.com 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll 
  O4 - HKLM\..\Run: [UnlockerAssistant] "C:\WINDOWS\system32\UnlockerAssistant.exe" 
  O4 - HKLM\..\Run: [RightClick Menu] C:\WINDOWS\system32\mmm.exe 
  O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe 
  O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe 
  O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe 
  O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd 
  O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice 
  O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe 
  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') 
  O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE') 
  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') 
  O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE') 
  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') 
  O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') 
  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') 
  O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') 
  O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present 
  O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 
  O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL 
  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe 
  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe 
  O17 - HKLM\System\CCS\Services\Tcpip\..\{09CAB41C-E564-4384-A2DB-82A043348C79}: NameServer = 8.8.8.8,8.8.4.4 
  O17 - HKLM\System\CS1\Services\Tcpip\..\{09CAB41C-E564-4384-A2DB-82A043348C79}: NameServer = 8.8.8.8,8.8.4.4 
  O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe 
  O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe 
  O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\mssrv32.exe 
  O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (file missing) 
   
  -- 
  End of file - 9985 bytes

hijack analiz rapor'um Altta.

Logfile of Advanced SystemCare 3 Security Analyzer
Scan saved at 03:34:14, on 23.08.2010
Platform: Windows XP (WinNT 5.1)
MSIE: Internet Explorer v8.0 (8.0.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - HKCU\..\Run: [DriverScanner] "C:\Program Files\Uniblue\DriverScanner\launcher.exe" delay 20000
O4 - HKCU\..\Run: [SpeedUpMyPC] "C:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe" delay 20000
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_11) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Plug-in 1.6.0_07) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.6.0_11) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_11) -http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Güncelleme Hizmeti (gupdate1caa11c119880a6) (gupdate1caa11c119880a6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown - %ProgramFiles%\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

Buda Combofix log'um altta.

ComboFix 10-08-22.03 - Admin 23.08.2010 2:24.4.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1254.90.1055.18.511.167 [GMT 3:00]
Running from: c:\documents and settings\Admin\Desktop\18628-ComboFix-190810.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Admin\Sık Kullanılanlar\# netbiLgini ~ en hızLı büyüyen forum...url
c:\documents and settings\Admin\Sık Kullanılanlar\7-24 New PVP Server 78.111.96.233 - # netbiLgini ~ en hızLı büyüyen forum...url
c:\documents and settings\Admin\Sık Kullanılanlar\POWER TURK - ONCE MUZIK....url
c:\windows\remote.ini

.
((((((((((((((((((((((((( Files Created from 2010-07-22 to 2010-08-22 )))))))))))))))))))))))))))))))
.

2010-08-22 21:59 . 2010-08-22 21:59 -------- d-----w- C:\Dell
2010-08-22 16:17 . 2010-08-22 16:17 -------- d-----w- c:\documents and settings\All Users\Uniblue
2010-08-22 15:43 . 2010-08-22 16:13 -------- d-----w- c:\documents and settings\Admin\Application Data\Uniblue
2010-08-22 15:43 . 2010-08-22 16:16 -------- d-----w- c:\program files\Uniblue
2010-08-22 15:31 . 2010-08-22 15:32 -------- d-----w- c:\program files\Realtek AC97
2010-08-22 11:14 . 2003-07-01 20:42 27904 ----a-w- c:\windows\system32\drivers\VIAAGP1.SYS
2010-08-22 11:00 . 2004-04-15 10:57 42496 ----a-w- c:\windows\system32\drivers\fetnd5b.sys
2010-08-22 11:00 . 2003-07-17 16:10 7040 ----a-w- c:\windows\system32\ntsim.sys
2010-08-22 10:54 . 2010-08-22 10:54 -------- d-----w- c:\program files\Realtek Sound Manager
2010-08-22 10:54 . 2010-08-22 15:32 -------- d-----w- c:\program files\AvRack
2010-08-22 01:33 . 2004-07-12 08:50 241664 ----a-r- c:\windows\system32\nvwrshe.dll
2010-08-22 01:22 . 2010-08-22 01:22 -------- d-----w- c:\documents and settings\All Users\Application Data\UAB
2010-08-22 01:22 . 2010-08-22 01:22 -------- d-----w- c:\documents and settings\Admin\Local Settings\Application Data\PC_Drivers_Headquarters
2010-08-22 01:20 . 2010-08-22 01:20 -------- d-----w- c:\documents and settings\Admin\Local Settings\Application Data\eSupport.com
2010-08-22 01:20 . 2010-08-22 01:20 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2010-08-22 00:12 . 2010-03-30 20:38 20968 ----a-w- c:\windows\system32\drivers\cpuz133_x32.sys
2010-08-22 00:12 . 2010-08-22 00:12 -------- d-----w- c:\program files\CPUID
2010-08-21 10:27 . 2010-08-21 21:08 -------- d-----w- c:\windows\NV29803720.TMP
2010-08-20 23:05 . 2004-07-12 08:50 147456 ----a-r- c:\windows\system32\nvwrszht.dll
2010-08-20 23:05 . 2004-07-12 08:50 86016 ----a-r- c:\windows\system32\nvrszht.dll
2010-08-20 23:05 . 2004-07-12 08:50 172032 ----a-r- c:\windows\system32\nvrszhc.dll
2010-08-20 23:05 . 2004-07-12 08:50 143360 ----a-r- c:\windows\system32\nvwrszhc.dll
2010-08-20 23:05 . 2004-07-12 08:50 266240 ----a-r- c:\windows\system32\nvwrstr.dll
2010-08-20 23:05 . 2004-07-12 08:50 176128 ----a-r- c:\windows\system32\nvrstr.dll
2010-08-20 23:05 . 2004-07-12 08:50 258048 ----a-r- c:\windows\system32\nvwrssv.dll
2010-08-20 23:05 . 2004-07-12 08:50 172032 ----a-r- c:\windows\system32\nvrssv.dll
2010-08-20 23:05 . 2004-07-12 08:50 262144 ----a-r- c:\windows\system32\nvwrssl.dll
2010-08-20 23:04 . 2004-07-12 08:50 172032 ----a-r- c:\windows\system32\nvrssl.dll
2010-08-20 23:04 . 2004-07-12 08:50 258048 ----a-r- c:\windows\system32\nvwrssk.dll
2010-08-20 23:04 . 2004-07-12 08:50 172032 ----a-r- c:\windows\system32\nvrssk.dll
2010-08-20 23:04 . 2004-07-12 08:50 274432 ----a-r- c:\windows\system32\nvwrsru.dll
2010-08-20 23:04 . 2004-07-12 08:50 184320 ----a-r- c:\windows\system32\nvrsru.dll
2010-08-20 23:04 . 2010-08-20 23:07 -------- d-----w- c:\windows\NV24522300.TMP
2010-08-20 23:02 . 2004-07-12 08:50 3740032 -c--a-w- c:\windows\system32\dllcache\nv4_disp.dll
2010-08-20 23:02 . 2004-07-12 08:50 3740032 ----a-r- c:\windows\system32\nv4_disp.dll
2010-08-20 23:02 . 2004-07-12 08:50 2459968 -c--a-w- c:\windows\system32\dllcache\nv4_mini.sys
2010-08-20 23:02 . 2004-07-12 08:50 2459968 ----a-r- c:\windows\system32\drivers\nv4_mini.sys
2010-08-20 22:45 . 2001-11-08 14:37 221184 ----a-w- c:\windows\system32\Dualunis.exe
2010-08-20 22:45 . 1999-12-07 01:00 40592 ----a-r- c:\windows\system32\stream.sys
2010-08-20 22:44 . 2000-07-18 07:41 221184 ----a-w- c:\windows\system32\SP5X_32.DLL
2010-08-20 22:44 . 2000-01-04 23:17 24576 ----a-w- c:\windows\system32\Ca500Ext.dll
2010-08-20 22:44 . 2001-01-03 09:06 148385 ----a-w- c:\windows\system32\drivers\CA500AV.SYS
2010-08-20 22:44 . 2001-01-03 09:06 10810 ----a-w- c:\windows\system32\drivers\minbulk.sys
2010-08-16 08:44 . 2010-08-16 08:44 103424 ----a-w- c:\windows\system32\DCLibrary_nat.dll
2010-08-15 23:01 . 2010-08-15 23:01 -------- d-----w- c:\program files\S3
2010-08-15 23:01 . 2004-10-05 13:54 306688 ----a-w- c:\windows\IsUninst.exe
2010-08-15 23:01 . 2010-08-15 23:01 -------- d-----w- c:\documents and settings\Admin\WINDOWS
2010-08-15 22:09 . 2010-08-15 22:09 -------- d-----w- c:\program files\Driver-Soft
2010-08-15 22:07 . 2010-08-15 22:07 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2010-08-15 22:01 . 2010-08-15 22:01 -------- d-----w- c:\program files\PC Drivers HeadQuarters
2010-08-15 19:14 . 2010-08-22 21:20 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-08-15 18:44 . 2010-08-16 11:09 -------- d-----w- c:\documents and settings\Admin\Local Settings\Application Data\Conduit
2010-08-15 18:44 . 2010-08-15 18:44 -------- d-----w- c:\program files\Conduit
2010-08-15 15:48 . 2010-08-15 15:48 -------- d-----w- c:\windows\system32\wbem\Repository
2010-08-15 11:36 . 2010-08-15 11:36 -------- d-----w- c:\windows\system32\NVRTClk
2010-08-15 11:36 . 2003-12-30 09:44 24576 ----a-r- c:\windows\system32\NVRTClk.exe
2010-08-15 11:36 . 2003-05-15 14:44 40960 ----a-r- c:\windows\system32\NVGPIO.dll
2010-08-15 10:33 . 2010-08-15 10:33 -------- d-----w- c:\program files\Lavalys
2010-08-09 21:16 . 2010-08-09 21:16 -------- d-----w- c:\program files\Ventrilo
2010-08-05 01:34 . 2010-08-05 01:34 -------- d-----r- c:\documents and settings\ko1\Sık Kullanılanlar
2010-08-05 01:34 . 2010-08-08 12:16 -------- d-----w- c:\documents and settings\ko1
2010-07-24 15:27 . 2010-07-24 15:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-22 16:14 . 2010-08-22 16:13 5268200 ----a-w- c:\documents and settings\Admin\Application Data\Uniblue\DriverScanner\_temp\driverscanner.exe
2010-08-22 16:14 . 2010-08-22 16:13 5276232 ----a-w- c:\documents and settings\Admin\Application Data\Uniblue\SpeedUpMyPC\_temp\sump.exe
2010-08-22 15:06 . 2010-08-22 15:06 20133 ----a-w- c:\windows\system32\drivers\isapnp.rar
2010-08-21 22:23 . 2008-07-31 00:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2010-08-18 21:02 . 2009-07-17 19:50 -------- d-----w- c:\program files\Vindir for YouTube 3
2010-08-16 21:53 . 2010-01-29 20:12 -------- d-----w- c:\documents and settings\Admin\Application Data\DivX
2010-08-15 23:18 . 2007-06-07 18:00 -------- d-sh--w- c:\program files\SystemRequirementsLab
2010-08-15 23:18 . 2009-01-24 16:40 -------- d-----w- c:\documents and settings\Admin\Application Data\SystemRequirementsLab
2010-08-15 23:18 . 2010-08-15 23:18 290816 ----a-w- c:\documents and settings\Admin\Application Data\SystemRequirementsLab\SRLProxy_nvd_4.dll
2010-08-15 23:18 . 2010-08-15 23:18 290816 ----a-w- c:\documents and settings\Admin\Application Data\SystemRequirementsLab\SRLProxy_nvd_3.dll
2010-08-15 23:18 . 2010-08-15 23:18 290816 ----a-w- c:\documents and settings\Admin\Application Data\SystemRequirementsLab\SRLProxy_nvd_2.dll
2010-08-15 23:18 . 2010-08-15 23:18 290816 ----a-w- c:\documents and settings\Admin\Application Data\SystemRequirementsLab\SRLProxy_nvd_1.dll
2010-08-15 23:01 . 2006-08-27 12:38 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-14 22:37 . 2008-09-26 10:57 -------- d-----w- c:\program files\PC Connectivity Solution
2010-08-12 15:46 . 2001-11-22 12:00 76934 ----a-w- c:\windows\system32\perfc01F.dat
2010-08-12 15:46 . 2001-11-22 12:00 419904 ----a-w- c:\windows\system32\perfh01F.dat
2010-08-11 10:47 . 2010-08-15 11:44 305378 ----a-w- c:\windows\PCHealth\HelpCtr\Config\Cache\Professional_32_1055.dat
2010-08-09 21:26 . 2008-08-09 15:47 -------- d-----w- c:\documents and settings\Admin\Application Data\Ventrilo
2010-08-09 21:15 . 2009-01-03 20:41 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-07-28 13:26 . 2007-06-06 18:04 -------- d-sh--w- c:\program files\sXe Injected
2010-07-28 08:52 . 2009-01-26 22:05 -------- d-----w- c:\documents and settings\Admin\Application Data\TeamViewer
2010-07-27 10:24 . 2007-01-17 18:09 -------- d-----w- c:\documents and settings\Admin\Application Data\LimeWire
2010-07-25 20:43 . 2010-07-25 08:26 198557 ----a-w- c:\documents and settings\Admin\Application Data\appdata.dll
2010-07-25 20:43 . 2010-07-25 08:26 198557 ----a-w- c:\documents and settings\Admin\Application Data\appdata.dll
2010-07-24 16:03 . 2009-09-07 12:02 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-24 15:27 . 2010-07-06 01:52 -------- d-----w- c:\program files\Alwil Software
2010-07-23 15:58 . 2010-07-23 15:58 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-07-18 00:13 . 2009-01-07 12:03 -------- d-----w- c:\documents and settings\Admin\Application Data\Winamp
2010-07-17 23:46 . 2009-11-24 09:29 -------- d-----w- c:\program files\Winamp Toolbar
2010-07-16 17:49 . 2010-07-16 17:05 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
2010-07-16 17:44 . 2010-01-29 19:48 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-07-16 17:43 . 2010-07-16 17:43 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
2010-07-16 17:19 . 2010-01-29 19:48 -------- d-----w- c:\program files\DivX
2010-07-05 21:51 . 2010-07-05 21:46 -------- d-----w- c:\program files\Creative
2010-07-05 21:50 . 2010-07-05 21:48 -------- d--h--w- c:\program files\Creative Installation Information
2010-07-05 21:48 . 2010-07-05 21:48 -------- d-----w- c:\program files\Common Files\Creative
2010-07-05 21:07 . 2010-03-05 23:02 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-06-30 12:32 . 2002-10-01 08:03 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-30 11:22 . 2010-06-30 11:22 52224 ----a-w- c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\qh9kypf8.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\components\FFExternalAlert.dll
2010-06-30 11:22 . 2010-06-30 11:22 101376 ----a-w- c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\qh9kypf8.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\components\RadioWMPCore.dll
2010-06-24 12:24 . 2002-10-01 08:04 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2002-10-01 07:57 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2001-11-22 12:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2001-11-22 12:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2006-08-27 12:10 744448 ----a-w- c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
2010-06-14 07:42 . 2002-10-01 08:03 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-09 08:06 . 2010-06-09 08:06 976832 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\2712\AdobeARM.exe
2010-06-09 08:06 . 2010-06-09 08:06 70584 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\2712\AdobeExtractFiles.dll
2010-06-09 08:06 . 2010-06-09 08:06 331176 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\2712\ReaderUpdater.exe
2010-06-09 08:06 . 2010-06-09 08:06 331176 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\2712\AcrobatUpdater.exe
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"RegistryBooster"="c:\program files\Uniblue\RegistryBooster\launcher.exe" [2010-07-27 67456]
"DriverScanner"="c:\program files\Uniblue\DriverScanner\launcher.exe" [2010-07-16 338296]
"SpeedUpMyPC"="c:\program files\Uniblue\SpeedUpMyPC\launcher.exe" [2010-06-25 67960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVRTCLK"="c:\windows\system32\NVRTCLK\NVRTClk.exe" [2003-12-30 24576]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-07-12 4112384]
"nwiz"="nwiz.exe" [2004-07-12 843776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-07-12 81920]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 16:00 15360 ------w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 14:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVRTCLK]
2003-12-30 09:44 24576 ----a-r- c:\windows\system32\NVRTClk\NVRTClk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\English\\setup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"d:\\Warcraft III\\war3.exe"=
"c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [01.02.2008 18:24 41456]
R2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [22.08.2010 03:12 20968]
R3 CnxEtP;ADSL USB MODEM WAN Adapter Filter Driver;c:\windows\system32\drivers\CnxEtP.sys [28.07.2008 13:10 60288]
R3 CnxEtU;ADSL USB MODEM Loader;c:\windows\system32\drivers\CnxEtU.sys [28.07.2008 13:10 646400]
R3 CnxTgN;ADSL USB MODEM WAN Adapter Driver;c:\windows\system32\drivers\CnxTgN.sys [28.07.2008 13:10 108771]
S0 ddvqknkx;ddvqknkx;c:\windows\system32\drivers\gugchoe.sys --> c:\windows\system32\drivers\gugchoe.sys [?]
S0 wtpogoe;wtpogoe;c:\windows\system32\drivers\wtyvtred.sys --> c:\windows\system32\drivers\wtyvtred.sys [?]
S2 gupdate1caa11c119880a6;Google Güncelleme Hizmeti (gupdate1caa11c119880a6);c:\program files\Google\Update\GoogleUpdate.exe [29.01.2010 22:48 133104]
S2 WallHack;WallHack;\??\c:\documents and settings\Admin\Desktop\fdg\sxe7.7-WH_-_CeVDeToR\sxe7.7-WH_-_CeVDeToR\sxe7.7-WH - CeVDeToR\WallHack.sys --> c:\documents and settings\Admin\Desktop\fdg\sxe7.7-WH_-_CeVDeToR\sxe7.7-WH_-_CeVDeToR\sxe7.7-WH - CeVDeToR\WallHack.sys [?]
S3 APR;APR;\??\d:\knightonline\APR.sys --> d:\knightonline\APR.sys [?]
S3 CAM1690;USB 2.0 Compliance JPEG Video Camera;c:\windows\system32\drivers\cam1690.sys [29.08.2007 12:01 153344]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [22.08.2010 04:20 23456]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [03.08.2005 00:10 32512]
S3 vvftav303;vvftav303;c:\windows\system32\drivers\vvftav303.sys [31.07.2008 13:04 480128]
S3 XDva002;XDva002;\??\c:\windows\system32\XDva002.sys --> c:\windows\system32\XDva002.sys [?]
S3 XDva007;XDva007;\??\c:\windows\system32\XDva007.sys --> c:\windows\system32\XDva007.sys [?]
S3 XDva009;XDva009;\??\c:\windows\system32\XDva009.sys --> c:\windows\system32\XDva009.sys [?]
S3 XDva010;XDva010;\??\c:\windows\system32\XDva010.sys --> c:\windows\system32\XDva010.sys [?]
S3 XDva012;XDva012;c:\windows\system32\XDva012.sys [10.06.2007 17:11 15115]
S3 XDva013;XDva013;\??\c:\windows\system32\XDva013.sys --> c:\windows\system32\XDva013.sys [?]
S3 XDva014;XDva014;\??\c:\windows\system32\XDva014.sys --> c:\windows\system32\XDva014.sys [?]
S3 XDva016;XDva016;\??\c:\windows\system32\XDva016.sys --> c:\windows\system32\XDva016.sys [?]
S3 XDva020;XDva020;\??\c:\windows\system32\XDva020.sys --> c:\windows\system32\XDva020.sys [?]
S3 XDva025;XDva025;\??\c:\windows\system32\XDva025.sys --> c:\windows\system32\XDva025.sys [?]
S3 XDva031;XDva031;\??\c:\windows\system32\XDva031.sys --> c:\windows\system32\XDva031.sys [?]
S3 XDva033;XDva033;\??\c:\windows\system32\XDva033.sys --> c:\windows\system32\XDva033.sys [?]
S3 XDva062;XDva062;\??\c:\windows\system32\XDva062.sys --> c:\windows\system32\XDva062.sys [?]
S3 XDva078;XDva078;\??\c:\windows\system32\XDva078.sys --> c:\windows\system32\XDva078.sys [?]
S3 XDva089;XDva089;\??\c:\windows\system32\XDva089.sys --> c:\windows\system32\XDva089.sys [?]
S3 XDva090;XDva090;\??\c:\windows\system32\XDva090.sys --> c:\windows\system32\XDva090.sys [?]
S3 XDva136;XDva136;\??\c:\windows\system32\XDva136.sys --> c:\windows\system32\XDva136.sys [?]
S3 ZSMC0303;A4 TECH PC Camera H;c:\windows\system32\Drivers\usbVM303.sys --> c:\windows\system32\Drivers\usbVM303.sys [?]
.
Contents of the 'Scheduled Tasks' folder

2010-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 19:48]

2010-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 19:48]

2010-07-16 c:\windows\Tasks\Install_NSS.job
- c:\program files\DivX\Symantec\scstubinstaller.exe [2010-03-08 18:00]

2010-08-22 c:\windows\Tasks\RegistryBooster.job
- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2010-08-22 08:11]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.tr/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = about:blank
mLocal Page = hxxp://www.Google.com/
mSearch Bar = hxxp://www.Google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local
TCP: interfaces = 208.67.222.222,208.67.220.220
TCP: {274CB58D-67F6-4CC4-963B-43388B846157} = 4.2.2.2 4.2.2.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\qh9kypf8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2077543&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ToggleEN Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.tr/
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=
FF - component: c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\qh9kypf8.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\qh9kypf8.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\qh9kypf8.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - plugin: c:\documents and settings\Admin\Application Data\Facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-DLLHost - c:\documents and settings\Admin\Application Data\dllhost.exe
MSConfigStartUp-rundll - c:\documents and settings\Admin\Application Data\rundll.exe
ActiveSetup-{735EC9A1-7DE0-D0B4-920F-36EE78E89BAE} - c:\windows\system32:windowsupta.exe
AddRemove-Adobe Flash Player Plugin - c:\windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe
AddRemove-Counter-Strike 1.5 Türkçe Paketi - c:\sierra\HALF-L~1\UNWISE.EXE
AddRemove-Half-Life - c:\sierra\HALF-L~1\UNWISE.EXE
AddRemove-PhotoScape - c:\program files\PhotoScape\uninstall.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,http://www.gmer.net
Rootkit scan 2010-08-23 02:38
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2000478354-861567501-839522115-1003\Software\Microsoft\MessengerService\GroupStateCacheU\Aq*]
"Name"=hex:41,01,71,00,00,00
"Collapsed"=hex:00,00,00,00

[HKEY_USERS\S-1-5-21-2000478354-861567501-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*^]
@Class="Shell"

[HKEY_USERS\S-1-5-21-2000478354-861567501-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*^\OpenWithList]
@Class="Shell"
"a"="firefox.exe"
"MRUList"="a"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):67,6f,a0,bb,ab,2a,3f,dd,37,98,46,40,78,d4,82,07,49,ef,bf,a6,8e,
99,05,b6,02,8a,e5,e6,b6,f4,54,82,f7,a6,28,db,65,50,e2,9f,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8b75b49f-d2c4-4b58-9380-cebf0b3bb07d}]
@Denied: (Full) (Everyone)
"Model"=dword:00000061
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•6~*]
"??????ª??????????"=multi:"î?€MZ\00\03\00\00\00\04\00\00\00ÿÿ\00\00¸\00\00\00\00\00\00\00@\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00\00ø\00\00\00\0e\1fº\0e\00´\09Í!¸\01LÍ!This program cannot be run in DOS mode.\0d\0d\0a$\00\00\00\00\00\00\00›w{ïß\16\15¼ß\16\15¼ß\16\15¼øĞx¼Ş\16\15¼øĞ{¼Ş\16\15¼\1c\19H¼Ò\16\15¼ß\16\14¼|\16\15¼oÓh¼Â\16\15¼oÓx¼v\00\00"
.
Completion time: 2010-08-23 02:44:06
ComboFix-quarantined-files.txt 2010-08-22 23:43
ComboFix2.txt 2010-03-07 20:58

Pre-Run: 499.552.256 bayt boş
Post-Run: 6.537.359.360 bayt boş

- - End Of File - - C99AEB258E55DB13293020F69BAC77CE

Yardımlarınızı bekliyorum.Teşekkürler.

SELAM ILK MESAJIM UMARIM YERINE ULASIR :)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:31:01, on 24.08.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\UnlockerAssistant.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
D:\EUWIN\euintac.exe
D:\EUWIN\euintac.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =http://start.drp.su/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O1 - Hosts: s127.0.0.1 localhost
O1 - Hosts: Youtube Jacker 4 :)
O1 - Hosts: 209.85.229.100www.youtube.com
O1 - Hosts: 209.85.229.100 youtube.com
O1 - Hosts: 209.85.229.100 tr.youtube.com
O1 - Hosts: 209.85.229.100 fr.youtube.com
O1 - Hosts: 209.85.229.100 au.youtube.com
O1 - Hosts: 209.85.229.100 ca.youtube.com
O1 - Hosts: 208.117.236.71 m.youtube.com
O1 - Hosts: 74.125.65.118 img.youtube.com
O1 - Hosts: 209.85.165.102 gdata.youtube.com
O1 - Hosts: 208.117.236.71 ru.youtube.com
O1 - Hosts: 208.117.236.70 youtube.com
O1 - Hosts: 74.125.65.118 img.youtube.com
O1 - Hosts: 88.255.41.21 fr.youtube.com
O1 - Hosts: 88.255.41.21www.fr.youtube.com
O1 - Hosts: 74.125.95.138 de.youtube.com
O1 - Hosts: 209.85.129.104 help.youtube.com
O1 - Hosts: 209.85.129.104www.help.youtube.com
O1 - Hosts: 74.125.13.80 v1.lscache1.c.youtube.com
O1 - Hosts: 74.125.0.147 v2.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.86 v3.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.89 v4.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.92 v5.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.95 v6.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.98 v7.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.101 v8.lscache1.c.youtube.com
O1 - Hosts: 74.125.97.17 v9.lscache1.c.youtube.com
O1 - Hosts: 74.125.97.84 v10.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.87 v11.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.90 v12.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.93 v13.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.96 v14.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.99 v15.lscache1.c.youtube.com
O1 - Hosts: 74.125.97.38 v16.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.82 v17.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.85 v18.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.88 v19.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.91 v20.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.94 v21.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.97 v22.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.100 v23.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.103 v24.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.80 v1.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.83 v2.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.86 v3.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.89 v4.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.92 v5.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.95 v6.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.98 v7.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.101 v8.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.81 v9.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.84 v10.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.87 v11.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.90 v12.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.93 v13.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.96 v14.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.99 v15.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.102 v16.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.82 v17.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.85 v18.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.88 v19.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.91 v20.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.94 v21.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.97 v22.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.100 v23.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.103 v24.lscache2.c.youtube.com
O1 - Hosts: 74.125.99.80 v1.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.83 v2.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.86 v3.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.89 v4.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.92 v5.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.95 v6.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.98 v7.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.101 v8.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.81 v9.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.84 v10.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.87 v11.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.90 v12.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.93 v13.lscache3.c.youtube.com
O1 - Hosts: 74.125.97.32 v14.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.99 v15.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.102 v16.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.82 v17.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.85 v18.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.88 v19.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.91 v20.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.94 v21.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.97 v22.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.100 v23.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.103 v24.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.80 v1.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.83 v2.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.86 v3.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.89 v4.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.92 v5.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.95 v6.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.98 v7.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.101 v8.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.81 v9.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.84 v10.lscache4.c.youtube.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\WINDOWS\system32\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Bunu Bloga Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Windows Live Writer içinde &Bunu Web Günlüğüne Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {77BF5300-1474-4EC7-9980-D32B190E9B07} - (no file)
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0FC8B38E-9293-424C-9D0E-CE60775679CF} (SubClassEditCtrlContainer Class) -https://sube.garanti.com.tr/lib/JaguarEditControl.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{4459D5B3-1083-4F18-B052-64F5986A7B1B}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe

--
End of file - 10986 bytes

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 11:12:44, on 29.08.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\VideoWebCamera\VideoWebCamera.exe
C:\Windows\PLFSetI.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files\VideoWebCamera\VideoWebCamera.exe" -a
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{51EFBD53-F021-448B-AACC-DBA81D801CA6}: NameServer = 8.8.4.4,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{B3180692-704B-40C0-A2BF-47A3DA1E5ACC}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{51EFBD53-F021-448B-AACC-DBA81D801CA6}: NameServer = 8.8.4.4,8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{51EFBD53-F021-448B-AACC-DBA81D801CA6}: NameServer = 8.8.4.4,8.8.8.8
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Unknown owner - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (file missing)
O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Unknown owner - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (file missing)

--
End of file - 5824 bytes

inş halledebılırız beraber koolay gelsın

Bu sorunun cevabı var mı burada bilmiyorum varsa şimdiden özür dilerim. Benim sorunum şu: Bilgisayarı açtığımda "Hoş Geldiniz." yazısının gidip simgelerin gelmesi 1-2 dk sürüyor. Bunu kısaltmanın yolu var mı?

Logfile of Trend Micro HijackThis v2.0.2 
  Scan saved at 23:49:59, on 30.08.2010 
  Platform: Windows XP SP2 (WinNT 5.01.2600) 
  MSIE: Internet Explorer v8.00 (8.00.6001.18702) 
  Boot mode: Normal 
   
  Running processes: 
  C:\WINDOWS\System32\smss.exe 
  C:\WINDOWS\system32\winlogon.exe 
  C:\WINDOWS\system32\services.exe 
  C:\WINDOWS\system32\lsass.exe 
  C:\WINDOWS\system32\svchost.exe 
  C:\WINDOWS\System32\svchost.exe 
  C:\WINDOWS\system32\svchost.exe 
  C:\Program Files\Intel\Wireless\Bin\EvtEng.exe 
  C:\WINDOWS\Explorer.EXE 
  C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe 
  C:\Program Files\ATKGFNEX\GFNEXSrv.exe 
  C:\WINDOWS\system32\spoolsv.exe 
  C:\Program Files\DAEMON Tools Net\DTNetSrv.exe 
  C:\Program Files\ESET\ESET Smart Security\ekrn.exe 
  C:\Program Files\Java\jre6\bin\jqs.exe 
  C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe 
  C:\WINDOWS\system32\wbem\wmiapsrv.exe 
  C:\Program Files\ATK Hotkey\Hcontrol.exe 
  C:\Program Files\ASUS\ATK Media\DMEDIA.EXE 
  C:\Program Files\ASUS\Splendid\ACMON.exe 
  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 
  C:\WINDOWS\system32\igfxtray.exe 
  C:\WINDOWS\system32\hkcmd.exe 
  C:\WINDOWS\system32\igfxpers.exe 
  C:\Program Files\ASUS\Wireless Console 3\wcourier.exe 
  C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe 
  C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe 
  C:\Program Files\ESET\ESET Smart Security\egui.exe 
  C:\WINDOWS\system32\ACEngSvr.exe 
  C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe 
  C:\WINDOWS\system32\ctfmon.exe 
  C:\Program Files\DNA\btdna.exe 
  C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
  C:\Program Files\Sigma\DVBPlayer\Power.exe 
  C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe 
  C:\Program Files\AirTies\Adsl Hizmet Programı\AdslUtility.exe 
  C:\Program Files\ATK Hotkey\ATKOSD.exe 
  C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe 
  C:\Program Files\ATK Hotkey\WDC.exe 
  C:\Program Files\Mozilla Firefox\firefox.exe 
  C:\WINDOWS\system32\wuauclt.exe 
  C:\Documents and Settings\mhakan_78\Desktop\HiJackThis.exe 
   
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://codec.kiev.ua/ 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =  
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =  
  R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =http://www.asus.com/ 
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http= 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar 
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll 
  O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
  O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll 
  O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll 
  O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe 
  O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Program Files\ATK Hotkey\Hcontrol.exe" 
  O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE 
  O4 - HKLM\..\Run: [ACMON] "C:\Program Files\ASUS\Splendid\ACMON.exe" 
  O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 
  O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe 
  O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe 
  O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe 
  O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe 
  O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" 
  O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless 
  O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice 
  O4 - HKLM\..\Run: [TNOD UP] "C:\Program Files\TNod User & Password Finder\TNODUP.exe" /i 
  O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe 
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime 
  O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup 
  O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start 
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" 
  O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" 
  O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe 
  O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" 
  O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background 
  O4 - HKCU\..\Run: [Power] C:\Program Files\Sigma\DVBPlayer\Power.exe 
  O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup 
  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') 
  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') 
  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') 
  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') 
  O4 - Global Startup: Adsl Hizmet Programı.lnk = ? 
  O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 
  O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL 
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
  O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com 
  O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1274735236235 
  O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1274738082125 
  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab 
  O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab 
  O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe 
  O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe 
  O23 - Service: DTNetService - DT Soft Ltd - C:\Program Files\DAEMON Tools Net\DTNetSrv.exe 
  O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe 
  O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe 
  O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe 
  O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe 
  O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe 
  O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe 
  O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe 
   
  -- 
  End of file - 8308 bytes

Şimdiden teşekkür ederim.

GENERAL006

Yarbay

2444 Mesaj

Tüm Başarılarını Gör

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:50:36, on 06.09.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\HHA\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.indir-izle.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
R3 - URLSearchHook: Free Lunch Design Toolbar - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre1.dll
O2 - BHO: Free Lunch Design Toolbar - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre1.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Free Lunch Design Toolbar - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre1.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [sXe Injected] C:\Program Files\sXe Injected\sXe Injected.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [windowsuptade] C:\WINDOWS\system32:windowsupta.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: sXe Injected.lnk = C:\Program Files\sXe Injected\sXe Injected.exe
O4 - Startup: zOtomatikServerList.lnk = ?
O4 - Startup: zzlib.lnk = C:\Program Files\valve\platform\zzlib.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 4185 bytes
Pc Çok Yavaş Bi Bakın Lütfen

adres63

Yüzbaşı

674 Mesaj

Tüm Başarılarını Gör

benım makınede devamlı kilitlenio garibim.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:41:53, on 08.09.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\AccelerometerSt.Exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Hp\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O1 - Hosts: 212.156.113.146 soserver
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.Exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 Ekran Kırpıcı ve Başlatıcı.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0FC8B38E-9293-424C-9D0E-CE60775679CF} (SubClassEditCtrlContainer Class) -https://sube.garanti.com.tr/lib/JaguarEditControl.CAB
O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} (JInitiator 1.3.1.22) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC890CDB-7DAE-4E31-AC5A-F424BED6EE41}: NameServer = 156.154.70.22,156.154.71.22
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 7469 bytes

FantaFox

Yüzbaşı

630 Mesaj

Tüm Başarılarını Gör

merhabalar ben online oyun oynuyorum pingim 80den hiç bi şekilde 80den aşşa inmiyor açık program olmamasına ragmen buyrun hijackthis raporum ayrıca virüs felan varsa bi yardımcı olurmusunuz silmem için :)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:56:13, on 17.09.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\VMSnap3.exe
C:\WINDOWS\Domino.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\program files\Internet Download Manager\IDMan.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\program files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Administrator\Belgelerim\Karşıdan Yüklenenler\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://search.localstrike.com.ar/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://search.localstrike.com.ar/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://search.localstrike.com.ar/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\program files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.exe
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\program files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: zOtomatikServerList.lnk = C:\Program Files\Valve\platform\baslangic_serverlist.exe
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\program files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\program files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: IDM ile indir - C:\program files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{CECDC71C-C1F7-4579-84FF-40AB3D825B39}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5874 bytes

Eyvallah

Yarbay

3034 Mesaj

Tüm Başarılarını Gör

Hocam iyi günler , sistemde trojan olduğundan şüpheleniyorum.Ancak tüm taramalarda bir sonuç alamadım.

Logfile of Trend Micro HijackThis v2.0.4 
  Scan saved at 18:09:40, on 05.10.2010 
  Platform: Windows XP SP3 (WinNT 5.01.2600) 
  MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) 
  Boot mode: Normal 
   
  Running processes: 
  C:\WINDOWS\System32\smss.exe 
  C:\WINDOWS\system32\winlogon.exe 
  C:\WINDOWS\system32\services.exe 
  C:\WINDOWS\system32\lsass.exe 
  C:\WINDOWS\system32\svchost.exe 
  C:\WINDOWS\System32\svchost.exe 
  C:\WINDOWS\system32\spoolsv.exe 
  C:\WINDOWS\Explorer.EXE 
  C:\Program Files\ESET\ESET Smart Security\egui.exe 
  C:\Program Files\VIA\RAID\raid_tool.exe 
  C:\WINDOWS\SOUNDMAN.EXE 
  C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
  C:\Program Files\ESET\ESET Smart Security\ekrn.exe 
  C:\WINDOWS\system32\wuauclt.exe 
  C:\Program Files\Mozilla Firefox\firefox.exe 
  C:\Documents and Settings\Administrator\Desktop\HijackThis.exe 
   
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar 
  O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice 
  O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe 
  O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE 
  O4 - HKLM\..\Run: [Anti Trojan Elite] C:\Program Files\Anti Trojan Elite\TJEnder.exe :NO 
  O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background 
  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') 
  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') 
  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe 
  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe 
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
  O22 - SharedTaskScheduler: Browseui önceden yükleyicisi - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll 
  O22 - SharedTaskScheduler: Bileşen Katergorileri önbellek daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll 
  O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe 
  O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe 
   
  -- 
  End of file - 3029 bytes

Yukarıdaki Hijack taraması...

ComboFix 10-10-04.02 - Administrator 05.10.2010  18:15:23.2.2 - x86 
  Microsoft Windows XP Professional  5.1.2600.3.1254.90.1055.18.1023.740 [GMT 3:00] 
  Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe 
  AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} 
  FW: ESET Kişisel güvenlik duvarı *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} 
   * Resident AV is active 
   
  . 
   
  (((((((((((((((((((((((((   Files Created from 2010-09-05 to 2010-10-05  ))))))))))))))))))))))))))))))) 
  . 
   
  2010-10-05 13:17 . 2010-10-05 13:17	--------	d-----w-	c:\windows\system32\xircom 
  2010-10-05 13:17 . 2010-10-05 13:17	--------	d-----w-	c:\windows\system32\wbem\snmp 
  2010-10-05 13:17 . 2010-10-05 13:17	--------	d-----w-	c:\program files\microsoft frontpage 
  2010-10-05 12:59 . 2010-10-05 12:59	--------	d-----w-	c:\documents and settings\Administrator\Local Settings\Application Data\ESET 
  2010-10-05 12:10 . 2010-10-05 12:11	--------	d-----w-	c:\program files\Anti Trojan Elite 
  2010-10-05 11:22 . 2010-10-05 11:23	--------	d-----w-	C:\age2rip by SvntyOneX 
  2010-10-05 10:49 . 2010-10-05 10:49	--------	d-----w-	c:\documents and settings\Administrator\Application Data\Media Player Classic 
  2010-10-05 10:48 . 2007-09-04 14:56	164352	----a-w-	c:\windows\system32\unrar.dll 
  2010-10-05 10:48 . 2008-01-10 10:16	159839	----a-w-	c:\windows\system32\xvidvfw.dll 
  2010-10-05 10:48 . 2008-01-10 10:15	755027	----a-w-	c:\windows\system32\xvidcore.dll 
  2010-10-05 10:48 . 2004-01-25 14:18	217088	----a-w-	c:\windows\system32\yv12vfw.dll 
  2010-10-05 10:48 . 2007-11-29 20:30	3596288	----a-w-	c:\windows\system32\qt-dx331.dll 
  2010-10-05 10:48 . 2007-11-29 20:28	81920	----a-w-	c:\windows\system32\dpl100.dll 
  2010-10-05 10:48 . 2007-12-03 23:33	682496	----a-w-	c:\windows\system32\divx.dll 
  2010-10-05 10:48 . 2008-03-04 09:33	7680	----a-w-	c:\windows\system32\ff_vfw.dll 
  2010-10-05 10:48 . 2004-01-11 20:00	348160	----a-w-	c:\windows\system32\msvcr71.dll 
  2010-10-05 10:48 . 2010-10-05 10:48	--------	d-----w-	c:\program files\K-Lite Codec Pack 
  2010-10-05 10:38 . 2004-09-17 09:37	61440	----a-r-	c:\windows\system32\vuins32.dll 
  2010-10-05 10:38 . 2005-03-18 08:39	42496	----a-r-	c:\windows\system32\drivers\fetnd5bv.sys 
  2010-10-05 10:37 . 2008-04-13 08:45	6272	----a-w-	c:\windows\system32\drivers\splitter.sys 
  2010-10-05 10:37 . 2008-04-13 09:17	83072	----a-w-	c:\windows\system32\drivers\wdmaud.sys 
  2010-10-05 10:37 . 2008-04-13 08:45	52864	----a-w-	c:\windows\system32\drivers\DMusic.sys 
  2010-10-05 10:37 . 2008-04-13 08:45	56576	----a-w-	c:\windows\system32\drivers\swmidi.sys 
  2010-10-05 10:37 . 2008-04-13 08:45	2944	----a-w-	c:\windows\system32\drivers\drmkaud.sys 
  2010-10-05 10:37 . 2008-04-13 08:45	172416	----a-w-	c:\windows\system32\drivers\kmixer.sys 
  2010-10-05 10:37 . 2008-04-13 06:39	142592	----a-w-	c:\windows\system32\drivers\aec.sys 
  2010-10-05 10:33 . 2005-06-20 10:53	60928	----a-r-	c:\windows\system32\drivers\viamraid.sys 
  2010-10-05 10:32 . 2010-10-05 10:34	--------	d-----w-	c:\program files\VIA 
  2010-10-05 10:31 . 2010-10-05 10:31	--------	d-----w-	c:\windows\system32\Tools 
  2010-10-05 10:31 . 2004-12-29 05:57	17505	----a-r-	C:\DBI.EXE 
  2010-10-05 10:25 . 2010-10-05 10:25	--------	d-----w-	c:\program files\Common Files\Macromedia 
  2010-10-05 10:25 . 2010-10-05 10:25	--------	d-----w-	c:\program files\Macromedia 
  2010-10-05 10:25 . 2010-10-05 10:35	--------	d-----w-	c:\program files\Common Files\InstallShield 
  2010-10-05 09:38 . 2010-10-05 15:06	--------	d-----w-	c:\documents and settings\Administrator\Tracing 
  2010-10-05 09:38 . 2010-10-05 09:38	--------	d-----w-	c:\documents and settings\All Users\Application Data\Messenger Plus! 
  2010-10-05 09:37 . 2010-10-05 09:37	--------	d-----w-	c:\program files\Microsoft 
  2010-10-05 09:37 . 2010-10-05 09:37	--------	d-----w-	c:\program files\Windows Live SkyDrive 
  2010-10-05 09:35 . 2010-10-05 09:35	--------	d-----w-	c:\program files\Common Files\Windows Live 
  2010-10-05 09:21 . 2010-10-05 09:21	--------	d-----w-	c:\documents and settings\Administrator\Contacts 
  2010-10-04 10:53 . 2008-06-14 17:33	272000	------w-	c:\windows\system32\drivers\bthport.sys 
  2010-10-04 10:53 . 2008-06-14 17:33	272000	------w-	c:\windows\system32\dllcache\bthport.sys 
  2010-10-04 10:53 . 2008-05-08 14:02	203136	------w-	c:\windows\system32\dllcache\rmcast.sys 
  2010-10-04 10:52 . 2009-10-15 16:29	81920	------w-	c:\windows\system32\dllcache\fontsub.dll 
  2010-10-04 10:52 . 2009-10-15 16:29	119808	------w-	c:\windows\system32\dllcache\t2embed.dll 
  2010-10-04 10:52 . 2010-06-21 15:27	354304	------w-	c:\windows\system32\dllcache\srv.sys 
  2010-10-04 10:52 . 2010-04-28 18:13	2191872	------w-	c:\windows\system32\dllcache\ntoskrnl.exe 
  2010-10-04 10:52 . 2010-04-28 05:43	2148352	------w-	c:\windows\system32\dllcache\ntkrnlmp.exe 
  2010-10-04 10:52 . 2010-04-28 05:43	2068736	------w-	c:\windows\system32\dllcache\ntkrnlpa.exe 
  2010-10-04 10:52 . 2010-04-28 05:43	2026496	------w-	c:\windows\system32\dllcache\ntkrpamp.exe 
  2010-10-04 10:51 . 2008-05-01 14:35	331776	------w-	c:\windows\system32\dllcache\msadce.dll 
  2010-10-04 10:50 . 2010-02-24 13:11	455680	------w-	c:\windows\system32\dllcache\mrxsmb.sys 
  2010-10-04 10:49 . 2009-06-21 21:47	153088	------w-	c:\windows\system32\dllcache\triedit.dll 
  2010-10-04 10:48 . 2009-02-06 10:10	227840	------w-	c:\windows\system32\dllcache\wmiprvse.exe 
  2010-10-04 10:48 . 2009-03-06 14:20	283136	------w-	c:\windows\system32\dllcache\pdh.dll 
  2010-10-04 10:48 . 2009-02-09 11:23	111104	------w-	c:\windows\system32\dllcache\services.exe 
  2010-10-04 10:48 . 2009-02-09 10:52	473600	------w-	c:\windows\system32\dllcache\fastprox.dll 
  2010-10-04 10:48 . 2009-02-09 10:52	401408	------w-	c:\windows\system32\dllcache\rpcss.dll 
  2010-10-04 10:48 . 2009-02-09 10:52	682496	------w-	c:\windows\system32\dllcache\advapi32.dll 
  2010-10-04 10:48 . 2009-02-06 10:39	35328	------w-	c:\windows\system32\dllcache\sc.exe 
  2010-10-04 10:48 . 2009-02-09 10:52	710144	------w-	c:\windows\system32\dllcache\ntdll.dll 
  2010-10-04 10:48 . 2009-02-09 10:52	453120	------w-	c:\windows\system32\dllcache\wmiprvsd.dll 
  2010-10-04 10:45 . 2009-11-21 15:58	471552	------w-	c:\windows\system32\dllcache\aclayers.dll 
  2010-10-04 10:45 . 2010-06-14 14:31	744448	------w-	c:\windows\system32\dllcache\helpsvc.exe 
  2010-10-04 10:37 . 2010-06-18 13:36	3558912	------w-	c:\windows\system32\dllcache\moviemk.exe 
  2010-10-04 10:36 . 2008-10-15 16:36	337408	------w-	c:\windows\system32\dllcache\netapi32.dll 
  2010-10-04 10:35 . 2008-04-21 21:15	216576	------w-	c:\windows\system32\dllcache\wordpad.exe 
  2010-10-04 10:35 . 2009-08-13 15:20	512000	------w-	c:\windows\system32\dllcache\jscript.dll 
  2010-10-04 10:33 . 2010-10-04 10:33	--------	d-----w-	c:\documents and settings\Galatasaray\Local Settings\Application Data\Mozilla 
  2010-10-04 10:33 . 2010-10-04 10:33	--------	d-----w-	c:\documents and settings\Galatasaray\Application Data\ESET 
  2010-10-03 19:53 . 2007-07-27 20:11	26488	----a-w-	c:\windows\system32\spupdsvc.exe 
  2010-10-03 19:53 . 2010-10-05 09:19	--------	d--h--w-	c:\windows\$hf_mig$ 
  2010-10-03 19:17 . 2010-10-03 19:17	0	----a-w-	c:\windows\nsreg.dat 
  2010-10-03 19:17 . 2010-10-03 19:17	--------	d-----w-	c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla 
  2010-10-03 17:26 . 2010-10-03 17:26	--------	dc----w-	c:\windows\system32\DRVSTORE 
  2010-10-03 17:26 . 2010-10-05 09:37	--------	d-----w-	c:\program files\MSN Messenger 
  2010-10-03 17:01 . 2010-10-03 17:01	--------	d-----w-	c:\documents and settings\Administrator\Application Data\ESET 
  2010-10-03 17:00 . 2010-10-03 17:00	--------	d-----w-	c:\program files\ESET 
  2010-10-03 17:00 . 2010-10-03 17:00	--------	d-----w-	c:\documents and settings\All Users\Application Data\ESET 
   
  . 
  ((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))) 
  . 
  2010-10-05 10:36 . 2010-10-05 10:36	--------	d-----w-	c:\program files\Realtek Sound Manager 
  2010-10-05 10:36 . 2010-10-05 10:36	--------	d-----w-	c:\program files\AvRack 
  2010-10-05 10:36 . 2010-10-05 10:36	--------	d-----w-	c:\program files\Realtek AC97 
  2010-10-05 10:36 . 2010-10-05 10:34	--------	d--h--w-	c:\program files\InstallShield Installation Information 
  2010-10-05 10:16 . 2001-11-22 15:00	300326	----a-w-	c:\windows\system32\perfh01F.dat 
  2010-10-05 10:16 . 2001-11-22 15:00	45784	----a-w-	c:\windows\system32\perfc01F.dat 
  2010-10-05 09:38 . 2010-10-05 09:14	12912	----a-w-	c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 
  2010-10-05 09:38 . 2010-10-05 09:14	--------	d-----w-	c:\program files\Windows Live 
  2010-10-05 09:14 . 2010-10-05 09:14	--------	d-----w-	c:\program files\Messenger Plus! Live 
  2010-10-03 17:21 . 2006-03-07 22:22	86327	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat 
  2010-08-17 13:17 . 2008-04-14 06:00	58880	----a-w-	c:\windows\system32\spoolsv.exe 
  2010-07-22 15:49 . 2008-04-14 06:00	590848	----a-w-	c:\windows\system32\rpcrt4.dll 
  2010-07-22 06:19 . 2008-05-05 04:25	5120	----a-w-	c:\windows\system32\xpsp4res.dll 
  . 
   
  (((((((((((((((((((((((((((((((((((((   Reg Loading Points   )))))))))))))))))))))))))))))))))))))))))))))))))) 
  . 
  . 
  *Note* empty entries & legit default entries are not shown  
  REGEDIT4 
   
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
  "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] 
   
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
  "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-05-09 1443072] 
  "RaidTool"="c:\program files\VIA\RAID\raid_tool.exe" [2005-06-20 1056768] 
  "SoundMan"="SOUNDMAN.EXE" [2005-06-20 77824] 
  "Anti Trojan Elite"="c:\program files\Anti Trojan Elite\TJEnder.exe" [2009-06-13 4076544] 
   
  [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] 
  "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] 
   
  [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] 
  "EnableFirewall"= 0 (0x0) 
   
  [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] 
  "%windir%\\Network Diagnostic\\xpnetdiag.exe"= 
  "%windir%\\system32\\sessmgr.exe"= 
  "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= 
  "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= 
   
  R2 ATE_PROCMON;ATE_PROCMON;c:\program files\Anti Trojan Elite\ATEPMON.sys [05.10.2010 15:10 9216] 
  R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.05.2008 00:53 472320] 
  . 
  Contents of the 'Scheduled Tasks' folder 
   
  2010-10-05 c:\windows\Tasks\WGASetup.job 
  - c:\windows\system32\KB905474\wgasetup.exe [2010-10-05 19:18] 
  . 
  . 
  ------- Supplementary Scan ------- 
  . 
  FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\fulauqaw.default\ 
  FF - prefs.js: browser.startup.homepage - www.google.com.tr 
  . 
  . 
  Completion time: 2010-10-05  18:18:24 
  ComboFix-quarantined-files.txt  2010-10-05 15:18 
  ComboFix2.txt  2010-10-05 13:02 
   
  Pre-Run: 89.634.127.872 bayt boş 
  Post-Run: 89.633.771.520 bayt boş 
   
  - - End Of File - - C841A19194F031AE6476A76696BEE597

Bu da Combofix taraması...

Hijack'te yazacağınız kodları Fix Checked yapacağımı biliyorum ancak Combofix'te ne yapacağımı bilmiyorum.Bilgilendirirseniz çok sevinirim , yardımlarınız için teşekkürller , Allah razı olsun.

vahit.lafci

Binbaşı

1875 Mesaj

Tüm Başarılarını Gör

laruz

Binbaşı

1071 Mesaj

Tüm Başarılarını Gör

her ay 85 - 95lira fatura geliyor.. halbuki hiç film. müzik v.b bir şey indirmiyorum .. Aynı zamanda lisanslı antivirüs de var.. yardımcı olur musun

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:22:57, on 11.10.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hurriyet\Haber Alarmi\hurAlarm.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Musa\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Hurriyet] C:\Program Files (x86)\Hurriyet\Haber Alarmi\hurAlarm.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Reklam Başlığı Engelleyicisine ekle - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files (x86)\SmarThru 4\WebCapture.dll2.htm
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files (x86)\SmarThru 4\WebCapture.dll1.htm
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files (x86)\SmarThru 4\WebCapture.dll.htm
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files (x86)\SmarThru 4\WebCapture.dll
O9 - Extra button: &Sanal klavye - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: URL d&enetimi - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Kaspersky Koruma Hizmeti (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8653 bytes

laruz

Binbaşı

1071 Mesaj

Tüm Başarılarını Gör

himalaya

Yüzbaşı

660 Mesaj

Tüm Başarılarını Gör

analizim alttadır bakabilirseniz sevinirim ...

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:46:52, on 19.10.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\VirtualCamera\VirCam.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
C:\Users\İslam BOLANYIĞ\Desktop\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-21-3517496952-3941426656-569588896-1000\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'UpdatusUser')
O9 - Extra button: Bunu Bloga Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Windows Live Writer içinde &Bunu Web Günlüğüne Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6441 bytes

Sevgili arkadaşım benim sorunum ie giriş sayfamı değiştirememem.Her şeyi denedim ama sonuç alamadım.Aşağıda da göreceksin lideraranet diye açılıyor sayfa bir türlü kurtulamadım yardımcı olursan sevinirim.Emeklerine çok teşekkürler.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:57:47, on 21.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\DOCUME~1\CANKOO~1\LOCALS~1\Temp\2.5.0.0\svckost.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\CANİKOOMMMM\Belgelerim\Downloads\Programs\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.liderara.net/
O1 - Hosts: 74.125.43.103 maps.google.com
O1 - Hosts: 74.125.43.103 mt0.google.com
O1 - Hosts: 74.125.43.103 mt1.google.com
O1 - Hosts: 74.125.43.103 mt2.google.com
O1 - Hosts: 74.125.43.103 mt3.google.com
O1 - Hosts: 74.125.43.103 khm.google.com
O1 - Hosts: 74.125.43.103 khm1.google.com
O1 - Hosts: 74.125.43.103 khm0.google.com
O1 - Hosts: 74.125.77.190 kh.google.com
O1 - Hosts: 209.85.229.101 auth.keyhole.com
O1 - Hosts: 74.125.43.103 docs.google.com
O1 - Hosts: 74.125.43.103 translate.google.com
O1 - Hosts: 74.125.43.103 code.google.com
O1 - Hosts: 74.125.43.103 pages.google.com
O1 - Hosts: 74.125.43.103 video.google.com
O1 - Hosts: 74.125.43.103 translate.google.com.tr
O1 - Hosts: 74.125.43.103 docs.google.com
O1 - Hosts: 74.125.43.103 sites.google.com
O1 - Hosts: 74.125.43.103 books.google.com
O1 - Hosts: 74.125.43.103 chrome.google.com
O1 - Hosts: 74.125.43.103 sketchup.google.com
O1 - Hosts: 74.125.43.103 froogle.google.com
O1 - Hosts: 74.125.43.103 labs.google.com
O1 - Hosts: 74.125.43.103 mars.google.com
O1 - Hosts: 74.125.43.103 moon.google.com
O1 - Hosts: 74.125.43.103 notebook.google.com
O1 - Hosts: 74.125.43.103 toolbar.google.com
O1 - Hosts: 74.125.43.103 browsersync.google.com
O1 - Hosts: 74.125.43.103 catalog.google.com
O1 - Hosts: 74.125.43.103 codesearch.google.com
O1 - Hosts: 74.125.43.103 dir.google.com
O1 - Hosts: 74.125.43.103 earth.google.com
O1 - Hosts: 74.125.43.103 groups.google.com.tr
O1 - Hosts: 74.125.43.103 shopping.google.com
O1 - Hosts: 74.125.43.103 sky.google.com
O1 - Hosts: 74.125.43.103 support.google.com
O1 - Hosts: 74.125.43.103 tools.google.com
O1 - Hosts: 74.125.43.103 wap.google.com
O1 - Hosts: 74.125.43.103 answers.google.com
O1 - Hosts: 74.125.43.103 google-analystics.com
O1 - Hosts: 74.125.43.103 docs.google.com
O1 - Hosts: 74.125.43.103 translate.google.com
O1 - Hosts: 74.125.43.103 code.google.com
O1 - Hosts: 74.125.43.103 pages.google.com
O1 - Hosts: 74.125.43.103 video.google.com
O1 - Hosts: 74.125.43.103 translate.google.com.tr
O1 - Hosts: 74.125.43.103 docs.google.com
O1 - Hosts: 74.125.43.103 sites.google.com
O1 - Hosts: 74.125.43.103 books.google.com
O1 - Hosts: 74.125.43.103 chrome.google.com
O1 - Hosts: 74.125.43.103 sketchup.google.com
O1 - Hosts: 74.125.43.103 froogle.google.com
O1 - Hosts: 74.125.43.103 labs.google.com
O1 - Hosts: 74.125.43.103 mars.google.com
O1 - Hosts: 74.125.43.103 moon.google.com
O1 - Hosts: 74.125.43.103 notebook.google.com
O1 - Hosts: 74.125.43.103 toolbar.google.com
O1 - Hosts: 74.125.43.103 browsersync.google.com
O1 - Hosts: 74.125.43.103 catalog.google.com
O1 - Hosts: 74.125.43.103 codesearch.google.com
O1 - Hosts: 74.125.43.103 dir.google.com
O1 - Hosts: 74.125.43.103 earth.google.com
O1 - Hosts: 74.125.43.103 groups.google.com.tr
O1 - Hosts: 74.125.43.103 shopping.google.com
O1 - Hosts: 74.125.43.103 sky.google.com
O1 - Hosts: 74.125.43.103 support.google.com
O1 - Hosts: 74.125.43.103 tools.google.com
O1 - Hosts: 74.125.43.103 wap.google.com
O1 - Hosts: 74.125.43.103 answers.google.com
O1 - Hosts: 74.125.43.103 google-analystics.com
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\K-Lite Codec Pack\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpyEmergency] C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
O4 - HKCU\..\Run: [winlogon] C:\DOCUME~1\CANKOO~1\LOCALS~1\Temp\2.5.0.0\svckost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ATI CATALYST Sistem Tepsisi.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0FC8B38E-9293-424C-9D0E-CE60775679CF} (SubClassEditCtrlContainer Class) -https://sube.garanti.com.tr/lib/JaguarEditControl.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{43725A47-6E38-4A32-8373-4EA35A159816}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui önceden yükleyicisi - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Bileşen Katergorileri önbellek daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 10653 bytes

Buda benim raporum cpu sürekli %90 100 arasında ne yapmam gerekiyor yardım edermisiniz...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:28:39, on 24.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\eBoostr\eBoostrCP.exe
C:\Program Files\eBoostr\EBstrSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\dmadmin.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Doctus\Doctus.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =www.google.com.tr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =www.google.com.tr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =www.google.com.tr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL =http://go.navige.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O1 - Hosts: 209.85.229.99www.youtube.com
O1 - Hosts: 209.85.229.99 youtube.com
O1 - Hosts: 74.125.65.118 img.youtube.com
O1 - Hosts: 74.125.13.80 v1.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.83 v2.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.86 v3.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.89 v4.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.92 v5.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.95 v6.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.98 v7.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.101 v8.lscache1.c.youtube.com
O1 - Hosts: 74.125.97.17 v9.lscache1.c.youtube.com
O1 - Hosts: 74.125.97.84 v10.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.87 v11.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.90 v12.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.93 v13.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.96 v14.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.99 v15.lscache1.c.youtube.com
O1 - Hosts: 74.125.97.38 v16.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.82 v17.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.85 v18.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.88 v19.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.91 v20.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.94 v21.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.97 v22.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.100 v23.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.103 v24.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.80 v1.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.83 v2.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.86 v3.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.89 v4.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.92 v5.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.95 v6.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.98 v7.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.101 v8.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.81 v9.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.84 v10.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.87 v11.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.90 v12.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.93 v13.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.96 v14.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.99 v15.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.102 v16.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.82 v17.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.85 v18.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.88 v19.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.91 v20.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.94 v21.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.97 v22.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.100 v23.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.103 v24.lscache2.c.youtube.com
O1 - Hosts: 74.125.99.80 v1.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.83 v2.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.86 v3.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.89 v4.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.92 v5.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.95 v6.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.98 v7.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.101 v8.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.81 v9.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.84 v10.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.87 v11.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.90 v12.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.93 v13.lscache3.c.youtube.com
O1 - Hosts: 74.125.97.32 v14.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.99 v15.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.102 v16.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.82 v17.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.85 v18.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.88 v19.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.91 v20.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.94 v21.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.97 v22.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.100 v23.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.103 v24.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.80 v1.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.83 v2.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.86 v3.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.89 v4.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.92 v5.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.95 v6.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.98 v7.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.101 v8.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.81 v9.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.84 v10.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.87 v11.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.90 v12.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.93 v13.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.96 v14.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.99 v15.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.102 v16.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.82 v17.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.85 v18.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.88 v19.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.91 v20.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.94 v21.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.97 v22.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.100 v23.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.103 v24.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.16 v1.lscache5.c.youtube.com
O1 - Hosts: 74.125.99.19 v2.lscache5.c.youtube.com
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE ZSMC USB PC Camera
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: eBoostr Control Panel.lnk = C:\Program Files\eBoostr\eBoostrCP.exe
O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: &Sanal klavye - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
O9 - Extra button: URL d&enetimi - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O11 - Options group: [DESKTOP_ICO] Internet Explorer Masaüstü Simgesi (Klasik Başlat Menüsü)
O11 - Options group: [DESKTOP_ICON] Internet Explorer Masaüstü Simgesi (Başlat Menüsü)
O13 - Gopher Prefix:
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) -http://download.speakyweb.com/speakyldr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5377D6BF-9286-4564-A7C1-D96FFA1B1B76}: NameServer = 4.2.2.1,4.2.2.5
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Kaspersky Koruma Hizmeti (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
O23 - Service: eBoostr Service (EBOOSTRSVC) - Unknown owner - C:\Program Files\eBoostr\EBstrSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 11104 bytes

s.a buda benim raporum cpu sürekli %90 100 arasında ne yapmam gerekiyor yardım edermisiniz acill... :(

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:28:39, on 24.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\eBoostr\eBoostrCP.exe
C:\Program Files\eBoostr\EBstrSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\dmadmin.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Doctus\Doctus.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =www.google.com.tr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =www.google.com.tr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =www.google.com.tr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL =http://go.navige.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O1 - Hosts: 209.85.229.99www.youtube.com
O1 - Hosts: 209.85.229.99 youtube.com
O1 - Hosts: 74.125.65.118 img.youtube.com
O1 - Hosts: 74.125.13.80 v1.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.83 v2.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.86 v3.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.89 v4.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.92 v5.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.95 v6.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.98 v7.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.101 v8.lscache1.c.youtube.com
O1 - Hosts: 74.125.97.17 v9.lscache1.c.youtube.com
O1 - Hosts: 74.125.97.84 v10.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.87 v11.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.90 v12.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.93 v13.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.96 v14.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.99 v15.lscache1.c.youtube.com
O1 - Hosts: 74.125.97.38 v16.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.82 v17.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.85 v18.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.88 v19.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.91 v20.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.94 v21.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.97 v22.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.100 v23.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.103 v24.lscache1.c.youtube.com
O1 - Hosts: 74.125.13.80 v1.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.83 v2.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.86 v3.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.89 v4.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.92 v5.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.95 v6.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.98 v7.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.101 v8.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.81 v9.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.84 v10.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.87 v11.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.90 v12.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.93 v13.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.96 v14.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.99 v15.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.102 v16.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.82 v17.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.85 v18.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.88 v19.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.91 v20.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.94 v21.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.97 v22.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.100 v23.lscache2.c.youtube.com
O1 - Hosts: 74.125.13.103 v24.lscache2.c.youtube.com
O1 - Hosts: 74.125.99.80 v1.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.83 v2.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.86 v3.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.89 v4.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.92 v5.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.95 v6.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.98 v7.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.101 v8.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.81 v9.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.84 v10.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.87 v11.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.90 v12.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.93 v13.lscache3.c.youtube.com
O1 - Hosts: 74.125.97.32 v14.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.99 v15.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.102 v16.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.82 v17.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.85 v18.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.88 v19.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.91 v20.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.94 v21.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.97 v22.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.100 v23.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.103 v24.lscache3.c.youtube.com
O1 - Hosts: 74.125.99.80 v1.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.83 v2.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.86 v3.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.89 v4.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.92 v5.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.95 v6.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.98 v7.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.101 v8.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.81 v9.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.84 v10.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.87 v11.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.90 v12.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.93 v13.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.96 v14.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.99 v15.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.102 v16.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.82 v17.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.85 v18.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.88 v19.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.91 v20.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.94 v21.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.97 v22.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.100 v23.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.103 v24.lscache4.c.youtube.com
O1 - Hosts: 74.125.99.16 v1.lscache5.c.youtube.com
O1 - Hosts: 74.125.99.19 v2.lscache5.c.youtube.com
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE ZSMC USB PC Camera
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: eBoostr Control Panel.lnk = C:\Program Files\eBoostr\eBoostrCP.exe
O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: &Sanal klavye - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
O9 - Extra button: URL d&enetimi - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O11 - Options group: [DESKTOP_ICO] Internet Explorer Masaüstü Simgesi (Klasik Başlat Menüsü)
O11 - Options group: [DESKTOP_ICON] Internet Explorer Masaüstü Simgesi (Başlat Menüsü)
O13 - Gopher Prefix:
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) -http://download.speakyweb.com/speakyldr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5377D6BF-9286-4564-A7C1-D96FFA1B1B76}: NameServer = 4.2.2.1,4.2.2.5
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Kaspersky Koruma Hizmeti (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
O23 - Service: eBoostr Service (EBOOSTRSVC) - Unknown owner - C:\Program Files\eBoostr\EBstrSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 11104 bytes

wox

Yarbay

2736 Mesaj

Tüm Başarılarını Gör

merhaba benim log dosyam bu.fixlemek nasıl yapılıyor bilmiyorum.ne işe yarar nasıl yapılır diye kısa bir açıklama yaparsanız sevinirim.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:41:52, on 30.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\VMSnap3.EXE
C:\WINDOWS\Domino.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe
C:\Documents and Settings\ercanpalasoglu\Belgelerim\Karşıdan Yüklenenler\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://search.live.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =http://toolbar.ask.com/toolbarv/askRedirect?o=10168&gct=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =http://search.live.com/sphome.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =http://toolbar.ask.com/toolbarv/askRedirect?o=10168&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =http://www.adobe.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: (no name) - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)
O2 - BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [ASM] "C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" HIDEMAIN
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [nodenable] C:\Program Files\eset\nodenable.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Hızlı Çalıştırma.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {463ED66E-431B-11D2-ADB0-0080C83DA4EB} (AcceptWM Class) -https://w3s.webmoney.ru/WMAcceptor.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1259257386578
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F560} (Flatcast Viewer 5.2) -http://92.51.137.94/objects/NpFv522.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E5893F6-2F2B-44FA-8D90-7EDD852B211F}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{4E5893F6-2F2B-44FA-8D90-7EDD852B211F}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{4E5893F6-2F2B-44FA-8D90-7EDD852B211F}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS3\Services\Tcpip\..\{4E5893F6-2F2B-44FA-8D90-7EDD852B211F}: NameServer = 208.67.222.222,208.67.220.220
O20 - AppInit_DLLs: winmm.dll
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 8474 bytes

HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+ (488. sayfa)