Teknoloji Haberleri
Aşağı Git
Tüm Forumlar
İşletim Sistemleri ve Yazılımlar
Yazılım Genel
Güvenlik Programları
HIJACKThis Ile Guvenliginizi Saglayin
Bu konudaki kullanıcılar: 1 misafir
254
Cevap 64780
Tıklama 0
Öne Çıkarma
Cevap 64780
Tıklama 0
Öne Çıkarma
-
Cevap: HIJACKThis Ile Guvenliginizi Saglayin (8. sayfa)
Çok teşekkürler sistemin temiz olduğunu tahmin ediyordum ancak o iki missing file a takılmıştım tekrar teşekkürler  goldberg
|
< Bu mesaj bu kişi tarafından değiştirildi maeren -- 23 Mart 2006; 1:42:12 >
SAgolasın İlginden Dolayı Tsk ederım |
|
Arkadaslar; benim logfile'da asagıda. Bi bakabilirseniz sevinirim. HK Logfile of HijackThis v1.99.1 Scan saved at 14:27:36, on 23.03.2006 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\SYSTEM\ATI2EVXX.EXE C:\WINDOWS\SNMP.EXE C:\PROGRAM FILES\COMPAQ\COMPAQ POWER MANAGEMENT\HIBSERV.EXE C:\PROGRAM FILES\ESET\NOD32KRN.EXE C:\WINDOWS\SYSTEM\IRMON.EXE C:\WINDOWS\IRXFER.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\SYSTEM\ATIPTAXX.EXE C:\WINDOWS\SYSTEM\ATI2CWXX.EXE C:\PROGRAM FILES\COMPAQ\COMPAQ EAB SOFTWARE\CPQEK.EXE C:\PROGRAM FILES\COMPAQ\HOTKEY SOFTWARE\HKSS.EXE C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE C:\WINDOWS\SYSTEM\INTERNAT.EXE C:\PROGRAM FILES\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\PROGRAM FILES\ESET\NOD32KUI.EXE C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 5\DATALAYER.EXE C:\PROGRAM FILES\COMMON FILES\NOKIA\NCLTOOLS\NCLTRAY.EXE C:\PROGRAM FILES\ADAPTEC\EASY CD CREATOR 4\CREATECD\CREATECD.EXE C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQTRA08.EXE C:\PROGRAM FILES\COMMON FILES\NOKIA\SERVICES\SERVICELAYER.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQGALRY.EXE C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OUTLOOK.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\EXCEL.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\PROGRAM FILES\HJT\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =http://jump.altavista.com/avie5/searchpane R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://www.altavista.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =http://jump.altavista.com/avie5/searchpane O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRAM FILES\FLASHGET\JCCATCH.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0 CE\READER\ACTIVEX\ACROIEHELPER.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FGIEBAR.DLL O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [IrMon] IrMon.exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe O4 - HKLM\..\Run: [Ati2cwxx] Ati2cwxx.exe O4 - HKLM\..\Run: [cpqek] C:\Program Files\Compaq\Compaq EAB Software\cpqek.exe O4 - HKLM\..\Run: [hkss] C:\Program Files\Compaq\HotKey Software\hkss.exe O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE O4 - HKLM\..\Run: [internat.exe] internat.exe O4 - HKLM\..\Run: [zzzHPSETUP] D:\Setup.exe \RESET O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE" O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [DataLayer] c:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe O4 - HKLM\..\Run: [Nokia Tray Application] c:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe O4 - HKLM\..\Run: [CreateCD] C:\PROGRA~1\ADAPTEC\EASYCD~1\CREATECD\CREATECD.EXE -r O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [ATIPOLAB] ati2evxx.exe O4 - HKLM\..\RunServices: [SNMP agent] SNMP.EXE O4 - HKLM\..\RunServices: [Hibernation] C:\PROGRA~1\COMPAQ\COMPAQ~3\HIBSERV.EXE O4 - HKLM\..\RunServices: [NOD32kernel] "C:\Program Files\Eset\nod32krn.exe" O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O4 - Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Startup: HP Image Zone Hizli Baslangiç.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: Download using FlashGet - C:\PROGRAM FILES\FLASHGET\jc_link.htm O8 - Extra context menu item: Download All by FlashGet - C:\PROGRAM FILES\FLASHGET\jc_all.htm O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll O16 - DPF: {4F5E4276-C120-11D6-A1FD-00508B9D48EA} (dldisplay Class) -http://www.gamehouse.com/ghdlctl.cab |
Bu mesaja 1 cevap geldi.
|
@Hasanka O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm bunları silemelisin başka birşey görünmüyor |
|
Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\wdfmgr.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\MSN Apps\Updater\01.02.3000.1001\tr-tr\msnappau.exe C:\Program Files\GlobespanVirata\Adsl\dslstat.exe C:\Program Files\GlobespanVirata\Adsl\dslagent.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =http://g.msn.com/0SEENUS/SAOS01 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\tr-tr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\tr-tr\msntb.dll O3 - Toolbar: &Radyo - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\tr-tr\msnappau.exe" O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\GlobespanVirata\Adsl\dslstat.exe icon O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\GlobespanVirata\Adsl\dslagent.exe O4 - HKLM\..\Run: [ADSL Kota 1.1] C:\Program Files\ADSL Kota 1.1\ADSLKota.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\RunServices: [Windows Runtime Proccess] 32RUNdll.exe O4 - HKLM\..\RunServices: [NDIS Adapter] ndis.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Windows Runtime Proccess] 32RUNdll.exe O4 - HKCU\..\Run: [NDIS Adapter] ndis.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\RunServices: [Windows Runtime Proccess] 32RUNdll.exe O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: FlashGet'i kullanarak indir - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Tümünü FlashGet'i kullanarak indir - C:\Program Files\FlashGet\jc_all.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: ConferenceRoom Java Client -http://207.218.219.226:8000/java/cr.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {68459DB3-59C9-449D-815B-65F729385C16} (VoiceSecure Control) -http://www.voice4web.com/vs.cab O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) -http://installs.hotbar.com/installs/hbtools/programs/hbtools.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3155DBA6-46F4-4CA6-90DE-5A24D7954D9F}: NameServer = 195.175.37.69 195.175.37.14 O17 - HKLM\System\CS1\Services\Tcpip\..\{3155DBA6-46F4-4CA6-90DE-5A24D7954D9F}: NameServer = 195.175.37.69 195.175.37.14 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: C:\WINDOWS\System32\init.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NDIS Adapter (NDIS TCP Layer Transport Device) - Unknown owner - C:\WINDOWS\System32\ndis.exe" -netsvcs (file missing) O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe |
Bu mesaja 1 cevap geldi.
|
@burcu24 O20 - AppInit_DLLs: C:\WINDOWS\System32\init.dll (Adware.W32.DelFin) O4 - HKCU\..\RunServices: [Windows Runtime Proccess] 32RUNdll.exe (Worm.Sdbot.QW) O4 - HKCU\..\Run: [Windows Runtime Proccess] 32RUNdll.exe O4 - HKLM\..\RunServices: [Windows Runtime Proccess] 32RUNdll.exe O23 - Service: NDIS Adapter (NDIS TCP Layer Transport Device) - Unknown owner - C:\WINDOWS\System32\ndis.exe" -netsvcs (file missing) bunları silersen sorunun çözülecektir |
< Bu mesaj bu kişi tarafından değiştirildi Guest-1C865604E -- 6 Nisan 2006; 14:43:28 >
selam greenflash ve goldberge simdiden tesekkurler. 
|
< Bu mesaj bu kişi tarafından değiştirildi ducky -- 6 Nisan 2006; 17:21:36 >
Bu mesaja 1 cevap geldi.
|
Slm ben daha yeni farkettim bu yazılımı, daha dorusu İE de ortaya çıkan bi dizi sorundan sonra sorunları giderme yönünde bu forumda yaptığım çalışmalarım neticesinde buldum, loglarım aşağıdaki gibidir, eğer bi sorun varsa yardımcı olursanız çok sevinirim, şimdiden teşekkürler... Logfile of HijackThis v1.99.1 Scan saved at 17:26:03, on 06.04.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\MSN Apps\Updater\01.02.3000.1001\tr-tr\msnappau.exe C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\Program Files\Eset\nod32kui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Winamp\winamp.exe C:\Documents and Settings\user\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar R3 - Default URLSearchHook is missing O1 - Hosts: 216.40.241.39www.klavye.cjb.net O1 - Hosts: 216.40.241.39www.klavye.org O1 - Hosts: 216.40.241.39 portal.klavye.cjb.net O1 - Hosts: 216.40.241.39 portal.klavye.org O1 - Hosts: 216.40.241.39 gate.klavye.cjb.net O1 - Hosts: 216.40.241.39 gate.klavye.org O1 - Hosts: 216.40.241.39 irc.klavye.cjb.net O1 - Hosts: 216.40.241.39 irc.klavye.org O1 - Hosts: 216.40.241.39 klavye.cjb.net O1 - Hosts: 216.40.241.39 klavye.org O1 - Hosts: 216.40.241.39 klavye.sourceforge.net O2 - BHO: Local Spool support DLL - {00C9D850-244D-10E1-B3C9-10805E499D95} - C:\WINDOWS\system32\lclsplnt.dll (file missing) O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: PaltalkWebLogin - {502C3BA4-2C3E-4317-BC29-C0445E82B1F9} - C:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Accoona Search Assistant - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing) O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\tr-tr\msntb.dll O3 - Toolbar: My Search Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL (file missing) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\tr-tr\msnappau.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Web Rebates. - file://C:\Program Files\WebRebates4\websrebates\webtrebates\toprC0.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O15 - Trusted Zone:http://www.gamyun.net O16 - DPF: King -http://212.252.114.77/King/King1/King.CAB O16 - DPF: MynetKing -http://oyunsunucu1.mynet.com/game/WebRoot/King.CAB O16 - DPF: MynetOkey -http://oyunsunucu2.mynet.com/game/WebRoot/Okey.CAB O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1108046615945 O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://C:\Program Files\Autodesk Architectural Desktop 3\AcDcToday.ocx O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Program Files\Autodesk Architectural Desktop 3\InstBanr.ocx O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file://C:\Program Files\Autodesk Architectural Desktop 3\InstFred.ocx O16 - DPF: {D5D17C21-1719-4640-B0B2-4F3262419920} (JaguarEditControl-ISBANK) -https://www.isbank.com.tr/Internet/lib/JaguarEdit4ISB.CAB O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Program Files\Autodesk Architectural Desktop 3\AcPreview.ocx O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe |
Bu mesaja 1 cevap geldi.
|
@ ducky Sisteminiz temiz görünüyor.. @ Da®ksiDe© O2 - BHO: Local Spool support DLL - {00C9D850-244D-10E1-B3C9-10805E499D95} - C:\WINDOWS\system32\lclsplnt.dll (file missing) O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL (file missing) O2 - BHO: Accoona Search Assistant - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing) O3 - Toolbar: My Search Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL (file missing) MySearch toolbar adlı bir spyware var bilgisayarınızda.Bu spyware Internet Explorer üzerinde çalıştığı için sorununuzun kaynağı bu olsa gerek.Yukardaki değerleri programdan silin.Baktınız ki hala sorun devam etmekte http://www.spywareremove.com/mysearch_toolbar.shtml bu siteden nasıl silebileceğinizi öğrenebilirsiniz.Ordaki bilgileri yetersiz bulursanız Google da çok basit bir aramaya girişmenizi öneririm |
Bu mesaja 1 cevap geldi.
|
mrb goldber öncelikle yardımın için çok teşekkür ederim bugün dediğin listedeki bazı dosyaları sildim fakat aşağıdaki silinmiyor log listesinde tekrar görünüyor 023 kodlu dosyayı nasıl silebilirim? O23 - Service: NDIS Adapter (NDIS TCP Layer Transport Device) - Unknown owner - C:\WINDOWS\System32\ndis.exe" -netsvcs (file missing) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\wdfmgr.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\Explorer.EXE C:\Program Files\MSN Apps\Updater\01.02.3000.1001\tr-tr\msnappau.exe C:\Program Files\GlobespanVirata\Adsl\dslstat.exe C:\Program Files\GlobespanVirata\Adsl\dslagent.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =http://g.msn.com/0SEENUS/SAOS01 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\tr-tr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\tr-tr\msntb.dll O3 - Toolbar: &Radyo - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\tr-tr\msnappau.exe" O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\GlobespanVirata\Adsl\dslstat.exe icon O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\GlobespanVirata\Adsl\dslagent.exe O4 - HKLM\..\Run: [ADSL Kota 1.1] C:\Program Files\ADSL Kota 1.1\ADSLKota.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\RunServices: [NDIS Adapter] ndis.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [NDIS Adapter] ndis.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: FlashGet'i kullanarak indir - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Tümünü FlashGet'i kullanarak indir - C:\Program Files\FlashGet\jc_all.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: ConferenceRoom Java Client -http://207.218.219.226:8000/java/cr.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {68459DB3-59C9-449D-815B-65F729385C16} (VoiceSecure Control) -http://www.voice4web.com/vs.cab O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) -http://installs.hotbar.com/installs/hbtools/programs/hbtools.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3155DBA6-46F4-4CA6-90DE-5A24D7954D9F}: NameServer = 195.175.37.69 195.175.37.14 O17 - HKLM\System\CS1\Services\Tcpip\..\{3155DBA6-46F4-4CA6-90DE-5A24D7954D9F}: NameServer = 195.175.37.69 195.175.37.14 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NDIS Adapter (NDIS TCP Layer Transport Device) - Unknown owner - C:\WINDOWS\System32\ndis.exe" -netsvcs (file missing) O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe |
Bu mesaja 1 cevap geldi.
|
@burcu24 önemsiz birşey olsa güvenli kipte windowsu başlat öyle sil derdim fakat bu virüs aşağdaki sitede yönergeleri okur ve denilenleri yaparsan virüsten kurtulabilirsin yada basitçe bir antivirüs programı yüklemen yeterli olacaktır çünkü sisteminde antivirüs programı görünmüyor.. http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SDBOT.VF&VSect=T |
Bu mesaja 1 cevap geldi.
|
@Goldberg arkadaşım hay eline aazına sağlık yaw gerçektende dediklerini yaptım bi restart attım makineye eski haline döndü, bende huylanmıştım zaten o mysearch bar denen klasörden ama yanlış bişi yapmıyım die silmiyodum çok çok saolasın, her ne kadar kullanmıcak olsamda bi daha kavuştuk İE ye tekrar saol |
Bu mesaja 1 cevap geldi.
| Teşekkür ederim goldberg önerdiğin siteyi inceledim ama ingilizce bilgim olmadığı için bişey yapamadım ama diğer önerin antivirüs programını yüklemeye çalışıcam. |
Bu mesaja 1 cevap geldi.
|
slm goldberg dediğin gibi antivirüs programı yükledim. ama hala log listesinde 023 kodlu dosya duruyor. log lsitesindeki 04 HKCU\..\Run NDI Adapter ndis.exe yi silmediğimiz için 023 kodlu Service: NDIS Adapter (NDIS TCP Layer Transport Device) - Unknown owner - C:\WINDOWS\System32\ndis.exe olan dosya silinmiyor olabilirmi? O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [NDIS Adapter] ndis.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O23 - Service: NDIS Adapter (NDIS TCP Layer Transport Device) - Unknown owner - C:\WINDOWS\System32\ndis.exe" -netsvcs (file missing) O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe |
Bu mesaja 1 cevap geldi.
|
O16 - DPF: {58EF1388-AF07-4D13-A069-D107671B8819} -http://www.gamegarden.net/game/ggsecure.cab Bu ne anlama geliyor arkadaşlar ben firefox kullanarak gamegarden a giriyorum okeye tıklayınca güvenlik uygulaması kuruluyor diyor ama öyle bekliyor ... internet exp da açılıyodu firefoxda nasıl açarız ... |
Bu mesaja 1 cevap geldi.
Bunun anlamı şudur ismi tam aklımda değil ie de siz bir siteden bu tip eklentileri yüklersiniz uygulamaların çalışması için firefox güvenlik için buna izin vermez bu neden oynayamamanız doğaldır o yolladığınız değer ise şüpheli birşey değil sadece basit bir oyun eklentisidir.. |
Bu mesaja 1 cevap geldi.
|
@burcu24 Nod32 yle iyi bir seçim yapmışsın tarama yaptırmışsan o asıl kaynakları silmiştir zaten o kaydı silmene gerek kaldığını sanmam silinmiyor olabilir güvenli kipte silmen daha olasıdır.
Nasıl yani biraz daha açarsan? O oyunu sen internet explorer da oynayabilirsin sadece firefox ne olursa olsun izin vermez o eklentilere |
Bu mesaja 1 cevap geldi.
güvenli kipte açıp windowsu nortonla bir tarat düzelir bulduğunu sil bundan sonra benim sana hijackthis bağbında bir yardım kalmadı gönderdiğin log temiz..
@creep3
sistemin temiz görünüyor..
@maeren
sistem temiz fakat istersen gereksiz iki tane kayıt var onları silebilirsin
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 - Service: ArcaVir Antivirus Monitor Service (ArcaVirMonitor) - Unknown owner - C:\Program Files\ArcaBit\ArcaVir\AvMon.exe (file missing)
@BarbarosTUGRUL
seninde sistemin temiz fakat sendede gereksiz iki tane kayıt var istersen silebilirsin
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TECOM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TECOM\Bluetooth Software\btsendto_ie.htm (file missing)
Bu mesaja 2 cevap geldi. Cevapları Gizle