Eraybar ; Bilgisayarı Malware Bytes ile tarattım 5 virüs çıktı sistemde onları da silip kurtuldum. Host dosyasını da restore ettim. Yardımın için teşekkürler. Şu ana kadar gördüğüm en yararlı topic |
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:00:21, on 11.05.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\WINDOWS\system32\tsnp2std.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\vsnp2std.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\Temp\wpv311273574967.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe C:\PROGRA~1\Lenovo\BLUETO~1\BTSTAC~1.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\alg.exe c:\windows\system32\wuaucldt.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Documents and Settings\VK\Desktop\HiJackThis.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [syncman] c:\windows\system32\wuaucldt.exe O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\system32\tsnp2std.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [userini] C:\WINDOWS\system32\userini.exe O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\RunOnce: [WMC_RebootCheck] C:\WINDOWS\inf\unregmp2.exe /FixUps O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [syncman] c:\documents and settings\vk\wuaucldt.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [userini] C:\WINDOWS\system32\userini.exe O4 - HKLM\..\Policies\Explorer\Run: [userini] C:\WINDOWS\system32\userini.exe O4 - HKCU\..\Policies\Explorer\Run: [userini] C:\WINDOWS\system32\userini.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) -http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O20 - Winlogon Notify: cbssreg - C:\Documents and Settings\All Users\Belgeler\Settings\cbss.dll O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:exe.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe -- End of file - 8376 bytes DEVAMI BURADAKI LİNKİ İNCELERMISINIZ ACİL? http://forum.donanimhaber.com/m_39692230/tm.htm teşekkürler |
@ircdpangea C:\WINDOWS\Temp\wpv311273574967.exe c:\windows\system32\wuaucldt.exe O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe O4 - HKLM\..\Run: [userini] C:\WINDOWS\system32\userini.exe O4 - HKCU\..\Run: [syncman] c:\documents and settings\vk\wuaucldt.exe O4 - HKCU\..\Run: [userini] C:\WINDOWS\system32\userini.exe O4 - HKLM\..\Policies\Explorer\Run: [userini] C:\WINDOWS\system32\userini.exe O4 - HKCU\..\Policies\Explorer\Run: [userini] C:\WINDOWS\system32\userini.exe O20 - Winlogon Notify: cbssreg - C:\Documents and Settings\All Users\Belgeler\Settings\cbss.dll O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:exe.exe Satırlarını fix'leyip.Sisteminizi MalwareBytes ile taratırmısınız. |
evet. format atacağım en kısa zamanda. ilgilendiğiniz için teşekkür ederim. |
Mrb Benimde Bilgisayarım Virüs Programı yüklemiyo büyük ihtimalle baya bi virüs war yardımcı olursan sevinirim iyi çalıŞmalar k0lay qelSn ay Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeLogfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:41:18, on 16.05.2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\FixCamera.exe C:\WINDOWS\tsnp2std.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\All Users\Application Data\BarDiscover\bardiscover121.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\BarDiscover\bardiscover.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\DOCUME~1\Haldun\LOCALS~1\Temp\xdmhgj.exe C:\Documents and Settings\Haldun\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =http://search.live.com/sphome.aspx R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://search.localstrike.com.ar/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://search.localstrike.com.ar/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://search.localstrike.com.ar/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://search.localstrike.com.ar/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =http://www.googlaa.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://search.localstrike.com.ar/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://search.localstrike.com.ar/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =http://search.live.com/sphome.aspx R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =http://www.googlaa.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 200.65127.161:3128 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar O1 - Hosts: 212.175.252.253www.divxm.com O1 - Hosts: 89.149.239.114www.divxplanet.net O1 - Hosts: 208.117.236.70 youtube.com O1 - Hosts: 208.117.236.70www.youtube.com O1 - Hosts: 74.125.65.118 img.youtube.com O1 - Hosts: 74.125.13.80 v1.lscache1.c.youtube.com O1 - Hosts: 74.125.13.83 v2.lscache1.c.youtube.com O1 - Hosts: 74.125.13.86 v3.lscache1.c.youtube.com O1 - Hosts: 74.125.13.89 v4.lscache1.c.youtube.com O1 - Hosts: 74.125.13.92 v5.lscache1.c.youtube.com O1 - Hosts: 74.125.13.95 v6.lscache1.c.youtube.com O1 - Hosts: 74.125.13.98 v7.lscache1.c.youtube.com O1 - Hosts: 74.125.13.101 v8.lscache1.c.youtube.com O1 - Hosts: 74.125.97.17 v9.lscache1.c.youtube.com O1 - Hosts: 74.125.97.84 v10.lscache1.c.youtube.com O1 - Hosts: 74.125.13.87 v11.lscache1.c.youtube.com O1 - Hosts: 74.125.13.90 v12.lscache1.c.youtube.com O1 - Hosts: 74.125.13.93 v13.lscache1.c.youtube.com O1 - Hosts: 74.125.13.96 v14.lscache1.c.youtube.com O1 - Hosts: 74.125.13.99 v15.lscache1.c.youtube.com O1 - Hosts: 74.125.97.38 v16.lscache1.c.youtube.com O1 - Hosts: 74.125.13.82 v17.lscache1.c.youtube.com O1 - Hosts: 74.125.13.85 v18.lscache1.c.youtube.com O1 - Hosts: 74.125.13.88 v19.lscache1.c.youtube.com O1 - Hosts: 74.125.13.91 v20.lscache1.c.youtube.com O1 - Hosts: 74.125.13.94 v21.lscache1.c.youtube.com O1 - Hosts: 74.125.13.97 v22.lscache1.c.youtube.com O1 - Hosts: 74.125.13.100 v23.lscache1.c.youtube.com O1 - Hosts: 74.125.13.103 v24.lscache1.c.youtube.com O1 - Hosts: 74.125.13.80 v1.lscache2.c.youtube.com O1 - Hosts: 74.125.13.83 v2.lscache2.c.youtube.com O1 - Hosts: 74.125.13.86 v3.lscache2.c.youtube.com O1 - Hosts: 74.125.13.89 v4.lscache2.c.youtube.com O1 - Hosts: 74.125.13.92 v5.lscache2.c.youtube.com O1 - Hosts: 74.125.13.95 v6.lscache2.c.youtube.com O1 - Hosts: 74.125.13.98 v7.lscache2.c.youtube.com O1 - Hosts: 74.125.13.101 v8.lscache2.c.youtube.com O1 - Hosts: 74.125.13.81 v9.lscache2.c.youtube.com O1 - Hosts: 74.125.13.84 v10.lscache2.c.youtube.com O1 - Hosts: 74.125.13.87 v11.lscache2.c.youtube.com O1 - Hosts: 74.125.13.90 v12.lscache2.c.youtube.com O1 - Hosts: 74.125.13.93 v13.lscache2.c.youtube.com O1 - Hosts: 74.125.13.96 v14.lscache2.c.youtube.com O1 - Hosts: 74.125.13.99 v15.lscache2.c.youtube.com O1 - Hosts: 74.125.13.102 v16.lscache2.c.youtube.com O1 - Hosts: 74.125.13.82 v17.lscache2.c.youtube.com O1 - Hosts: 74.125.13.85 v18.lscache2.c.youtube.com O1 - Hosts: 74.125.13.88 v19.lscache2.c.youtube.com O1 - Hosts: 74.125.13.91 v20.lscache2.c.youtube.com O1 - Hosts: 74.125.13.94 v21.lscache2.c.youtube.com O1 - Hosts: 74.125.13.97 v22.lscache2.c.youtube.com O1 - Hosts: 74.125.13.100 v23.lscache2.c.youtube.com O1 - Hosts: 74.125.13.103 v24.lscache2.c.youtube.com O1 - Hosts: 74.125.99.80 v1.lscache3.c.youtube.com O1 - Hosts: 74.125.99.83 v2.lscache3.c.youtube.com O1 - Hosts: 74.125.99.86 v3.lscache3.c.youtube.com O1 - Hosts: 74.125.99.89 v4.lscache3.c.youtube.com O1 - Hosts: 74.125.99.92 v5.lscache3.c.youtube.com O1 - Hosts: 74.125.99.95 v6.lscache3.c.youtube.com O1 - Hosts: 74.125.99.98 v7.lscache3.c.youtube.com O1 - Hosts: 74.125.99.101 v8.lscache3.c.youtube.com O1 - Hosts: 74.125.99.81 v9.lscache3.c.youtube.com O1 - Hosts: 74.125.99.84 v10.lscache3.c.youtube.com O1 - Hosts: 74.125.99.87 v11.lscache3.c.youtube.com O1 - Hosts: 74.125.99.90 v12.lscache3.c.youtube.com O1 - Hosts: 74.125.99.93 v13.lscache3.c.youtube.com O1 - Hosts: 74.125.97.32 v14.lscache3.c.youtube.com O1 - Hosts: 74.125.99.99 v15.lscache3.c.youtube.com O1 - Hosts: 74.125.99.102 v16.lscache3.c.youtube.com O1 - Hosts: 74.125.99.82 v17.lscache3.c.youtube.com O1 - Hosts: 74.125.99.85 v18.lscache3.c.youtube.com O1 - Hosts: 74.125.99.88 v19.lscache3.c.youtube.com O1 - Hosts: 74.125.99.91 v20.lscache3.c.youtube.com O1 - Hosts: 74.125.99.94 v21.lscache3.c.youtube.com O1 - Hosts: 74.125.99.97 v22.lscache3.c.youtube.com O1 - Hosts: 74.125.99.100 v23.lscache3.c.youtube.com O1 - Hosts: 74.125.99.103 v24.lscache3.c.youtube.com O1 - Hosts: 74.125.99.80 v1.lscache4.c.youtube.com O1 - Hosts: 74.125.99.83 v2.lscache4.c.youtube.com O1 - Hosts: 74.125.99.86 v3.lscache4.c.youtube.com O1 - Hosts: 74.125.99.89 v4.lscache4.c.youtube.com O1 - Hosts: 74.125.99.92 v5.lscache4.c.youtube.com O1 - Hosts: 74.125.99.95 v6.lscache4.c.youtube.com O1 - Hosts: 74.125.99.98 v7.lscache4.c.youtube.com O1 - Hosts: 74.125.99.101 v8.lscache4.c.youtube.com O1 - Hosts: 74.125.99.81 v9.lscache4.c.youtube.com O1 - Hosts: 74.125.99.84 v10.lscache4.c.youtube.com O1 - Hosts: 74.125.99.87 v11.lscache4.c.youtube.com O1 - Hosts: 74.125.99.90 v12.lscache4.c.youtube.com O1 - Hosts: 74.125.99.93 v13.lscache4.c.youtube.com O1 - Hosts: 74.125.99.96 v14.lscache4.c.youtube.com O1 - Hosts: 74.125.99.99 v15.lscache4.c.youtube.com O1 - Hosts: 74.125.99.102 v16.lscache4.c.youtube.com O1 - Hosts: 74.125.99.82 v17.lscache4.c.youtube.com O1 - Hosts: 74.125.99.85 v18.lscache4.c.youtube.com O1 - Hosts: 74.125.99.88 v19.lscache4.c.youtube.com O1 - Hosts: 74.125.99.91 v20.lscache4.c.youtube.com O1 - Hosts: 74.125.99.94 v21.lscache4.c.youtube.com O1 - Hosts: 74.125.99.97 v22.lscache4.c.youtube.com O1 - Hosts: 74.125.99.100 v23.lscache4.c.youtube.com O1 - Hosts: 74.125.99.103 v24.lscache4.c.youtube.com O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [audiio] C:\Windows\System32\audiio.exe O4 - HKLM\..\Run: [BvtUtility] C:\Program Files\BvT Grup\BvT Live Tv\BvtUtility.exe O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [cdoosoft] C:\DOCUME~1\Haldun\LOCALS~1\Temp\herss.exe O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: ServerList.lnk = C:\Program Files\Valve\platform\config\otomatik_list.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O9 - Extra button: Bunu Bloga Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: Windows Live Writer içinde &Bunu Web Günlüğüne Al - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) -http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -http://messenger.zone.msn.com/TR-TR/a-UNO1/GAME_UNO1.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) -http://javadl.sun.com/webapps/download/AutoDL?BundleId=29223 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) -http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O23 - Service: BarDiscover Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\BarDiscover\bardiscover121.exe O23 - Service: Arka Plan Akıllı Aktarım Hizmeti (BITS) - Unknown owner - C:\WINDOWS\ O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Displ O23 - Service: Otomatik Güncelleştirmeler (wuauserv) - Unknown owner - C:\WINDOWS\ -- End of file - 12733 bytes |
Sorunu şurada açıkladım :http://forum.donanimhaber.com/m_39815833/mpage_1/f_/key_//tm.htm#39815833 Ama kısaca söylemek gerekirse sanırım virüs var ve benden habersiz bazı serverlara veri yollamaya çalışıyor. Şu an Malwarebytes' erişimleri engelliyor ama kesin bir çözüm olsa daha iyi olur Logfile of Trend Micro HijackThis v2.0.2 |
s.a üstat benim pc de bi iki hata vardı forum siytelerini geziyordum sonra bir arkadaş seni önerdi bu abimiz yapar dedi, inanamadım verdiği linke baktım yoksun sonra forumu inceledim konu buraya taşınmış ve allah razı olsun gerçekten çok iyi iş çıkarıyorsun. şimde ben sana zahmet verecem ama benim pc yi açınca iki gündür windows ürününü yeniden yükleyin diye birşey çıkıyor(hata kodu olarak 0xC004F015), buna iptal deyip bilgisayarı açıyorum son bir aydır başıma bela olan sshnas21.dll belirtilen modül bulunamadı ve wincti32.rom belirtlen modül bulanamadı hatası veriyor. dediğini yaptım hijack programını çalıştırdım aşağıda ki bilgiler geldi. sana zahmet bu sorunları halledebilir misin. en azından ne yapmam gerektiğini söyleyip yol gösterirsen allah ne muradın varsa verin deyip duamızda adını zikrederiz. Logfile of Trend Micro HijackThis v2.0.2 |
Üstadım kolay gelsin. beni daha önce bi kez kurtarmıştın o nedenle yine sana koştum :) sorunum bir oyuna yama indirdiğimi zannettiğimde oluştu. avasta tarattığımda pc de virüs görünmüyor ama pc açıldığında ctrl+alt+del yaptığımda orda 4-5 tane "hKTXgRIuLY" adlı uygulama görünüyor... onları sonlandırana kadar da aşırı kasılma oluyor... bir de msnim sağa sola msj yolluyo sanırım... hijack raporu burda; Logfile of Trend Micro HijackThis v2.0.2 |
Görev yöneticisine ve çalıştıra girmiyor. Windows hata veriyor. Virüs olduğunu düşünüyorum. Logfile of Trend Micro HijackThis v2.0.4 |
Hocam bir bilgim yok bu dnsler hakkında. Ne yapmalıyım ? - Kusura bakmayın geç yazdım. |
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:06:07, on 19.05.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.21148) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\PowerISO\SCDEmuApp.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\oodag.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Accurate 4\BIN\accurate40.exe C:\Program Files\Final Codecs\KMPlayer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\HijackThis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE ZSMC USB PC Camera O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [SCDEmuApp.exe] C:\Program Files\PowerISO\SCDEmuApp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Final Codecs\QTSystem\qttask.exe" -atboottime O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{CC6A566D-14D4-4F96-A194-E2F8A78E076E}: NameServer = 208.67.222.222,208.67.220.220 O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- End of file - 5681 bytes Arkadaşlar ben bu raporu internet explore 8 de hata verip kapandığı için gönderiyorum...Hatayı aldığımda bütün internet sayfalarını otomatik kapatıp çıkıyor...Bu sorunu çözmem gerek.Şimdiden teşekkür ederim.. |
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:33, on 2010-05-18 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Program Files\Opera\opera.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://search.localstrike.com.ar/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.skip-search.com/?cfg=2-82-0-17JEW R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://search.localstrike.com.ar/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://search.localstrike.com.ar/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://search.localstrike.com.ar/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://search.localstrike.com.ar/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [DataMngr] C:\Program Files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [Bing Bar] "C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe" O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [GEST] ] O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\hulusi\Desktop\utorrent.exe" O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup O4 - HKCU\..\Run: [DLD.EXE] C:\Program Files\Download Direct\DLD.exe O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O4 - Startup: OtomatikServerList.lnk = C:\Program Files\valve\platform\baslangic_serverlist.exe O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{0CCA5A55-7425-4D1F-8A1D-1375C1C37F5E}: NameServer = 208.67.222.222,200.67.220.220 O17 - HKLM\System\CS1\Services\Tcpip\..\{0CCA5A55-7425-4D1F-8A1D-1375C1C37F5E}: NameServer = 208.67.222.222,200.67.220.220 O17 - HKLM\System\CS2\Services\Tcpip\..\{0CCA5A55-7425-4D1F-8A1D-1375C1C37F5E}: NameServer = 208.67.222.222,200.67.220.220 O17 - HKLM\System\CS3\Services\Tcpip\..\{0CCA5A55-7425-4D1F-8A1D-1375C1C37F5E}: NameServer = 208.67.222.222,200.67.220.220 O20 - Winlogon Notify: Antiwpa - antiwpa.dll (file missing) O22 - SharedTaskScheduler: Browseui önceden yükleyicisi - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Bileşen Katergorileri önbellek daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe Bunları buldu.Sorunum bellek read olamadı sorunu.Oyunun ortasında-videoda ve tuuhaf tuhaf yerlerde çıkıyor bu sorun. -- End of file - 12123 bytes |
Herkese çok yardımcı olmuşsun. HijackThis Raporuma bakabilir misin? Bu arada HijackThis dersleri v.s veriyor musun? PM ile beni bir bilgilendirir isen sevinirim. Logfile of Trend Micro HijackThis v2.0.2 |
bilgisayar çok agır . yardımcı olursanız sevinirim. şididen çok TEŞEKKÜRLER... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:09:53, on 20.05.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\rundll32.exe C:\acer\epm\epm-dm.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\WINDOWS\FixCamera.exe C:\WINDOWS\tsnp2std.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files\Cyberlink\Shared Files\brs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AirTies\ADSL Hizmet Programı\AirTies_util3.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Acer\eManager\anbmServ.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\acer\eRecovery\Monitor.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\mmc.exe C:\WINDOWS\system32\DfrgFat.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://global.acer.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - (no file) O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe" O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: AirTies ADSL Hizmet Programı.lnk = ? O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257106163595 O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} (JInitiator 1.3.1.22) -http://tsim.saglik.gov.tr/forms/jinitiator/jinit.exe O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) -http://www.acsradyo.com/player/cab/ampx_en_dl.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe -- End of file - 6501 bytes |
Logfile of Trend Micro HijackThis v2.0.2 Bilgisayar da garanti virüs var ama hangisi bilmiyorum.Bir incelerseniz sevinirim. |
bilgisayaram kendi kendine alakasız zamnlarda restart atıyor ve virus programı kuramıyorum ilgilenrseniz sevnrm ..... Logfile of Advanced SystemCare 3 Security Analyzer |
Bu sabah firefox'u açamama problemim vardı silip tekrar yükledim ne firefox ne de ie çoğu siteye girip herhangi bir download yapamıyorum.Buna hijack'in sitesi de dahil o yüzden logu oradan tarattıramadım.Ayrıca bilgisayarda anormal bir yavaşlık var.Bakalım hijackle durumu kurtarabilecekmiyim olmassa format Teşekkürler. Logfile of Trend Micro HijackThis v2.0.2 |
Logfile of Trend Micro HijackThis v2.0.2 İnternette eskiye oranla bayağı bir yavaşlama var.Sayfa linkine tıkladığım zaman çok geç açıyor. İlgilenirsen sevinirim, teşekkürler. |
Bu mesaja 1 cevap geldi. Cevapları Gizle