Teknoloji Haberleri
Aşağı Git
Tüm Forumlar
İşletim Sistemleri ve Yazılımlar
Yazılım Genel
Güvenlik Programları
HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+
Bu konudaki kullanıcılar: 1 misafir, 1 mobil kullanıcı
9876
Cevap 1251457
Tıklama 0
Öne Çıkarma
Cevap 1251457
Tıklama 0
Öne Çıkarma
-
Cevap: HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+ (492. sayfa)
Önemli bir PC ve bazı sorunları var belki yardımcı olabilirsiniz... Beklemedeyim  Logfile of Trend Micro HijackThis v2.0.4 |
Daha bilgisayarımı yeni formatladım ama explorer.exe kullanımı %50 yi aşıyor Logfile of Trend Micro HijackThis v2.0.4 |
Bu mesaja 1 cevap geldi.
|
Sevgili arkadaşlar bu konularda gerçekten acemi ve çaylağım forumunuzda okuduklarımı takip ederek hıjack programı ile tarattım pc mi ve bu sonuç çıktı eğer bir sorun varsa bana yardımcı olurmusunuz şimdiden hepinize teşekkürler. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:14:35, on 12.01.2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Canon\DIAS\CnxDIAS.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\system32\FsUsbExService.Exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\cidaemon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\AutorunRemover\AutorunRemover.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\PROGRA~1\SEARCH~1\SEARCH~1\DATAMN~1.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Kancalar\Belgelerim\Alınan Dosyalarım\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://tr.msn.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://find.localstrike.net/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://find.localstrike.net/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://find.localstrike.net/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://find.localstrike.net/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://find.localstrike.net/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll O2 - BHO: SearchCore for Browsers - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\SEARCH~1\BROWSE~1.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AutorunRemover.exe] C:\Program Files\AutorunRemover\AutorunRemover.exe -Hide O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\SEARCH~1\DATAMN~1.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Kancalar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [systemcs] "C:\windows\systemcs6076.exe" O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [Art Plus Wallpaper Calendar] "C:\Program Files\Art Plus\Wallpaper5\wallpaper.exe" /a O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Kancalar\Start Menu\Programlar\IMVU\Run IMVU.lnk (file missing) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1264419048808 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1264425534531 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) -https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F560} (Flatcast Viewer 5.2) -http://92.51.137.94/objects/NpFv522.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{269E0DB9-9A17-40E2-B481-7717E43203EB}: NameServer = 192.168.2.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{269E0DB9-9A17-40E2-B481-7717E43203EB}: NameServer = 192.168.2.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O20 - AppInit_DLLs: C:\PROGRA~1\SEARCH~1\SEARCH~1\datamngr.dll C:\PROGRA~1\SEARCH~1\SEARCH~1\IEBHO.dll O22 - SharedTaskScheduler: Browseui önceden yükleyicisi - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Bileşen Katergorileri önbellek daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Güncelleme Hizmeti (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: SAMSUNG KiesAllShare Service (KiesAllShare) - Unknown owner - C:\Program Files\Samsung\Kies\WiselinkPro\WiselinkPro.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 10671 bytes |
|
Arkadaşlar bilgisayarı 5 dk önce güvenli modda açıp ComboFix ve HiJackThis programları tarafından tarattım sonuç olarak COMBOFİX RAPARO
HiJackThis Raporu
Sonuçlar böyle arkadaşlar daha sonra bilgisayarı güvenli moddan normal hale getirdim ve yeniden başlattım bilgisayar açıldığında msconfig sistem yapılandırması çıktı ve msnconfig başlangıçta msnmgr yani messenger kaybolmuştu bende onu farkettiğim an setupunu ve kurulu olan programını kaldırdım messengırın acaba sorun ne olabilir bana yardım edebilirmisiniz arkadaşlar ? |
< Bu mesaj bu kişi tarafından değiştirildi davidguetta0001 -- 24 Ocak 2012; 14:34:53 >
hocam bilgisayarımda aşırı yavaşlama var. bi el atabilirsen çok yardımın dokunur. şimdiden sağol. |
< Bu mesaj bu kişi tarafından değiştirildi Takumi_Fujiwara -- 26 Ocak 2012; 21:15:47 >
|
Dizüstü PC'imde services.exe işlemciyi çok kullanıyor forumda araştırma yapıyor iken hijackthis gördüm ve sizden yardım rica ediyorum. hijackthis raporu EK' te dir. Şimdiden ÇOOOK teşekkürler !! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 00:01:16, on 15.02.2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe C:\PROGRA~2\MICROS~2\Office14\WINWORD.EXE C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\tfn\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Java\jre6\bin\javaw.exe C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\tfn\Desktop\3333\Start.exe C:\Users\tfn\Desktop\3333\NOD32.EXE C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\tfn\AppData\Local\Google\Chrome\Application\chrome.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=041f&m=easynote_tj65&r=27360110i0b6l0350z1i5f48n1u451 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =www.google.com.tr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=041f&m=easynote_tj65&r=27360110i0b6l0350z1i5f48n1u451 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=041f&m=easynote_tj65&r=27360110i0b6l0350z1i5f48n1u451 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll R3 - URLSearchHook: (no name) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: 98.129.238.10 richarddawkins.net O1 - Hosts: 205.188.234.120 yp.shoutcast.com O1 - Hosts: 62.41.85.97 media.shoutcast.com O1 - Hosts: 205.188.216.8 shoutcast.com O1 - Hosts: 207.200.100.5www.shoutcast.com O1 - Hosts: 74.125.4.16 r1.lhr1.c.youtube.com O1 - Hosts: 74.125.4.17 r2.lhr1.c.youtube.com O1 - Hosts: 74.125.4.18 r3.lhr1.c.youtube.com O1 - Hosts: 74.125.4.19 r4.lhr1.c.youtube.com O1 - Hosts: 74.125.4.20 r5.lhr1.c.youtube.com O1 - Hosts: 74.125.4.21 r6.lhr1.c.youtube.com O1 - Hosts: 74.125.4.22 r7.lhr1.c.youtube.com O1 - Hosts: 74.125.4.23 r8.lhr1.c.youtube.com O1 - Hosts: 74.125.4.24 r9.lhr1.c.youtube.com O1 - Hosts: 74.125.4.25 r10.lhr1.c.youtube.com O1 - Hosts: 74.125.4.26 r11.lhr1.c.youtube.com O1 - Hosts: 74.125.4.27 r12.lhr1.c.youtube.com O1 - Hosts: 74.125.4.28 r13.lhr1.c.youtube.com O1 - Hosts: 74.125.4.29 r14.lhr1.c.youtube.com O1 - Hosts: 74.125.4.30 r15.lhr1.c.youtube.com O1 - Hosts: 74.125.4.31 r16.lhr1.c.youtube.com O1 - Hosts: 74.125.4.32 r17.lhr1.c.youtube.com O1 - Hosts: 74.125.4.33 r18.lhr1.c.youtube.com O1 - Hosts: 74.125.4.34 r19.lhr1.c.youtube.com O1 - Hosts: 74.125.4.35 r20.lhr1.c.youtube.com O1 - Hosts: 74.125.4.36 r21.lhr1.c.youtube.com O1 - Hosts: 74.125.4.37 r22.lhr1.c.youtube.com O1 - Hosts: 74.125.4.38 r23.lhr1.c.youtube.com O1 - Hosts: 74.125.4.39 r24.lhr1.c.youtube.com O1 - Hosts: 213.146.171.16 r1.lhr2.c.youtube.com O1 - Hosts: 213.146.171.17 r2.lhr2.c.youtube.com O1 - Hosts: 213.146.171.18 r3.lhr2.c.youtube.com O1 - Hosts: 213.146.171.19 r4.lhr2.c.youtube.com O1 - Hosts: 213.146.171.20 r5.lhr2.c.youtube.com O1 - Hosts: 213.146.171.21 r6.lhr2.c.youtube.com O1 - Hosts: 213.146.171.22 r7.lhr2.c.youtube.com O1 - Hosts: 213.146.171.23 r8.lhr2.c.youtube.com O1 - Hosts: 213.146.171.24 r9.lhr2.c.youtube.com O1 - Hosts: 213.146.171.25 r10.lhr2.c.youtube.com O1 - Hosts: 213.146.171.26 r11.lhr2.c.youtube.com O1 - Hosts: 213.146.171.27 r12.lhr2.c.youtube.com O1 - Hosts: 213.146.171.28 r13.lhr2.c.youtube.com O1 - Hosts: 213.146.171.29 r14.lhr2.c.youtube.com O1 - Hosts: 213.146.171.30 r15.lhr2.c.youtube.com O1 - Hosts: 213.146.171.31 r16.lhr2.c.youtube.com O1 - Hosts: 213.146.171.32 r17.lhr2.c.youtube.com O1 - Hosts: 213.146.171.33 r18.lhr2.c.youtube.com O1 - Hosts: 213.146.171.34 r19.lhr2.c.youtube.com O1 - Hosts: 213.146.171.35 r20.lhr2.c.youtube.com O1 - Hosts: 213.146.171.36 r21.lhr2.c.youtube.com O1 - Hosts: 213.146.171.37 r22.lhr2.c.youtube.com O1 - Hosts: 213.146.171.38 r23.lhr2.c.youtube.com O1 - Hosts: 213.146.171.39 r24.lhr2.c.youtube.com O1 - Hosts: 206.132.73.16 r1.lhr3.c.youtube.com O1 - Hosts: 206.132.73.17 r2.lhr3.c.youtube.com O1 - Hosts: 206.132.73.18 r3.lhr3.c.youtube.com O1 - Hosts: 206.132.73.19 r4.lhr3.c.youtube.com O1 - Hosts: 206.132.73.20 r5.lhr3.c.youtube.com O1 - Hosts: 206.132.73.21 r6.lhr3.c.youtube.com O1 - Hosts: 206.132.73.22 r7.lhr3.c.youtube.com O1 - Hosts: 206.132.73.23 r8.lhr3.c.youtube.com O1 - Hosts: 206.132.73.24 r9.lhr3.c.youtube.com O1 - Hosts: 206.132.73.25 r10.lhr3.c.youtube.com O1 - Hosts: 206.132.73.26 r11.lhr3.c.youtube.com O1 - Hosts: 206.132.73.27 r12.lhr3.c.youtube.com O1 - Hosts: 206.132.73.28 r13.lhr3.c.youtube.com O1 - Hosts: 206.132.73.29 r14.lhr3.c.youtube.com O1 - Hosts: 206.132.73.30 r15.lhr3.c.youtube.com O1 - Hosts: 74.125.4.208 r1.lhr4.c.youtube.com O1 - Hosts: 74.125.4.209 r2.lhr4.c.youtube.com O1 - Hosts: 74.125.4.210 r3.lhr4.c.youtube.com O1 - Hosts: 74.125.4.211 r4.lhr4.c.youtube.com O1 - Hosts: 74.125.4.212 r5.lhr4.c.youtube.com O1 - Hosts: 74.125.4.213 r6.lhr4.c.youtube.com O1 - Hosts: 74.125.4.214 r7.lhr4.c.youtube.com O1 - Hosts: 74.125.4.215 r8.lhr4.c.youtube.com O1 - Hosts: 74.125.4.216 r9.lhr4.c.youtube.com O1 - Hosts: 74.125.4.217 r10.lhr4.c.youtube.com O1 - Hosts: 74.125.4.218 r11.lhr4.c.youtube.com O1 - Hosts: 74.125.4.219 r12.lhr4.c.youtube.com O1 - Hosts: 74.125.4.220 r13.lhr4.c.youtube.com O1 - Hosts: 74.125.4.221 r14.lhr4.c.youtube.com O1 - Hosts: 74.125.4.222 r15.lhr4.c.youtube.com O1 - Hosts: 74.125.4.223 r16.lhr4.c.youtube.com O1 - Hosts: 74.125.4.224 r17.lhr4.c.youtube.com O1 - Hosts: 74.125.4.225 r18.lhr4.c.youtube.com O1 - Hosts: 74.125.4.226 r19.lhr4.c.youtube.com O1 - Hosts: 74.125.4.227 r20.lhr4.c.youtube.com O1 - Hosts: 74.125.4.228 r21.lhr4.c.youtube.com O1 - Hosts: 74.125.4.229 r22.lhr4.c.youtube.com O1 - Hosts: 74.125.4.230 r23.lhr4.c.youtube.com O1 - Hosts: 74.125.4.231 r24.lhr4.c.youtube.com O1 - Hosts: 74.125.4.80 r1.lhr5.c.youtube.com O1 - Hosts: 74.125.4.81 r2.lhr5.c.youtube.com O1 - Hosts: 74.125.4.82 r3.lhr5.c.youtube.com O1 - Hosts: 74.125.4.83 r4.lhr5.c.youtube.com O1 - Hosts: 74.125.4.84 r5.lhr5.c.youtube.com O1 - Hosts: 74.125.4.85 r6.lhr5.c.youtube.com O1 - Hosts: 74.125.4.86 r7.lhr5.c.youtube.com O1 - Hosts: 74.125.4.87 r8.lhr5.c.youtube.com O1 - Hosts: 74.125.4.88 r9.lhr5.c.youtube.com O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll O3 - Toolbar: (no name) - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Local Service') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Local Service') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: ezan'ı vakit.lnk = C:\Program Files (x86)\ezanivakit\ezan.exe O4 - Global Startup: Translate Client.lnk = C:\Program Files (x86)\Translate Client\translateclient.exe O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEExt.htm O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: OneNote'a G&önder - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Bağlantılı &Notları - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Bağlantılı &Notları - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing) O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{2A6799E2-8BF2-4023-A88D-B96055AB3E7E}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\..\{D10D468F-4481-4603-B732-807F46F65B4F}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CS1\Services\Tcpip\..\{2A6799E2-8BF2-4023-A88D-B96055AB3E7E}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CS2\Services\Tcpip\..\{2A6799E2-8BF2-4023-A88D-B96055AB3E7E}: NameServer = 8.8.8.8,8.8.4.4 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMON - Eset - C:\Users\tfn\Desktop\3333\amon.sys O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Güncelleme Hizmeti (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Users\tfn\Desktop\3333\nod32krn.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 19941 bytes |
Bu mesaja 1 cevap geldi.
bendede svchost.exe 13-14 tane var ve yaklaşık 200k'dan fazla belle tüketiyor.
|
< Bu mesaj bu kişi tarafından değiştirildi MirageLord -- 15 Şubat 2012; 12:58:22 >
|
Ustam Gerçekten Çok İyisin Birçok Kişi Yazmış Burda Oldu Diye Benimkinide Halledermisin ? İşte Sonuçlar Logfile of Trend Micro HijackThis v2.0.2 |
|
dostum explorer ve crome açtığım zaman geç açılıyor yardım edersen sevinirim. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:35 REFİK, on 05.03.2012 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Documents and Settings\_Refik\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Documents and Settings\_Refik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\_Refik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\_Refik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\_Refik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\_Refik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\_Refik\Belgelerim\Downloads\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =http://www.detaysearch.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://www.detaysearch.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.mortgagebank7.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =http://www.detaysearch.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: XBTBPos00 Class - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\TTNET Akilli Cubuk\tbunsr108.tmp\tbcore3.dll O3 - Toolbar: TTNET Akilli Cubuk - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files\TTNET Akilli Cubuk\tbunsr108.tmp\tbcore3.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AirTiesWUS-300] C:\Program Files\AirTies\AirTiesWUS-300\WUS300.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\_Refik\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\_Refik\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [Evidence Eliminator] C:\Program Files\Evidence Eliminator\ee.exe /m O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe O4 - Global Startup: Picture Package Menu.lnk = ? O4 - Global Startup: Picture Package VCD Maker.lnk = ? O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} (FBootloaderAX) -http://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) -http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{061D9398-EDEA-4A3E-B8C0-61EA513ED3EC}: NameServer = 4.2.2.1,4.2.2.2 O17 - HKLM\System\CCS\Services\Tcpip\..\{2A2A7DAC-03CD-4668-8CAC-F0D217D254A7}: NameServer = 4.2.2.2,4.2.2.4 O17 - HKLM\System\CCS\Services\Tcpip\..\{AFC0EA83-0CE0-466B-969C-88F37DB5C856}: NameServer = 4.2.2.1,4.2.2.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{061D9398-EDEA-4A3E-B8C0-61EA513ED3EC}: NameServer = 4.2.2.1,4.2.2.2 O17 - HKLM\System\CS2\Services\Tcpip\..\{061D9398-EDEA-4A3E-B8C0-61EA513ED3EC}: NameServer = 4.2.2.1,4.2.2.2 O17 - HKLM\System\CS3\Services\Tcpip\..\{061D9398-EDEA-4A3E-B8C0-61EA513ED3EC}: NameServer = 4.2.2.1,4.2.2.2 O22 - SharedTaskScheduler: Browseui önceden yükleyicisi - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Bileşen Katergorileri önbellek daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Güncelleme Hizmeti (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 10209 bytes |
Bu mesaja 1 cevap geldi.
|
Benim loglarada bakarmisiniz.Tesekur ederim Not: Özellikle en sondaki (O23 - Service: XYNTService - Unknown owner - C:\DOCUME~1\kurtay\LOKALE~1\Temp\{6A6DA488-0A6D-44ED-AC06-C14E505E22B0}\{061A431C-86E7-4DB4-92B8-36DE783865CF}\STK2135\Win2KXP\stk2135bsrv.exe) uygulama kafami karistirdi Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:51:23, on 06.03.2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Programfiler\IObit\Advanced SystemCare 5\ASCService.exe C:\Programfiler\Emsisoft Anti-Malware\a2service.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Intel\WiFi\bin\S24EvMon.exe C:\Programfiler\Lenovo\ATK Hotkey\GFNEXSrv.exe C:\Programfiler\Lenovo\ATK Hotkey\LFKAS.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Avira\AntiVir Desktop\sched.exe C:\Programfiler\IObit\IObit Malware Fighter\IMFsrv.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\Programfiler\ThinkPad\ConnectUtilities\AcSvc.exe C:\Programfiler\Avira\AntiVir Desktop\avfwsvc.exe C:\Programfiler\Avira\AntiVir Desktop\avguard.exe C:\Programfiler\Intel\WiFi\bin\EvtEng.exe C:\Programfiler\Fellesfiler\InterVideo\RegMgr\iviRegMgr.exe C:\Programfiler\Java\jre6\bin\jqs.exe c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe C:\Programfiler\Apoint2K\Apoint.exe C:\Programfiler\Fellesfiler\Intel\WirelessCommon\RegSrvc.exe C:\Programfiler\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\Programfiler\Lenovo\NPDIRECT\TPFNF7SP.exe C:\WINDOWS\system32\TpShocks.exe C:\Programfiler\Lenovo\HOTKEY\LVOSDSVC.exe C:\WINDOWS\system32\igfxtray.exe C:\Programfiler\Apoint2K\ApMsgFwd.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Programfiler\Lenovo\ATK Hotkey\LCONTROL.exe C:\Programfiler\Apoint2K\Apntex.exe C:\Programfiler\Lenovo\ATK Hotkey\LFKA.exe C:\Programfiler\ThinkPad\ConnectUtilities\ACTray.exe C:\Programfiler\Lenovo\HOTKEY\TPONSCR.exe C:\Programfiler\Lenovo\Zoom\TpScrex.exe C:\Programfiler\ThinkPad\ConnectUtilities\ACWLIcon.exe C:\Programfiler\Avira\AntiVir Desktop\avgnt.exe C:\Programfiler\AntiLogger\AntiLogger.exe C:\Programfiler\Lenovo\VIRTSCRL\virtscrl.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Windows Live\Messenger\msnmsgr.exe C:\Programfiler\IObit\Advanced SystemCare 5\ASCTray.exe C:\Programfiler\Free Download Manager\fdm.exe C:\Programfiler\ThinkPad\Bluetooth Software\BTTray.exe C:\WINDOWS\system32\svchost.exe c:\programfiler\lenovo\system update\suservice.exe C:\Programfiler\IObit\IObit Malware Fighter\IMF.exe C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE c:\Programfiler\Fellesfiler\Lenovo\tvt_reg_monitor_svc.exe C:\Programfiler\Lenovo\Rescue and Recovery\rrpservice.exe C:\Programfiler\Lenovo\Rescue and Recovery\rrservice.exe c:\Programfiler\Fellesfiler\Lenovo\Scheduler\tvtsched.exe C:\Programfiler\Lenovo\Rescue and Recovery\UpdateMonitor.exe C:\DOCUME~1\kurtay\LOKALE~1\Temp\{6A6DA488-0A6D-44ED-AC06-C14E505E22B0}\{061A431C-86E7-4DB4-92B8-36DE783865CF}\STK2135\Win2KXP\stk2135bsrv.exe C:\Programfiler\Avira\AntiVir Desktop\avshadow.exe C:\Programfiler\ThinkPad\Utilities\PWMDBSVC.exe C:\Programfiler\Avira\AntiVir Desktop\avmailc.exe C:\Programfiler\Avira\AntiVir Desktop\AVWEBGRD.EXE C:\Programfiler\ThinkPad\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Java\jre6\bin\javaw.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Programfiler\Mozilla Firefox\plugin-container.exe C:\Programfiler\Mozilla Firefox\plugin-container.exe C:\Programfiler\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\system32\dllhost.exe C:\Programfiler\AnVir Task Manager\anvir.exe C:\Programfiler\Internet Explorer\IEXPLORE.EXE C:\Programfiler\Internet Explorer\IEXPLORE.EXE C:\Programfiler\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =http://g.msn.no/0SENBNO/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: McAfee Site****or Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Oturum Açma Yardim Araci - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee Site****or BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~1\mcafee\sitead~1\mcieplg.dll O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Programfiler\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programfiler\Free Download Manager\iefdm2.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: McAfee Site****or Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [TPFNF7] C:\Programfiler\Lenovo\NPDIRECT\TPFNF7SP.exe /r O4 - HKLM\..\Run: [TpShocks] TpShocks.exe O4 - HKLM\..\Run: [TPHOTKEY] C:\Programfiler\Lenovo\HOTKEY\LVOSDSVC.exe O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [LCONTROL] "C:\Programfiler\Lenovo\ATK Hotkey\LCONTROL.exe" O4 - HKLM\..\Run: [LFKA] "C:\Programfiler\Lenovo\ATK Hotkey\LFKA.exe" O4 - HKLM\..\Run: [ACTray] C:\Programfiler\ThinkPad\ConnectUtilities\ACTray.exe O4 - HKLM\..\Run: [ACWLIcon] C:\Programfiler\ThinkPad\ConnectUtilities\ACWLIcon.exe O4 - HKLM\..\Run: [avgnt] "C:\Programfiler\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [AntiLogger] "C:\Programfiler\AntiLogger\AntiLogger.exe" /minimized O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Programfiler\IObit\IObit Malware Fighter\IMF.exe" /autostart O4 - HKLM\..\Run: [LenovoAutoScrollUtility] C:\Programfiler\Lenovo\VIRTSCRL\virtscrl.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Programfiler\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart O4 - HKCU\..\Run: [Free Download Manager] C:\Programfiler\Free Download Manager\fdm.exe -autorun O4 - HKCU\..\Run: [SmartRAM] "C:\Programfiler\IObit\Advanced SystemCare 5\Suo10_SmartRAM.exe" /m O4 - HKCU\..\Run: [KiesHelper] C:\Programfiler\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [AnVir Task Manager] "C:\Programfiler\AnVir Task Manager\anvir.exe" Minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Programfiler\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Nedlasting alle med Free Nedlasting Manager - file://C:\Programfiler\Free Download Manager\dlall.htm O8 - Extra context menu item: Nedlasting med Free Nedlasting Manager - file://C:\Programfiler\Free Download Manager\dllink.htm O8 - Extra context menu item: Nedlasting valgte med Free Nedlasting Manager - file://C:\Programfiler\Free Download Manager\dlselected.htm O8 - Extra context menu item: Send til &Bluetooth-enhet... - C:\Programfiler\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send til Bluetooth - C:\Programfiler\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programfiler\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Programfiler\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Programfiler\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1329797769218 O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing) O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Emsisoft Anti-Malware 6.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Programfiler\Emsisoft Anti-Malware\a2service.exe O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Programfiler\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Programfiler\ThinkPad\ConnectUtilities\AcSvc.exe O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Programfiler\IObit\Advanced SystemCare 5\ASCService.exe O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira Operations GmbH & Co. KG - C:\Programfiler\Avira\AntiVir Desktop\avfwsvc.exe O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Programfiler\Avira\AntiVir Desktop\avmailc.exe O23 - Service: Avira Zamanlayici (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Programfiler\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Programfiler\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Programfiler\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Programfiler\Lenovo\ATK Hotkey\GFNEXSrv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programfiler\ThinkPad\Bluetooth Software\bin\btwdins.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Programfiler\Intel\WiFi\bin\EvtEng.exe O23 - Service: ThinkPad PM Service for SL Series (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: IMF Service (IMFservice) - IObit - C:\Programfiler\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: IviRegMgr - InterVideo - C:\Programfiler\Fellesfiler\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe O23 - Service: Service of LFKA (LFKAS) - Unknown owner - C:\Programfiler\Lenovo\ATK Hotkey\LFKAS.exe O23 - Service: McAfee Site****or Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe O23 - Service: Power Manager DBC Service - Unknown owner - C:\Programfiler\ThinkPad\Utilities\PWMDBSVC.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Programfiler\Fellesfiler\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Programfiler\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Programfiler\Roxio\Digital Home 10\RoxioUpnpService10.exe O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Programfiler\Fellesfiler\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Programfiler\Fellesfiler\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Programfiler\Fellesfiler\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Programfiler\Intel\WiFi\bin\S24EvMon.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Programfiler\Fellesfiler\SureThing Shared\stllssvr.exe O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\programfiler\lenovo\system update\suservice.exe O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - c:\Programfiler\Fellesfiler\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Programfiler\Lenovo\Rescue and Recovery\rrpservice.exe O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Programfiler\Lenovo\Rescue and Recovery\rrservice.exe O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Programfiler\Fellesfiler\Lenovo\Scheduler\tvtsched.exe O23 - Service: TVT Windows Update Monitor (TVT_UpdateMonitor) - Lenovo Group Limited - C:\Programfiler\Lenovo\Rescue and Recovery\UpdateMonitor.exe O23 - Service: XYNTService - Unknown owner - C:\DOCUME~1\kurtay\LOKALE~1\Temp\{6A6DA488-0A6D-44ED-AC06-C14E505E22B0}\{061A431C-86E7-4DB4-92B8-36DE783865CF}\STK2135\Win2KXP\stk2135bsrv.exe -- End of file - 15555 bytes |
Bu mesaja 1 cevap geldi.
|
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:01:11 PM, on 3/15/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11f_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Internet Explorer\iexplore.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Oturum Açma Yardim Araci - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\18.0.1025.58\npchrome_frame.dll O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: OneNote Baglantili &Notlari - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Baglantili &Notlari - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -http://www.opentopia.com/support/activex/AxisCamControl.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F560} (Flatcast Viewer 5.2) -http://download.flatcast.net/objects/NpFv522.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{45CA3ABD-3409-4456-8283-BAE7A44C5FE2}: NameServer = 4.2.2.2,4.2.2.3 O17 - HKLM\System\CCS\Services\Tcpip\..\{C7CA2274-A593-40E4-822F-676F8D1E4627}: NameServer = 4.2.2.2,4.2.2.3 O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\18.0.1025.58\npchrome_frame.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing) O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: JMB36X - Unknown owner - C:\Windows\SysWOW64\XSrvSetup.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Materialise Local License Server 5.0 (MatLocalLicenceServer50) - Unknown owner - C:\Program Files (x86)\Common Files\Materialise\LicenseFiles\LicSrv50.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9013 bytes sana zahmet ilgilenirsen |
|
şimdiden teşekkürler ! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:07:35, on 04.04.2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Windows\system32\igfxsrvc.exe C:\Users\Suat\AppData\Local\usnscv.exe C:\Windows\cftmon.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Users\Suat\AppData\Roaming\scvhost.exe C:\Users\Suat\AppData\Local\Temp\winfxwl.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Suat\Desktop\yeni Client Şifresi_ EnesTqLL\ßy Enes TqLL Client\KnightEmpire.exe C:\Users\Suat\Desktop\yeni Client Şifresi_ EnesTqLL\ßy Enes TqLL Client\KnightOnline.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Suat\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.bigseekpro.com/hypercam/{D8C8BAFA-8490-4AD7-B2E9-71C54F2F419F} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\DealBulldog Toolbar\tbhelper.dll O1 - Hosts: ::1 localhost O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll O3 - Toolbar: DealBulldog Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\DealBulldog Toolbar\tbcore3.dll O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe" O4 - HKLM\..\Run: [HKLM] C:\Windows\System32\explorer.exe\explorer.exe O4 - HKLM\..\Run: [Google Updater] cftmon.exe O4 - HKLM\..\Run: [Windows Updater System] C:\Users\Suat\AppData\Roaming\scvhost.exe O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Suat\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [HKCU] C:\Windows\System32\explorer.exe\explorer.exe O4 - HKCU\..\Run: [usnscv.exe] "C:\Users\Suat\AppData\Local\usnscv.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\Suat\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Windows Updater System] C:\Users\Suat\AppData\Roaming\scvhost.exe O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\Windows\System32\explorer.exe\explorer.exe O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\Windows\System32\explorer.exe\explorer.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Local Service') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Local Service') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{65E2D10D-41DA-4E79-B34B-B60BB8AA2231}: NameServer = 4.2.2.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{65E2D10D-41DA-4E79-B34B-B60BB8AA2231}: NameServer = 4.2.2.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{65E2D10D-41DA-4E79-B34B-B60BB8AA2231}: NameServer = 4.2.2.1 O23 - Service: Symantec Eraser Service (EraserSvc11121) - Unknown owner - C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe (file missing) O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- End of file - 5560 bytes |
Bu mesaja 1 cevap geldi.
|
bütün internet prograqmlarında yani firefox chrome ve explorerda arkadaşlar maxi.ccep gibi acayip siiteler otomatik olarak geliyır taratma sonucu aşağıda yardımcı olursanız sevinirim ogfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:23:20, on 06.04.2012 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\BrowserCompanion\BCHelper.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\rundll32.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\rundll32.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\PROGRA~1\GRETECH\GOMPLA~1\GOM.EXE C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Windows\system32\taskeng.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 78.46.75.100:53 O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O4 - HKLM\..\Run: [Browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=onklpkebbeeimgojkmaccmhmoafknihh O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Bonus.SSR.FR11] "C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QT Lite\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O17 - HKLM\System\CCS\Services\Tcpip\..\{4E8BF145-7BB7-4549-A0AE-6F4026B501AA}: NameServer = 8.8.8.8,4.2.2.2 O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\aestsrv.exe O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Güncelleme Hizmeti (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\Windows\system32\Hpservice.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\STacSV.exe O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe -- End of file - 8435 bytes |
|
RECYCLER\e621ca05.exe" hatası - Raporlarım Merhaba, Harici HDD'imin içine girip dosyalarımdan herhangi birine çift tıkladığımda " 'H:\RECYCLER\e621ca05.exe' windows tarafından bulunamıyor. ismi doğru yazdığınızdan emin olup tekrar deneyin" şeklinde bir hata veriyor. Ve dosyaları benim düzenlediğim biçimden farklı bir hale getirip birçok yeni dosya açmış -$RECYCLE.BIN, System Volume Information gibi-. Harici HDD'imi en son arkadaşıma vermiştim, geri aldığımda böyle bir sorunla karşılaştım. Harici HDD ile bilgisayarım arasındaki bağlantıyı ilk kurduğumda bilgisayarda dahi herhangi bir şeye tıkladığımda aynı hatayla karşılaşıyordum. Kaspersky Antivirüs programıyla tarama yaptırdığımda bilgisayar için çözüme kavuştum ancak aynı şeyi Harici HDD için tekrarladığımda hiçbir sonuç alamadım. Bu konuda sizin yardımınıza başvuruyorum. Talep ettiğiniz Rapor dosyalarını eksiksiz olarak yüklenmiş olduğunu düşünüyorum, yine de eksik varsa bildirirseniz sevinirim. Yardımlarınız için şimdiden teşekkürler, iyi çalışmalar, iyi günler. |
Bu mesaja 1 cevap geldi.
http://www.usbuzmani.com/wp-content/2009/06/sil.rar Linkteki dosyayı indirip çalıştırın. Dosya içinde gerekli açıklamalar da mevcut.  |
Bu mesaja 1 cevap geldi.
ComboFix 11-12-20.04 - Mc-fLy 21.12.2011 1:53.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1254.90.1055.18.4091.2294 [GMT 2:00]
Running from: c:\users\Mc-fLy\Downloads\Programs\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Mc-fLy\AppData\Local\TempDIR
c:\users\Mc-fLy\AppData\Local\TempDIR\BetterInstaller.exe
c:\windows\SysWow64\cseDVH.dll
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\tmpB616.tmp
c:\windows\SysWow64\tmpB76E.tmp
.
.
((((((((((((((((((((((((( Files Created from 2011-11-20 to 2011-12-20 )))))))))))))))))))))))))))))))
.
.
2011-12-20 23:40 . 2011-12-20 23:44 -------- d-----w- c:\program files (x86)\Uniblue
2011-12-20 23:40 . 2011-12-20 23:43 -------- d-----w- c:\users\Mc-fLy\AppData\Roaming\Uniblue
2011-12-20 23:40 . 2011-12-20 23:40 -------- dc-h--w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2011-12-20 22:35 . 2011-12-20 22:35 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BCD74D85-1237-46C4-A3D8-21570BEAF881}\offreg.dll
2011-12-20 22:35 . 2011-12-20 22:35 -------- d-----w- c:\program files\HP
2011-12-20 22:25 . 2011-12-20 22:25 -------- d-----w- c:\windows\Hewlett-Packard
2011-12-20 18:00 . 2011-12-20 18:00 -------- d-----w- c:\windows\system32\SPReview
2011-12-20 18:00 . 2011-12-20 18:00 -------- d-----w- c:\windows\system32\EventProviders
2011-12-20 17:50 . 2011-12-20 17:50 -------- d-----w- c:\windows\FLV Player
2011-12-20 17:49 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-12-20 17:49 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-20 17:49 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-12-20 17:49 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-20 17:49 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-20 17:49 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-12-20 17:49 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-12-20 17:49 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-12-20 17:49 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-12-20 17:32 . 2011-12-20 17:33 -------- d-----w- c:\users\Mc-fLy\AppData\Roaming\IDM
2011-12-20 17:03 . 2011-12-20 17:03 -------- d-----w- c:\users\Mc-fLy\AppData\Roaming\URSoft
2011-12-19 03:35 . 2011-12-20 17:03 4690 ----a-w- C:\user.js
2011-12-19 03:35 . 2011-12-19 03:35 -------- d-----w- c:\users\Mc-fLy\AppData\Local\Babylon
2011-12-19 03:35 . 2011-12-19 03:42 -------- d-----w- c:\users\Mc-fLy\AppData\Roaming\FileHunter
2011-12-19 03:35 . 2011-12-19 03:35 -------- d-----w- c:\users\Mc-fLy\AppData\Roaming\Babylon
2011-12-19 03:35 . 2011-12-19 03:35 -------- d-----w- c:\programdata\Babylon
2011-12-19 03:29 . 2011-09-27 03:57 42496 ----a-w- c:\windows\SysWow64\libusb0.dll
2011-12-18 00:53 . 2011-12-18 00:53 -------- d-----w- c:\users\Mc-fLy\AppData\Roaming\thecleaner
2011-12-18 00:51 . 2011-12-20 22:47 -------- d-----w- c:\program files (x86)\The Cleaner
2011-12-15 03:50 . 2011-12-15 03:50 -------- d-----w- c:\program files (x86)\Digital Photo Software
2011-12-15 03:47 . 2011-12-15 03:47 -------- d-----w- c:\users\Mc-fLy\AppData\Roaming\Morpheus Software
2011-12-13 20:38 . 2011-12-13 20:38 -------- d-----w- c:\users\Mc-fLy\AppData\Roaming\Adobe Mini Bridge CS5
2011-12-09 22:53 . 2011-12-10 02:09 -------- d-----w- c:\program files (x86)\VideoLAN
2011-12-09 18:40 . 2011-12-09 18:40 -------- d-----w- c:\program files (x86)\OpenVPN Technologies
2011-12-03 21:11 . 2011-12-03 21:11 -------- d-----w- c:\programdata\ATI
2011-11-30 17:44 . 2011-11-30 17:44 10497024 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-11-30 17:19 . 2011-11-30 17:19 24887808 ----a-w- c:\windows\system32\atio6axx.dll
2011-11-30 17:03 . 2011-11-30 17:03 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-11-30 17:03 . 2011-11-30 17:03 749568 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-11-30 17:01 . 2011-11-30 17:01 893440 ----a-w- c:\windows\system32\aticfx64.dll
2011-11-30 16:58 . 2011-11-30 16:58 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-11-30 16:58 . 2011-11-30 16:58 517120 ----a-w- c:\windows\system32\atieclxx.exe
2011-11-30 16:58 . 2011-11-30 16:58 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-11-30 16:58 . 2011-11-30 16:58 18829312 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-11-30 16:56 . 2011-11-30 16:56 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-11-30 16:56 . 2011-11-30 16:56 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-11-30 16:56 . 2011-11-30 16:56 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-11-30 16:56 . 2011-11-30 16:56 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-11-30 16:56 . 2011-11-30 16:56 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-11-30 16:55 . 2011-11-30 16:55 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-11-30 16:55 . 2011-11-30 16:55 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-11-30 16:51 . 2011-11-30 16:51 4327936 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-11-30 16:40 . 2011-11-30 16:40 5079552 ----a-w- c:\windows\system32\atidxx64.dll
2011-11-30 16:33 . 2011-11-30 16:33 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-11-30 16:33 . 2011-11-30 16:33 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-11-30 16:33 . 2011-11-30 16:33 4044288 ----a-w- c:\windows\system32\atiumd6a.dll
2011-11-30 16:31 . 2011-11-30 16:31 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-11-30 16:31 . 2011-11-30 16:31 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-11-30 16:31 . 2011-11-30 16:31 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-11-30 16:31 . 2011-11-30 16:31 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-11-30 16:30 . 2011-11-30 16:30 9978880 ----a-w- c:\windows\system32\aticaldd64.dll
2011-11-30 16:28 . 2011-11-30 16:28 4356096 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-11-30 16:27 . 2011-11-30 16:27 8449024 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-11-30 16:24 . 2011-11-30 16:24 4189184 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-11-30 16:22 . 2011-11-30 16:22 5512704 ----a-w- c:\windows\system32\atiumd64.dll
2011-11-30 16:14 . 2011-11-30 16:14 486912 ----a-w- c:\windows\system32\atiadlxx.dll
2011-11-30 16:14 . 2011-11-30 16:14 339968 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-11-30 16:13 . 2011-11-30 16:13 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2011-11-30 16:13 . 2011-11-30 16:13 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-11-30 16:13 . 2011-11-30 16:13 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-11-30 16:13 . 2011-11-30 16:13 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-11-30 16:13 . 2011-11-30 16:13 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-11-30 16:13 . 2011-11-30 16:13 326656 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-11-30 16:12 . 2011-11-30 16:12 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-11-30 16:12 . 2011-11-30 16:12 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-11-30 16:11 . 2011-11-30 16:11 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-11-30 16:11 . 2011-11-30 16:11 54784 ----a-w- c:\windows\system32\atimpc64.dll
2011-11-30 16:11 . 2011-11-30 16:11 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2011-11-30 16:11 . 2011-11-30 16:11 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-11-30 16:11 . 2011-11-30 16:11 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-11-27 22:01 . 2011-12-20 18:03 -------- d-----w- c:\program files (x86)\Microsoft Works
2011-11-27 21:59 . 2011-11-27 21:59 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2011-11-27 21:58 . 2011-11-27 21:58 -------- d-----r- C:\MSOCache
2011-11-27 20:22 . 2011-11-27 20:22 -------- d-----w- c:\program files (x86)\MSECache
2011-11-27 13:07 . 2011-11-27 14:09 -------- d-----w- C:\videooutput
2011-11-27 13:07 . 2009-05-19 16:32 758018 ----a-w- c:\windows\SysWow64\xvidcore.dll
2011-11-27 13:07 . 2008-12-04 19:46 180224 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2011-11-27 13:07 . 2008-10-08 08:16 139264 ----a-w- c:\windows\SysWow64\xvid.ax
2011-11-25 13:22 . 2011-11-30 16:12 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-11-25 01:26 . 2011-11-25 01:26 -------- d-----w- c:\program files (x86)\AMD APP
2011-11-24 18:45 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BCD74D85-1237-46C4-A3D8-21570BEAF881}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-20 22:07 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-12-20 22:07 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-12-18 18:56 . 2011-10-02 10:06 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-12-18 18:56 . 2011-09-25 11:45 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-12-18 18:54 . 2011-09-25 11:45 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-11-30 16:20 . 2011-07-08 02:54 58880 ----a-w- c:\windows\system32\coinst.dll
2011-11-30 16:12 . 2011-07-08 02:46 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-11-25 01:44 . 2011-09-25 11:45 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-11-18 14:52 . 2011-11-18 14:52 66560 ----a-w- c:\windows\system32\OpenVideo64.dll
2011-11-18 14:52 . 2011-11-18 14:52 56832 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2011-11-18 14:52 . 2011-11-18 14:52 66560 ----a-w- c:\windows\system32\OVDecoder64.dll
2011-11-18 14:52 . 2011-11-18 14:52 56832 ----a-w- c:\windows\SysWow64\OVDecoder.dll
2011-11-18 14:52 . 2011-11-18 14:52 16991744 ----a-w- c:\windows\system32\amdocl64.dll
2011-11-18 14:51 . 2011-11-18 14:51 13950464 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-10-10 14:42 . 2011-09-25 11:45 2580552 ----a-w- c:\windows\SysWow64\pbsvc.exe
2011-10-03 03:06 . 2011-09-30 21:02 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-09-28 15:45 . 2011-09-28 15:45 15453832 ----a-w- c:\windows\SysWow64\xlive.dll
2011-09-28 15:45 . 2011-09-28 15:45 13642888 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-09-25 19:48 . 2011-09-25 19:43 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-23 19:13 . 2011-09-23 19:13 51200 ----a-w- c:\windows\system32\OpenCL.dll
2011-09-23 19:13 . 2011-09-23 19:13 43520 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-09-23 14:51 . 2011-09-23 14:14 310728 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-09-23 14:14 . 2011-09-23 14:14 42696 ----a-w- c:\windows\system32\drivers\lirsgt.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="e:\internet download manager\IDMan.exe" [2011-09-08 3425688]
"RegistryBooster"="c:\program files (x86)\Uniblue\RegistryBooster\launcher.exe" [2011-11-07 67456]
"DriverScanner"="c:\program files (x86)\Uniblue\DriverScanner\launcher.exe" [2011-10-20 338296]
"SpeedUpMyPC"="c:\program files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" [2011-10-19 67960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Güncelleme Hizmeti (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-25 136176]
R3 gupdatem;Google Güncelleme Hizmeti (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-25 136176]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Etkinleştirme Teknolojileri Hizmeti;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 cdrblock;cdrblock;c:\windows\system32\DRIVERS\cdrblock.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [x]
S2 PSI_SVC_2_x64;Protexis Licensing V2 x64;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-20 c:\windows\Tasks\DriverScanner.job
- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2011-12-20 12:43]
.
2011-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-25 19:48]
.
2011-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-25 19:48]
.
2011-12-20 c:\windows\Tasks\RegistryBooster.job
- c:\program files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2011-12-20 08:26]
.
2011-12-20 c:\windows\Tasks\SpeedUpMyPC.job
- c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2011-12-20 13:28]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-05-30 16:50 22408 ----a-w- e:\internet download manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.babylon.com/?AF=108976&babsrc=HP_ss&mntrId=bc84b18f0000000000006cf049e1bdc8
mStart Page = hxxp://home.sweetim.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Bütün linkleri IDM ile indir - e:\internet download manager\IEGetAll.htm
IE: IDM ile indir - e:\internet download manager\IEExt.htm
IE: Microsoft Excel'e &Ver - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 195.175.39.40 195.175.39.39
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-649225194-3626068547-4222699758-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-649225194-3626068547-4222699758-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-649225194-3626068547-4222699758-1000_Classes\Wow6432Node\CLSID\{0507f7c6-43d8-40dd-9819-8c27ef7e758a}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000013a
"Therad"=dword:00000030
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,3e,90,c3,05,7d,a5,8e,78,ee,d7,95,05,d6,b6,ae,2f,e8,4c,55,1d,c6,66,\
.
[HKEY_USERS\S-1-5-21-649225194-3626068547-4222699758-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):3f,61,65,1d,6a,4f,2e,71,81,60,bd,68,e4,16,55,b2,46,05,b6,dc,57,
23,a2,c8,ae,1a,06,37,7f,70,9f,7b,26,71,3b,71,b2,2b,4b,c1,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-649225194-3626068547-4222699758-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):3b,38,70,a6,26,65,ad,be,a6,b1,b1,a4,97,aa,27,03,71,2f,36,58,6c,
6e,4c,d0,33,bb,99,1f,1e,4f,c6,2d,20,40,88,d7,46,50,45,7f,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-649225194-3626068547-4222699758-1000_Classes\Wow6432Node\CLSID\{aab167e3-359b-425f-91fe-c0960267244f}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000011d
"Therad"=dword:00000001
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-12-21 01:58:40
ComboFix-quarantined-files.txt 2011-12-20 23:58
.
Pre-Run: 4.421.705.728 bayt boş
Post-Run: 4.345.077.760 bayt boş
.
- - End Of File - - 0767E57A1929986B243E06004E5CD02F
Bu mesaja 1 cevap geldi. Cevapları Gizle