HijackThis. Performans + Güvenlik! (Virüslerden kurtulun). 500.000+ (493. sayfa)

quote:

Orijinalden alıntı: serji

quote: Orjinalden alıntı: DnR Bunları buldum çıkarttım ama silinecek olan varsa yine bu programlamı silicem?yoksa tek tek klasör klasör arayarakmı?

islemler ilk sayfada dostm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IEHelperObj Class - {6754A456-BAD9-11D4-93D3-00B0D03A2F91} - D:\PROGRA~1\Odigo\Bin\OdigoBHO.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - Global Startup: Color Calibration.lnk = ?
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Longhorn Inspirat\YzToolBar\YzToolBar.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: FlashGet'i kullanarak indir - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: seclogon - {B8A93BF6-503A-8735-F15A-92008AEAB76E} - (no file)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

Alıntıları Göster

quote:

Orijinalden alıntı: serji

quote: Orjinalden alıntı: [Tifosi] saolasın serji, çok teşekkürler... zararlıların düşmanı kahraman DH cı

rica ederim dostmda su smiley kopardi beni valla suerp

Alıntıları Göster

quote:

Orijinalden alıntı: Hasikomen

PM yoluyla sorunları bildirdim bi bakarsan sevinirim.

 
  Logfile of Trend Micro HijackThis v2.0.4 
  Scan saved at 05:06:01, on 28.07.2012 
  Platform: Windows 7 SP1 (WinNT 6.00.3505) 
  MSIE: Internet Explorer v9.00 (9.00.8112.16421) 
  Boot mode: Normal 
   
  Running processes: 
  C:\Windows\vVX1000.exe 
  C:\Program Files (x86)\Internet Download Manager\IDMan.exe 
  C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe 
  C:\Program Files (x86)\DFX\DFX.exe 
  C:\Program Files (x86)\iTunes\iTunesHelper.exe 
  C:\Program Files\AVAST Software\Avast\AvastUI.exe 
  C:\Users\Canberk\AppData\Roaming\Dropbox\bin\Dropbox.exe 
  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 
  C:\Users\Canberk\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler.exe 
  C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe 
  C:\Program Files (x86)\Origin\Origin.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\AppData\Local\Google\Chrome\Application\chrome.exe 
  C:\Users\Canberk\Downloads\Programs\HiJackThis\HiJackThis.EXE 
   
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://go.microsoft.com/fwlink/?LinkId=69157 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://go.microsoft.com/fwlink/?LinkId=54896 
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://go.microsoft.com/fwlink/?LinkId=54896 
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =  
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =  
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 202.65.158.179:8080 
  O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll 
  O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll 
  O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
  O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll 
  O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" 
  O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" 
  O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" 
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
  O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup 
  O4 - HKLM\..\RunOnce: [aswAhAScr.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll" 
  O4 - HKLM\..\RunOnce: [aswasOutExt.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\asOutExt.dll" 
  O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot 
  O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum 
  O4 - HKCU\..\Run: [Google Update] "C:\Users\Canberk\AppData\Local\Google\Update\GoogleUpdate.exe" /c 
  O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Canberk\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver 
  O4 - Startup: Dropbox.lnk = Canberk\AppData\Roaming\Dropbox\bin\Dropbox.exe 
  O4 - Global Startup: DFX.lnk = ? 
  O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm 
  O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm 
  O8 - Extra context menu item: Turbo Internet: Bookmark this page - C:\Program Files (x86)\Turbo Internet\exts\addFav.html 
  O8 - Extra context menu item: Turbo Internet: Download this link - C:\Program Files (x86)\Turbo Internet\exts\dl.html 
  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll 
  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll 
  O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics 
  O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} -http://download.eset.com/special/eos/OnlineScanner.cab 
  O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} -http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab 
  O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (FuturemarkSystemInfoX Class) -http://clients.futuremark.com/calico/systeminfodeploy/FMSI.cab 
  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab 
  O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} -http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab 
  O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL 
  O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 
  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) 
  O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 
  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) 
  O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE 
  O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe 
  O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 
  O23 - Service: Google Güncelleme Hizmeti (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 
  O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing) 
  O23 - Service: iPod Servisi (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe 
  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 
  O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 
  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) 
  O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing) 
  O23 - Service: @mqutil.dll,-6203 (MSMQTriggers) - Unknown owner - C:\Windows\system32\mqtgsvc.exe (file missing) 
  O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe 
  O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) 
  O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) 
  O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 
  O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 
  O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe 
  O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe 
  O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe 
  O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe 
  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) 
  O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe 
  O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 
  O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe 
  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) 
  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) 
  O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) 
  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) 
  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) 
  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) 
   
  -- 
  End of file - 11533 bytes 
  

quote:

Orijinalden alıntı: Kıdemli Yarbay

Arkadaşlar loglarınızın analizini bu siteden de yaptırabilirsiniz.

http://www.hijackthis.de

İlgili yere logunuzu kopyalaıp yapıştın ve analiz'e basın. x,? olanlar şüpheli dosyalardır.

quote:

Orijinalden alıntı: skubrick

quote: Orijinalden alıntı: Kıdemli Yarbay Arkadaşlar loglarınızın analizini bu siteden de yaptırabilirsiniz. http://www.hijackthis.de İlgili yere logunuzu kopyalaıp yapıştın ve analiz'e basın. x,? olanlar şüpheli dosyalardır.

Kaspersky ile vulnerability scan yapınca SwInit.exe çıkıyor.Shockwave 11 yani bunu nasıl düzeltebilirim.Java 6 ve java 7 de çıktı onları sildim.Kusura bakma belki burası yeri değil ama :(

quote:

Orijinalden alıntı: Kıdemli Yarbay

quote: Orijinalden alıntı: skubrick quote: Orijinalden alıntı: Kıdemli Yarbay Arkadaşlar loglarınızın analizini bu siteden de yaptırabilirsiniz. http://www.hijackthis.de İlgili yere logunuzu kopyalaıp yapıştın ve analiz'e basın. x,? olanlar şüpheli dosyalardır. Kaspersky ile vulnerability scan yapınca SwInit.exe çıkıyor.Shockwave 11 yani bunu nasıl düzeltebilirim.Java 6 ve java 7 de çıktı onları sildim.Kusura bakma belki burası yeri değil ama :(

Hijakthisi denediniz mi?

Alıntıları Göster

quote:

Orijinalden alıntı: serji

quote: Orjinalden alıntı: [Tifosi] saolasın serji, çok teşekkürler... zararlıların düşmanı kahraman DH cı

rica ederim dostmda su smiley kopardi beni valla suerp

Alıntıları Göster

quote:

Orijinalden alıntı: 1ht1baron

Logfile of HijackThis v1.99.1
Scan saved at 18:17:49, on 28.11.2012
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\VM303_STI.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Analog Devices\SoundMAX\SoundMAX.exe
C:\Windows\vmsnap3.exe
C:\Windows\Domino.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_110_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Yasin AYÇİÇEK\Documents\Downloads\Programs\HijackThis_v1.99.1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

go.microsoft.com

Bing

http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

MSN

MSN Türkiye | Hava Durumu, Son Dakika Haber, Hotmail Aç, Outlook Giriş

http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

MSN

MSN Türkiye | Hava Durumu, Son Dakika Haber, Hotmail Aç, Outlook Giriş

http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

go.microsoft.com

Bing

http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

go.microsoft.com

Bing

http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

MSN

MSN Türkiye | Hava Durumu, Son Dakika Haber, Hotmail Aç, Outlook Giriş

http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [BigDog303] C:\Windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [VMSnap3] C:\Windows\VMSnap3.exe
O4 - HKLM\..\Run: [Domino] C:\Windows\Domino.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Global Startup: Hizmet Programı.lnk = ?
O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix:
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)

Lütfen Yardım...

Alıntıları Göster

quote:

Orijinalden alıntı: sblue85

s.a
işlemleri yaptım. sonuç bu.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:59:24, on 26.04.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\SİMLA\Downloads\Programs\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

go.microsoft.com

Bing

http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

MSN

MSN Türkiye | Hava Durumu, Son Dakika Haber, Hotmail Aç, Outlook Giriş

http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

go.microsoft.com

Bing

http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

go.microsoft.com

Bing

http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

MSN

MSN Türkiye | Hava Durumu, Son Dakika Haber, Hotmail Aç, Outlook Giriş

http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Wincore Mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: DataMngr - {B939CF93-F2CB-443d-956C-DC523D85C9DB} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\BROWSE~1.DLL
O2 - BHO: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
O3 - Toolbar: (no name) - !{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O3 - Toolbar: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: OneNote'a G&önder - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Bağlantılı &Notları - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Bağlantılı &Notları - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B24178F1-91EA-4474-83A8-2A5AA454FA64}: NameServer = 4.2.2.1,4.2.2.2
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

Alıntıları Göster

quote:

Orijinalden alıntı: eneme123

Combofix raporum teşekkürler.

 
   
  ComboFix 13-01-28.02 - lg 28.01.2013  14:49:30.2.2 - x86 
  Microsoft Windows 7 Home Premium   6.1.7601.1.1254.90.1055.18.3039.1834 [GMT 2:00] 
  AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} 
  SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} 
  SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} 
  . 
  . 
  (((((((((((((((((((((((((((((((((((((((   Other Deletions   ))))))))))))))))))))))))))))))))))))))))))))))))) 
  . 
  . 
  c:\program files\Trapcode\SoundKeys.aex 
  c:\program files\uninst-SoundKeys.exe 
  C:\torrent.exe 
  c:\windows\lgcenter.ini 
  c:\windows\system32\lsprst7.dll 
  c:\windows\system32\ssprs.dll 
  c:\windows\system32\tmpPrst.dll 
  . 
  . 
  (((((((((((((((((((((((((   Files Created from 2012-12-28 to 2013-01-28  ))))))))))))))))))))))))))))))) 
  . 
  . 
  2013-01-28 13:13 . 2013-01-28 13:13	--------	d-----w-	c:\users\Guest\AppData\Local\temp 
  2013-01-28 13:13 . 2013-01-28 13:13	--------	d-----w-	c:\users\Default\AppData\Local\temp 
  2013-01-28 12:43 . 2013-01-28 12:43	29904	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3832DF87-F3AB-49D4-9D2A-92564510CF20}\MpKslea407dae.sys 
  2013-01-28 11:11 . 2013-01-08 04:57	6991832	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3832DF87-F3AB-49D4-9D2A-92564510CF20}\mpengine.dll 
  2013-01-26 19:53 . 2013-01-08 04:57	6991832	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 
  2013-01-26 08:37 . 2013-01-26 08:37	--------	d-----w-	c:\users\lg\AppData\Local\Programs 
  2013-01-26 08:34 . 2013-01-26 08:34	--------	d-----w-	c:\users\lg\AppData\Roaming\QuickScan 
  2013-01-25 10:31 . 2013-01-27 18:44	--------	d-----w-	c:\program files\Teleport Pro 
  2013-01-22 15:07 . 2013-01-22 15:07	--------	d-----w-	c:\users\Public\Roaming 
  2013-01-09 10:31 . 2012-11-22 04:45	626688	----a-w-	c:\windows\system32\usp10.dll 
  2013-01-09 10:31 . 2012-11-23 02:56	2345984	----a-w-	c:\windows\system32\win32k.sys 
  2013-01-09 10:31 . 2012-11-09 04:43	492032	----a-w-	c:\windows\system32\win32spl.dll 
  2013-01-09 10:29 . 2012-12-07 10:46	43520	----a-w-	c:\windows\system32\csrr.rs 
  2013-01-09 10:28 . 2012-11-20 04:51	220160	----a-w-	c:\windows\system32\ncrypt.dll 
  2013-01-09 10:28 . 2012-11-23 02:48	49152	----a-w-	c:\windows\system32\taskhost.exe 
  2013-01-07 18:06 . 2013-01-07 18:06	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin7.dll 
  2013-01-07 18:06 . 2013-01-07 18:06	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin6.dll 
  2013-01-07 18:06 . 2013-01-07 18:06	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin5.dll 
  2013-01-07 18:06 . 2013-01-07 18:06	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin4.dll 
  2013-01-07 18:06 . 2013-01-07 18:06	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin3.dll 
  2013-01-07 18:06 . 2013-01-07 18:06	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin2.dll 
  2013-01-07 18:06 . 2013-01-07 18:06	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin.dll 
  2013-01-07 18:05 . 2013-01-07 18:06	--------	d-----w-	c:\program files\QuickTime 
  2013-01-04 17:07 . 2013-01-04 17:18	--------	d-----w-	c:\users\lg\Encoded Files 
  2013-01-04 17:07 . 2013-01-04 17:18	--------	d-----w-	c:\users\lg\Adobe Premiere Pro Preview Files 
  . 
  . 
  . 
  ((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))) 
  . 
  2013-01-09 10:44 . 2012-04-07 07:41	697864	----a-w-	c:\windows\system32\FlashPlayerApp.exe 
  2013-01-09 10:44 . 2011-12-01 21:41	74248	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl 
  2012-12-16 14:13 . 2012-12-21 23:50	295424	----a-w-	c:\windows\system32\atmfd.dll 
  2012-12-16 14:13 . 2012-12-21 23:50	34304	----a-w-	c:\windows\system32\atmlib.dll 
  2012-11-28 12:43 . 2012-11-28 12:44	740840	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{965578F6-63CD-4CF0-92AE-E95164895E85}\gapaengine.dll 
  2012-11-14 02:09 . 2012-12-14 00:33	1800704	----a-w-	c:\windows\system32\jscript9.dll 
  2012-11-14 01:58 . 2012-12-14 00:33	1427968	----a-w-	c:\windows\system32\inetcpl.cpl 
  2012-11-14 01:57 . 2012-12-14 00:33	1129472	----a-w-	c:\windows\system32\wininet.dll 
  2012-11-14 01:49 . 2012-12-14 00:33	142848	----a-w-	c:\windows\system32\ieUnatt.exe 
  2012-11-14 01:48 . 2012-12-14 00:34	420864	----a-w-	c:\windows\system32\vbscript.dll 
  2012-11-14 01:44 . 2012-12-14 00:34	2382848	----a-w-	c:\windows\system32\mshtml.tlb 
  2012-11-09 04:42 . 2012-12-13 19:07	2048	----a-w-	c:\windows\system32\tzres.dll 
  2012-11-02 05:11 . 2012-12-13 19:07	376832	----a-w-	c:\windows\system32\dpnet.dll 
  2009-11-19 19:08 . 2009-11-19 19:08	3749224	----a-w-	c:\program files\Common Files\adlmint_libFNP.dll 
  2009-11-19 19:08 . 2009-11-19 19:08	2941288	----a-w-	c:\program files\Common Files\adlmint.dll 
  2007-07-17 10:13 . 2008-02-08 15:21	61440	----a-w-	c:\program files\RGSGrowBounds.aex 
  2013-01-26 12:01 . 2013-01-26 12:01	262552	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll 
  . 
  . 
  (((((((((((((((((((((((((((((((((((((   Reg Loading Points   )))))))))))))))))))))))))))))))))))))))))))))))))) 
  . 
  . 
  *Note* empty entries & legit default entries are not shown  
  REGEDIT4 
  . 
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
  "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] 
  . 
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
  "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176] 
  "zOSD"="c:\program files\LG Software\LG OSD\HotKey.exe" [2009-08-29 3670016] 
  "LG Magnifier"="c:\program files\LG Software\LG Magnifier\MagnifyingGlass.exe" [2008-05-20 144688] 
  "LGSR_Menu"="c:\program files\LG Software\LG Smart Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] 
  "LG Intelligent Update"="c:\program files\lg_swupdate\giljabistart.exe" [2009-07-17 308528] 
  "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904] 
  "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-18 7707168] 
  "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-28 13797920] 
  "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-18 218408] 
  "WTClient"="WTClient.exe" [2007-04-11 40960] 
  "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] 
  "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] 
  "SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-01-04 103896] 
  "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] 
  "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] 
  "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280] 
  "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176] 
  "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] 
  "NUSB3MON"="c:\program files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-03-30 113296] 
  "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888] 
  "KeybdUtility"="c:\program files\LG Software\LG OSD\HotKey.exe" [2009-08-29 3670016] 
  . 
  c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ 
  Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-2 795936] 
  Network Server.lnk - c:\program files\WIBUKEY\Server\WkSvMgr.exe [N/A] 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] 
  "ConsentPromptBehaviorAdmin"= 0 (0x0) 
  "ConsentPromptBehaviorUser"= 3 (0x3) 
  "EnableLUA"= 0 (0x0) 
  "EnableUIADesktopToggle"= 0 (0x0) 
  "PromptOnSecureDesktop"= 0 (0x0) 
  . 
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] 
  @="" 
  . 
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] 
  @="Service" 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 
  2012-12-03 07:35	946352	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] 
  2010-03-06 00:44	500208	------w-	c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 
  2011-07-28 23:08	1259376	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update] 
  2011-11-13 15:00	137536	----atw-	c:\users\lg\AppData\Local\Facebook\Update\FacebookUpdate.exe 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 
  2011-01-29 12:49	136176	----atw-	c:\users\lg\AppData\Local\Google\Update\GoogleUpdate.exe 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI] 
  2012-06-08 09:06	63048	----a-w-	c:\program files\LogMeIn\x86\LogMeInSystray.exe 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 
  2012-10-25 01:12	421888	----a-w-	c:\program files\QuickTime\QTTask.exe 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tcactive] 
  2011-05-03 05:41	4993776	----a-w-	c:\program files\The Cleaner\tcap.exe 
  . 
  R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] 
  R2 hshld;Hotspot Shield Service;c:\program files\Hotspot Shield\bin\openvpnas.exe [x] 
  R2 mi-raysat_3dsmax2011_32;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe [x] 
  R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x] 
  R3 KinectCamera;Microsoft Kinect Camera Driver;c:\windows\system32\Drivers\kinectcamera.sys [x] 
  R3 massfilter_hs;HS HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [x] 
  R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x] 
  R3 nl_license_manager;nl_license_manager;c:\program files\Next Limit\Licence Manager\nl_license_manager.exe [x] 
  R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [x] 
  R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] 
  R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] 
  R3 psdrv3;PrimeSensor Device Driver Service v3.x;c:\windows\system32\Drivers\psdrv3.sys [x] 
  R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] 
  R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x] 
  R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x] 
  R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] 
  R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [x] 
  R3 WatAdminSvc;Windows Etkinleştirme Teknolojileri Hizmeti;c:\windows\system32\Wat\WatAdminSvc.exe [x] 
  R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x] 
  R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [x] 
  R4 3d-io License Server v2.0;3d-io License Server v2.0;c:\program files\3d-io plugins\licensing_v2\ActiveLockServerV2.exe [x] 
  R4 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [x] 
  R4 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [x] 
  R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] 
  S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x] 
  S1 MpKslea407dae;MpKslea407dae;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3832DF87-F3AB-49D4-9D2A-92564510CF20}\MpKslea407dae.sys [x] 
  S2 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe [x] 
  S2 KinectManagement;Kinect Management;c:\program files\Microsoft Kinect Drivers\Service\KinectManagementService.exe [x] 
  S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [x] 
  S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x] 
  S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] 
  S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [x] 
  S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] 
  S3 NETw5s32;Windows 7 32 Bit için Intel(R) Wireless WiFi Link Bağdaştırıcı Sürücüsü ;c:\windows\system32\DRIVERS\NETw5s32.sys [x] 
  S3 NisSrv;Microsoft Ağ İnceleme;c:\program files\Microsoft Security Client\NisSrv.exe [x] 
  S3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\DRIVERS\PTSimBus.sys [x] 
  S3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\DRIVERS\PTSimHid.sys [x] 
  S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x] 
  S3 WacomVTHid;Virtual Touch Driver;c:\windows\system32\DRIVERS\WacomVTHid.sys [x] 
  . 
  . 
  --- Other Services/Drivers In Memory --- 
  . 
  *NewlyCreated* - MPKSL518844F9 
  *NewlyCreated* - MPKSLEA407DAE 
  *Deregistered* - MpKsl518844f9 
  . 
  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] 
  LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc 
  nosGetPlusHelper	REG_MULTI_SZ   	nosGetPlusHelper 
  BullGuard_Backup	REG_MULTI_SZ   	BsBackup 
  . 
  Contents of the 'Scheduled Tasks' folder 
  . 
  2013-01-28 c:\windows\Tasks\Adobe Flash Player Updater.job 
  - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 10:44] 
  . 
  2013-01-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3021743393-344141284-3024799621-1000Core.job 
  - c:\users\lg\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-13 15:00] 
  . 
  2013-01-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3021743393-344141284-3024799621-1000UA.job 
  - c:\users\lg\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-13 15:00] 
  . 
  2013-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job 
  - c:\program files\Google\Update\GoogleUpdate.exe [2011-05-28 16:40] 
  . 
  2013-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job 
  - c:\program files\Google\Update\GoogleUpdate.exe [2011-05-28 16:40] 
  . 
  2013-01-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3021743393-344141284-3024799621-1000Core.job 
  - c:\users\lg\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-29 12:49] 
  . 
  2013-01-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3021743393-344141284-3024799621-1000UA.job 
  - c:\users\lg\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-29 12:49] 
  . 
  2013-01-27 c:\windows\Tasks\RMSchedule.job 
  - c:\program files\Registry Mechanic\RegMech.exe [2012-01-19 20:24] 
  . 
  . 
  ------- Supplementary Scan ------- 
  . 
  uStart Page = hxxp://search.babylon.com/?affID=111304&babsrc=HP_ss&mntrId=02cf3eb30000000000000026c625f73b 
  mStart Page = hxxp://www.bigseekpro.com/hypercam/{57AAFAB0-ECA6-4B30-8406-287A9592FD99} 
  IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 
  IE: Görüntüyü &Bluetooth Aygıtına Gönder... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm 
  IE: Sayfayı &Bluetooth Aygıtına Gönder... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm 
  IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 
  TCP: DhcpNameServer = 192.168.2.1 
  TCP: Interfaces\{46C4BF81-46C1-4BD8-9CC4-6D5F05D53786}\35379646: NameServer = 4.2.2.1,4.2.2.2 
  TCP: Interfaces\{46C4BF81-46C1-4BD8-9CC4-6D5F05D53786}\D416E657348616F6: NameServer = 4.2.2.1,4.2.2.2 
  TCP: Interfaces\{46C4BF81-46C1-4BD8-9CC4-6D5F05D53786}\D416E657348616F623: NameServer = 4.2.2.1,4.2.2.2 
  FF - ProfilePath - c:\users\lg\AppData\Roaming\Mozilla\Firefox\Profiles\j8arbcqp.default\ 
  FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms} 
  FF - prefs.js: browser.search.selectedEngine - Google 
  FF - prefs.js: browser.startup.homepage - hxxp://google.com.tr 
  FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q= 
  FF - prefs.js: network.proxy.type - 0 
  FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111304 
  FF - user.js: extensions.BabylonToolbar_i.babExt -  
  FF - user.js: extensions.BabylonToolbar_i.srcExt - ss 
  FF - user.js: extensions.BabylonToolbar_i.id - 02cf3eb30000000000000026c625f73b 
  FF - user.js: extensions.BabylonToolbar_i.hardId - 02cf3eb30000000000000026c625f73b 
  FF - user.js: extensions.BabylonToolbar_i.instlDay - 15536 
  FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 
  FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 
  FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1712:16 
  FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon 
  FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar 
  FF - user.js: extensions.BabylonToolbar_i.aflt - babsst 
  FF - user.js: extensions.BabylonToolbar_i.smplGrp - none 
  FF - user.js: extensions.BabylonToolbar_i.tlbrId - base 
  FF - user.js: extensions.BabylonToolbar_i.instlRef - sst 
  user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0); 
  . 
  . 
  --------------------- LOCKED REGISTRY KEYS --------------------- 
  . 
  [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] 
  @Denied: (A 2) (Everyone) 
  @="FlashBroker" 
  "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101" 
  . 
  [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] 
  "Enabled"=dword:00000001 
  . 
  [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] 
  @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe" 
  . 
  [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] 
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" 
  . 
  [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version] 
  "Version"=hex:05,6c,3d,a7,80,94,d9,ea,da,9c,16,5b,35,0a,77,62,10,d9,70,a0,0e, 
     17,f9,dd,6e,80,d4,03,a0,1b,ae,d5,16,4c,ba,4d,89,40,7a,67,ea,0e,96,08,b0,df,\ 
  . 
  [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] 
  @Denied: (A 2) (Everyone) 
  @="IFlashBroker5" 
  . 
  [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] 
  @="{00020424-0000-0000-C000-000000000046}" 
  . 
  [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] 
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" 
  "Version"="1.0" 
  . 
  [HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version] 
  "Version"=hex:05,6c,3d,a7,80,94,d9,ea,da,9c,16,5b,35,0a,77,62,10,d9,70,a0,0e, 
     17,f9,dd,6e,80,d4,03,a0,1b,ae,d5,16,4c,ba,4d,89,40,7a,67,ea,0e,96,08,b0,df,\ 
  . 
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] 
  @Denied: (A) (Users) 
  @Denied: (A) (Everyone) 
  @Allowed: (B 1 2 3 4 5) (S-1-5-20) 
  "BlindDial"=dword:00000000 
  "MSCurrentCountry"=dword:000000b5 
  . 
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] 
  @Denied: (A) (Users) 
  @Denied: (A) (Everyone) 
  @Allowed: (B 1 2 3 4 5) (S-1-5-20) 
  "BlindDial"=dword:00000000 
  . 
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] 
  @Denied: (A) (Users) 
  @Denied: (A) (Everyone) 
  @Allowed: (B 1 2 3 4 5) (S-1-5-20) 
  "BlindDial"=dword:00000000 
  . 
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] 
  @Denied: (A) (Users) 
  @Denied: (A) (Everyone) 
  @Allowed: (B 1 2 3 4 5) (S-1-5-20) 
  "BlindDial"=dword:00000000 
  . 
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] 
  @Denied: (A) (Users) 
  @Denied: (A) (Everyone) 
  @Allowed: (B 1 2 3 4 5) (S-1-5-20) 
  "BlindDial"=dword:00000000 
  . 
  [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] 
  @Denied: (Full) (Everyone) 
  . 
  Completion time: 2013-01-28  15:37:32 
  ComboFix-quarantined-files.txt  2013-01-28 13:37 
  ComboFix2.txt  2013-01-10 11:13 
  . 
  Pre-Run: 69.864.435.712 bayt boş 
  Post-Run: 74.026.676.224 bayt boş 
  . 
  - - End Of File - - 2DBD471B2E28EA3F374D8F20350D91F0 
  

Alıntıları Göster

quote:

Orijinalden alıntı: antidoksan

yardımcı olursanız sevinirim


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:07:10, on 31.01.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Users\casper\Downloads\Programs\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

go.microsoft.com

Bing

http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

MSN

MSN Türkiye | Hava Durumu, Son Dakika Haber, Hotmail Aç, Outlook Giriş

http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

go.microsoft.com

Bing

http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (file missing)
R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: FrostWire On Startup.lnk = C:\Program Files (x86)\FrostWire 5\FrostWire.exe
O4 - Global Startup: POSH.lnk = C:\Program Files (x86)\SuperPOSH\POSHStartUp.exe
O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{5C87A074-3D8C-410F-9FDB-AA7637F3DF15}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: CyberLink Product - 2011/08/25 17:54:41 (CLKMSVC10_9EC60124) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: POSHService - Unknown owner - C:\Program Files (x86)\SuperPOSH\POSHMain.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XoftSpyService - ParetoLogic Inc. - C:\Program Files (x86)\Common Files\XoftSpySE\6\xoftspyservice.exe
O23 - Service: Intel(R) PROSet/Wireless ZeroConfig Service (ZcfgSvc7) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe

--
End of file - 11412 bytes

quote:

Orijinalden alıntı: wurtz

Do you know the IP or Domain '212.65.129.1 212.65.134.72'? If not, fix this entry.

Şeklinde şüpheli bir sonuç çıktı. IP'yi arattığımda Vodafone'a ait olduğunu gördüm.

dawhois.com

IP Whois Lookup, Domain Name Search, Visual Trace Route - Da whois

http://dawhois.com/ip/212.65.129.1.html

Girdiyi nasıl kaldırabilirim bilen var mı?

Alıntıları Göster

quote:

Orijinalden alıntı: serji

quote: Orjinalden alıntı: [Tifosi] saolasın serji, çok teşekkürler... zararlıların düşmanı kahraman DH cı

rica ederim dostmda su smiley kopardi beni valla suerp

Alıntıları Göster

quote:

Orijinalden alıntı: Ank1026

Acil cevaplarsanız sevinirim
Hangilerini siliyim
Lap topum Win7 İntel i7 Masa üstü bilgisayarım WinXP den daha yavaş açılıyor nedeni ne olabilir

HijackThis



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:03:29, on 07.03.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Users\user\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Users\user\AppData\Local\Akamai\netsession_win.exe
C:\Users\user\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
C:\Users\user\AppData\Local\Torch\Application\torch.exe
C:\Users\user\AppData\Local\Torch\Update\2.0.0.2062\TorchUpdate.exe
C:\Users\user\AppData\Local\Torch\Application\torch.exe
C:\Users\user\AppData\Local\Torch\Application\torch.exe
C:\Users\user\AppData\Local\Torch\Application\torch.exe
C:\Users\user\AppData\Local\Torch\Application\torch.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Users\user\AppData\Local\Torch\Application\torch.exe
C:\Users\user\AppData\Local\Torch\Application\torch.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\user\AppData\Local\Torch\Application\torch.exe
C:\Users\user\AppData\Local\Torch\Application\torch.exe
C:\Users\user\AppData\Local\Torch\Application\torch.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\Downloads\avast-browser-cleanup.exe
C:\Users\user\AppData\Local\Temp\7zS5971.tmp\BrowserCleanup.exe
C:\Users\user\AppData\Local\Torch\Application\torch.exe
C:\Users\user\AppData\Local\Torch\Application\torch.exe
C:\Users\user\AppData\Local\Torch\Application\torch.exe
C:\Users\user\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

www.bing.com

Bing

http://www.bing.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

go.microsoft.com

Bing

http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

www.bing.com

Bing

http://www.bing.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =http://securityresponse.symantec.com/avcenter/fix_homepage/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =http://securityresponse.symantec.com/avcenter/fix_homepage/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O2 - BHO: (no name) - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - (no file)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll (file missing)
O3 - Toolbar: (no name) - {8dcb7100-df86-4384-8842-8fa844297b3f} - (no file)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "C:\Program Files (x86)\Searchqu Toolbar"
O4 - HKCU\..\Run: [Google Update] "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Rainlendar2] D:\Programlar\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\user\AppData\Local\Akamai\netsession_win.exe"
O4 - Global Startup: Hizmet Programı.lnk = ?
O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe
O8 - Extra context menu item: Free YouTube Download - C:\Users\user\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone:http://*.aeriagames.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{5DF4CAFB-EA0B-4E3D-ACE1-DF7C0364F376}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD02D2EB-B50F-45EA-A469-7F5C7435D381}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{5DF4CAFB-EA0B-4E3D-ACE1-DF7C0364F376}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{5DF4CAFB-EA0B-4E3D-ACE1-DF7C0364F376}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: CECFLPKT - Chicony Electronics Co., Ltd. - C:\Program Files (x86)\ChiconyCam\CECPLFKT.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: FreemakeVideoCapture - Unknown owner - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (file missing)
O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Güncelleme Hizmeti (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15997 bytes

Alıntıları Göster

quote:

Orijinalden alıntı: serji

quote: Orjinalden alıntı: [Tifosi] saolasın serji, çok teşekkürler... zararlıların düşmanı kahraman DH cı

rica ederim dostmda su smiley kopardi beni valla suerp

Alıntıları Göster