Yardım inndir.com'dan viruslu dosya indirdim Log ve Acıklama

19-09-2019, 11:54:16

#1
Diaz

Açık Profil bilgileri

Özel Mesaj Gönder

Diaz tarafından gönderilen tüm mesajları bul

Diaz'ı arkadaş olarak ekle

Platinum
Ram duzeltmeleri icin Chip Tr forumlarında gezerken 2010 yılında bahsi gecen Fresh Ram 5.0.0 adlı programı araştırdım ve bir Turk sitesinde olduğunu gorunce sevindim ama sevincimi kursağımda bıraktılar. http://www.inndir.com/Fresh-RAM-4493...l#.UwZBLWJ_u84 adresten indirdiğim program bir nevi otomatik virus yukleme programı gibi calıştı 2 dakikada bilgisayarın ağzına s*ctı

7-8 tane program yuklenmiş ayrıca anasayfam awesomehp adında bir siteyle değiştirilmiş masaustunde 2 tane desktop.ini oluşturulmuş tonla şey olmuş

Adw Cleaner + AVG ile gerekli temizlikleri yapmama rağmen icime sinmiyor, ha unutmadan program yuklenirken windows .. setleri bulunamadı şeklinde hata vermişti bende ram optamize programının rutin uyarısıdır diye o zaman onemsememiştim şimdi aklıma gelince dikkatimi cekti bu detayı da bilmenizi isterim.

Oncelikle masaustumde 2 tane bulunan Desktop.ini' dosyaların icinde yazanlar;

Kod:
[.ShellClassInfo] [email protected]%SystemRoot%system32shell32.dll,-21799 [LocalizedFileNames]
Diğer Desktop.ini 'nde yazanlar;

Kod:
[.ShellClassInfo] [email protected]%SystemRoot%system32shell32.dll,-21769 IconResource=%SystemRoot%system32imageres.dll,-183 [LocalizedFileNames] Internet [email protected]%windir%System32ie4uinit.exe,-731

Hijacktish Logum:

Kod:
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:50:14, on 20.02.2014 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.17267) Boot mode: Normal Running processes: C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:Program FilesUSB Disk SecurityUSBGuard.exe C:Program FilesCommon FilesPC ToolssMonitorSSDMonitor.exe C:Program FilesAVGAVG2013vgui.exe C:Program FilesVtuneTBPANEL.exe C:Program FilesAnti-Vibrate Oscar EditorOscarEditor.exe C:Program FilesNVIDIA CorporationDisplayvtray.exe C:Program FilesDAEMON Tools ProDTShellHlp.exe C:Program FilesGoogleChromeApplicationchrome.exe C:Program FilesGoogleChromeApplicationchrome.exe C:Program FilesGoogleChromeApplicationchrome.exe C:Program FilesGoogleChromeApplicationchrome.exe C:Program FilesGoogleChromeApplicationchrome.exe C:Program FilesGoogleChromeApplicationchrome.exe C:UsersTarkanDownloadsHijackThis.exe R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = 68.67.77.100:7808 R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = O2 - BHO: IDM Helper - - C:Program FilesInternet Download ManagerIDMIECC.dll O2 - BHO: Increase performance and video formats for your HTML5 - - C:Program FilesDivXDivX Plus Web PlayerieDivXHTML5DivXHTML5.dll O2 - BHO: Java(tm) Plug-In SSV Helper - - C:Program FilesJavajre7inssv.dll O2 - BHO: Surftastic - - C:Program FilesSurftasticSurftasticbho.dll (file missing) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - - C:Program FilesJavajre7injp2ssv.dll O3 - Toolbar: Yandex Elements - - C:Program FilesYandexElementsartab.dll (file missing) O4 - HKLM..Run: [USB Antivirus] C:Program FilesUSB Disk SecurityUSBGuard.exe O4 - HKLM..Run: [SSDMonitor] C:Program FilesCommon FilesPC ToolssMonitorSSDMonitor.exe O4 - HKLM..Run: [Adobe ARM] "C:Program FilesCommon FilesAdobeARM.0AdobeARM.exe" O4 - HKLM..Run: [AVG_UI] "C:Program FilesAVGAVG2013vgui.exe" /TRAYONLY O4 - HKCU..Run: [TBPanel] C:Program FilesVtuneTBPanel.exe /A O4 - HKCU..Run: [OscarEditor] "C:Program FilesAnti-Vibrate Oscar EditorOscarEditor.exe" Minimum O4 - HKUSS-1-5-21-1036951519-484116859-2789302877-1007..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUSS-1-5-21-1036951519-484116859-2789302877-1007..Run: [TBPanel] C:Program FilesVtuneTBPanel.exe /A (User 'UpdatusUser') O4 - HKUSS-1-5-21-1036951519-484116859-2789302877-1007..Run: [Facebook Update] "C:UsersTarkanAppDataLocalFacebookUpdateFacebookUp date.exe" /c /nocrashserver (User 'UpdatusUser') O4 - HKUSS-1-5-21-1036951519-484116859-2789302877-1007..Run: [DAEMON Tools Pro Agent] "C:Program FilesDAEMON Tools ProDTAgent.exe" -autorun (User 'UpdatusUser') O4 - HKUSS-1-5-21-1036951519-484116859-2789302877-1007..Run: [IDMan] C:Program FilesInternet Download ManagerIDMan.exe /onboot (User 'UpdatusUser') O4 - HKUSS-1-5-21-1036951519-484116859-2789302877-1007..Run: [OscarEditor] "C:Program FilesAnti-Vibrate Oscar EditorOscarEditor.exe" Minimum (User 'UpdatusUser') O4 - HKUSS-1-5-21-1036951519-484116859-2789302877-1007..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:Windowssystem32GPhotos.scr/200 O8 - Extra context menu item: Butun linkleri IDM ile indir - C:Program FilesInternet Download ManagerIEGetAll.htm O8 - Extra context menu item: IDM ile indir - C:Program FilesInternet Download ManagerIEExt.htm O8 - Extra context menu item: Microsoft Excel'e Go&nder - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000 O8 - Extra context menu item: Sothink SWF Catcher - C:Program FilesCommon FilesSourceTecSWF CatcherInternetExplorer.htm O9 - Extra button: Skype Click to Call - - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll O9 - Extra button: Araştır - - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL O9 - Extra button: Sothink SWF Catcher - - C:Program FilesCommon FilesSourceTecSWF CatcherInternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - - C:Program FilesCommon FilesSourceTecSWF CatcherInternetExplorer.htm O10 - Unknown file in Winsock LSP: crogram filescommon filesmicrosoft sharedwindows livewlidnsp.dll O10 - Unknown file in Winsock LSP: crogram filescommon filesmicrosoft sharedwindows livewlidnsp.dll O16 - DPF: (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O17 - HKLMSystemCCSServicesTcpip..: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLMSystemCS1ServicesTcpip..: NameServer = 156.154.70.22,156.154.71.22 O17 - HKLMSystemCS2ServicesTcpip..: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLMSystemCS3ServicesTcpip..: NameServer = 8.8.8.8,8.8.4.4 O18 - Protocol: skype-ie-addon-data - - C:Program FilesSkypeToolbarsInternet Explorerskypeieplugin.dll O18 - Protocol: skype4com - - C:PROGRA~1COMMON~1SkypeSkype4COM.dll O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:Program FilesCommon FilesAdobeARM.0rmsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:Windowssystem32MacromedFlashFlashPlayerUpdateSer vice.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:Program FilesAVGAVG2013vgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:Program FilesAVGAVG2013vgwdsvc.exe O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:Program FilesBitComet oolsBitCometService.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:Program FilesCommon FilesInterVideoDeviceServiceDevSvc.exe O23 - Service: Desura Install Service - Desura Pty Ltd - C:Program FilesCommon FilesDesuradesura_service.exe O23 - Service: ESL Wire Helper Service (EslWireHelper) - Unknown owner - C:Program FilesEslWireserviceWireHelperSvc.exe O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe O23 - Service: Google Guncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe O23 - Service: Google Guncelleme Hizmeti (gupdatem) (gupdatem) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver Intel 32IDriverT.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:Windowssystem32vvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:Program FilesNVIDIA CorporationNVIDIA Update Coredaemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:Windowssystem32PnkBstrA.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:Program FilesWinPcappcapd.exe O23 - Service: Elemente control center service (SCElemente) - Unknown owner - C:Program FilesDivineElementeSystemControlService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:Program FilesSkypeUpdaterUpdater.exe O23 - Service: Steam Client Service - Valve Corporation - C:Program FilesCommon FilesSteamSteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:Program FilesNVIDIA CorporationD VisionvSCPAPISvr.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:Program FilesTeamViewerVersion8TeamViewer_Service.exe O23 - Service: xsherlock - Wellbia.com Co., Ltd. - C:Windowssystem32xsherlock.xem -- End of file - 9037 bytes

Bilgisayarda zararlı yazılım kalıp kalmadığı hakkında, Bana Yardımcı olursanız sevinirim, şuan gercekten cok kotu moralim bozuldu ya...
__________________