Hijackthis Loguma bakarmısınz

19-09-2019, 11:57:22

#1
Diaz

Açık Profil bilgileri

Özel Mesaj Gönder

Diaz tarafından gönderilen tüm mesajları bul

Diaz'ı arkadaş olarak ekle

Platinum
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:18:35, on 05.09.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Documents and Settings\Erhan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\DOCUME~1\Erhan\LOCALS~1\Temp\winaytpa.exe
C:\DOCUME~1\Erhan\LOCALS~1\Temp\wincyhvm.exe
C:\DOCUME~1\Erhan\LOCALS~1\Temp\winvmxxcx.exe
C:\Documents and Settings\Erhan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\SYSTEM32\taskmgr.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Erhan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Erhan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\FixCleaner\FixCleaner.exe
C:\Documents and Settings\Erhan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com.tr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: Java(tm) Plug-In SSV Helper - - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - - (no file)
O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [FixCleaner] C:\Program Files\FixCleaner\FixCleaner.exe -boot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Butun linkleri IDM ile indir - E:\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: IDM ile indir - E:\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: OneNote'a Gonder - - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: OneNote'a G&onder - - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: (N9_DVR Control) - http://85.109.151.180/N9_ActiveX.cab?V1235
O18 - Protocol: grooveLocalGWS - - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: DfLogon - LogonDll.dll (file missing)
O22 - SharedTaskScheduler: Browseui onceden yukleyicisi - - C:\WINDOWS\SYSTEM32\browseui.dll
O22 - SharedTaskScheduler: Bileşen Katergorileri onbellek daemon - - C:\WINDOWS\SYSTEM32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: DFServ - Faronics Corporation - C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 5576 bytes

boyle Hijack This raporum
Virus Var Biliyorum belirtileri şunlar
1- Antivirus sitelerine giremiyorum
2- girsemde indiremiyorum
3- Autorun.inf var
4- exe ve msi dosyaları indirilimiyo 99 da kalıyor
5- bazı oyunlara giremiyorum (Orn. Candy Crush, Pet Rescue Saga)
6- Virustotal girilmiyo
7- PC Acayip ağırlaştı

lutefn bir oneri pc'mde Deep Freeze'de Kurulu
__________________