[christine154]

benim pc onun ve programları ve sayfaları açmak için ne zaman başlar onun kadar şimdi i mavi ekran var uzun süren hasta, daha sonra pencere sayfası i içine eğer herkes koğuşta şöyle bir şey bulmak görmek için bir hjt giriş yapmış gider forumlardaki birkaç saniye görünür ?

Logfile HijackThis v1.99.1 ve
Tarama 10:56:15 at 22/08/2008 kaydedilmiş
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Çalışan süreçleri:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Acer \ Empowering Technology \ ePerformance \ MemCheck.exe
C: \ progra ~ 1 \ intern AVG \ AVG8 \ avgwdsvc.exe
C: \ WINDOWS \ system32 \ hasplms.exe
c: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ Acer \ Empowering Technology \ eLock \ LockServ.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ progra ~ 1 \ intern AVG \ AVG8 \ avgrsx.exe
C: \ progra ~ 1 \ intern AVG \ AVG8 \ avgemc.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Acer \ Empowering Technology \ eRecovery \ eRAgent.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ RTHDCPL.EXE
C: \ Program Files \ Cyberlink \ PowerDVD \ PDVDServ.exe
C: \ WINDOWS \ system32 \ Rundll32.exe
C: \ WINDOWS \ system32 \ SysMonitor.exe
C: \ WINDOWS \ CameraFixer.exe
C: \ WINDOWS \ tsnp2std.exe
C: \ WINDOWS \ vsnp2std.exe
C: \ Program Files \ Real \ RealPlayer \ RealPlay.exe
C: \ Program Files \ QuickTime \ qttask.exe
C: \ progra ~ 1 \ intern Yahoo! \ Tarayıcı \ ybrwicon.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
C: \ Acer \ Empowering Technology \ eLock \ Monitör \ LockMon.exe
C: \ progra ~ 1 \ intern Yahoo! \ Tarayıcı \ ycommon.exe
C: \ Program Files \ BT genişbant Masaüstü Yardımı \ bin \ BTHelpNotifier.exe
C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe
C: \ progra ~ 1 \ intern AVG \ AVG8 \ avgtray.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ Hewlett-Packard \ Digital Imaging \ bin \ hpohmr08.exe
C: \ Program Files \ Hewlett-Packard \ Digital Imaging \ bin \ hpotdd01.exe
C: \ Program Files \ BT broadband Masaüstü Yardımı \ bin \ BTHelp.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ WINDOWS \ system32 \ wbem \ wmiapsrv.exe
C: \ Program Files \ BT genişbant Masaüstü Yardımı \ bin \ mpbtn.exe
C: \ Program Files \ Hewlett-Packard \ Digital Imaging \ bin \ hpoevm08.exe
C: \ Program ~ 1 \ Hewlett ~ 1 \ hpis \ ortak \ Motive ~ 1.exe
C: \ Program Files \ Hewlett-Packard \ Digital Imaging \ Bin \ hpoSTS08.exe
C: \ progra ~ 1 \ intern Yahoo! \ Messen ~ 1 \ ymsgr_tray.exe
C: \ Program Files \ King Kong Software \ Çekim \ KingKongCapture.exe
C: \ Program Files \ Yahoo! \ Tarayıcı \ ybrowser.exe
C: \ Documents and Settings \ Christine \ Belgelerim \ PRORAM DOWNOADS \ HijackThis.exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://kingkongsearch.com/
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://home.bt.yahoo.com/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Varsayılan) = http://search.aol.co.uk/web?isinit=true&query =% s
= 127.0.0.1 ProxyOverride R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Ayarlar,
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ yükler \ cpn0 \ yt.dll
O2 - BHO: Yahoo! Araç Çubuğu Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ yükler \ cpn0 \ yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll
O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ progra ~ 1 \ intern Spybot ~ 1 \ SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ progra ~ 1 \ intern Yahoo! \ Common \ yiesrvc.dll
O2 - BHO: SSVHelper Sınıf - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O2 - BHO: Windows Live Sign-Yardımcı yılında - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ progra ~ 1 \ intern AVG \ AVG8 \ AVGTOO ~ 1.DLL
O2 - BHO: ZoneAlarm'ı Spy Engelleyicisi BHO - (F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ ZoneAlarmSB \ çubuğu \ 1.bin \ SPYBLOCK.DLL
O2 - BHO: SidebarAutoLaunch Sınıf - (F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D) - C: \ Program Files \ Yahoo! \ Tarayıcı \ YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ yükler \ cpn0 \ yt.dll
O3 - Toolbar: ZoneAlarm'ı Spy Engelleyicisi - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ ZoneAlarmSB \ çubuğu \ 1.bin \ SPYBLOCK.DLL
O3 - Toolbar: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ progra ~ 1 \ intern AVG \ AVG8 \ AVGTOO ~ 1.DLL
O4 - HKLM \ .. \ Run: [LaunchApp] Alaunch
O4 - HKLM \ .. \ Run: [NvCplDaemon] Rundll32.exe C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / yüklemek
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [SkyTel] SkyTel.EXE
O4 - HKLM \ .. \ Run: [ntiMUI] C: \ Program Files \ Newtech Infosystems \ NTI CD ve DVD-Maker 7 \ ntiMUI.exe
O4 - HKLM \ .. \ Run: [RemoteControl] "C: \ Program Files \ Cyberlink \ PowerDVD \ PDVDServ.exe"
O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / Spoil / RemAdvDef / Migration32
O4 - HKLM \ .. \ Run: [IMEKRMIG6.1] C: \ WINDOWS \ adı \ imkr6_1 \ IMEKRMIG.EXE
O4 - HKLM \ .. \ Run: [MSPY2002] C: \ WINDOWS \ system32 \ IME \ PINTLGNT \ ImScInst.exe / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [NvMediaCenter] Rundll32.exe C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [Acer Empowering Technology Monitor] C: \ WINDOWS \ system32 \ SysMonitor.exe
O4 - HKLM \ .. \ Run: [eLockMonitor] C: \ Acer \ Empowering Technology \ eLock \ Monitör \ LaunchMonitor.exe
O4 - HKLM \ .. \ Run: [eRecoveryService] C: \ Acer \ Empowering Technology \ eRecovery \ eRAgent.exe
O4 - HKLM \ .. \ Run: [CameraFixer] C: \ WINDOWS \ CameraFixer.exe
O4 - HKLM \ .. \ Run: [] tsnp2std C: \ Windows \ tsnp2std.exe
O4 - HKLM \ .. \ Run: [] snp2std C: \ Windows \ vsnp2std.exe
O4 - HKLM \ .. \ Run: [RealTray] C: \ Program Files \ Real \ RealPlayer \ RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [AOLDialer] C: \ Program Files \ Common Files \ AOL \ ACS \ AOLDial.exe
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8,0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [YBrowser] C: \ progra ~ 1 \ intern Yahoo! \ Tarayıcı \ ybrwicon.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [btbb_wcm_McciTrayApp] C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
O4 - HKLM \ .. \ Run: [btbb_McciTrayApp] C: \ Program Files \ BT genişbant Masaüstü Yardımı \ bin \ BTHelpNotifier.exe
O4 - HKLM \ .. \ Run: [ZoneAlarm Client] "C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe"
O4 - HKLM \ .. \ Run: [AVG8_TRAY] C: \ progra ~ 1 \ intern AVG \ AVG8 \ avgtray.exe
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" / arka plan
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / arka plan
O4 - HKCU \ .. \ Run: [Yahoo! Çağrı] "C: \ progra ~ 1 \ intern Yahoo! \ Messen ~ 1 \ YAHOOM ~ 1.EXE"-sessiz
O4 - Startup: BT broadband Masaüstü Help.lnk = C: \ Program Files \ BT broadband Masaüstü Yardımı \ bin \ matcli.exe
O4 - Global Startup: HP PSC 1000 series.lnk =?
O4 - Global Startup: hpoddt01.exe.lnk =?
O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files \ Microsoft Office \ Office10 \ OSA.EXE
O8 - Extra menü item: & Yahoo! Araç Çubuğu arama - res: / / C: \ Program Files \ AOL Araç Çubuğu \ toolbar.dll / SEARCH.HTML
O9 - Extra düğmesi: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra düğmesi: BT Yahoo! Hizmetler - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ progra ~ 1 \ intern Yahoo! \ Common \ yiesrvc.dll
O9 - Extra düğmesi: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll
O9 - Extra düğmesi: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ progra ~ 1 \ intern Spybot ~ 1 \ SDHelper.dll
O9 - Extra 'Tools' MENUITEM: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ progra ~ 1 \ intern Spybot ~ 1 \ SDHelper.dll
O9 - Extra düğmesi: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ (dosya eksik) xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ (dosya eksik) xpnetdiag.exe
O9 - Extra düğmesi: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O11 - Options group: [INTERNATIONAL] International *
O15 - Güvenilir Bölge: http://www.photobucket.com
O16 - DPF: (149E45D8-163E-4189-86FC-45022AB2B6C9) (SpinTop DRM Kontrol) -- file: / / / C: / Program% 20Files/Chessmast...es/stg_drm.ocx
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (Installation Support) - C: \ Program Files \ Yahoo! \ Common \ Yinsthelper.dll
O16 - DPF: (6B75345B-AA36-438A-BBE6-4078B4C6984D) (HpProductDetection Sınıf) -- http://h20270.www2.hp.com/ediags/gmn...tDetection.cab
O16 - DPF: (CC450D71-CC90-424C-8638-1F2DBAC87A54) (ArmHelper Kontrol) -- file: / / / C: / Program% 20Files/Chessmast.../armhelper.ocx
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protokol: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG \ AVG8 \ avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe
O23 - Service: Acer ODDSpeedControl - TODO: <????> - C: \ Acer \ Empowering Technology \ eAcoustics \ ODDSpeedCtl \ speedcontrol.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc - C: \ Acer \ Empowering Technology \ ePerformance \ MemCheck.exe
O23 - Service: AVG Free8 E-posta Tarayıcısı (avg8emc) - AVG Technologies CZ, sro - C: \ progra ~ 1 \ intern AVG \ AVG8 \ avgemc.exe
O23 - Service: AVG Free8 Watchdog (avg8wd) - AVG Technologies CZ, sro - C: \ progra ~ 1 \ intern AVG \ AVG8 \ avgwdsvc.exe
O23 - Service: kopçalamak Lisans Yöneticisi (hasplms) - Aladdin Bilgi Sistemleri Ltd - C: \ WINDOWS \ system32 \ hasplms.exe
O23 - Service: InstallDriver Tablo Yöneticisi (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1150 \ Intel 32 \ IDriverT.exe
O23 - Service: LightScribeService Doğrudan Disk (LightScribeService) - Hewlett-Packard Company - c: \ Program Files \ Common Files Servisi Etiketleme \ LightScribe \ LSSrvc.exe
O23 - Service: LockServ - Bilinmeyen sahibi - C: \ Acer \ Empowering Technology \ eLock \ LockServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
O23 - Service: TrueVector İnternet Monitör (vsmon) - Zone Labs, LLC - C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe

[evilfantasy]

Bu bir malware sanmıyorum.

Java ihtiyacı haberdar olmak için.

• Of yükle en yeni sürümü Sun Java Runtime Environment

Tüm eski sürümleri kaldırın

• Yükleme JavaRa ve Desktop'ı, dosya halletmek.
• Açık JavaRA.exe ve seçim Kaldır Eski Sürümler
• Sonra tam çıkmak JavaRA ve programı silin.

Mavi ekranlarda tavsiye için Windows İşletim Sistemleri foruma gönderme deneyin.