[ruffryder2k7]

iş hasn't at bilgisayar iyi bir anti virüs ve sonra Kaspersky bu benim lsass.exe \ qoMghecb.dll dosyalar heur.trojan.generic virüs bulaşmış bulunan yüklü vardı. There is no bilgi virüs hakkında en web siteleri hakkında veya nasıl kaldırmaktır. Biri bana yardım edebilir misiniz lütfen?

[Hybr! D]

http://www.computer-juice.com/forums...-posting-7476/

Kılavuzu izleyin, özgür yazılımı yükleyin ve günlük dosyalarını gönderin.

Sonra, kötü amaçlı yazılım ekibi ne sistem yanlış olan görebilirsiniz.

[ruffryder2k7]

tamam buradan super, casus yazılım, bu gasp ve sırasıyla kötü amaçlı yazılım taramaları vardır

Logfile Trend Micro HijackThis v2.0.2 ve
Tarama 11:48:36 at 10/27/2008 kaydedilmiş
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot modu: Normal

Çalışan süreçleri:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Microsoft Windows OneCare Live \ Antivirus \ MsMpEng.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ progra ~ 1 \ intern COMMON ~ 1 \ AOL \ ACS \ AOLacsd.exe
C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ Program Files \ Microsoft Windows OneCare Live \ Firewall \ msfwsvc.exe
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ Program Files \ Western Union \ Evrensel-Yayın \ Translink.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6061025
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com/
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.dell.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6061025
O2 - BHO: Yahoo! Araç Çubuğu Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ yükler \ cpn \ yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: SSVHelper Sınıf - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ Program Files \ googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ GoogleToolbarNotifier \ 3.1.807.1746 \ SW g.dll
O2 - BHO: CBrowserHelperObject Nesne - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - C: \ Program Files \ Bae \ BAE.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ yükler \ cpn \ yt.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ Program Files \ googletoolbar3.dll
O4 - HKLM \ .. \ Run: [NvCplDaemon] Rundll32.exe C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [AVP] "C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe"
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O8 - Extra menü öğesi: Afiş Reklam Engelleyicisi için - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ ie_banner_deny.htm ekle
O8 - Extra menü item: E & Microsoft Excel'e xport - res: / / C: \ progra ~ 1 \ intern MI1933 ~ 1 \ Office11 \ EXCEL.EXE/3000
O9 - Extra düğmesi: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll
O9 - Extra düğmesi: Web trafiği koruma istatistikleri - (1F460357-8A94-4D71-9CA3-AA4ACF32ED8E) - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ SCIEPlgn.dll
O9 - Extra düğmesi: Araştırma - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ progra ~ 1 \ intern MI1933 ~ 1 \ Office11 \ REFIEBAR.DLL
O9 - Extra düğmesi: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll
O9 - Extra düğmesi: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (05D44720-58E3-49E6-BDF6-D00330E511D3) (StagingUI Nesne) -- http://zone.msn.com/binFrameWork/v10...I.cab55579.cab
O16 - DPF: (3BB54395-5982-4788-8AF4-B5388FFDD0D8) (MSN Games - Buddy Invite) -- http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab
O16 - DPF: (3C1F44A9-D1FD-4AA5-BC66-69816B58680C) (Yazıcı Sınıfı) -- https: / / webcenter.ipponline.com / ippo...iptPrinter.cab
O16 - DPF: (5736C456-EA94-4AAC-BB08-917ABDD035B3) (ZonePAChat Nesne) -- http://zone.msn.com/binframework/v10...t.cab55579.cab
O16 - DPF: (6B0228D7-D6D5-4B97-82E7-79557E4314D0) (ScannerDll.CheckScanner) -- https: / / webcenter.ipponline.com / ippo...ScannerDll.CAB
O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
O16 - DPF: (DA2AA6CF-5C7A-4B71-BC3B-C771BB369937) (MSN Games - Game Communicator) -- http://zone.msn.com/binframework/v10...y.cab55579.cab
O16 - DPF: (F773E7B2-62A9-4524-9109-87D2F0BEFAA4) (ChessControl Sınıf) -- http://zone.msn.com/bingame/zpagames...p.cab56961.cab
O18 - Filtre sızmak: text / html - (59610584-cc18-436f-b031-a6893781f08d) - C: \ WINDOWS \ system32 \ msziptools.dll
O20 - AppInit_DLLs: C: \ progra ~ 1 \ intern Google \ GOOGLE ~ 1 \ GOEC62 ~ 1.DLL, C: \ progra ~ 1 \ intern Kasper ~ 1 \ Kasper ~ 1 \ C mzvkbd.dll: \ progra ~ 1 \ intern Kasper ~ 1 \ Kasper ~ 1 \ C mzvkbd3.dll: \ progra ~ 1 \ intern Kasper ~ 1 \ KASPE R ~ 1 \ C adialhk.dll: \ progra ~ 1 \ intern Kasper ~ 1 \ Kasper ~ 1 \ kloe hk.dll dwolhm.dll
O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: AOL Connectivity Servisi (AOL ACS) - America Online, Inc - C: \ progra ~ 1 \ intern COMMON ~ 1 \ AOL \ ACS \ AOLacsd.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Common \ Google Updater \ googleupdaterservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe

--
Dosya sonu - 6163 byte

[ruffryder2k7]

SUPERAntiSpyware Scan Girişi
http://www.superantispyware.com

10/23/2008 11:31 at Generated PM

Uygulama Sürüm: 4/21/1004

Temel Kurallar Veritabanı Sürüm: 3606
İz Kurallar Veritabanı Sürüm: 1592

Tarama tipi: Tam Tarama
Toplam Tarama Saat: 00:36:11

Hafıza öğeler taranan: 460
Hafıza tehditleri tespit: 3
Kayıt Defteri öğeleri Taranan: 5191
Kayıt Defteri tehditleri tespit: 385
Dosya öğeleri taranabilir: 37221
Dosya tehditleri tespit: 260

Trojan.Downloader-NewJuan/VM
C: \ WINDOWS \ SYSTEM32 \ SZNQNJ.DLL
C: \ WINDOWS \ SYSTEM32 \ SZNQNJ.DLL

Trojan.Vundo-Variant/Small-GEN
C: \ WINDOWS \ SYSTEM32 \ RQRIJAST.DLL
C: \ WINDOWS \ SYSTEM32 \ RQRIJAST.DLL

Adware.Vundo Variant / Resident
C: \ WINDOWS \ SYSTEM32 \ QOMGHECB.DLL
C: \ WINDOWS \ SYSTEM32 \ QOMGHECB.DLL

Trojan.Vundo-Variant/NextGen
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (14F3A19A-1552-46C1-A1C8-A2179A397038)
HKCR \ CLSID \ (14F3A19A-1552-46C1-A1C8-A2179A397038)
HKCR \ CLSID \ (14F3A19A-1552-46C1-A1C8-A2179A397038) \ InprocServer32
HKCR \ CLSID \ (14F3A19A-1552-46C1-A1C8-A2179A397038) \ InprocServer32 # ThreadingModel
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (9AD7FC7F-1FE1-4414-9AC5-EC51457528E4)
HKCR \ CLSID \ (9AD7FC7F-1FE1-4414-9AC5-EC51457528E4)
HKCR \ CLSID \ (9AD7FC7F-1FE1-4414-9AC5-EC51457528E4) \ InprocServer32
HKCR \ CLSID \ (9AD7FC7F-1FE1-4414-9AC5-EC51457528E4) \ InprocServer32 # ThreadingModel
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ ShellExecuteHooks # (9AD7FC7F-1FE1-4414-9AC5-EC51457528E4)
Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \ rqRiJAst

Trojan.Vundo-Variant/NextGen-Six
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (f904655c-8a31-4df9-be6d-8b5cb123d208)
HKCR \ CLSID \ (F904655C-8A31-4DF9-BE6D-8B5CB123D208)
HKCR \ CLSID \ (F904655C-8A31-4DF9-BE6D-8B5CB123D208) \ InprocServer32
HKCR \ CLSID \ (F904655C-8A31-4DF9-BE6D-8B5CB123D208) \ InprocServer32 # ThreadingModel
C: \ WINDOWS \ SYSTEM32 \ PNSWWF.DLL

Trojan.Smitfraud Variant / IE Anti-Spyware
HKLM \ Software \ Microsoft \ Internet Explorer \ Extensions \ (9034A523-D068-4BE8-A284-9DF278BE776E)

Adware.Tracking Çerez
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@dynamic.media.a drevolver [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ html @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ reklam @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın @ chitika [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@server.iad.live kişi [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ linksynergy @ hayatımın [2]. Txt
Questionmarket @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@trvlnet.adburea u [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@statse.webtrend slive [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ fastclick @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ specificclick @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@iacas.adbureau [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ad.adocean [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@citi.bridgetrac K [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@banners.andomed IA [2]. Txt
-SYS [2] hizmet @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ trafficmp @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ads.addynamix [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın @ zedo [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ads.pointroll [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@glb.adtechus [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ interclick @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ehg-hyundaiusa.hitbox [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@media.ntsserve [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@www.shopica [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 60960915 @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@bs.serving-sys [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ bluestreak @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ roiservice @ hayatımın [1]. Txt
Superrewards @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ atdmt @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ trackalyzer @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ Tacoda @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@sparknetworks.1 12.2o7 [1]. Txt
Toplu medya [1 @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ atwola @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 35668663 @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@web4.realtracke r [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın @ checkingsaccoun tsfree [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@track.bestbuy [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ads.as4x.tmcs [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ adbrite @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ehg-spyderactivesportinc.hitbox [2]. Txt
Media6degrees @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ çift @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@edge.ru4 [2]. Txt
Casalemedia @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ gelir @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@homeaway.112.2o 7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın @ insightexpressa i [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 2o7 @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@adserver.adreac Tor [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@media.mtvnservi CES [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ adinterax @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@tremor.adbureau [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@optimize.indiec yalamak [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ valueclick @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 44153975 @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@www.travelcount Ry [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ r [2 lifeline@media.adrevolve]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@hearstugo.112.2 O7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın lütfen @ [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ehg-hollywoodmedia.hitbox [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ waterfrontmedia .112.2 O7 @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@anat.tacoda [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@snapfish.112.2o 7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ad.yieldmanager [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ads.cnn [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ads.bridgetrack [1]. Txt
[2 nextag @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@data.coremetric s [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ burstnet @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ azjmp @ hayatımın [2]. Txt
247realmedia @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ TradeDoubler @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın @ cgi-bin [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ehg-dig.hitbox [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@adopt.euroclick [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ adrevolver @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@anad.tacoda [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın @ yanlısı piyasa [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@viavh1com.112.2 O7 [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ adrevolver @ hayatımın [1]. Txt
RealMedia @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@viavh1comdev.11 2.2o7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@e-2dj6wdl4umcjogo.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@adopt.specificc yalamak [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ehg.hitbox [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ statcounter @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@rm.yieldmanager [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ uvertür @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın @ revsci [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 27467505 @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@extrovert.122.2 O7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@tracking.keywor dmax [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ tribalfusion @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ hitbox @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@208.122.40 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ mediaplex @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@richmedia.yahoo [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ apmebf @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@at.atwola [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@www.calorie-count [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 1071868927 @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ Gadget @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@www.mynetfinder [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ adlegend @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ kontera @ hayatımın [2]. Txt
[1 backcountry @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın]. Txt
C: \ Documents and Settings SPD0478 @ \ Lifeline \ Çerezler \ hayatımın [1]. Txt
Benim-kalori-sayacı [1 @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@www.polygonelit E [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@mlarmani.122.2o 7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ads.o2 [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@aerlingus.122.2 O7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ads.widgetbucks [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@prospect.adbure tr [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@wunderloop.zano x [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@tracking.fathom SEO [1]. Txt
C: \ Documents and Settings valeantpharmace uticals.112.2o7 @ \ Lifeline \ Çerezler \ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 1072676049 @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@pai.112.2o7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@shopping.112.2o 7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ads.cheapflight s [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@stampscom.112.2 O7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 27814325 @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ordie.adbureau [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@www.backcountry çıkış [3]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@www.backcountry çıkış [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 60960915 @ hayatımın [3]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ads.mediamayhem Corp [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@counter.surfcou nters [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@msnportal.112.2 O7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ad.associatedco ntent [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@hit.stat [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@e-2dj6wjnyekc5ogo.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ showit @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 41586732 @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@tracking.foundr y42 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ads.scribefire [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 1070515056 @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ bizrate @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ehg-homesandland.hitbox [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@homestore.122.2 O7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@te.kontera [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@perf.overture [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@112.2o7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@redirect.clicks hield [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ hypertracker @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 1069204868 @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 1070848910 @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ joyforouryouth @ hayatımın. 112.2o7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@sales.liveperso N [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ adtech @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 1070932382 @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@www.backcountry [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@www.backcountry [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@warnerbros.112. 2o7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@zbox.zanox [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 1068787440 @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ehg-officeworld.hitbox [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ehg-warnerbrothers.hitbox [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ directtrack @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ microsoftwindow s.112.2o7 @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ qnsr @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ media303 @ hayatımın [2]. Txt
C: \ Documents and Settings LPneimanmarcus @ \ Lifeline \ Çerezler \ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ehg-foxsports.hitbox [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ kalori saymak [2 @ hayatımın]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@bridge.admarket yer [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ bize lifeline@adserver.adtech [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@viacom.adbureau [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@healthgrades.11 2.2o7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ford.112.2o7 [1]. Txt
Partner2profit @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın @ backcountryoutl et [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@viator.122.2o7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@www.burstnet [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@blackstone.122. 2o7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ssm.directtrack [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın @ yadro [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ yieldmanager @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ad.yoyo [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ mediapromoter @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ Rotator @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ angleinteractiv e.directtrack [2 @ hayatımın]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@amazonbebe.122. 2o7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ clickbooth @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ sharewellgroup @ hayatımın. 112.2o7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ehg-guess.hitbox [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ads.quixsurf [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 1068951109 @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın @ cgi-bin [1]. Txt
Socialmedia @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ adtrafficdriver @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ pcvirusremover2 008 @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@login.tracking1 01 [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@www.burstbeacon [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın @ efashionsolutio ns.122.2o7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ polygonelite @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@www.penis.com [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@stat.dealtime [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ clicktorrent @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 56294818 @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@sixapart.adbure tr [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ad1.clickhype [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@kaboose.112.2o7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ehg-groupernetworks.hitbox [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@afe.specificcli CK [1]. Txt
Geliştirmek [2]. Txt @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@videoegg.adbure tr [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@208.122.40 [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ eyewonder @ hayatımın [1]. Txt
Hornymatches @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ adserver @ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@adserver.easyad [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 33069911 @ hayatımın [2]. Txt
Specificmedia @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ Pt @ hayatımın medya [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@test.coremetric s [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@counter.hitslin K [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ad.zanox [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ads.monster [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın lütfen @ [3]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@www.findgift [2]. Txt
[2 pricesexposed @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın @ shopica [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ wmvmedialease @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 1052094474 @ hayatımın [1]. Txt
Watchmyclicks @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ads.ovguide [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın @ çatırdatmak [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ehg-advertisementbv.hitbox [1]. Txt
Hızlı tarayıcı [1 @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 1066497271 @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@clickz.lonelych eatingwives [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ 76226072 @ hayatımın [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@tracking.novem [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@viamtvcom.112.2 O7 [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@www.findit-quick [2]. Txt
HesaplarÛ @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ad.adocean [2]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@ad.yieldmanager [1]. Txt
C: \ Documents and Settings \ Lifeline \ Çerezler \ lifeline@media.licenseac quisition [2]. Txt
-SYS [1] hizmet @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın. Txt
Webstats @ C: \ Documents and Settings \ Lifeline \ Çerezler \ hayatımın [1]. Txt
2o7 @ C: \ Documents and Settings \ LocalService \ Çerezler \ system [1]. Txt

CommonName Toolbar / Browser Helper Object
HKCR \ CLSID \ (00000000-0000-0000-0000-000000000000)

Trojan.MalwareWipe
HKCR \ AppID \ (70F17C8C-1744-41B6-9D07-575DB448DCC5)

Malware.AntiVirusGolden
HKCR \ Cerberus.EngineListener
HKCR \ Cerberus.EngineListener \ CLSID
HKCR \ Cerberus.EngineListener \ CurVer
HKCR \ Cerberus.EngineListener.1
HKCR \ Cerberus.EngineListener.1 \ CLSID
HKCR \ Cerberus.Scanner
HKCR \ Cerberus.Scanner \ CLSID
HKCR \ Cerberus.Scanner \ CurVer
HKCR \ Cerberus.Scanner.1
HKCR \ Cerberus.Scanner.1 \ CLSID
HKCR \ Cerberus.ThreatCollection
HKCR \ Cerberus.ThreatCollection \ CLSID
HKCR \ Cerberus.ThreatCollection \ CurVer
HKCR \ Cerberus.ThreatCollection.1
HKCR \ Cerberus.ThreatCollection.1 \ CLSID
HKCR \ Engine.Backup
HKCR \ Engine.Backup \ CLSID
HKCR \ Engine.Backup \ CurVer
HKCR \ Engine.Backup.1
HKCR \ Engine.Backup.1 \ CLSID
HKCR \ Engine.IgnoreList
HKCR \ Engine.IgnoreList \ CLSID
HKCR \ Engine.IgnoreList \ CurVer
HKCR \ Engine.IgnoreList.1
HKCR \ Engine.IgnoreList.1 \ CLSID
HKCR engine.log \
HKCR \ engine.log \ CLSID
HKCR \ engine.log \ CurVer
HKCR \ Engine.Log.1
HKCR \ Engine.Log.1 \ CLSID
HKCR \ Engine.LogRecord
HKCR \ Engine.LogRecord \ CLSID
HKCR \ Engine.LogRecord \ CurVer
HKCR \ Engine.LogRecord.1
HKCR \ Engine.LogRecord.1 \ CLSID
HKCR \ Engine.Paths
HKCR \ Engine.Paths \ CLSID
HKCR \ Engine.Paths \ CurVer
HKCR \ Engine.Paths.1
HKCR \ Engine.Paths.1 \ CLSID
HKCR \ Engine.Quarantine
HKCR \ Engine.Quarantine \ CLSID
HKCR \ Engine.Quarantine \ CurVer
HKCR \ Engine.Quarantine.1
HKCR \ Engine.Quarantine.1 \ CLSID
HKCR \ Engine.RunAs
HKCR \ Engine.RunAs \ CLSID
HKCR \ Engine.RunAs \ CurVer
HKCR \ Engine.RunAs.1
HKCR \ Engine.RunAs.1 \ CLSID
HKCR \ Engine.SearchItem
HKCR \ Engine.SearchItem \ CLSID
HKCR \ Engine.SearchItem \ CurVer
HKCR \ Engine.SearchItem.1
HKCR \ Engine.SearchItem.1 \ CLSID
HKCR \ Engine.Threat
HKCR \ Engine.Threat \ CLSID
HKCR \ Engine.Threat \ CurVer
HKCR \ Engine.Threat.1
HKCR \ Engine.Threat.1 \ CLSID
HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1)
HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) # AppID
HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ LocalServer32
HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ LocalServer32 # ThreadingModel
HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ ProgID
HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ Programlanabilir
HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ typelib
HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ VersionIndependentProgID
HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A)
HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) # AppID
HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ LocalServer32
HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ LocalServer32 # ThreadingModel
HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ ProgID
HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ Programlanabilir
HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ typelib
HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ VersionIndependentProgID
HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C)
HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) # AppID
HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ LocalServer32
HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ LocalServer32 # ThreadingModel
HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ ProgID
HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ Programlanabilir
HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ typelib
HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ VersionIndependentProgID
HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C)
HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) # AppID
HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ LocalServer32
HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ LocalServer32 # ThreadingModel
HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ ProgID
HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ typelib
HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ VersionIndependentProgID
HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC)
HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) # AppID
HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) \ LocalServer32
HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) \ LocalServer32 # ThreadingModel
HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) \ ProgID
HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) \ typelib
HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) \ VersionIndependentProgID
HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE)
HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) # AppID
HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ LocalServer32
HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ LocalServer32 # ThreadingModel
HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ ProgID
HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ typelib
HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ VersionIndependentProgID
HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A)
HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) # AppID
HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ LocalServer32
HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ LocalServer32 # ThreadingModel
HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ ProgID
HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ typelib
HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ VersionIndependentProgID
HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E)
HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) # AppID
HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) \ LocalServer32
HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) \ LocalServer32 # ThreadingModel
HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) \ ProgID
HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) \ typelib
HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) \ VersionIndependentProgID
HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38)
HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) # AppID
HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ LocalServer32
HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ LocalServer32 # ThreadingModel
HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ ProgID
HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ Programlanabilir
HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ typelib
HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ VersionIndependentProgID
HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988)
HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) # AppID
HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ LocalServer32
HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ LocalServer32 # ThreadingModel
HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ ProgID
HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ typelib
HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ VersionIndependentProgID
HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535)
HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) # AppID
HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ LocalServer32
HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ ProgID
HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ Programlanabilir
HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ typelib
HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ VersionIndependentProgID
HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D)
HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) # AppID
HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) \ LocalServer32
HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) \ LocalServer32 # ThreadingModel
HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) \ ProgID
HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) \ typelib
HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) \ VersionIndependentProgID
HKCR \ typelib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139)
HKCR \ typelib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139) \ 1,0
HKCR \ typelib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139) \ 1.0 \ 0
HKCR \ typelib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139) \ 1.0 \ 0 \ win32
HKCR \ typelib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139) \ 1.0 \ FLAMA
HKCR \ typelib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139) \ 1.0 \ HELPDIR
HKCR \ Interface \ (27ED4AC2-B6D8-4079-9831-017A100B391E)
HKCR \ Interface \ (27ED4AC2-B6D8-4079-9831-017A100B391E) \ ProxyStubClsid
HKCR \ Interface \ (27ED4AC2-B6D8-4079-9831-017A100B391E) \ ProxyStubClsid32
HKCR \ Interface \ (27ED4AC2-B6D8-4079-9831-017A100B391E) \ typelib
HKCR \ Interface \ (27ED4AC2-B6D8-4079-9831-017A100B391E) \ typelib # Sürüm
HKCR \ Interface \ (3F6D6C35-FB73-45E6-9473-BB4CC25CE019)
HKCR \ Interface \ (3F6D6C35-FB73-45E6-9473-BB4CC25CE019) \ ProxyStubClsid
HKCR \ Interface \ (3F6D6C35-FB73-45E6-9473-BB4CC25CE019) \ ProxyStubClsid32
HKCR \ Interface \ (3F6D6C35-FB73-45E6-9473-BB4CC25CE019) \ typelib
HKCR \ Interface \ (3F6D6C35-FB73-45E6-9473-BB4CC25CE019) \ typelib # Sürüm
HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601)
HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) \ ProxyStubClsid
HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) \ ProxyStubClsid32
HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) \ typelib
HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) \ typelib # Sürüm
HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C)
HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) \ ProxyStubClsid
HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) \ ProxyStubClsid32
HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) \ typelib
HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) \ typelib # Sürüm
HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9)
HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) \ ProxyStubClsid
HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) \ ProxyStubClsid32
HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) \ typelib
HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) \ typelib # Sürüm
HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB)
HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) \ ProxyStubClsid
HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) \ ProxyStubClsid32
HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) \ typelib
HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) \ typelib # Sürüm
HKCR \ Interface \ (925B0211-A1C1-4712-8FCA-5F5B8101736D)
HKCR \ Interface \ (925B0211-A1C1-4712-8FCA-5F5B8101736D) \ ProxyStubClsid
HKCR \ Interface \ (925B0211-A1C1-4712-8FCA-5F5B8101736D) \ ProxyStubClsid32
HKCR \ Interface \ (925B0211-A1C1-4712-8FCA-5F5B8101736D) \ typelib
HKCR \ Interface \ (925B0211-A1C1-4712-8FCA-5F5B8101736D) \ typelib # Sürüm
HKCR \ Interface \ (B01E37C4-5497-4D58-9FFD-D5653B8DC866)
HKCR \ Interface \ (B01E37C4-5497-4D58-9FFD-D5653B8DC866) \ ProxyStubClsid
HKCR \ Interface \ (B01E37C4-5497-4D58-9FFD-D5653B8DC866) \ ProxyStubClsid32
HKCR \ Interface \ (B01E37C4-5497-4D58-9FFD-D5653B8DC866) \ typelib
HKCR \ Interface \ (B01E37C4-5497-4D58-9FFD-D5653B8DC866) \ typelib # Sürüm
HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1)
HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) \ ProxyStubClsid
HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) \ ProxyStubClsid32
HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) \ typelib
HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) \ typelib # Sürüm
HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E)
HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) \ ProxyStubClsid
HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) \ ProxyStubClsid32
HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) \ typelib
HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) \ typelib # Sürüm
HKCR \ Interface \ (ED2AFF47-B7BE-4273-A203-C796E87F72D2)
HKCR \ Interface \ (ED2AFF47-B7BE-4273-A203-C796E87F72D2) \ ProxyStubClsid
HKCR \ Interface \ (ED2AFF47-B7BE-4273-A203-C796E87F72D2) \ ProxyStubClsid32
HKCR \ Interface \ (ED2AFF47-B7BE-4273-A203-C796E87F72D2) \ typelib
HKCR \ Interface \ (ED2AFF47-B7BE-4273-A203-C796E87F72D2) \ typelib # Sürüm
HKCR \ Interface \ (F0FA7ED9-5A0A-4374-B63E-BEBAFD52192E)
HKCR \ Interface \ (F0FA7ED9-5A0A-4374-B63E-BEBAFD52192E) \ ProxyStubClsid
HKCR \ Interface \ (F0FA7ED9-5A0A-4374-B63E-BEBAFD52192E) \ ProxyStubClsid32
HKCR \ Interface \ (F0FA7ED9-5A0A-4374-B63E-BEBAFD52192E) \ typelib
HKCR \ Interface \ (F0FA7ED9-5A0A-4374-B63E-BEBAFD52192E) \ typelib # Sürüm
HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF)
HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) \ ProxyStubClsid
HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) \ ProxyStubClsid32
HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) \ typelib
HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) \ typelib # Sürüm
HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9541-5A75ADDF4ABA)
HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9541-5A75ADDF4ABA) \ ProxyStubClsid
HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9541-5A75ADDF4ABA) \ ProxyStubClsid32
HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9541-5A75ADDF4ABA) \ typelib
HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9541-5A75ADDF4ABA) \ typelib # Sürüm
HKCR \ Interface \ (FDDF521B-0EBE-4D15-838C-73E2D851161B)
HKCR \ Interface \ (FDDF521B-0EBE-4D15-838C-73E2D851161B) \ ProxyStubClsid
HKCR \ Interface \ (FDDF521B-0EBE-4D15-838C-73E2D851161B) \ ProxyStubClsid32
HKCR \ Interface \ (FDDF521B-0EBE-4D15-838C-73E2D851161B) \ typelib
HKCR \ Interface \ (FDDF521B-0EBE-4D15-838C-73E2D851161B) \ typelib # Sürüm
HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5)
HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) \ ProxyStubClsid
HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) \ ProxyStubClsid32
HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) \ typelib
HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) \ typelib # Sürüm
HKCR \ AppID \ Cerberus.EXE
HKCR \ AppID \ Cerberus.EXE # AppID

Trojan.Media-Codec
C: \ Documents and Settings \ Lifeline \ Favoriler \ Online Güvenlik Test.url

Adware.180solutions/Seekmo
HKU \ S-1-5-21-4234981574-39719586-4263454222-1007 \ Software \ seekmo
HKLM \ Software \ seekmo
HKLM \ Software \ seekmo # CVF
HKLM \ Software \ seekmo # install_embedded
HKLM \ Software \ seekmo # UMT
HKLM \ Software \ seekmo # duid
HKLM \ Software \ seekmo # partner_id
HKLM \ Software \ seekmo # product_id
C: \ Program Files \ Seekmo \ seekmoau.dat
C: \ Program Files \ Seekmo \ seekmo_gdf.dat
C: \ Program Files \ Seekmo \ seekmo_kyf.dat
C: \ Program Files \ Seekmo
C: \ Documents and Settings \ All Users \ Start Menu \ Programlar \ Seekmo Arama Yardımcısı \ Seekmo Müşteri Support.url
C: \ Documents and Settings \ All Users \ Start Menu \ Programlar \ Seekmo Arama Yardımcısı \ Seekmo.com.url
C: \ Documents and Settings \ All Users \ Start Menu \ Programlar \ Seekmo Arama Yardımcısı \ Uninstall Seekmo Instructions.lnk
C: \ Documents and Settings \ All Users \ Start Menu \ Programlar \ Seekmo Arama Yardımcısı

Trojan.DNSChanger-Codec
HKCR \ CLSID \ E404.e404mgr
HKCR \ CLSID \ E404.e404mgr # KullanıcıNo

Trojan.Media-Codec/V4
HKCR \ videoPl.chl
HKCR \ videoPl.chl \ CLSID
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Üniversite nstall \ MultiMedia Yazılım
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Üniversite nstall \ Multimedya Yazılım # ProductionEnvironment
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Üniversite nstall \ Multimedya Yazılım # DisplayName
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Üniversite nstall \ Multimedya Yazılım # UninstallString
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Üniversite nstall \ Multimedya Yazılım # DisplayIcon
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Üniversite nstall \ Multimedya Yazılım # DisplayVersion
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Üniversite nstall \ Multimedya Yazılım # Yayin

Rogue.AntiSpyKit
HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B)
HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ cnreqoyLmwnuv
HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ crrmlfrwzfxhg
HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ gizbuobfa
HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ InprocServer32
HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ KIcbv
HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ nfjRol
HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ rDkSqA

Rogue.VirusHeat
HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1)
HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ hwuhrcdfh
HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ hxgfzhjfHrx
HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ InprocServer32
HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ iTzlTI
HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ nMnkE
HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ OufPqTb
HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ sBnix
HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ uAEeiihPke
HKCR \ typelib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF)
HKCR \ typelib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF) \ 1,0
HKCR \ typelib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF) \ 1.0 \ 0
HKCR \ typelib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF) \ 1.0 \ 0 \ win32
HKCR \ typelib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF) \ 1.0 \ FLAMA
HKCR \ typelib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF) \ 1.0 \ HELPDIR
HKCR \ Interface \ (0EC085A8-9818-43B7-B975-EC7555EDA4D2)
HKCR \ Interface \ (0EC085A8-9818-43B7-B975-EC7555EDA4D2) \ ProxyStubClsid
HKCR \ Interface \ (0EC085A8-9818-43B7-B975-EC7555EDA4D2) \ ProxyStubClsid32
HKCR \ Interface \ (0EC085A8-9818-43B7-B975-EC7555EDA4D2) \ typelib
HKCR \ Interface \ (0EC085A8-9818-43B7-B975-EC7555EDA4D2) \ typelib # Sürüm
HKCR \ Interface \ (1A74C41C-0837-4FBE-BA50-621EB70F01CE)
HKCR \ Interface \ (1A74C41C-0837-4FBE-BA50-621EB70F01CE) \ ProxyStubClsid
HKCR \ Interface \ (1A74C41C-0837-4FBE-BA50-621EB70F01CE) \ ProxyStubClsid32
HKCR \ Interface \ (1A74C41C-0837-4FBE-BA50-621EB70F01CE) \ typelib
HKCR \ Interface \ (1A74C41C-0837-4FBE-BA50-621EB70F01CE) \ typelib # Sürüm
HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0)
HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) \ ProxyStubClsid
HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) \ ProxyStubClsid32
HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) \ typelib
HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) \ typelib # Sürüm
HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870)
HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) \ ProxyStubClsid
HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) \ ProxyStubClsid32
HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) \ typelib
HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) \ typelib # Sürüm
HKCR \ Interface \ (45477032-ABD0-454D-9CE4-EA34C10322F8)
HKCR \ Interface \ (45477032-ABD0-454D-9CE4-EA34C10322F8) \ ProxyStubClsid
HKCR \ Interface \ (45477032-ABD0-454D-9CE4-EA34C10322F8) \ ProxyStubClsid32
HKCR \ Interface \ (45477032-ABD0-454D-9CE4-EA34C10322F8) \ typelib
HKCR \ Interface \ (45477032-ABD0-454D-9CE4-EA34C10322F8) \ typelib # Sürüm
HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246)
HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) \ ProxyStubClsid
HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) \ ProxyStubClsid32
HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) \ typelib
HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) \ typelib # Sürüm
HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7)
HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) \ ProxyStubClsid
HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) \ ProxyStubClsid32
HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) \ typelib
HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) \ typelib # Sürüm
HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D)
HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D) \ ProxyStubClsid
HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D) \ ProxyStubClsid32
HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D) \ typelib
HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D) \ typelib # Sürüm
HKCR \ Interface \ (7EBB34CF-1728-4136-A968-48F231DAD1B4)
HKCR \ Interface \ (7EBB34CF-1728-4136-A968-48F231DAD1B4) \ ProxyStubClsid
HKCR \ Interface \ (7EBB34CF-1728-4136-A968-48F231DAD1B4) \ ProxyStubClsid32
HKCR \ Interface \ (7EBB34CF-1728-4136-A968-48F231DAD1B4) \ typelib
HKCR \ Interface \ (7EBB34CF-1728-4136-A968-48F231DAD1B4) \ typelib # Sürüm
HKCR \ Interface \ (88DAA291-B413-4C46-B378-3BE66F65369E)
HKCR \ Interface \ (88DAA291-B413-4C46-B378-3BE66F65369E) \ ProxyStubClsid
HKCR \ Interface \ (88DAA291-B413-4C46-B378-3BE66F65369E) \ ProxyStubClsid32
HKCR \ Interface \ (88DAA291-B413-4C46-B378-3BE66F65369E) \ typelib
HKCR \ Interface \ (88DAA291-B413-4C46-B378-3BE66F65369E) \ typelib # Sürüm
HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C)
HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) \ ProxyStubClsid
HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) \ ProxyStubClsid32
HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) \ typelib
HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) \ typelib # Sürüm
HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6)
HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) \ ProxyStubClsid
HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) \ ProxyStubClsid32
HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) \ typelib
HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) \ typelib # Sürüm
HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF)
HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) \ ProxyStubClsid
HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) \ ProxyStubClsid32
HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) \ typelib
HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) \ typelib # Sürüm
HKCR \ Interface \ (E80114AA-6653-4952-9E97-5F1DC63BEE0F)
HKCR \ Interface \ (E80114AA-6653-4952-9E97-5F1DC63BEE0F) \ ProxyStubClsid
HKCR \ Interface \ (E80114AA-6653-4952-9E97-5F1DC63BEE0F) \ ProxyStubClsid32
HKCR \ Interface \ (E80114AA-6653-4952-9E97-5F1DC63BEE0F) \ typelib
HKCR \ Interface \ (E80114AA-6653-4952-9E97-5F1DC63BEE0F) \ typelib # Sürüm
HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9)
HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) \ ProxyStubClsid
HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) \ ProxyStubClsid32
HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) \ typelib
HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) \ typelib # Sürüm
HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01)
HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) \ ProxyStubClsid
HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) \ ProxyStubClsid32
HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) \ typelib
HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) \ typelib # Sürüm

Trojan.Media-Codec/V5
HKU \ S-1-5-21-4234981574-39719586-4263454222-1007 \ Software \ NetProject
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Üniversite nstall \ Internet Servis
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Üniversite nstall \ Internet Servis # DisplayName
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Üniversite nstall \ Internet Servis # UninstallString
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Üniversite nstall \ Güvenli Tarama
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Üniversite nstall \ Güvenli Tarama # DisplayName
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Üniversite nstall \ Güvenli Tarama # UninstallString

Adware.Vundo Variant / Göreli
HKLM \ SOFTWARE \ Microsoft \ FCOVM
HKLM \ SOFTWARE \ Microsoft \ RemoveRP

[ruffryder2k7]

Malwarebytes' Anti-Malware 1,30
Veritabanı sürümü: 1310
5/1/2600 Windows Service Pack 2

10/23/2008 12:24:55
mbam-log-2008-10-23 (12-24-55). txt

Tarama tipi: Hızlı Tarama
Nesneler taranabilir: 52051
Zaman geçti: 6 dakika (lar), 54 (lar) ikinci

Bellek Süreçleri Infected: 0
Memory Modules Infected: 7
Kayıt Anahtarları Infected: 124
Kayıt Defteri Değerleri Infected: 15
Registry Data Items Infected: 2
Klasörler Infected: 6
Dosyalar Infected: 56

Bellek Süreçleri Infected:
(Hayır zararlı öğeler tespit)

Memory Modules Infected:
C: \ WINDOWS \ system32 \ (Trojan.Vundo.H) lptjntqu.dll -> Sil yeniden başlatma konusunda.
C: \ WINDOWS \ system32 \ (Trojan.Vundo.H) qoMghecb.dll -> Sil yeniden başlatma konusunda.
C: \ WINDOWS \ system32 \ (Trojan.Vundo) pnswwf.dll -> Sil yeniden başlatma konusunda.
C: \ WINDOWS \ system32 \ (Trojan.Vundo.H) rqRiJAst.dll -> Sil yeniden başlatma konusunda.
C: \ WINDOWS \ system32 \ (Trojan.Vundo) emufbyex.dll -> Sil yeniden başlatma konusunda.
C: \ WINDOWS \ system32 \ (Trojan.Vundo) dwolhm.dll -> Sil yeniden başlatma konusunda.
C: \ WINDOWS \ system32 \ (Trojan.Vundo.H) cryptuik.dll -> Sil yeniden başlatma konusunda.

Kayıt Anahtarları Infected:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (06ef2cab-3340-4eb1-a740-c33ac922fa1f) (Trojan.Vundo.H) -> sil yeniden başlatma konusunda.
HKEY_CLASSES_ROOT \ CLSID \ (06ef2cab-3340-4eb1-a740-c33ac922fa1f) (Trojan.Vundo.H) -> sil yeniden başlatma konusunda.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (9ad7fc7f-1fe1-4414-9ac5-ec51457528e4) (Trojan.Vundo.H) -> sil yeniden başlatma konusunda.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \ (Trojan.Vundo.H) rqrijast -> Sil yeniden başlatma konusunda.
HKEY_CLASSES_ROOT \ CLSID \ (9ad7fc7f-1fe1-4414-9ac5-ec51457528e4) (Trojan.Vundo.H) -> sil yeniden başlatma konusunda.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (b8c54c47-9d3c-40f3-baf6-2443d2941e84) (Trojan.Vundo.H) -> sil yeniden başlatma konusunda.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \ jvkuajdi (Trojan.Vundo.H) -> sil yeniden başlatma konusunda.
HKEY_CLASSES_ROOT \ CLSID \ (b8c54c47-9d3c-40f3-baf6-2443d2941e84) (Trojan.Vundo.H) -> sil yeniden başlatma konusunda.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (c8a09740-1b82-4f12-8249-39844419ed2d) (Trojan.Vundo.H) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ CLSID \ (c8a09740-1b82-4f12-8249-39844419ed2d) (Trojan.Vundo.H) -> karantinaya ve başarıyla silindi.
HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (9ad7fc7f-1fe1-4414-9ac5-ec51457528e4) (Trojan.Vundo.H) -> karantinaya ve başarıyla silindi.
HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (06ef2cab-3340-4eb1-a740-c33ac922fa1f) (Trojan.Vundo) -> karantinaya ve başarıyla silindi.
HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (c8a09740-1b82-4f12-8249-39844419ed2d) (Trojan.Vundo) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ cerberus.enginelistener (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ cerberus.enginelistener.1 (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ cerberus.scanner (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ cerberus.scanner.1 (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ cerberus.threatcollection (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ cerberus.threatcollection.1 (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ engine.backup (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ engine.backup.1 (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ engine.ignorelist (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ engine.ignorelist.1 (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ (Rogue.Antivirus.Gold) engine.log -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ engine.log.1 (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ engine.logrecord (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ engine.logrecord.1 (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ engine.paths (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ engine.paths.1 (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ engine.quarantine (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ engine.quarantine.1 (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ engine.runas (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ engine.runas.1 (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ (Rogue.Antivirus.Gold) engine.searchitem -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ engine.searchitem.1 (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ engine.threat (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ engine.threat.1 (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ main.bho (Trojan.BHO) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ main.bho.1 (Trojan.BHO) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (0ec085a8-9818-43b7-b975-ec7555eda4d2) (Rogue.VirusHeat) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (1a74c41c-0837-4fbe-ba50-621eb70f01ce) (Rogue.VirusHeat) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ Interface \ (25297614-1b76-4c2c-82c6-62738aa0e8f0) (Rogue.VirusHeat) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (27ed4ac2-b6d8-4079-9831-017a100b391e) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (37f89457-1208-4670-9245-58c62bd6d870) (Rogue.VirusHeat) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (3f6d6c35-fb73-45e6-9473-bb4cc25ce019) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ Interface \ (45477032-abd0-454d-9ce4-ea34c10322f8) (Rogue.VirusHeat) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (69e34747-0b27-4b30-ae20-1023bf29e246) (Rogue.VirusHeat) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (715d709b-2b10-42fa-a069-297d25d93601) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (79be5b3b-80b2-4b77-a042-efc90f6e0de7) (Rogue.VirusHeat) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (7c0ec6bf-81b9-4fe0-9447-4ed29a36bf5d) (Rogue.VirusHeat) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (7ebb34cf-1728-4136-a968-48f231dad1b4) (Rogue.VirusHeat) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (872c1b1e-3cf0-4d3a-95e5-a0c662d2854c) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (886b1d08-b404-40f0-aa18-4e416682a2e9) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (88daa291-b413-4c46-b378-3be66f65369e) (Rogue.VirusHeat) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (8b5f65cf-0b0a-4291-8da2-86d7f7b0a6db) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (925b0211-a1c1-4712-8fca-5f5b8101736d) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (936a2f4a-53f8-4d2f-92aa-2f9de889841c) (Rogue.VirusHeat) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (986a8ac1-ab4d-4f41-9068-4b01c0197867) (Trojan.BHO) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (afcc3fa7-82a9-42d5-a405-78711e97a5d6) (Rogue.VirusHeat) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (b01e37c4-5497-4d58-9ffd-d5653b8dc866) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (cc05a4a3-7b28-488f-ab02-6aaedb86accf) (Rogue.VirusHeat) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (ccaa201c-48a8-a1e8-846562cbf1c1) (Rogue.Antivirus.Gold) - c48d> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (d483521b-d5cc-43ff-a45a-9be4a8e6606e) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (e80114aa-6653-4952-9e97-5f1dc63bee0f) (Rogue.VirusHeat) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (ed2aff47-b7be-4273-A203-c796e87f72d2) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (f0fa7ed9-5a0a-4374-b63e-bebafd52192e) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (f5dee77c-87eb-4e00-bbf9-8cbf3bdea7af) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (f9109a2a-432b-4add-a6fa-06ba22dcd2d9) (Rogue.VirusHeat) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (fb5ddab7-6aa5-4e97-9541-5a75addf4aba) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (fca3958a-8d38-4d14-8b81-ccd7f68a8a01) (Rogue.VirusHeat) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (fddf521b-0ebe-4d15-838c-73e2d851161b) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ interface \ (ff609434-eb47-481b-ba0e-1d2b467629a5) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ CLSID \ (6743c36c-cbfe-11db-9705-005056c00008) (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) (Rogue.Multiple) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) (Trojan.Zlob) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ CLSID \ (020b1227-417d-4682-9ac3-61f43cb5b6b1) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ CLSID \ (125494b2-acad-414c-98b9-452f3ef7703a) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ CLSID \ (20a3d913-30ef-4e69-b3f7-93b3f1fb9d5c) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ CLSID \ (3d00a39c-655b-428b-aeb2-2fba03dcc49c) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ CLSID \ (408f660a-9465-44a3-b557-8709dfd992bc) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ CLSID \ (5f6bbd8a-18cf-4d55-8b4c-c9b4c9328dfe) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ CLSID \ (8c56b6ce-c53f-44c4-9bdc-a9bc1711d05a) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ CLSID \ (8ee6bf73-b370-4d13-9126-eb0071178f2e) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ CLSID \ (97f56e12-c706-4aeb-9FFB-133c05ee5d38) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ CLSID \ (9bb7e700-4e48-476d-b75c-6f47606be988) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ CLSID \ (cbcaca58-1aee-4600-8cf0-e8b30bff1535) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ CLSID \ (d6d64cdf-0363-4261-b723-29a3af365e1d) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ typelib \ (8e3c68cd-f500-4a2a-8cb9-132bb38c3573) (Trojan.BHO) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ typelib \ (60f94d7d-563e-4942-b5ec-2de9c135c139) (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ typelib \ (cbd02e9b-37ef-47d2-96b0-3abbb2eb92bf) (Rogue.VirusHeat) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ AppID \ (a0e1054b-01ee-4d57-a059-4d99f339709f) (Trojan.BHO) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ AppID \ (70f17c8c-1744-41b6-9d07-575db448dcc5) (Rogue.Multiple) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ Installer \ UpgradeCodes \ 7c673a5b8 71b8cd419f47dd0de5a6d18 (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (afd4ad01-58c1-47db-a404-fbe00a6c5486) (Trojan.BHO) -> karantinaya ve başarıyla silindi.
HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (9034a523-d068-4be8-a284-9df278be776e) (Trojan.Zlob) -> karantinaya ve başarıyla silindi.
HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (c2a1c5cb-c0ef-4689-9436-f62cca1c5383) (Trojan.Zlob) -> karantinaya ve başarıyla silindi.
HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ SearchScopes \ (daed9266-8c28-4c1c-8b58-5c66eff1d302) (Search.Hijack) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Installer \ UpgradeCodes \ 7c673a5b871b8cd4 19f47dd0de5a6d18 (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ ControlPanel \ NameSpace \ (6743c3 6c-cbfe-11db-9705-005056c00008) (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (0ac49246-419b-4ee0-8917-8818daad6a4e) (Adware.180Solutions) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (99410cde-6f16-42ce-9d49-3807f78f0287) (Adware.180Solutions) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (f31a5d11-bf0b-4a4e-90af-274f2090aaa6) (Adware.180Solutions) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Extensions \ (9034a523-d068-4be8-a284-9df278be776e) (Trojan.Zlob) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet001 \ Services \ J qvxedzb (Trojan.Vundo.H) -> sil yeniden başlatma konusunda.
HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet003 \ Services \ J qvxedzb (Trojan.Vundo.H) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic es \ (Trojan.Vundo.H) jqvxedzb -> Sil yeniden başlatma konusunda.
HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (b8c54c47-9d3c-40f3-baf6-2443d2941e84) (Trojan.Vundo.H) -> karantinaya ve başarıyla silindi.
HKEY_CURRENT_USER \ SOFTWARE \ seekmo (Adware.Seekmo) -> karantinaya ve başarıyla silindi.
HKEY_CURRENT_USER \ SOFTWARE \ AdwareAlert (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
HKEY_CURRENT_USER \ SOFTWARE \ NetProject (Trojan.Zlob) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Uninstall \ Internet Servis (Trojan.Zlob) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Uninstall \ Güvenli Tarama (Trojan.Zlob) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Uninstall \ Web Uygulama (Trojan.Zlob) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ MS Juan (Malware.Trace) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ (Trojan.Vundo) contim -> karantinaya ve başarıyla silindi.
HKEY_CURRENT_USER \ Software \ Microsoft \ instkey (Trojan.Vundo) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ MS Takip Sistemi (Trojan.Vundo) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ rdfa (Trojan.Vundo) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ FCOVM (Trojan.Vundo) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RemoveRP (Trojan.Vundo) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Uninstall \ MultiMedia Yazılım (Trojan.Zlob) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ seekmo (Adware.Seekmo) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ videoPl.chl (Trojan.Zlob) -> karantinaya ve başarıyla silindi.
HKEY_CLASSES_ROOT \ AppID \ Cerberus.EXE (Rogue.Antivirus.Gold) -> karantinaya ve başarıyla silindi.

Kayıt Defteri Değerleri Infected:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ b0c087c0 (Trojan.Vundo.H) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ ShellExecuteHooks \ (9ad7fc7f-1fe1-4414-9ac5-ec51457528e4) (Trojan.Vundo.H) -> sil yeniden başlatma konusunda.
HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ Extensions \ CmdMapping \ (9034a523-d068-4be8-a284-9df278be776e) (Trojan.Zlob) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ SharedTaskScheduler \ (ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c) (Trojan.Zlob) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Settings \ BF (Trojan.Agent) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Settings \ BK (Trojan.Agent) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Settings \ IU (Trojan.Agent) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Settings \ MU (Trojan.Agent) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Installer \ Folders \ C: \ Program Files \ adwarealert \ (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Installer \ Folders \ C: \ Program Files \ adwarealert \ filterdrv \ (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Installer \ Folders \ C: \ Documents and Settings \ All Users \ Start Menu \ Programlar \ adwarealert \ (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ ADP (Rogue.Multiple) -> karantinaya ve başarıyla silindi.
HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ New Windows \ izin ver \ *. securewebinfo.com (Trojan.Zlob) -> karantinaya ve başarıyla silindi.
HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ New Windows \ izin ver \ *. safetyincludes.com (Trojan.Zlob) -> karantinaya ve başarıyla silindi.
HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ New Windows \ izin ver \ *. securemanaging.com (Trojan.Zlob) -> karantinaya ve başarıyla silindi.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro L \ LSA \ Bildirim Paketleri (Trojan.Vundo.H) -> Data: c: \ windows \ system32 \ qomghecb -> karantinaya ve başarıyla silindi.
HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro L \ LSA \ Doğrulama Paketleri (Trojan.Vundo) -> Data: c: \ windows \ system32 \ qomghecb -> Sil yeniden başlatma konusunda.

Klasörler Infected:
C: \ Program Files \ Seekmo (Adware.180Solutions) -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ AppCert (Trojan.Downloader) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ All Users \ Start Menu \ Programlar \ AdwareAlert (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Girişi (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Ayarlar (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.

Dosyalar Infected:
C: \ WINDOWS \ system32 \ (Trojan.Vundo.H) qoMghecb.dll -> Sil yeniden başlatma konusunda.
C: \ WINDOWS \ system32 \ bcehgMoq.ini (Trojan.Vundo.H) -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ bcehgMoq.ini2 (Trojan.Vundo.H) -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.Vundo.H) rqRiJAst.dll -> Sil yeniden başlatma konusunda.
c: \ WINDOWS \ system32 \ (Trojan.Vundo.H) cryptuik.dll -> Sil yeniden başlatma konusunda.
C: \ WINDOWS \ system32 \ (Trojan.Vundo.H) dwolhm.dll -> Sil yeniden başlatma konusunda.
C: \ WINDOWS \ system32 \ (Trojan.Vundo.H) evhuoman.dll -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ namouhve.ini (Trojan.Vundo.H) -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.Vundo.H) lptjntqu.dll -> Sil yeniden başlatma konusunda.
C: \ WINDOWS \ system32 \ uqtnjtpl.ini (Trojan.Vundo.H) -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.Vundo) pnswwf.dll -> Sil yeniden başlatma konusunda.
C: \ WINDOWS \ system32 \ (Trojan.Vundo) emufbyex.dll -> Sil yeniden başlatma konusunda.
C: \ Program Files \ Common \ (Trojan.BHO) _helper.dll -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ Installer \ (AD4149B3-56B1-4E2A-A8A4-54FF9DE92C87) \ Icon.exe (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.Vundo) ywpnxpys.dll -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.Vundo) cwokkj.dll -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.Vundo) cypdyp.dll -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.Vundo) dhebaasf.dll -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.LowZones) fdbgbvkj.exe -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.LowZones) mpasahjl.exe -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.Vundo) sznqnj.dll -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.LowZones) nuuwnrfb.exe -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.Vundo) opcapbye.dll -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.Vundo) plljru.dll -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.LowZones) tgycffmw.exe -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.LowZones) blukkoij.exe -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.Vundo) bxdiyfrs.dll -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.LowZones) ftvwbfjg.exe -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.Vundo) vgrksjuc.dll -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ (Trojan.LowZones) ulmxavjt.exe -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Local Settings \ Temporary Internet Files \ Content.IE5 \ LMQL183J \ upd105320 [1] (Trojan.Vundo) -> karantinaya ve başarıyla silindi.
C: \ Program Files \ Seekmo \> karantinaya ve başarıyla silindi (Adware.180Solutions) - seekmoau.dat.
C: \ Program Files \ Seekmo \> karantinaya ve başarıyla silindi (Adware.180Solutions) - seekmo_gdf.dat.
C: \ Program Files \ Seekmo \> karantinaya ve başarıyla silindi (Adware.180Solutions) - seekmo_kyf.dat.
C: \ WINDOWS \ system32 \ AppCert \ filter.drv (Trojan.Downloader) -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ system32 \ AppCert \ (Trojan.Downloader) options.dat -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ All Users \ Start Menu \ Programlar \ AdwareAlert \ AdwareAlert bu Web.lnk (Rogue.AdwareAlert) on -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ All Users \ Start Menu \ Programlar \ AdwareAlert \ AdwareAlert.lnk (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ (Rogue.AdwareAlert) rs.dat -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Girişi \ 2008 19 Nisan - 03_00_00 AM_625.log (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Girişi \ 2008 19 Nisan - 03_00_01 AM_046.log (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Girişi \ 2008 20 Nisan - 03_00_00 AM_609.log (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Girişi \ 2008 20 Nisan - 03_00_01 AM_046.log (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Girişi \ 2008 21 Nisan - 03_00_00 AM_484.log (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Girişi \ 2008 21 Nisan - 03_00_01 AM_203.log (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Girişi \ 2008 22 Nisan - 03_00_00 AM_250.log (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Girişi \ 2008 22 Nisan - 03_00_00 AM_562.log (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Girişi \ 2008 23 Nisan - 03_00_00 AM_281.log (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Girişi \ 2008 23 Nisan - 03_00_00 AM_640.log (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Girişi \ 2008 23 Nisan - 11_06_53 AM_968.log (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Girişi \ 2008 23 Nisan - 11_12_02 AM_000.log (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Settings \ ScanResults.pie (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.
C: \ Program Files \ Common \ (Trojan.BHO) helper.dll -> karantinaya ve başarıyla silindi.
C: \ WINDOWS \ Tasks \ AdwareAlert Zamanlanmış Scan.job (Trojan.Downloader) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ Lifeline \ Favoriler \ Online Güvenlik Test.url (Rogue.Link) -> karantinaya ve başarıyla silindi.
C: \ Documents and Settings \ All Users \ Desktop \ AdwareAlert.lnk (Rogue.AdwareAlert) -> karantinaya ve başarıyla silindi.

[evilfantasy]

İki antivirüs ve iki güvenlik duvarları (güvenlik suit) kullanıyorsunuz. Bunların Lütfen kaldırmak bir şimdi sonra yeni bir HijackThis sonrası giriş yapın.

[ruffryder2k7]

Evet Kaspersky onun virüsten koruma ve ateş duvarı ve Sohbet tahmin Windows Güvenlik Duvarı açıkken yüklediyseniz
ve i dont diğer antivirüs ben başka bir şey yayınlanmıyor Sohbet ne yüklü olduğunu biliyorum
U daha belirgin olabilir?

[evilfantasy]

Microsoft Windows OneCare Live Ayrıca bir virüsten koruma / güvenlik duvarı birleşimidir.

[ruffryder2k7]

tamam ben baktım ama bir bakım Ben Kaspersky yükleyerek bunu kaldırıldı vardı kurulu değil
yeni bir hijackthis yine bir.

Logfile Trend Micro HijackThis v2.0.2 ve
Tarama 11:02:53 at 10/29/2008 kaydedilmiş
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot modu: Normal

Çalışan süreçleri:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ progra ~ 1 \ intern COMMON ~ 1 \ AOL \ ACS \ AOLacsd.exe
C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ Program Files \ Western Union \ Evrensel-Yayın \ Translink.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6061025
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com/
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.dell.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6061025
O2 - BHO: Yahoo! Araç Çubuğu Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ yükler \ cpn \ yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: SSVHelper Sınıf - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ Program Files \ googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ GoogleToolbarNotifier \ 3.1.807.1746 \ SW g.dll
O2 - BHO: CBrowserHelperObject Nesne - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - C: \ Program Files \ Bae \ BAE.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ yükler \ cpn \ yt.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ Program Files \ googletoolbar3.dll
O4 - HKLM \ .. \ Run: [NvCplDaemon] Rundll32.exe C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [AVP] "C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe"
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O8 - Extra menü öğesi: Afiş Reklam Engelleyicisi için - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ ie_banner_deny.htm ekle
O8 - Extra menü item: E & Microsoft Excel'e xport - res: / / C: \ progra ~ 1 \ intern MI1933 ~ 1 \ Office11 \ EXCEL.EXE/3000
O9 - Extra düğmesi: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll
O9 - Extra düğmesi: Web trafiği koruma istatistikleri - (1F460357-8A94-4D71-9CA3-AA4ACF32ED8E) - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ SCIEPlgn.dll
O9 - Extra düğmesi: Araştırma - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ progra ~ 1 \ intern MI1933 ~ 1 \ Office11 \ REFIEBAR.DLL
O9 - Extra düğmesi: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll
O9 - Extra düğmesi: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (05D44720-58E3-49E6-BDF6-D00330E511D3) (StagingUI Nesne) -- http://zone.msn.com/binFrameWork/v10...I.cab55579.cab
O16 - DPF: (3BB54395-5982-4788-8AF4-B5388FFDD0D8) (MSN Games - Buddy Invite) -- http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab
O16 - DPF: (3C1F44A9-D1FD-4AA5-BC66-69816B58680C) (Yazıcı Sınıfı) -- https: / / webcenter.ipponline.com / ippo...iptPrinter.cab
O16 - DPF: (5736C456-EA94-4AAC-BB08-917ABDD035B3) (ZonePAChat Nesne) -- http://zone.msn.com/binframework/v10...t.cab55579.cab
O16 - DPF: (6B0228D7-D6D5-4B97-82E7-79557E4314D0) (ScannerDll.CheckScanner) -- https: / / webcenter.ipponline.com / ippo...ScannerDll.CAB
O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
O16 - DPF: (DA2AA6CF-5C7A-4B71-BC3B-C771BB369937) (MSN Games - Game Communicator) -- http://zone.msn.com/binframework/v10...y.cab55579.cab
O16 - DPF: (F773E7B2-62A9-4524-9109-87D2F0BEFAA4) (ChessControl Sınıf) -- http://zone.msn.com/bingame/zpagames...p.cab56961.cab
O18 - Filtre sızmak: text / html - (59610584-cc18-436f-b031-a6893781f08d) - C: \ WINDOWS \ system32 \ msziptools.dll
O20 - AppInit_DLLs: C: \ progra ~ 1 \ intern Google \ GOOGLE ~ 1 \ GOEC62 ~ 1.DLL, C: \ progra ~ 1 \ intern Kasper ~ 1 \ Kasper ~ 1 \ C mzvkbd.dll: \ progra ~ 1 \ intern Kasper ~ 1 \ Kasper ~ 1 \ C mzvkbd3.dll: \ progra ~ 1 \ intern Kasper ~ 1 \ KASPE R ~ 1 \ C adialhk.dll: \ progra ~ 1 \ intern Kasper ~ 1 \ Kasper ~ 1 \ kloe hk.dll dwolhm.dll
O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: AOL Connectivity Servisi (AOL ACS) - America Online, Inc - C: \ progra ~ 1 \ intern COMMON ~ 1 \ AOL \ ACS \ AOLacsd.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Common \ Google Updater \ googleupdaterservice.exe
O23 - Service: OneCare Güvenlik Duvarı (msfwsvc) - Bilinmeyen sahibi - C: \ Program Files \ Microsoft Windows OneCare Live \ Firewall \ (dosya eksik) msfwsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: OneCare AntiSpyware ve AntiVirus (OneCareMP) - Bilinmeyen sahibi - C: \ Program Files \ Microsoft Windows OneCare Live \ Antivirus \ MsMpEng.exe (eksik) dosyası

--
Dosya sonu - 6332 byte

[evilfantasy]

Açık HijackThis ve Bir sistem taraması yapın sadece.

Bir onay işareti aşağıdaki girdileri yanındaki Yeri: (eğer varsa)

- O18 - Filtre sızmak: text / html - (59610584-cc18-436f-b031-a6893781f08d) - C: \ WINDOWS \ system32 \ msziptools.dll
- O23 - Service: OneCare Güvenlik Duvarı (msfwsvc) - Bilinmeyen sahibi - C: \ Program Files \ Microsoft Windows OneCare Live \ Firewall \ (dosya eksik) msfwsvc.exe
- O23 - Service: OneCare AntiSpyware ve AntiVirus (OneCareMP) - Bilinmeyen sahibi - C: \ Program Files \ Microsoft Windows OneCare Live \ Antivirus \ MsMpEng.exe (eksik) dosyası

Önemli: HijackThis hariç tüm pencereleri kapatın ve tıklatın Ayarı kontrol.

Çıkış HijackThis.

----------

Git Başlat> Çalıştır ve türü Notepad.exe tıklatın Tamam.

Kopyalama ve kod kutusu içinde aşağıdaki metni yapıştırın içine yeni Not Defteri dosya.

Kodu:

@ ECHO OFF sc durdurmak "msfwsvc" sc delete "msfwsvc" sc durdurmak "OneCareMP" sc "OneCareMP" exit silmek

In Notepad seçin Dosya ve Farklı kaydet
Konuma Masaüstü ve olmak için Kaydet'i seçin Dosya adı: tür fixme.bat emin olan Kayıt türü alanı diyor Tüm dosyalar.

Sonraki çift tıklayın fixservice.bat çalıştırmak için.
Siyah kutusunu açmak ve kapatmak kısa bir süre sonra, bu normaldir.
Siyah kutu kadar devam etmeyin kapattı
Masaüstünde fixservice.bat silin.

----------

Indirmek Oldtimer tarafından OTMoveIt2 ve kaydetmek için Masaüstü.

Not: Eğer Vista sağ OTMoveIt2.exe tıklayın ve tercih çalışan Çalıştır'ı olarak Administrator.

1. Çift tıklayın OTMoveIt2.exe çalıştırmak için.
2. Aşağıdaki codebox olarak satırları kopyalayın.

Kodu:

[öldürmek Explorer] C: \ Program Files \ Microsoft Windows OneCare Live EmptyTemp [başlatmak gezginini]

3. Aylarında OTMoveIt2 dön sağ tıklayıp Dosyaların Yapıştır Listesi / Klasörler taşı pencere sarı çubuğu (altında) ve tercih Yapıştır
4. Tıklayın kırmızı Moveit! düğmesini tıklayın.
5. Sonuçlar pencerede Kopyala herşeyi yeşil çubuğu (altında) ve sonraki yanıtınıza yapıştırın.
6. Kapatmak OTMoveIt2

Not: Bu hareketi tamamlamak için bir dosya veya klasörü taşımak mümkün olmaz hemen bilgisayarınızı yeniden başlatmanız istenebilir. Eğer, seçim yeniden başlatmanız istenir Evet. Zaten yeniden doğmuş Değilse.

----------

Download ComboFix subs tarafından birini bağlantılar altı. Be üst emin için kaydedin Masaüstü.

Bağlantı # 1
Bağlantı # 2

** Not: Bu doğrudan Masaüstü kaydedilir önemlidir

Kapat açık Web tarayıcıları. (Firefox, Internet Explorer vb) ComboFix başlamadan önce.

Geçici devre dışı bırakmak senin antivirüsVe herhangi bir AntiSpyware gerçek zamanlı koruma önce bir tarama yapmak. Tıklayın Bu bağlantıyı güvenlik programları ve engelli gerektiğini nasıl devre dışı bırakmak için bir listesini görebilirsiniz.

Combofix.exe çift tıklayın ve talimatları izleyin.

Windows XP için Sistem Kurtarma Konsolu'nu yükleyin:

- Eğer Windows XP kullanıyorsanız zaten Kurtarma Konsolu'nu, lütfen Internet bağlantısı sağlamak yüklü değildir (eğer mümkünse) ve tıklama etkin Evet.
- Eğer Internet tıklayınız çalışma değil bir nedenle Hayır.
-- Windows XP kullanmıyorsanız, istendiğinde olmayacak.
- Ne zaman EULA'yı tıklayın kabul istenir Tamam.
- Kabul Microsoft EULA (tıklayın Evet).
- Ne zaman bu RC doğru tıklayın yüklü olduğunu söyledi EVET kötü amaçlı yazılım için taramaya devam edin.

ComboFix ne zaman sizin için bir giriş oluşturur tamamladı.
Gönderi ComboFix giriş Bir sonraki yanıtınıza.

Önemli: Süre Çalışıyorsa ComboFix pencere mouseclick etmeyin. İşte bu geciktirmek neden olabilir.

Yeniden hatırla-virüsten koruma ve AntiSpyware koruma zaman ComboFix tamamlandığında etkinleştirin.