|
|
#1
21. Eylül 2008, 16:43
| |||
| |||
 Wimad-E virüsü?? HI Evil Fantasy - i diğer kullanıcıya Burada da benzer bir sorun yaşıyorum. Yüklediğim ve combofix çalıştırmak, çıkış hangi altındadır. Ben büyük sağlamak mümkün olabilecek herhangi bir yardım olur. Ben dosyası, troyan geldi - i silmek için ancak Windows ME izin vermiyor denedim biliyorum - kullanmak olduğunu söylüyor. Herhangi bir düşünce çok olur. Teşekkürler ComboFix 08-09-20.05 - Yönetici 2008-09-22 0:29:51.1 -- FAT32x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.254 [GMT 1:00] Koşturuyorlar: C: \ Documents and Settings \ Administrator \ Desktop \ ComboFix.exe * Yeni bir geri yükleme noktası Oluşturuldu UYARI-Bu makine değil HAVEN'T Kurtarma Konsolu'nu Installed! . ((((((((((((((((((((((((((((((((((((((( Diğer Deletions ))))))))) )))))))))))))))))))))))))))))))))))))))) . C: \ Documents and Settings \ Administrator \ Çerezler \ 2o7 @ yöneticisi [1]. Txt C: \ Documents and Settings \ Administrator \ Çerezler \ administrator@ad.yi eldmanager [1]. Txt C: \ Documents and Settings \ Administrator \ Çerezler \ reklamv @ yönetici tising [2]. Txt C: \ Documents and Settings \ Administrator \ Çerezler \ administrator@ehg-baa.hitbox [2]. Txt C: \ Documents and Settings \ Administrator \ Çerezler \ administrator@ehg-discoverynetwork.hitbox [2]. Txt C: \ Documents and Settings \ Administrator \ Çerezler \ administrator@ehg-mastercard.hitbox [2]. Txt C: \ Documents and Settings \ Administrator \ Çerezler \ administrator@ehg-tfl.hitbox [2]. Txt C: \ Documents and Settings \ Administrator \ Çerezler \ administrator @ foxto ns.co [2]. Txt C: \ Documents and Settings \ Administrator \ Çerezler \ isabet @ yöneticinize başvurun. gureport.co [1]. txt C: \ Documents and Settings \ Administrator \ Çerezler \ haber @ yöneticinize başvurun. uk.msn [2]. txt C: \ Documents and Settings \ Administrator \ Çerezler \ administrator @ revsc i [2]. Txt C: \ Documents and Settings \ Administrator \ Çerezler \ RTM @ yöneticisi [6]. Txt C: \ Documents and Settings \ Administrator \ Çerezler \ yönetici @ Servi NG-SYS [2]. Txt C: \ Documents and Settings \ Administrator \ Çerezler \ yönetici @ speci ficclick [1]. Txt C: \ Documents and Settings \ Administrator \ Çerezler \ administrator @ statc ounter [1]. Txt C: \ Documents and Settings \ Administrator \ Çerezler \ administrator@ths.n ews.com [2]. Txt C: \ Documents and Settings \ Administrator \ Çerezler \ ticaret doubler [1 @ yöneticisi]. Txt C: \ Documents and Settings \ Administrator \ Çerezler \ tsw0 @ yöneticisi [1]. Txt C: \ Documents and Settings \ Administrator \ Çerezler \ administrator@ww0.t imeout [1]. Txt C: \ Documents and Settings \ Administrator \ Çerezler \ administrator@www.r eed.co [2]. Txt C: \ WINDOWS \ system32 \ lsprst7.dll . ((((((((((((((((((((((((( Dosyalar 2008/08/21 için 2008/09/21 ))))))))))) kimden Oluşturuldu )))))))))))))))))))) . 2008-09-22 00:28. 2008/09/16 01:03 <DIR> D -------- C: \ 32788R22FWJFW 2008-09-22 00:00. 2008/09/22 00:00 <DIR> D -------- C: \ Program Files \ Bu yok! 2008-09-14 21:22. 2008/04/14 01:12 221184 - a ------ C: \ WINDOWS \ system32 \ wmpns.dll 2008-09-14 20:54. 2008/09/14 20:54 <DIR> D -------- C: \ WINDOWS \ system32 betikleme \ 2008-09-14 20:54. 2008/09/14 20:54 <DIR> D -------- C: \ WINDOWS \ system32 \ tr 2008-09-14 20:54. 2008/09/14 20:54 <DIR> D -------- C: \ WINDOWS \ l2schemas 2008-09-14 20:27. 2008/04/13 18:28 2.940.928 --------- C: \ Windows \ System32 \ Dllcache \ wmploc.dll 2008-09-14 20:26. 2008/04/14 01:10 844.314 --------- C: \ Windows \ System32 \ Dllcache \ Msdxm.ocx 2008-09-13 18:04. 2008/09/13 18:04 <DIR> D -------- C: \ Program Files \ Java 2008-09-13 18:04. 2008/09/13 18:05 <DIR> D -------- C: \ Documents and Settings \ Administrator \ Application Data \ LimeWire 2008-09-13 18:04. 2008/06/10 02:32 73728 - a ------ C: \ WINDOWS \ system32 \ javacpl.cpl 2008-09-13 18:03. 2008/09/13 18:03 <DIR> D -------- C: \ Program Files \ Common Files \ Java 2008-09-13 18:00. 2008/09/13 18:00 <DIR> D -------- C: \ Program Files \ LimeWire 2008-09-13 12:43. 2008/09/13 12:43 <DIR> D -------- C: \ Program Files \ iDump 2008-09-13 12:08. 2008/09/13 12:08 <DIR> D -------- C: \ Program Files \ iTunes 2008-09-13 12:08. 2008/09/13 12:08 <DIR> D -------- C: \ Program Files \ iPod 2008-09-13 12:08. 2008/09/13 12:08 <DIR> D -------- C: \ Documents and Settings \ All Users \ Application Data \ (3276BE95_AF08_429F_A64F_CA64CB79BCF6) 2008-09-13 12:08. 2008/09/13 12:08 <DIR> D -------- C: \ Documents and Settings \ Administrator \ Application Data \ Apple Computer 2008-09-13 12:08. 2008/04/17 13:12 107368 - a ------ C: \ WINDOWS \ system32 \ GEARAspi.dll 2008-09-13 12:08. 2008/04/17 13:12 15464 - a ------ C: \ WINDOWS \ system32 \ drivers \ GEARAspiWDM.sys 2008-09-13 12:07. 2008/09/13 12:07 <DIR> D -------- C: \ Program Files \ QuickTime 2008-09-13 12:07. 2008/09/13 12:07 <DIR> D -------- C: \ Program Files \ Bonjour 2008-09-13 12:07. 2008/09/13 12:07 <DIR> D -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple Computer 2008-09-13 12:06. 2008/09/13 12:06 <DIR> D -------- C: \ WINDOWS \ system32 \ DRVSTORE 2008-09-13 12:06. 2008/09/13 12:06 <DIR> D -------- C: \ Program Files \ Common Files \ Apple 2008-09-13 12:06. 2008/09/13 12:06 <DIR> D -------- C: \ Program Files \ Apple Software Update 2008-09-13 12:06. 2008/09/13 12:06 <DIR> D -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple 2008-09-06 15:09. 2008/09/06 15:09 90112 - a ------ C: \ WINDOWS \ system32 \ QuickTimeVR.qtx 2008-09-06 15:09. 2008/09/06 15:09 57344 - a ------ C: \ WINDOWS \ system32 \ QuickTime.qts 2008-08-29 10:18. 2008/08/29 10:18 87336 - a ------ C: \ WINDOWS \ System32 \ DNS-sd.exe 2008-08-29 09:53. 2008/08/29 09:53 61440 - a ------ C: \ WINDOWS \ system32 \ dnssd.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Rapor )))))))) )))))))))))))))))))))))))))))))))))))))))))) . 2008-08-03 07:37 --------- ----- D W C: \ Documents and Settings \ Administrator \ Application Data \ skypePM 2008-08-03 07:35 --------- ----- D W C: \ Documents and Settings \ Administrator \ Application Data \ Skype 2008-08-03 07:32 --------- ----- D W C: \ Program Files \ Skype 2008-08-03 07:31 --------- ----- D W C: \ Program Files \ Common Files \ Skype 2008-08-03 07:31 --------- ----- D W C: \ Documents and Settings \ All Users \ Application Data \ Skype 2008/07/18 21:10 94920 ---- Aw C: \ Windows \ System32 \ Dllcache \ cdm.dll 2008/07/18 21:10 94920 ---- Aw C: \ WINDOWS \ system32 \ cdm.dll 2008/07/18 21:10 53448 ---- Aw C: \ WINDOWS \ system32 \ wuauclt.exe 2008/07/18 21:10 53448 ---- Aw C: \ Windows \ System32 \ Dllcache \ wuauclt.exe 2008/07/18 21:10 45768 ---- Aw C: \ WINDOWS \ system32 \ wups2.dll 2008/07/18 21:10 36552 ---- Aw C: \ WINDOWS \ system32 \ wups.dll 2008/07/18 21:10 36552 ---- Aw C: \ Windows \ System32 \ Dllcache \ wups.dll 2008/07/18 21:09 563912 ---- Aw C: \ WINDOWS \ system32 \ wuapi.dll 2008/07/18 21:09 563912 ---- Aw C: \ Windows \ System32 \ Dllcache \ wuapi.dll 2008/07/18 21:09 325832 ---- Aw C: \ WINDOWS \ system32 \ wucltui.dll 2008/07/18 21:09 325832 ---- Aw C: \ Windows \ System32 \ Dllcache \ wucltui.dll 2008/07/18 21:09 205,000 ---- Aw C: \ WINDOWS \ system32 \ wuweb.dll 2008/07/18 21:09 205,000 ---- Aw C: \ Windows \ System32 \ Dllcache \ wuweb.dll 2008/07/18 21:09 1.811.656 ---- Aw C: \ WINDOWS \ system32 \ Wuaueng.dll 2008/07/18 21:09 1.811.656 ---- Aw C: \ Windows \ System32 \ Dllcache \ Wuaueng.dll 2008/07/07 20:26 253952 ---- Aw C: \ WINDOWS \ system32 \ es.dll 2008/07/07 20:26 253952 ------ W C: \ Windows \ System32 \ Dllcache \ es.dll 2008/06/26 08:15 619520 ------ W C: \ Windows \ System32 \ Dllcache \ urlmon.dll 2008/06/26 08:15 1.499.136 ------ W C: \ Windows \ System32 \ Dllcache \ shdocvw.dll 2008/06/24 16:43 74240 ---- Aw C: \ WINDOWS \ system32 \ mscms.dll 2008/06/24 16:43 74240 ------ W C: \ Windows \ System32 \ Dllcache \ mscms.dll 2008/06/23 15:09 666112 ---- Aw C: \ WINDOWS \ system32 \ Wininet.dll 2008/06/23 15:09 666112 ------ W C: \ Windows \ System32 \ Dllcache \ Wininet.dll 2008/06/23 15:09 3.067.392 ------ W C: \ Windows \ System32 \ Dllcache \ Mshtml.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Puan )))))))))) )))))))))))))))))))))))))))))))))))))))) . . * Not * boş girişler ve yasal varsayılan girişler gösterilir değildir REGEDIT4 [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run] "ctfmon.exe" = "C: \ Windows \ system32 \ ctfmon.exe" [2008-04-14 15360] "SWG" = "C: \ Program Files \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe" [2008-04-21 68856] "MSMSGS" = "C: \ Program Files \ Messenger \ msmsgs.exe" [2008-04-14 1695232] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run] "AVG7_CC" = "C: \ progra ~ 1 \ intern Grisoft \ AVG7 \ avgcc.exe" [2008-06-27 580096] "Adobe Reader Speed Launcher" = "C: \ Program Files \ Adobe \ Reader 8,0 \ Reader \ Reader_sl.exe" [2008-01-11 39792] "bgsmsnd.exe" = "C: \ Windows \ system32 \ bgsmsnd.exe" [2007-11-19 160136] "QuickTime Task" = "C: \ Program Files \ QuickTime \ QTTask.exe" [2008-09-06 413696] "iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008-09-10 289576] "SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe" [2008-06-10 144784] "S3TRAY2" = "S3Tray2.exe" [2001/10/11 C: \ WINDOWS \ system32 \ S3Tray2.exe] "AGRSMMSG" = "AGRSMMSG.exe" [2003/06/27 C: \ WINDOWS \ AGRSMMSG.exe] "ATIModeChange" = "Ati2mdxx.exe" [2001/09/04 C: \ WINDOWS \ system32 \ Ati2mdxx.exe] [HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ Run] "AVG7_Run" = "C: \ progra ~ 1 \ intern Grisoft \ AVG7 \ avgw.exe" [2008-04-19 219136] [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ Listesi] "% windir% \ \ system32 \ \" = Sessmgr.exe "C: \ \ Program Files \ \ Messenger \ \ msmsgs.exe" = "C: \ \ Program Files \ \ Bonjour \ \" = mDNSResponder.exe "C: \ \ Program Files \ \ iTunes \ \ iTunes.exe" = "C: \ \ Program Files \ \ LimeWire \ \ LimeWire.exe" = "% windir% \ \ Network Diagnostic \ \" = xpnetdiag.exe "C: \ \ Program Files \ \ Skype \ \ Phone \ \ Skype.exe" = R3 Tp4Track; IBM PS / 2 TrackPoint Sürücü; C: \ Windows \ System32 \ drivers \ tp4track.sys [2003-05-15 13904] [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ (f1882860-129d-11dd-89b6-000d60cb61ce)] \ Shell \ AutoRun \ command - E: \ LaunchU3.exe * Yeni * - PROCEXP90 Servisi Oluşturuldu . The 'Zamanlanmış Görevler' klasörüne İçerikleri . . ------- Supplementary Scan ------- . R0 -: HKCU-Main, Start Page = hxxp: / / www.google.co.uk/ R0 -: HKCU-Main, Arama Sayfası = hxxp: / / www.google.com R0 -: HKCU-Main, Search Bar = hxxp: / / www.google.com / yani R1 -: HKCU-Internet Settings, ProxyOverride = *. yerel R1 -: HKCU-SearchURL, (Varsayılan) = hxxp: / / www.google.com/search?q =% s O8 -: E & Microsoft Excel'e xport - C: \ progra ~ 1 \ intern mikro ~ 2 \ Office11 \ EXCEL.EXE/3000 O16 -: (2DAD3559-2923-4935-AD49-B673D2539944) - hxxp: / / www-307.ibm.com/pc/support/acpir.cab C: \ WINDOWS \ Downloaded Program Files \ acpir.inf C: \ WINDOWS \ System32 \ capicom.dll C: \ WINDOWS \ Downloaded Program Files \ acpir2.dll O16 -: (483EB14D-AF1C-4951-81B0-4E2B41829FF6) - hxxps: / / www.select2perform.eu/cabs/QOLCheck.ocx C: \ WINDOWS \ Downloaded Program Files \ QOLCheck.ocx . ************************************************** ************************ catchme 0.3.1361 W2K/XP/Vista - Rootkit / gizli kötü amaçlı yazılım dedektör Gmer tarafından, http://www.gmer.net Rootkit 2008/09/22 00:32:33 tarama 5/1/2600 Windows Service Pack 3 FAT NTAPI gizli işlemler tarama ... Gizli kayıtları otomatik tarama ... Gizli dosya tarama ... başarıyla tamamlandı tarama Gizli dosya: 0 ************************************************** ************************ . --------------------- DLL Yüklü çalışan süreçleri altında --------------------- SÜRECİ: C: \ WINDOWS \ system32 \ winlogon.exe -> C: \ WINDOWS \ system32 \ ati2evxx.dll . Tamamlanma süresi: 2008/09/22 0:33:07 ComboFix-karantinaya-files.txt 2008/09/21 23:33:06 Ön Çalıştır'ı: 9484075008 bayt boş Post-Run: 9686056960 bayt boş 167 --- EOF --- 2008-09-16 07:01:45 |
|
#2
21. Eylül 2008, 17:37
| |||
| |||
| Wimad-E virüsü?? Indirmek TrendMicro HijackThis.exe (HJT) Masaüstü için.
__________________  |
|
#3
21. Eylül 2008, 23:43
| |||
| |||
| Wimad-E virüsü?? Yardım için teşekkür ederiz. Aşağıdaki dosya çıkışı: Logfile Trend Micro HijackThis v2.0.2 ve Tarama 07:40:46 at 22/09/2008 kaydedilmiş Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot modu: Normal Çalışan süreçleri: C: \ WINDOWS \ System32 \ Smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ Services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ ibmpmsvc.exe C: \ WINDOWS \ System32 \ Ati2evxx.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ system32 \ spoolsv.exe C: \ WINDOWS \ AGRSMMSG.exe C: \ progra ~ 1 \ intern Grisoft \ AVG7 \ avgcc.exe C: \ WINDOWS \ system32 \ bgsmsnd.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe C: \ WINDOWS \ system32 \ ctfmon.exe C: \ Program Files \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe C: \ Program Files \ LimeWire \ LimeWire.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ progra ~ 1 \ intern Grisoft \ AVG7 \ avgamsvr.exe C: \ progra ~ 1 \ intern Grisoft \ AVG7 \ avgupsvc.exe C: \ progra ~ 1 \ intern Grisoft \ AVG7 \ avgemc.exe C: \ Program Files \ Bonjour \ mDNSResponder.exe C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ WINDOWS \ explorer.exe C: \ WINDOWS \ system32 \ wuauclt.exe C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/ R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Ayarlar, ProxyOverride = *. yerel O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll O2 - BHO: Skype eklemek-(beyin) - (22BF413B-C6D2-4d91-82A9-A0F997BA588C) - C: \ Program Files üzerinde \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll O2 - BHO: pdfMachine - (56CF4856-ECB4-4e46-A897-A378821F97B9) - C: \ WINDOWS \ system32 \ bgstb.dll O2 - BHO: SSVHelper Sınıf - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ Program Files \ googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ GoogleToolbarNotifier \ 3.0.1225.9868 \ wg.dll var O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ Program Files \ googletoolbar1.dll O3 - Toolbar: pdfMachine - (56CF4856-ECB4-4e46-A897-A378821F97B9) - C: \ WINDOWS \ system32 \ bgstb.dll O4 - HKLM \ .. \ Run: [S3TRAY2] S3Tray2.exe O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM \ .. \ Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ progra ~ 1 \ intern Grisoft \ AVG7 \ avgcc.exe / Başlangıç O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8,0 \ Reader \ Reader_sl.exe" O4 - HKLM \ .. \ Run: [bgsmsnd.exe] C: \ WINDOWS \ system32 \ bgsmsnd.exe O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe" O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe O4 - HKCU \ .. \ Run: [SWG] C: \ Program Files \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / arka plan O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ progra ~ 1 \ intern Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [AVG7_Run] C: \ progra ~ 1 \ intern Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [AVG7_Run] C: \ progra ~ 1 \ intern Grisoft \ AVG7 \ avgw.exe / RunOnce (Kullanıcı 'SİSTEM') O4 - HKUS \. DEFAULT \ .. \ Run: [AVG7_Run] C: \ progra ~ 1 \ intern Grisoft \ AVG7 \ avgw.exe / RunOnce (Kullanıcı 'Varsayılan kullanıcı') O8 - Extra menü item: E & Microsoft Excel'e xport - res: / / C: \ progra ~ 1 \ intern mikro ~ 2 \ Office11 \ EXCEL.EXE/3000 O9 - Extra düğmesi: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra düğmesi: Skype - (77BF5300-1474-4EC7-9980-D32B190E9B07) - C: \ Program Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll O9 - Extra düğmesi: Araştırma - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ progra ~ 1 \ intern mikro ~ 2 \ Office11 \ REFIEBAR.DLL O9 - Extra düğmesi: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O16 - DPF: (2DAD3559-2923-4935-AD49-B673D2539944) (IASRunner Sınıf) -- http://www-307.ibm.com/pc/support/acpir.cab O16 - DPF: (483EB14D-AF1C-4951-81B0-4E2B41829FF6) (QOLCheck Kontrol) -- https: / / www.select2perform.eu/cabs/QOLCheck.ocx O18 - Protokol: skype4com - (FFC8B962-9B40-4DFF-9458-1830C7DD7F5D) - C: \ progra ~ 1 \ intern COMMON ~ 1 \ Skype \ SKYPE4 ~ 1.DLL O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: Ati Hotkey Poller - Bilinmeyen sahibi - C: \ WINDOWS \ System32 \ Ati2evxx.exe O23 - Service: AVG7 Uyarısı Müdürü Server (Avg7Alrt) - GRISOFT, sro - C: \ progra ~ 1 \ intern Grisoft \ AVG7 \ avgamsvr.exe O23 - Service: AVG7 Güncelleme Servisi (Avg7UpdSvc) - GRISOFT, sro - C: \ progra ~ 1 \ intern Grisoft \ AVG7 \ avgupsvc.exe O23 - Service: AVG E-posta Tarayıcısı (AVGEMS) - GRISOFT, sro - C: \ progra ~ 1 \ intern Grisoft \ AVG7 \ avgemc.exe O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Common \ Google Updater \ googleupdaterservice.exe O23 - Service: IBM PM Service (IBMPMSVC) - Bilinmeyen sahibi - C: \ WINDOWS \ system32 \ ibmpmsvc.exe O23 - Service: InstallDriver Tablo Yöneticisi (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1150 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe -- Dosya sonu - 6502 byte |
|
#4
22. Eylül 2008, 07:42
| |||
| |||
| Wimad-E virüsü?? Size olan herhangi bir kötü amaçlı yazılım görmüyorsanız, sorunları nelerdir? Sen burada tarar çalıştırabilirsiniz http://www.computer-juice.com/forums...-posting-7476/ ve sonrasında zaman tam girer. AVG bilgi bak. Sizin kendi güncelleme gerekir.
__________________ |
|
#5
22. Eylül 2008, 10:38
| |||
| |||
| Wimad-E virüsü?? Merhaba Evilfantasy - teşekkürler. Sorun bu: Bir şüpheli mp3 olduğunu LimeWire indirilen. i olarak çift tıkladım, ve düşünmek kesinlikle iTunes içine yüklemek için denendi. Gibi bir yerde okumak (Ancak bu medya oynatıcı ile çalıştırmak edilmiş olmaz - kullanan yok - bu keyfi bu wimad kullanan Windows mediaplayer açığı). Daha sonra AVG ile Wimad E. yakalandı Ama bana silmek veya daha fazla bir karantina, eğer sadece denemek ve dosyayı silmek için gibi alışkanlık dosya taranmış, pencereler dosya kullanımı, ve silinemez olduğunu söylüyor . Seni diğer sayfada öneririz adım adım gider. Teşekkürler |
|
#6
22. Eylül 2008, 10:41
| |||
| |||
| Wimad-E virüsü?? Göndermeden MalwareBytes giriş. Eğer bu onu bulmak için başka bir tarayıcı kullanacaktır bulamıyor.
__________________ |
