aponhero Posted February 2, 2010 Share Posted February 2, 2010 Arkadaslar benim soundmaxp arkadaşımızın yapmıs olduğun se7en editionu kullanıorum bunda bişey yok programlarıda güzel ben eset smart security kullanmaktayım ve sistemimi her açtığımda böyle bir hata ile karşı karşıya geliriorum java ile ilgili olabilir die javayı kaldırıp kendi sitesinden kurdum yine aynı sorun var sorunum böyle : lütfen yardım edin sorun neyde olabilir ? Link to comment Share on other sites More sharing options...
ULUMANITU_ Posted February 2, 2010 Share Posted February 2, 2010 Sorun javada değil bir virüs onu kullanmaya çalışıyor sanırım sil seçeneğini kullanarak temizlenmiyormu Combo fix ile temizleyebilirsin Burada da kullanımı anlatılıyor Please register to see this content. Link to comment Share on other sites More sharing options...
aponhero Posted February 2, 2010 Author Share Posted February 2, 2010 hemen deniyiyip tekrar dönücem combofix yarım ingilicem ile system file infected yani system dosyasına bulaşmıs dior logu aynen böyle ComboFix 10-02-01.03 - Administrator 03.02.2010 18:13:47.1.4 - x86 Microsoft Windows XP Professional 5.1.2600.3.1254.90.1055.18.3327.2953 [GMT 4,5:30] Running from: c:\documents and settings\Administrator\Belgelerim\Downloads\Programs\ComboFix.exe AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: ESET Kişisel güvenlik duvarı *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} * Resident AV is active . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Administrator\Application Data\Desktopicon c:\windows\system32\1.bat c:\windows\system32\2.reg c:\windows\system32\hidden.reg c:\windows\system32\scrrntr.dll c:\windows\system32\termsrv.dll . . . is infected!! . ((((((((((((((((((((((((( Files Created from 2010-01-03 to 2010-02-03 ))))))))))))))))))))))))))))))) . 2010-02-03 13:43 . 2010-02-03 13:43 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ESET 2010-02-03 12:30 . 2010-02-03 12:30 -------- d-----w- c:\documents and settings\Administrator\Application Data\My Battle for Middle-earth(tm) II Files 2010-02-03 12:19 . 2010-02-03 12:19 -------- d-----w- c:\program files\Common Files\Java 2010-02-03 12:19 . 2010-02-03 12:19 503808 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1c10ae20-n\msvcp71.dll 2010-02-03 12:19 . 2010-02-03 12:19 499712 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1c10ae20-n\jmc.dll 2010-02-03 12:19 . 2010-02-03 12:19 348160 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1c10ae20-n\msvcr71.dll 2010-02-03 12:19 . 2010-02-03 12:19 61440 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-30370f0c-n\decora-sse.dll 2010-02-03 12:19 . 2010-02-03 12:19 12800 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-30370f0c-n\decora-d3d.dll 2010-02-03 12:19 . 2010-02-03 12:19 -------- d-----w- c:\program files\Java 2010-02-03 11:04 . 2010-02-03 11:04 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET 2010-02-02 21:33 . 2009-10-25 21:48 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys 2010-02-02 21:25 . 2010-02-02 21:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus! . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-03 13:41 . 2010-02-02 18:08 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent 2010-02-03 13:14 . 2010-02-02 18:59 -------- d-----w- c:\documents and settings\Administrator\Application Data\DMCache 2010-02-03 12:19 . 2010-02-02 17:50 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-02-03 12:17 . 2008-04-15 06:00 79760 ----a-w- c:\windows\system32\perfc01F.dat 2010-02-03 12:17 . 2008-04-15 06:00 425278 ----a-w- c:\windows\system32\perfh01F.dat 2010-02-03 11:36 . 2010-02-02 18:59 -------- d-----w- c:\documents and settings\Administrator\Application Data\IDM 2010-02-02 19:30 . 2010-02-02 19:30 -------- d-----w- c:\documents and settings\All Users\Application Data\KONAMI 2010-02-02 19:24 . 2010-02-02 18:02 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-02-02 19:17 . 2010-02-02 19:17 177024 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4j7w56cw.default\FlashGot.exe 2010-02-02 19:00 . 2010-02-02 18:59 -------- d-----w- c:\program files\Internet Download Manager 2010-02-02 19:00 . 2010-02-02 19:00 198064 ----a-w- c:\documents and settings\Administrator\Application Data\IDM\idmmzcc3\components\idmmzcc.dll 2010-02-02 18:45 . 2010-02-02 17:42 68456 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-02-02 18:39 . 2010-02-02 18:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-02-02 18:34 . 2010-02-02 17:54 -------- d-----w- c:\program files\Microsoft Works 2010-02-02 18:28 . 2010-02-02 17:45 -------- d-----w- c:\program files\MSBuild 2010-02-02 18:25 . 2010-02-02 18:25 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2010-02-02 18:23 . 2010-02-02 18:02 -------- d-----w- c:\documents and settings\Administrator\Application Data\DAEMON Tools Lite 2010-02-02 18:21 . 2010-02-02 18:21 0 ----a-w- c:\windows\nsreg.dat 2010-02-02 18:21 . 2010-02-02 18:21 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2010-02-02 18:21 . 2010-02-02 18:21 79488 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2010-02-02 18:15 . 2010-02-02 18:02 -------- d-----w- c:\program files\DAEMON Tools Lite 2010-02-02 18:13 . 2010-02-02 18:13 -------- d-----w- c:\program files\Vimicro 2010-02-02 18:12 . 2010-02-02 18:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\ESET 2010-02-02 18:11 . 2010-02-02 18:11 -------- d-----w- c:\documents and settings\Administrator\Application Data\InstallShield 2010-02-02 18:11 . 2010-02-02 18:11 -------- d-----w- c:\program files\ESET 2010-02-02 18:11 . 2010-02-02 18:11 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET 2010-02-02 18:11 . 2010-02-02 18:10 -------- d-----w- c:\program files\epson 2010-02-02 18:11 . 2010-02-02 18:10 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON 2010-02-02 18:10 . 2010-02-02 18:10 -------- d-----w- c:\program files\UltraISO 2010-02-02 18:10 . 2010-02-02 18:10 -------- d-----w- c:\program files\Common Files\EZB Systems 2010-02-02 18:09 . 2010-02-02 18:09 -------- d-----w- c:\program files\AGEIA Technologies 2010-02-02 18:09 . 2010-02-02 18:09 -------- d-----w- c:\program files\uTorrent 2010-02-02 18:08 . 2010-02-02 18:08 -------- d-----w- c:\program files\CCleaner 2010-02-02 18:07 . 2010-02-02 18:07 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2010-02-02 18:06 . 2010-02-02 18:06 552 ----a-w- c:\windows\system32\d3d8caps.dat 2010-02-02 18:06 . 2010-02-02 18:06 -------- d-----w- c:\documents and settings\Administrator\Application Data\TeamViewer 2010-02-02 18:05 . 2010-02-02 18:05 -------- d-----w- c:\program files\Sun 2010-02-02 18:05 . 2010-02-02 18:05 -------- d-----w- c:\program files\TeamViewer 2010-02-02 18:04 . 2010-02-02 18:03 -------- d-----w- c:\program files\VIA 2010-02-02 18:03 . 2010-02-02 18:02 -------- d-----w- c:\program files\Common Files\InstallShield 2010-02-02 18:02 . 2010-02-02 18:02 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-02-02 18:02 . 2010-02-02 18:02 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite 2010-02-02 18:01 . 2010-02-02 17:56 -------- d-----w- c:\program files\Unlocker 2010-02-02 18:01 . 2010-02-02 18:01 -------- d-----w- c:\program files\Intel 2010-02-02 17:59 . 2010-02-02 17:59 -------- d-----w- c:\documents and settings\Administrator\Application Data\Conceptworld 2010-02-02 17:57 . 2010-02-02 17:57 295 ----a-w- c:\windows\system32\Find_Target.vbs 2010-02-02 17:56 . 2010-02-02 17:56 -------- d-----w- c:\program files\Oyunlar 2010-02-02 17:56 . 2010-02-02 17:56 -------- d-----w- c:\program files\System 2010-02-02 17:56 . 2010-02-02 17:56 -------- d-----w- c:\program files\Nero 2010-02-02 17:56 . 2010-02-02 17:56 -------- d-----w- c:\program files\Common Files\Nero 2010-02-02 17:56 . 2010-02-02 17:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero 2010-02-02 17:54 . 2010-02-02 17:54 -------- d-----w- c:\program files\Microsoft.NET 2010-02-02 17:53 . 2010-02-02 17:53 -------- d-----w- c:\program files\Common Files\Adobe 2010-02-02 17:52 . 2010-02-02 17:52 -------- d-----w- c:\program files\Messenger Plus! Live 2010-02-02 17:52 . 2010-02-02 17:52 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-02-02 17:52 . 2010-02-02 17:52 -------- d-----w- c:\program files\Microsoft 2010-02-02 17:52 . 2010-02-02 17:52 -------- d-----w- c:\program files\Windows Live 2010-02-02 17:50 . 2010-02-02 17:50 -------- d-----w- c:\program files\Microsoft Silverlight 2010-02-02 17:49 . 2010-02-02 17:49 -------- d-----w- c:\program files\MSXML 6.0 2010-02-02 17:49 . 2010-02-02 17:49 -------- d-----w- c:\program files\MSXML 4.0 2010-02-02 17:45 . 2010-02-02 17:45 65800 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2010-02-02 17:45 . 2010-02-02 17:45 -------- d-----w- c:\program files\Reference Assemblies 2010-02-02 17:40 . 2010-02-02 17:40 -------- d-----w- c:\program files\HighMAT CD Writing Wizard 2010-02-02 17:40 . 2010-02-02 17:42 -------- d-----w- c:\documents and settings\Administrator\Application Data\Xentient 2010-02-02 17:40 . 2010-02-02 17:40 -------- d-----w- c:\documents and settings\Default User\Application Data\Xentient 2010-02-02 17:40 . 2010-02-02 17:40 -------- d-----w- c:\program files\[Ekstralar] 2010-02-02 17:38 . 2010-02-02 17:38 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-02-02 17:35 . 2010-02-02 17:35 21736 ----a-w- c:\windows\system32\emptyregdb.dat 2010-02-02 17:35 . 2010-02-02 17:35 -------- d-----w- c:\program files\Windows Media Connect 2 2009-12-17 10:32 . 2010-02-02 18:05 123280 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2009-12-17 10:32 . 2010-02-02 18:05 41616 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2009-12-17 10:32 . 2009-12-17 10:32 99152 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys 2009-12-17 10:32 . 2009-12-17 10:32 133648 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll 2009-12-17 10:32 . 2009-12-17 10:32 110096 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys . ------- Sigcheck ------- [-] 2006-12-29 . BB4D3A8E6F7EB1D370BC4AD27AB23368 . 360576 . . [5.1.2600.2892] . . c:\windows\system32\drivers\tcpip.sys [-] 2005-09-02 . D27BFD8B2F85A6BBF2644FCED9E1038F . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe [-] 2009-10-26 . 2E1BE2B73E406E85211B0CC306BB1E56 . 662528 . . [5.82] . . c:\windows\system32\comctl32.dll [-] 2009-10-26 . 56C4C80F65C9421C3742EB167F13A25E . 2308096 . . [5.1.2600.5755] . . c:\windows\system32\ntoskrnl.exe [-] 2009-10-26 . B3A28AB23450EBFEAB3CEE207B97EAA5 . 639488 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll [-] 2009-10-25 . 7D5D3E0EF30B3EF5F437E1661FEED941 . 2521600 . . [6.00.2900.5512] . . c:\windows\explorer.exe [-] 2009-10-26 . 6AFD1B2F984D9E4788314855284CD515 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll [-] 2009-10-26 . CBC8C36E4610EE06EBEBBEC153364B52 . 40960 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe [-] 2005-10-27 21:37 . !HASH: COULD NOT OPEN FILE !!!!! . 295424 . . [------] . . c:\windows\system32\termsrv.dll [-] 2009-10-26 . C755598BFA7A8A989FC416D246DA9540 . 2186752 . . [5.1.2600.5755] . . c:\windows\system32\ntkrnlpa.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-02-02 289584] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-10-05 3883856] "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2010-02-02 3179952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872] "HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-09-25 33517568] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-25 13680640] "nwiz"="nwiz.exe" [2008-12-25 1657376] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-25 86016] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072] "VMSnap3"="c:\windows\VMSnap3.EXE" [2006-08-30 49152] "Domino"="c:\windows\Domino.EXE" [2006-06-28 49152] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2009-10-26 40960] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_3"="advpack.dll" [2007-08-13 123904] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMConfigurePrograms"= 1 (0x1) "DesktopProcess"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMConfigurePrograms"= 1 (0x1) "DesktopProcess"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "d:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"= "d:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= R0 aaatimeo;aaatimeo;c:\windows\system32\drivers\aaatimeo.sys [26.02.2006 20:51 4928] R0 afamgt;afamgt;c:\windows\system32\drivers\afamgt.sys [28.03.2006 15:13 91707] R0 siwinacc;siwinacc;c:\windows\system32\drivers\siwinacc.sys [01.11.2004 15:51 10368] R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [02.02.2010 22:35 123280] R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [02.02.2010 22:35 41616] R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.12.2007 8:21 468224] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [17.12.2009 15:02 99152] R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [17.12.2009 15:02 110096] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [02.02.2010 22:34 874880] R3 vmfilter303;vmfilter303;c:\windows\system32\drivers\vmfilter303.sys [02.02.2010 22:44 428160] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [02.02.2010 22:32 691696] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ IE: Bütün linkleri IDM ile indir - c:\program files\Internet Download Manager\IEGetAll.htm IE: FLV video içeriğini IDM ile indir - c:\program files\Internet Download Manager\IEGetVL.htm IE: IDM ile indir - c:\program files\Internet Download Manager\IEExt.htm IE: Microsoft Excel'e &Ver - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Microsoft Excel'e Gö&nder - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 TCP: {CF50EB28-92DF-4C91-8E8C-4997E9D7C88D} = 8.8.8.8,8.8.4.4 FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4j7w56cw.default\ FF - component: c:\documents and settings\Administrator\Application Data\IDM\idmmzcc3\components\idmmzcc.dll ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); . - - - - ORPHANS REMOVED - - - - HKLM-Run-BigDog303 - c:\windows\VM303_STI.EXE ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-02-03 18:18 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1???????????????????????????????????????????????? BigDog303 = c:\windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)????????????????0?????????@?????????????? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1484) c:\windows\system32\SETUPAPI.dll c:\windows\system32\antiwpa.dll c:\windows\system32\cscui.dll - - - - - - - > 'winlogon.exe'(348) c:\windows\system32\SETUPAPI.dll - - - - - - - > 'lsass.exe'(1540) c:\windows\system32\setupapi.dll . Completion time: 2010-02-03 18:19:07 ComboFix-quarantined-files.txt 2010-02-03 13:49 Pre-Run: 95.443.202.048 bayt boş Post-Run: 95.500.894.208 bayt boş WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - 7461C0C0E1724DAB381CA63030A5C39B[/CODE] Link to comment Share on other sites More sharing options...
aponhero Posted February 2, 2010 Author Share Posted February 2, 2010 artık hata yok teşşekür ederim Link to comment Share on other sites More sharing options...
ULUMANITU_ Posted February 2, 2010 Share Posted February 2, 2010 Buradaki eset i kullan alt versiyonlar sorunluymuş bu konuda biraz araştırınca gördüm http://www.tnctr.com/index.php?showtopic=98484&st=0&p=531194entry531194[/CODE] Nedemek ben teşekkür ederim yardımcı olduysak ne mutlu Link to comment Share on other sites More sharing options...
aponhero Posted February 2, 2010 Author Share Posted February 2, 2010 Sorun javada değil bir virüs onu kullanmaya çalışıyor sanırım sil seçeneğini kullanarak temizlenmiyormu Combo fix ile temizleyebilirsin Burada da kullanımı anlatılıyor Buradaki eset i kullan alt versiyonlar sorunluymuş bu konuda biraz araştırınca gördüm http://www.tnctr.com/index.php?showtopic=98484&st=0&p=531194entry531194[/CODE] Nedemek ben teşekkür ederim yardımcı olduysak ne mutlu tekrar aynı sorun gelmeye başladı :S artık tertemiz format atıcam harici disklerimide sıfırlıcam :S eğer buda aynı sorunu verirse Link to comment Share on other sites More sharing options...
ULUMANITU_ Posted February 2, 2010 Share Posted February 2, 2010 Buradaki programı kur başlat hdd yi ilk aldığın hale boş ve bölümsüz hale getirir hdd satarken ve çıkmayan inatçı virüsler içinde kullanılıyorum tüm diskin üzerine yazar diske göre ortalama 30 dk falan sürer daha sonra pc yi elektrikten çek ve ramları çıkar 5 dakka sonra tak ve kur cd ile sistemi kur bazı virüsler direk bunları yapmadan kur a geçtiğinde ram ve kur dosyalarında bir şekilde yeniden hayat bulabiliyorlar aklında olsun kolay gelsin At formatı kafan rahat etsin ozaman http://hddguru.com/content/en/software/2006.04.12-HDD-Low-Level-Format-Tool/[/CODE] NOT; Bu yukardaki benim uyguladğım yerine normal format da yapabilirsin sana kalmış daha önce gizli dosyaları görmemi engelleyen format attığım halde gene benim peşimi bırakmayan kendi şahsına münasır adını şimdi unuttuğum bir virüs için çözüm olmuştu aklında olsun saygılarımla Link to comment Share on other sites More sharing options...
aponhero Posted February 2, 2010 Author Share Posted February 2, 2010 Buradaki programı kur başlat hdd yi ilk aldığın hale boş ve bölümsüz hale getirir hdd satarken ve çıkmayan inatçı virüsler içinde kullanılıyorum tüm diskin üzerine yazar diske göre ortalama 30 dk falan sürer daha sonra pc yi elektrikten çek ve ramları çıkar 5 dakka sonra tak ve kur cd ile sistemi kur bazı virüsler direk bunları yapmadan kur a geçtiğinde ram ve kur dosyalarında bir şekilde yeniden hayat bulabiliyorlar aklında olsun kolay gelsin At formatı kafan rahat etsin ozaman http://hddguru.com/content/en/software/2006.04.12-HDD-Low-Level-Format-Tool/[/CODE] NOT; Bu yukardaki benim uyguladğım yerine normal format da yapabilirsin sana kalmış daha önce gizli dosyaları görmemi engelleyen format attığım halde gene benim peşimi bırakmayan kendi şahsına münasır adını şimdi unuttuğum bir virüs için çözüm olmuştu aklında olsun saygılarımla yardımların için teşekürler sounmaxp se7en edition virüslü :S Link to comment Share on other sites More sharing options...
ULUMANITU_ Posted February 2, 2010 Share Posted February 2, 2010 Zaten virüsün adında snif geçince şüphelenmiştimde yinede konduramamıştım nalet olsun içimdeki insan sevgisine Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.