Tahribat.com Forumları
Bilgisayar Güvenliği - Backdoorlar
Comodo Güvenlik Duvarı Hakkında

Yazar Anakroniq (1) Daniel-Koo (7) erc (1) imlegend (2) pcdoktor636 (5) Peroksit (1) PsychoDawn (6) SpoofU (1) Gösterim 10 50 75 100
Ağ ve Veri Güvenliği     Hertürlü Web tabanlı Saldırı Taktik ve Stratejileri     Web sitesi Güvenliği, DOS - DDOS Saldırıları...     Bilgisayar Güvenliği - Backdoorlar     Virüs - Trojan - Keylogger - BotNet     Skype - Mirc - Irc - Icq - Mail Güvenliği     Bilişim Güvenliği     Hesaplar / Üyelikler     Domain - Hosting - Reseller - Dedicated Server - Virtual Server - IRC Shell - Seedbox     İnternet Güvenliğine Giriş Programlama     C#, Asp.Net, .Net Core     C - C++     Delphi - Pascal     Visual Basic - Basic - PicBasic ve Türevleri     Java     Android - IOS Programlama     Mobil Programlama     Asp - Php - Cgi - Perl     Assembly - Reverse Engineering     Html - CSS - XML - JavaScript - Ajax     Database - Veritabanı     Python     Grafik - Animasyon - Flash - 3D Modelleme     Webmaster ve Yazılım Geliştiriciler     Google / Yandex / Bing ve Servisleri     Programlama Genel     Programlamaya Giriş Bilgisayar ve Teknoloji     Microsoft Windows Ailesi İşletim Sistemleri     Linux ve Diğer İşletim Sistemleri     Donanım & Driver     Network - İnternet     Elektronik / Embedded / Mobil Cihazlar     Kriptoparalar & Blockchain     Fotografçılık ve Digital Fotograf Makineleri - Video Kameralar     Cep Telefonları, Gsm Operatörleri ve Mobil İnternet     Oyunlar     Yazılımlar / Diğer Programlar     Bilgisayarla İlgili Diğer Konular İnternet     Download / Dosya Paylaşım     Bilgisayar ve Internet Teknolojileri İle İlgili Video / Resim / Flash Paylaşım     İnternet Siteleri     Sosyal Ağlar Genel     Genel     Gündem - Güncel Konular     Derin Konular     Bilim Teknik Teknoloji     Müzik & Sinema & Tiyatro & Kitap & Televizyon & Seminerler & Edebiyat     Eğitim & Ödev & Bilimsel Döküman     E-Book     İş - Güç, E-Ticaret, Alışveriş     Hukuk & Muhasebe & Sigorta Soru - Cevap     Ulaşım Araçları ve Seyahat     Vukuatlar     Geyik & Teknoloji İle İlgili Olmayan Video / Resim / Flash Paylaşım Tahribat.com Konuları     Tahribat.com Programları®     Tahribat.Com - Açık Kapılar Önünde     Tahribat.Com - Sosyal Etkinlikler     TahriDepo

Comodo Güvenlik Duvarı Hakkında

1. 27/May/12 02:50 Kısayol Şikayet Özel Mesaj
   PsychoDawn
   
   

   Kayıt Tarihi: 01/Nisan/2007
   

   combofix le de tarattım . bilgisayarı yeniden başlattım hala aynı şey sürekli bir bağlantıyı engelliyor . bağlantının ne oldugunu nereye oldugunu bulsam kolay olacak ama . . . bir boklar var modem arayüz şifrem falan değişiyor hep benden başka kullanan yok zaten .

   Alıntı yap
2. 27/May/12 09:02 Kısayol Şikayet Özel Mesaj
   imlegend
   
   Banlanmış Üye
   

   Kayıt Tarihi: 04/Ocak/2010
   

   Daniel-Koo bunu yazdı:
   -----------------------------

   imlegend bunu yazdı:
   -----------------------------

   Anlamadığım bir nokta var. Şimdi chrome da sadece bir tane sayfa açık 100 küsür tane bağlantı var diyor. Bu ne ayaktır arkadaş.

    

   http://e1205.hizliresim.com/x/v/6v828.png

    

   
   -----------------------------
   
   O sayfa bir video sitesi veya büyük bir portal sayfası ise bu dediğin normaldir. 

   
   -----------------------------

   Hocam tahribat'tan bir sayfa. Başka hiç bir internet sayfası yok.

   Alıntı yap
3. 27/May/12 09:20 Kısayol Şikayet Özel Mesaj
   pcdoktor636
   
   

   Kayıt Tarihi: 12/Ocak/2010
   

   PsychoDawn bunu yazdı:
   -----------------------------

   combofix le de tarattım . bilgisayarı yeniden başlattım hala aynı şey sürekli bir bağlantıyı engelliyor . bağlantının ne oldugunu nereye oldugunu bulsam kolay olacak ama . . . bir boklar var modem arayüz şifrem falan değişiyor hep benden başka kullanan yok zaten .

   
   -----------------------------

   sen dediğim gibi yap hijackthis ve combofix logunu bir koy buraya.

   Alıntı yap
4. 27/May/12 12:38 Kısayol Şikayet Özel Mesaj
   PsychoDawn
   
   

   Kayıt Tarihi: 01/Nisan/2007
   

   pcdoktor636 bunu yazdı:
   -----------------------------

   PsychoDawn bunu yazdı:
   -----------------------------

   combofix le de tarattım . bilgisayarı yeniden başlattım hala aynı şey sürekli bir bağlantıyı engelliyor . bağlantının ne oldugunu nereye oldugunu bulsam kolay olacak ama . . . bir boklar var modem arayüz şifrem falan değişiyor hep benden başka kullanan yok zaten .

   
   -----------------------------

   sen dediğim gibi yap hijackthis ve combofix logunu bir koy buraya.

   
   -----------------------------

   combofix log vermedi nedense :S

   HijackThis log u aşağıda.

    

   Logfile of Trend Micro HijackThis v2.0.4

   Scan saved at 12:36:13, on 27.05.2012

   Platform: Windows 7  (WinNT 6.00.3504)

   MSIE: Internet Explorer v9.00 (9.00.8112.16421)

   Boot mode: Normal

    

   Running processes:

   C:\Users\Şafak\Local Settings\Apps\F.lux\flux.exe

   C:\Program Files (x86)\Steam\Steam.exe

   C:\Program Files (x86)\uTorrent\uTorrent.exe

   C:\Program Files (x86)\Internet Download Manager\IDMan.exe

   C:\Windows\SysWOW64\MAFWTray.exe

   C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

   C:\Program Files (x86)\iTunes\iTunesHelper.exe

   C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe

   C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

   C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

   C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

   C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

   C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

   C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

   C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

   C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

   C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

   C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

   C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

   C:\Windows\SysWOW64\rundll32.exe

   C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

   C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

   C:\Users\Şafak\Downloads\Programs\HijackThis.exe

    

   R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru

   R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/9514

   R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

   R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

   R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

   R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

   R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie

   R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

   R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

   R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

   R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Şafak\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll

   O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll

   O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

   O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll

   O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

   O2 - BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll

   O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - (no file)

   O2 - BHO: Windows Live ID Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

   O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Şafak\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll

   O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll

   O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

   O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

   O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

   O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

   O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll

   O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll

   O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

   O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\system32\MAFWTray.exe

   O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

   O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

   O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

   O4 - HKCU\..\Run: [F.lux] "C:\Users\Şafak\Local Settings\Apps\F.lux\flux.exe" /noshow

   O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

   O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED

   O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot

   O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm

   O8 - Extra context menu item: IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEExt.htm

   O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

   O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm

   O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm

   O8 - Extra context menu item: Turbo Internet: Bu bağlantıyı indir - C:\Program Files (x86)\Turbo Internet\exts\dl.html

   O8 - Extra context menu item: Turbo Internet: Bu sayfayı Yer İmlerine ekle - C:\Program Files (x86)\Turbo Internet\exts\addFav.html

   O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

   O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

   O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

   O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

   O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

   O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

   O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

   O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL

   O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll

   O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll

   O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

   O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

   O10 - Unknown file in Winsock LSP: c:\progra~2\turboi~1\plugin\_hfilter.dll

   O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

   O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

   O17 - HKLM\System\CCS\Services\Tcpip\..\{E9D2D4F8-2824-43BB-9EEF-37B2CEC3706B}: NameServer = 8.8.8.8,8.8.4.4

   O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

   O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

   O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll

   O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

   O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe

   O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

   O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

   O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

   O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

   O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

   O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

   O23 - Service: Expat Shield Service (ExpatShieldService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe

   O23 - Service: Expat Shield Routing Service (ExpatSrv) - AnchorFree Inc. - C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe

   O23 - Service: Expat Shield Tray Service (ExpatTrayService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE

   O23 - Service: Expat Shield Monitoring Service (ExpatWd) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\hsswd.exe

   O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

   O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

   O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

   O23 - Service: Google Güncelleme Hizmeti (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

   O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

   O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

   O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

   O23 - Service: iPod Servisi (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

   O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

   O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

   O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

   O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

   O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

   O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe

   O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

   O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

   O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

   O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

   O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

   O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

   O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

   O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

   O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

   O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

   O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

   O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

   O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe

   O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

   O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

   O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

   O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

   O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

   O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

   O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

   O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    

   --

   End of file - 15230 bytes

   Alıntı yap
5. 27/May/12 12:52 Kısayol Şikayet Özel Mesaj
   Daniel-Koo
   
   

   Kayıt Tarihi: 22/Ekim/2010
   

   PsychoDawn bunu yazdı:
   -----------------------------

   pcdoktor636 bunu yazdı:
   -----------------------------

   PsychoDawn bunu yazdı:
   -----------------------------

   combofix le de tarattım . bilgisayarı yeniden başlattım hala aynı şey sürekli bir bağlantıyı engelliyor . bağlantının ne oldugunu nereye oldugunu bulsam kolay olacak ama . . . bir boklar var modem arayüz şifrem falan değişiyor hep benden başka kullanan yok zaten .

   
   -----------------------------

   sen dediğim gibi yap hijackthis ve combofix logunu bir koy buraya.

   
   -----------------------------

   combofix log vermedi nedense :S

   HijackThis log u aşağıda.

    

   Logfile of Trend Micro HijackThis v2.0.4

   Scan saved at 12:36:13, on 27.05.2012

   Platform: Windows 7  (WinNT 6.00.3504)

   MSIE: Internet Explorer v9.00 (9.00.8112.16421)

   Boot mode: Normal

    

   Running processes:

   
   -----------------------------
   
   Combofix logu C'ye atıyor oraya bi bak

   ---

   ne diyon?
   Alıntı yap
6. 27/May/12 13:02 Kısayol Şikayet Özel Mesaj
   PsychoDawn
   
   

   Kayıt Tarihi: 01/Nisan/2007
   

   combofix klasörünün içinde de bu var 

    

   ComboFix 12-05-26.02 - Şafak 27.05.2012   1:21:27.1.4 - x64

   Microsoft Windows 7 Ultimate   6.1.7600.0.1254.90.1055.18.4095.2362 [GMT 3:00]

   Running from: C:\ComboFix\ComboFix.exe

   AV: COMODO Antivirus *Enabled/Updated* {458BB331-2324-0753-3D5F-1472EB102AC0}

   FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}

   SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}

   SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    * Created a new restore point

    

    

   (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

    

    

   C:\install.exe

   C:\Program Files (x86)\sXe Injected

   C:\Program Files (x86)\sXe Injected\chromechange.exe

   C:\Program Files (x86)\sXe Injected\ddsxei.sys

   C:\Program Files (x86)\sXe Injected\default.reg

   C:\Program Files (x86)\sXe Injected\firechange.exe

   C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\background.html

   C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\background.js

   C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\example.html

   C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\icon128.png

   C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\icon19.png

   C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\manifest.json

   C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\options.css

   C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\options.html

   C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\options.js

   C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\README.md

   C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\redirect.html

   C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\redirect.js

   C:\Program Files (x86)\sXe Injected\localstrike-search.xml

   C:\Program Files (x86)\sXe Injected\newtaburl_local.xpi

   C:\Program Files (x86)\sXe Injected\Preferences

   C:\Program Files (x86)\sXe Injected\search.ini

   C:\Program Files (x86)\sXe Injected\speeddial.ini

   C:\Program Files (x86)\sXe Injected\sXe-I EULA.txt

   C:\Program Files (x86)\sXe Injected\sXe Injected.exe

   C:\Program Files (x86)\sXe Injected\sXe Injected.txt

   C:\Program Files (x86)\sXe Injected\sXe.dll

   C:\Program Files (x86)\sXe Injected\test.exe

   C:\Program Files (x86)\sXe Injected\TopSites.plist

   C:\Program Files (x86)\sXe Injected\uninstall.exe

   C:\Program Files (x86)\sXe Injected\uninstall.ini

   C:\Program Files (x86)\sXe Injected\Web Data

   C:\Program Files (x86)\sXe Injected\web.dll

   C:\ProgramData\Propellerhead Software\ReCycle

   C:\ProgramData\Propellerhead Software\ReCycle\ReCycle210.dat

   C:\Users\AFAK~1\AppData\Local\Temp\~2FB0.tmp

   C:\Users\Şafak\AppData\Local\Temp\~2FB0.tmp

   C:\Windows\PFRO.log

    

    

   (((((((((((((((((((((((((   Files Created from 2012-04-26 to 2012-05-26  )))))))))))))))))))))))))))))))

    

    

   Alıntı yap
7. 27/May/12 20:44 Kısayol Şikayet Özel Mesaj
   PsychoDawn
   
   

   Kayıt Tarihi: 01/Nisan/2007
   

   up

   Alıntı yap
8. 27/May/12 20:55 Kısayol Şikayet Özel Mesaj
   pcdoktor636
   
   

   Kayıt Tarihi: 12/Ocak/2010
   

   hocam sisteminde rat var.

   flux isimli rat. hala bu ratı kullananlar varmıymış ya :D

   C:\Users\Şafak\Local Settings\Apps\F.lux\flux.exe

   aha buraya yerleşmiş.

   Alıntı yap
9. 27/May/12 21:05 Kısayol Şikayet Özel Mesaj
   Daniel-Koo
   
   

   Kayıt Tarihi: 22/Ekim/2010
   

   pcdoktor636 bunu yazdı:
   -----------------------------

   hocam sisteminde rat var.

   flux isimli rat. hala bu ratı kullananlar varmıymış ya :D

   C:\Users\Şafak\Local Settings\Apps\F.lux\flux.exe

   aha buraya yerleşmiş.

   
   -----------------------------
   
   O lalalalala. 
   
   Adamlar seni izlemiş hacı :| Web Cam var mıydı kötü bir durum :F 
   
   Comodo Firewall bunun önüne geçmiştir.

   ---

   ne diyon?
   Alıntı yap
10. 27/May/12 21:23 Kısayol Şikayet Özel Mesaj
    pcdoktor636
    
    

    Kayıt Tarihi: 12/Ocak/2010
    

    Daniel-Koo bunu yazdı:
    -----------------------------

    pcdoktor636 bunu yazdı:
    -----------------------------

    hocam sisteminde rat var.

    flux isimli rat. hala bu ratı kullananlar varmıymış ya :D

    C:\Users\Şafak\Local Settings\Apps\F.lux\flux.exe

    aha buraya yerleşmiş.

    
    -----------------------------
    
    O lalalalala. 
    
    Adamlar seni izlemiş hacı :| Web Cam var mıydı kötü bir durum :F 
    
    Comodo Firewall bunun önüne geçmiştir.

    
    -----------------------------

    geçmemişte olabilir kesin değil :)

    Kaldıki adamın amacına bağlı. gerçekten bu müridi hedef alarak yaptıysa izlemiştir.

    Ancak tanımıyorsa genelde webcame bakmazlar kız değilse geçer giderler :D

    Alıntı yap

Cevapla