Yeni Hijack Raporum
-
Geçen kardeşiminkini paylaşmıştım, bu sefer benim laptopun hijack'ı. Sağolsun beyefendi buna da metin2 wolfteam falan kurmuş habersiz.
Neyse, gördüğünüz zararlı var mı?
Tavsiyeleriniz?
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:49:59, on 02.03.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\ASScrPro.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Free Download Manager\fdmwi.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Mac7Lion\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\Mac7Lion\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe
C:\Windows\Lion Skin Pack\UberIcon\UberIcon.exe
C:\Windows\Lion Skin Pack\Winroll\winroll.exe
C:\Windows\Lion Skin Pack\YzShadow\YzShadow.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mac7Lion\Downloads\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.com.tr/?clid=1763229
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111227183544.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Yer imleri - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - C:\Program Files\Yandex\YandexBarIE\fastdial.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\YandexBarIE\yndbar.dll
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [Google Update] "C:\Users\Mac7Lion\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Free Download Manager - RCS] C:\Program Files\Free Download Manager\fdmwi.exe -autorun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Mac7Lion\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Local Service')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Local Service')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: UberIcon.lnk = C:\Windows\Lion Skin Pack\UberIcon\UberIcon.exe
O4 - Global Startup: Winroll.lnk = C:\Windows\Lion Skin Pack\Winroll\winroll.exe
O4 - Global Startup: YzShadow.lnk = C:\Windows\Lion Skin Pack\YzShadow\YzShadow.exe
O8 - Extra context menu item: Free Download Manager ile indir - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Free Download Manager ile seçileni indir - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Free Download Manager ile tümünü indir - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Videoyu Free Download Manager ile indir - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{65E268A0-8021-4DFC-9550-154EE4D95644}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{65E268A0-8021-4DFC-9550-154EE4D95644}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{65E268A0-8021-4DFC-9550-154EE4D95644}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Servisi (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
--
End of file - 11126 bytes
-
bu nedir abi ya :|
C:\Users\Mac7Lion\AppData\Local\Facebook\Update\FacebookUpdate.exe -
Noneyim bunu yazdı:
-----------------------------bu nedir abi ya :|
C:\Users\Mac7Lion\AppData\Local\Facebook\Update\FacebookUpdate.exe
-----------------------------o, kamera zımbırtısını kurduktan sonra geliyordu.. zarasız hocam.
edit : aykırı bişi var mı sisteme bakayım hocu, bu arada.
edit 2 : hocam sistem temiz :|
-
Amd-x bunu yazdı:
-----------------------------Noneyim bunu yazdı:
-----------------------------bu nedir abi ya :|
C:\Users\Mac7Lion\AppData\Local\Facebook\Update\FacebookUpdate.exe
-----------------------------o, kamera zımbırtısını kurduktan sonra geliyordu.. zarasız hocam.
edit : aykırı bişi var mı sisteme bakayım hocu, bu arada.
edit 2 : hocam sistem temiz :|
-----------------------------eyvallah hacı, peki ne yapam ben bu aygıta hızlansın? özellikle you....tube 'dan(!) falan 7-8 video üstüste açınca browser donmak suretiyle takılıyor :D
sinir oluyorum bu ibneliğine
-
Noneyim bunu yazdı:
-----------------------------eyvallah hacı, peki ne yapam ben bu aygıta hızlansın? özellikle you....tube 'dan(!) falan 7-8 video üstüste açınca browser donmak suretiyle takılıyor :D
sinir oluyorum bu ibneliğine.
-----------------------------hocam o cpu'na bağlı olarak işlem süresinin gecikmesinden dolayı olabilir. cpu nedir ?
ram yetersizliğide buna etken.
ekran kartında ise zaten direk, browser çökmesi alırsın adob kasar crash verir. görüntü bi afallar windows görüntü sürücüsünü durdurdu der :D
sistem belleğinin bi fotografını atsan ( ctrl + del ) kullanılabilir miktarına bakalım.
-
Amd-x bunu yazdı:
-----------------------------Noneyim bunu yazdı:
-----------------------------eyvallah hacı, peki ne yapam ben bu aygıta hızlansın? özellikle you....tube 'dan(!) falan 7-8 video üstüste açınca browser donmak suretiyle takılıyor :D
sinir oluyorum bu ibneliğine.
-----------------------------hocam o cpu'na bağlı olarak işlem süresinin gecikmesinden dolayı olabilir. cpu nedir ?
ram yetersizliğide buna etken.
ekran kartında ise zaten direk, browser çökmesi alırsın adob kasar crash verir. görüntü bi afallar windows görüntü sürücüsünü durdurdu der :D
sistem belleğinin bi fotografını atsan ( ctrl + del ) kullanılabilir miktarına bakalım.
-----------------------------çift çekirdekli sanirim 1.8 ghz , 2 gb ram bi de 256 ekran kartı. ısınıyo epeyce. asus f3sg240dv modeli...
tamamen kasmayı engelleyemeyiz biliyorum, en azından birazcık daha iyi hale getirsek idare ederim..
-
Noneyim bunu yazdı:
-----------------------------Amd-x bunu yazdı:
-----------------------------Noneyim bunu yazdı:
-----------------------------eyvallah hacı, peki ne yapam ben bu aygıta hızlansın? özellikle you....tube 'dan(!) falan 7-8 video üstüste açınca browser donmak suretiyle takılıyor :D
sinir oluyorum bu ibneliğine.
-----------------------------hocam o cpu'na bağlı olarak işlem süresinin gecikmesinden dolayı olabilir. cpu nedir ?
ram yetersizliğide buna etken.
ekran kartında ise zaten direk, browser çökmesi alırsın adob kasar crash verir. görüntü bi afallar windows görüntü sürücüsünü durdurdu der :D
sistem belleğinin bi fotografını atsan ( ctrl + del ) kullanılabilir miktarına bakalım.
-----------------------------çift çekirdekli sanirim 1.8 ghz , 2 gb ram bi de 256 ekran kartı. ısınıyo epeyce. asus f3sg240dv modeli...
tamamen kasmayı engelleyemeyiz biliyorum, en azından birazcık daha iyi hale getirsek idare ederim..
-----------------------------cpu'dan dolayı yapabilir hocam, programların geçiş süresi yüzünden kasma oluyordur.
not : tune up tarzı programlarla sadece windows'u optimize edersin iki disk birleştirme ram tasarufu vs. pek fazla bi gözle görülür getirisi olmaz :) ama denemekte fayda var.
google'da kullandığın sisteme bağlı olarak xp w7 hizmetleri kapatma diye bak, gereksiz hizmetlerden ram kazancı sağlayabilirsinde.
