Page 1 of 2 12 LastLast
Results 1 to 10 of 14
  1. #1
    Member
    Join Date
    Jun 2008
    Posts
    97
    Points
    0

    Post New Topic(continue to talk evilfantasy from spyware help)

    I lookeed at the site for more security yo said and only my mozilla firefox failed the test of third cookie test.I looked to correct this as the site siad but i di not find the solution.But in internet explorer i solved this problem and passed the test.

    My disabled system restore?

    My problem below(adobe flash player9 and the software inspector's internet explorer warning continue.You are right that some sites required different adobe flash player.I have some set up programs.When i applied, the sites can open which i wrote below.Before i applied it and software inspector showed three adobe flash player that a jpg file that i sent you.May i aplly the set up files that i talked about?

    Was there any choosing of software inspector's with different language scanning(especially Turkish)?

    Yes i ran online uninstaller(i clicked the link you said and download the exe file for it and rant he file) and then installed new version. When i open some sites appears a warning below the menu bar as an information bar this web site wants to install adobe flash player installer on adobe system incorporated.If you trust this website and its add-on click here.Some sites

    1-www.kaspersky.com
    2-www.softigo.com
    3-www.mynet.com

  2. #2
    Member
    Join Date
    Jun 2008
    Posts
    97
    Points
    0

    Default Mozilla passed

    Ok my mozilla passed the test i said.I solved the problem but please reply my other problems.

  3. #3
    Administrator Help2Go Administrator Canuck's Avatar
    Join Date
    May 2003
    Location
    Edmonton, Alberta, Canada
    Posts
    9,817
    Points
    2034

    Default

    Hello adamim02,

    It is hard to understand what you are saying, but I will see if I can help. The three sites you mentioned all work well with Adobe Flash Player 9. What you have to do is uninstall any adobe flash player you have in Add/Remove Programs in the Control panel, download ccleaner (www.ccleaner.com ) and run it using the default settings .. this will clean up any leftover information from the old programs. Then restart your computer and download a new copy of Adobe flash player 9 http://www.adobe.com/products/flashplayer/ and see if that works for you.

    Quite honestly I do not think you will find a program like Software Inspector in Turkish. I know a lot of Turkish people speak German, perhaps if you spoke German there may be a program, but you will have to search for that yourself.

    I do not understand your question about
    My disabled system restore?
    If your System Restore is turned off, you have lost all your restore points, there is nothing you can do. To turn System Restore back on, go to My Computer and right click on it > Properties > System Restore tab > make sure there is no check mark in the Turn Off box and select about 3% >OK.

    I think that is all I can tell you.


  4. #4
    Member
    Join Date
    Jun 2008
    Posts
    97
    Points
    0

    Default Details about my problem.

    Hi …. My problem was keylogger 3 weeks ago.I did somethings to solve it some of them was succesful but i wanted to be sure that there is no prıblem in my computer, i talked to Evilfantasy in Spyware Help.I am pleasure with talking to him, i took help from him.At last he said if a problem about software secunia inspector’s warning continue (the inspector said your internet Explorer has missed updates but now there is no problem about this.)mail this to computer help that someone or i will help you.But i have other quesitons to you.Thank you for your interest.

    I scanned my computer with a lot of anti-vürus and anti-spyware programs two days ago.Some of them found viruses etc. and i clenaed them.But there are some quesitones i lived that i mentioned below.If you can help me i will be pleasure.

    I OPENED A VIDEO WITH WINAMP. KASPERSKY WARNED ME THAT THERE WAS CHANGING WITH WINAMP.EXE IN PROGRAM FILES AND AT THE SAME TIME IEXPLORER.EXE IN PROGRAM FILES WANTS TO ENJECT ITSELF TO OTHER APPLİCATIONS..I COULDN’T UNDERSTAND WHY IT SAID LIKE THIS.WHEN I DENIED OR ACCEPTED THIS WINAMP WORKED.Kaspersky’s frewall didn’t warned me about winamp, its self-defense warning said about winamp as i talked to you.Is there any connection between winamp and iexplorer.exe? I was suprised about kaspersky’s warning that when i opened a music kaspersky said iexplorer.exe wants to inject itself to another applicaiton.Is it normal? I saw a like a strange thing about kapersky firstly.

    IS ESET SMART SECURITY 3OR NOD32 . a good program about viruses, hackers keylogger or pishing sites?


    I INSTALLED PC EXPLORER.IT SCANNED MY COMPUTER.IS IT A GOOD PROGRAM?.WHICH FILES MUST I DELETE IT FOUND?.I ATTACHED THE NEW REPORT.I am sending you its report.

    Active security monitor program in my computer said your system restore is turned off.Then Evilfantasy(Spyware Fighter Advanced Tech) said me Check to see if System Restore is enabled. To check this right click My Computer on the desktop and click the System Restore tab. But i can not see the system restore tab because it was turmed off when Windows XP Pr,ofessional was .installing.Then Evilfantasy said If you can not turn it on try turning it on with another method.Go
    http://www.pchell.com/virus/systemrestore.shtml and scroll down
    to Re-enabling System Restore in Windows XP via the Group Policy Editor.I did it.There is no problem with group policy editor.But when i click right on My Computer and Select Manage services and application> then services i can not find system restore service.So i can not see system restore when i clicked right my computer and properties.How can i solve this problem?

    And also Active security program says your Microsoft is out of date but i also scanned my computer on Microsoft or Office update and i had no missed updates on there.Must i do anything?

    And active security says yo have no back up file program.I use tuneup2007 and i have already installed sugar sync manager.But i signed up and activate by clicking an e-mail they sent.And active security monitor still says you did not install a file back up program.Is sugar sync a good program?

    SOME INTERNET SITES REQUIRE ADOBE FLASH PLAYER DON’T OPENED.THEY SAY INSTALL FLASH PLAYER AND APPEARS A LITTLE WINDOW LIKE ACTIVEX TO INSTALL IT.BUT I DID NOT PRESS THE BUTTON TO INSTAL IT FROM MY TRUSTED INTERNET SITES.I APPLYED THE EVILFANTASY SAID AS I OPENED THE ADOBE FLASH’S SITE.I ran online uninstaller, i clicked the link he said and download the exe file for it and ran he file) and then installed new version. When i open some sites appears a warning below the menu bar as an information bar this web site wants to install adobe flash player installer on adobe system incorporated.If you trust this website and its add-on click here.Some sites that i mentioned below, must i install the sites activex about adobe flash player?

    1-www.kaspersky.com
    2-www.softigo.com
    3-www.mynet.com

    Today I have already scanned my computer with kaspersky 7 and it found no viruses or malwares.Only when surfing on internet, a site wanted to install trojan horse program and i denied it.

    Evilfantasy said old Hijackthis log looks fine.

    AND I AM SENDING NEW HIJACK THIS REPORT it normal boot and safe mood.

    Is there any virus, spyware, keylogger, hacker in my log and system as you see?





    PC EXPLORER REPORT

    - LAN - group functions (modifying)
    - LAN - shared resources modifying
    - LAN - user functions (modifying)
    - Internet communication
    - Phone connections (settings changing)
    - Phone connections (dial)
    - Phone connections (hangup)
    - Access to other running applications
    - Application hide
    - Access to system address book
    - Certificates - service provider functions
    - Certificates - key generation and exchange functions
    - Certificates - certificate store functions
    - Certificates - basic functions
    - Certificates - verification functions
    - Certificates - data management functions
    - Certificates - base functions
    - Certificates - remote object retrieval functions
    - Certificates - providers - connections
    - Certificates - service provider key generation and exchange functions
    - Certificates - service provider encryption functions
    - Certificates - service provider hashing and digital signature functions
    - Certificates - certificate services backup and restore functions
    - Certificates - service provider defined functions
    - Card readers (digital signature) -access to card
    - Executable files - file structure reading
    - Executable files - modifying

    File Provider Status

    C:\WINDOWS\$NtServicePackUninstall$\iuengine.dll ? Certificates - data management functions
    C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\MSO.DLL ? Access to other running applications
    C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\XL12CNV.EXE ? Certificates - service provider functions
    C:\WINDOWS\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\EXCEL.EXE ? Certificates - service provider functions
    C:\WINDOWS\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MDIMON.DLL ? Internet communication
    C:\WINDOWS\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MSO.DLL ? Access to other running applications
    C:\WINDOWS\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MSSH.DLL ? Access to other running applications
    C:\WINDOWS\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MSTORE.EXE ? Certificates - data management functions
    C:\WINDOWS\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\STSLIST.DLL ? Access to other running applications
    C:\WINDOWS\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.8173\EXCEL.EXE ? Certificates - service provider functions
    C:\WINDOWS\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.8173\MSO.DLL ? Access to other running applications
    C:\WINDOWS\ServicePackFiles\i386\cdm.dll ? Certificates - data management functions
    C:\WINDOWS\ServicePackFiles\i386\iisext51.dll ? Certificates - basic functions
    C:\WINDOWS\ServicePackFiles\i386\infocomm.dll ? Certificates - service provider functions
    C:\WINDOWS\ServicePackFiles\i386\iuengine.dll ? Certificates - data management functions
    C:\WINDOWS\ServicePackFiles\i386\msinfo.dll ? Certificates - basic functions
    C:\WINDOWS\ServicePackFiles\i386\setregni.exe ? Access to other running applications
    C:\WINDOWS\ServicePackFiles\i386\tshoot.dll ? Certificates - service provider functions
    C:\WINDOWS\ServicePackFiles\i386\wuaueng.dll ? Internet communication
    C:\WINDOWS\ServicePackFiles\i386\wuweb.dll ? Certificates - data management functions
    C:\WINDOWS\system32\cdm.dll ? Certificates - certificate store functions
    C:\WINDOWS\system32\dllcache\iisext51.dll ? Certificates - basic functions
    C:\WINDOWS\system32\dllcache\infocomm.dll ? Certificates - service provider functions
    C:\WINDOWS\system32\dllcache\msinfo.dll ? Certificates - basic functions
    C:\WINDOWS\system32\dllcache\tshoot.dll ? Certificates - service provider functions
    C:\WINDOWS\system32\iuengine.dll ? Certificates - data management functions
    C:\WINDOWS\system32\mdimon.dll ? Internet communication
    C:\WINDOWS\system32\muweb.dll ? Certificates - certificate store functions
    C:\WINDOWS\system32\OGACheckControl.dll ? Certificates - service provider functions
    C:\WINDOWS\system32\OGAVerify.exe ? Certificates - service provider functions
    C:\WINDOWS\system32\TosSndPlug.dll ? Access to other running applications
    C:\WINDOWS\system32\uxtuneup.dll ? Access to other running applications
    C:\WINDOWS\system32\wuweb.dll ? Certificates - certificate store functions
    C:\WINDOWS\VM303UninstNT.exe ? Access to other running applications



    HIJACK THIS REPORT NORMAL MODE

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:00:01, on 21.06.2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Apoint2K\Apoint.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\00THotkey.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\WINDOWS\system32\thpsrv.exe
    C:\WINDOWS\system32\TFNF5.exe
    C:\WINDOWS\VMSnap3.EXE
    C:\WINDOWS\Domino.EXE
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\igfxext.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    C:\Program Files\Spyware Doctor\sdhelp.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ThpSrv.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    C:\Program Files\Spyware Doctor\swdoctor.exe
    C:\Documents and Settings\PC\Desktop\KONTROL PROGRAMLARI\PC.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
    O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
    O4 - HKLM\..\Run: [TPSODDCtl] TPSODDCtl.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [ThpSrv] thpsrv /logon
    O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
    O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
    O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
    O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [Spyware Doctor] (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Spyware Doctor] (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
    O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
    O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
    O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Reklam Panosu Engelleyiciye ekle - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD42/JSCDL/...ws-i586-jc.cab
    O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} (JInitiator 1.3.1.22) -
    O16 - DPF: {D5D17C21-1719-4640-B0B2-4F3262419920} (JaguarEditControl-ISBANK) - https://www.isbank.com.tr/Internet/l...dit4ISBv27.CAB
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...20/mcfscan.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~2\KASPER~1.0\adialhk.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
    O23 - Service: TOSHIBA HDD Protection (Thpsrv) - TOSHIBA Corporation - C:\WINDOWS\system32\ThpSrv.exe

    --
    End of file - 8298 bytes





    HIJACK THIS REPORT SAFE MODE

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:09:46, on 21.06.2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Safe mode

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Documents and Settings\PC\Desktop\KONTROL PROGRAMLARI\PC.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
    O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
    O4 - HKLM\..\Run: [TPSODDCtl] TPSODDCtl.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [ThpSrv] thpsrv /logon
    O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
    O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
    O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
    O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [Spyware Doctor] (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Spyware Doctor] (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
    O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
    O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
    O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD42/JSCDL/...ws-i586-jc.cab
    O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} (JInitiator 1.3.1.22) -
    O16 - DPF: {D5D17C21-1719-4640-B0B2-4F3262419920} (JaguarEditControl-ISBANK) - https://www.isbank.com.tr/Internet/l...dit4ISBv27.CAB
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...20/mcfscan.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~2\KASPER~1.0\adialhk.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
    O23 - Service: TOSHIBA HDD Protection (Thpsrv) - TOSHIBA Corporation - C:\WINDOWS\system32\ThpSrv.exe

    --
    End of file - 7117 bytes

  5. #5
    Administrator Help2Go Administrator Canuck's Avatar
    Join Date
    May 2003
    Location
    Edmonton, Alberta, Canada
    Posts
    9,817
    Points
    2034

    Default

    Since Evifantasy has said your log is fine, there is no need to give us your HJT log again. The only thing I can see that might help is to uninstall SP3. This update has given a lot of people problems. After you uninstall, run ccleaner ( www.ccleaner.com ) using it's default settings.


  6. #6
    Moderator Forum Moderator arraknid's Avatar
    Join Date
    Dec 2006
    Location
    France
    Posts
    6,151
    Points
    1293
    Blog Entries
    4

    Default

    So i can not see system restore when i clicked right my computer and properties.How can i solve this problem?
    Try the long way round. Click on Start, Control Panel, System, System Restore tab. If the service is switched on you'll see Monitoring under Status column.

  7. #7
    Member
    Join Date
    Jun 2008
    Posts
    97
    Points
    0

    Default Lass Reports

    I uninstalled service pack 3 now i have service pack 3.And I ran ccleaner.And i have a few questiones.Excuse me sir but you are administrator and i think you can help me.

    The software secunia says

    This installation of Microsoft Internet Explorer 7.x is insecure and potentially exposes your system to security threats!

    Your system does not have all security related patches from Microsoft installed. Please see list below for details about the missing patches.

    Update Instructions:
    You do not have the following Microsoft security updates installed:
    KB947864
    KB950759
    KB947864
    KB944533
    KB942615
    KB937143

    Visit Windows Update to install the missing patches.

    Installed on Your System in:
    C:\Program Files\Internet Explorer\iexplore.exe

    I want to say about software secunia that when i am talking with Evilfantasy, it had said warning about Internet Explorer 7(except KB937143).I did what secunia said to solve the problem but it was stil saying the same warning.I solved the problem before talking to you but i did not do anything else.After this i uninstalled sevice pack 3 and again scan with software secunia.and it said the same warning except KB937143.Then i scanned my computer with WINDOWS VULNARABILITY SCANNER(By Proland Software).It said the critical missing update KB937143.I installed both turkish and english version of the warning of secunia named KB937143 AND OTHERS listed above.There was two of KB950759 at the old warning.But only one of the KB950759 warning was solved.The last report is above.What must i do fort his problem?

    Now for the new hijack this report below(I turned off Kaspersky and turned off Spyware doctor’s on guard action while using hijack this), is it fine?

    What will you say for the PC SECURITY EXPLORER programme's report(I turned off on guard action of Spyware doctor only)?Which files must i delete?

    WHAT WILL YOU SAY ABOUT THIS QUESTION BELOW?

    1-SOME INTERNET SITES REQUIRE ADOBE FLASH PLAYER DON’T OPENED.THEY SAY INSTALL FLASH PLAYER AND APPEARS A LITTLE WINDOW LIKE ACTIVEX TO INSTALL IT.BUT I DID NOT PRESS THE BUTTON TO INSTAL IT FROM MY TRUSTED INTERNET SITES.I APPLYED THE EVILFANTASY SAID AS I OPENED THE ADOBE FLASH’S SITE.I ran online uninstaller, i clicked the link he said and download the exe file for it and ran he file) and then installed new version. When i open some sites appears a warning below the menu bar as an information bar this web site wants to install adobe flash player installer on adobe system incorporated.If you trust this website and its add-on click here.Some sites that i mentioned below, must i install the sites activex about adobe flash player?

    1-www.kaspersky.com
    2-www.softigo.com
    3-www.mynet.com


    2-Active security monitor program in my computer said your system restore is turned off.Then Evilfantasy(Spyware Fighter Advanced Tech) said me Check to see if System Restore is enabled. To check this right click My Computer on the desktop and click the System Restore tab. But i can not see the system restore tab because it was turmed off when Windows XP Pr,ofessional was .installing.Then Evilfantasy said If you can not turn it on try turning it on with another method.Go
    http://www.pchell.com/virus/systemrestore.shtml and scroll down
    to Re-enabling System Restore in Windows XP via the Group Policy Editor.I did it.There is no problem with group policy editor.But when i click right on My Computer and Select Manage services and application> then services i can not find system restore service.So i can not see system restore when i clicked right my computer and properties.How can i solve this problem?

    And it also says your PC is missing security updates from Microsoft.


    PC EXPLORER REPORT ON NORMAL MODE:

    - LAN - group functions (modifying)
    - LAN - shared resources modifying
    - LAN - user functions (modifying)
    - Internet communication
    - Phone connections (settings changing)
    - Phone connections (dial)
    - Phone connections (hangup)
    - Access to other running applications
    - Application hide
    - Access to system address book
    - Certificates - service provider functions
    - Certificates - key generation and exchange functions
    - Certificates - certificate store functions
    - Certificates - basic functions
    - Certificates - verification functions
    - Certificates - data management functions
    - Certificates - base functions
    - Certificates - remote object retrieval functions
    - Certificates - providers - connections
    - Certificates - service provider key generation and exchange functions
    - Certificates - service provider encryption functions
    - Certificates - service provider hashing and digital signature functions
    - Certificates - certificate services backup and restore functions
    - Certificates - service provider defined functions
    - Card readers (digital signature) -access to card
    - Executable files - file structure reading
    - Executable files - modifying

    File Provider Status

    C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\ose.exe ? Certificates - service provider functions
    C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\osetup.dll ? Access to other running applications
    C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_03.b05\regutils.dll ? Access to other running applications
    C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_06.b02\regutils.dll ? Access to other running applications
    C:\Program Files\Common Files\Microsoft Shared\MODI\11.0\DRIVERS\MDIMON.DLL ? Internet communication
    C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSO.DLL ? Access to other running applications
    C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSSH.DLL ? Access to other running applications
    C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL ? Certificates - service provider functions
    C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSO.DLL ? Access to other running applications
    C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE ? Certificates - service provider functions
    C:\Program Files\Common Files\Nero\Lib\NMUPnPServices.dll ? Internet communication
    C:\Program Files\Common Files\Nero\NeroBLC\BDEngine.dll ? Internet communication
    C:\Program Files\Common Files\Nero\NeroBLC\BDJ\cvmi.dll ? Internet communication
    C:\Program Files\Common Files\Nero\NeroBLC\BDJ\NeBDJ.dll ? Internet communication
    C:\Program Files\Common Files\Nero\NeroBLC\HDDVDEngine.dll ? Internet communication
    C:\Program Files\Google\Google Earth\base.dll ? Access to other running applications
    C:\Program Files\Google\Google Earth\common.dll ? Certificates - service provider functions
    C:\Program Files\Java\jre1.6.0_06\bin\deploy.dll ? Certificates - service provider functions
    C:\Program Files\Java\jre1.6.0_06\bin\dt_socket.dll ? Internet communication
    C:\Program Files\Java\jre1.6.0_06\bin\j2pcsc.dll ? Card readers (digital signature) -access to card
    C:\Program Files\Java\jre1.6.0_06\bin\net.dll ? Internet communication
    C:\Program Files\Java\jre1.6.0_06\bin\nio.dll ? Internet communication
    C:\Program Files\Java\jre1.6.0_06\bin\regutils.dll ? Access to other running applications
    C:\Program Files\Java\jre1.6.0_06\bin\sunmscapi.dll ? Certificates - service provider functions
    C:\Program Files\K-Lite Codec Pack\filters\haali\dxr.dll ? Certificates - service provider functions
    C:\Program Files\Lavasoft\Ad-Aware 2007\lavalicense.dll ? Certificates - service provider functions
    C:\Program Files\Lavasoft\Ad-Aware 2007\lavamessage.dll ? Certificates - service provider functions
    C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE ? Certificates - service provider functions
    C:\Program Files\Microsoft Office\OFFICE11\IEAWSDC.DLL ? Certificates - service provider functions
    C:\Program Files\Microsoft Office\OFFICE11\MSTORE.EXE ? Certificates - data management functions
    C:\Program Files\Microsoft Office\OFFICE11\STSLIST.DLL ? Access to other running applications
    C:\Program Files\Microsoft Office\Office12\excelcnv.exe ? Certificates - service provider functions
    C:\Program Files\Nero\Nero8\Nero Burning Rom\nero.exe ? Certificates - service provider functions
    C:\Program Files\Nero\Nero8\Nero Burning Rom\uGenUDF2.dll ? Certificates - service provider functions
    C:\Program Files\SugarSync\libscphotos.dll ? Internet communication
    C:\Program Files\SugarSync\QtNetwork4.dll ? Internet communication
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\BIP_Camera.exe ? Access to other running applications
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe ? Access to other running applications
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe ? Access to other running applications
    C:\Program Files\TuneUp Utilities 2007\uxtuneup-x86.dll ? Access to other running applications
    C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\MSO.DLL ? Access to other running applications
    C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\XL12CNV.EXE ? Certificates - service provider functions
    C:\WINDOWS\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\EXCEL.EXE ? Certificates - service provider functions
    C:\WINDOWS\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MDIMON.DLL ? Internet communication
    C:\WINDOWS\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MSO.DLL ? Access to other running applications
    C:\WINDOWS\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MSSH.DLL ? Access to other running applications
    C:\WINDOWS\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\MSTORE.EXE ? Certificates - data management functions
    C:\WINDOWS\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.5614\STSLIST.DLL ? Access to other running applications
    C:\WINDOWS\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.8173\EXCEL.EXE ? Certificates - service provider functions
    C:\WINDOWS\Installer\$PatchCache$\Managed\F140110900063D11C8EF10054038389C\11.0.8173\MSO.DLL ? Access to other running applications
    C:\WINDOWS\system32\cdm.dll ? Certificates - certificate store functions
    C:\WINDOWS\system32\dllcache\iisext51.dll ? Certificates - basic functions
    C:\WINDOWS\system32\dllcache\infocomm.dll ? Certificates - service provider functions
    C:\WINDOWS\system32\dllcache\msinfo.dll ? Certificates - basic functions
    C:\WINDOWS\system32\dllcache\tshoot.dll ? Certificates - service provider functions
    C:\WINDOWS\system32\iuengine.dll ? Certificates - data management functions
    C:\WINDOWS\system32\mdimon.dll ? Internet communication
    C:\WINDOWS\system32\muweb.dll ? Certificates - certificate store functions
    C:\WINDOWS\system32\OGACheckControl.dll ? Certificates - service provider functions
    C:\WINDOWS\system32\OGAVerify.exe ? Certificates - service provider functions
    C:\WINDOWS\system32\TosSndPlug.dll ? Access to other running applications
    C:\WINDOWS\system32\uxtuneup.dll ? Access to other running applications
    C:\WINDOWS\system32\wuweb.dll ? Certificates - certificate store functions
    C:\WINDOWS\VM303UninstNT.exe ? Access to other running applications



    HIJACK THIS REPORT ON NORMAL MODE:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:21:06, on 24.06.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Apoint2K\Apoint.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\00THotkey.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\WINDOWS\system32\thpsrv.exe
    C:\WINDOWS\system32\TFNF5.exe
    C:\WINDOWS\VMSnap3.EXE
    C:\Program Files\Apoint2K\Apntex.exe
    C:\WINDOWS\system32\igfxext.exe
    C:\WINDOWS\Domino.EXE
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Spyware Doctor\swdoctor.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    C:\Program Files\Spyware Doctor\sdhelp.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ThpSrv.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\Documents and Settings\PC\Desktop\KONTROL PROGRAMLARI\PC.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
    O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
    O4 - HKLM\..\Run: [TPSODDCtl] TPSODDCtl.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [ThpSrv] thpsrv /logon
    O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
    O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
    O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [Spyware Doctor] (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Spyware Doctor] (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
    O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
    O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
    O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Reklam Panosu Engelleyiciye ekle - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD42/JSCDL/...ws-i586-jc.cab
    O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} (JInitiator 1.3.1.22) -
    O16 - DPF: {D5D17C21-1719-4640-B0B2-4F3262419920} (JaguarEditControl-ISBANK) - https://www.isbank.com.tr/Internet/l...dit4ISBv27.CAB
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...20/mcfscan.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~2\KASPER~1.0\adialhk.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
    O23 - Service: TOSHIBA HDD Protection (Thpsrv) - TOSHIBA Corporation - C:\WINDOWS\system32\ThpSrv.exe

    --
    End of file - 7899 bytes




    HIJACK THIS REPORT ON SAFE MODE:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:25:14, on 24.06.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Safe mode

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Documents and Settings\PC\Desktop\KONTROL PROGRAMLARI\PC.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
    O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
    O4 - HKLM\..\Run: [TPSODDCtl] TPSODDCtl.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [ThpSrv] thpsrv /logon
    O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
    O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
    O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
    O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [Spyware Doctor] (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Spyware Doctor] (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
    O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: FLV video içeriğini IDM ile indir - C:\Program Files\Internet Download Manager\IEGetVL.htm
    O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
    O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
    O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD42/JSCDL/...ws-i586-jc.cab
    O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} (JInitiator 1.3.1.22) -
    O16 - DPF: {D5D17C21-1719-4640-B0B2-4F3262419920} (JaguarEditControl-ISBANK) - https://www.isbank.com.tr/Internet/l...dit4ISBv27.CAB
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...20/mcfscan.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~2\KASPER~1.0\adialhk.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
    O23 - Service: TOSHIBA HDD Protection (Thpsrv) - TOSHIBA Corporation - C:\WINDOWS\system32\ThpSrv.exe

    --
    End of file - 6665 bytes

  8. #8
    Administrator Help2Go Administrator Canuck's Avatar
    Join Date
    May 2003
    Location
    Edmonton, Alberta, Canada
    Posts
    9,817
    Points
    2034

    Default

    I note in your Spyware thread that you will be returning the PC to-day, so this information I give as a last ditch effort. First, go to Windows update and with the exception of SP3 download all the updates in the Critical section, don't worry about any other updates.

    After you downloaded them and installed, reboot your PC. As you are having problems with IE7, go to Start> Control Panel > Add/Remove programs > click the box at the top of page 'show all updates' > look for IE 7 and uninstall. This should automatically revert you to IE6 (some people, me among them are still having problems with 7, it must have something to do with our 'older' PCs). After IE6 is up and running, go to Windows Update and see if there are any updates for IE6. After this, run Ccleaner again. Hopefully this will help. Good luck.


  9. #9
    Member
    Join Date
    Jun 2008
    Posts
    97
    Points
    0

    Default Fine

    I will apply what you said.But are my hijackthis logs fine?

  10. #10
    Administrator Help2Go Administrator Canuck's Avatar
    Join Date
    May 2003
    Location
    Edmonton, Alberta, Canada
    Posts
    9,817
    Points
    2034

    Default

    The detective didn't pick up anything bad, and since EF gave you the all clear, and you run with the suggestions I made (hopefully they will help) you should be fine. Just make sure your aunt keeps her anti virus program updated and running.


Page 1 of 2 12 LastLast