v9-eu.com virüsü

Çözemeyenler ve mod'umun verdiği bilgiyi de yapanlar çözüme ulaşamazsa imzamda olan sistem tarama 2 olanı indirin, taratın, bittiğinde save result yapın. Çıkan txt dosyasını burada paylaşın. Eğer tarama sonucunda buldukları zararlı birşey varsa tekrar tarama yaptırıp hangileri sileceğinizi yazarım.
Ayrıca konu başlığı yanlış yerde adware olduğundan güvenlik bölümüne taşındı.
 
Yine sonuç alamadım. @Murat5038 hemen deniyorum ama bence böyle programla falan bunu çözemeyiz. Elle yapılacak bir ayar ile bundan anca kurtuluruz.
Çözüp çözemeyeceğimizi işlemler tamamlanınca sana hatırlatırım :) Doğru yaparsan herşey çözülür forumda dediklerimi doğru yapmayan çok olduğundan çözüme ulaşamıyor. TW ile gittiğimde yapıp verdiğimde diyecek birşey bulamıyorlar.
 
Kod:
Saved date:          5.6.2014 17:09:35
Files detected:     21
Files scanned:         2.162
Processes scanned:     72
Modules scanned:     720
ASEPs scanned:         415
Downloads scanned:     0
Deep analysis:         14/1
---------------------------------------------------------------------------------

Files

---------------------------------------------------------------------------------

File path:         c:\program files (x86)\vmware\vmware workstation\libeay32.dll
Publisher:         The OpenSSL Project, http://www.openssl.org/
Signer:         VMware, Inc.
MD5:             99a394b399b2d3fd25d29075ba10635e
SHA-1:             371616d1efefe045fdd492a412317ac7cbb78a7d
Created:         27.8.2013 12:09:32
Detections:         1
Determination:         Inconclusive
            - Bkav FE as HW32.Stranact (Undefined malware)

---------------------------------------------------------------------------------

File path:         C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
Publisher:         Advanced Micro Devices Inc.
MD5:             badf6c22fbaa3ed3e2413a60411425ac
SHA-1:             5751621a78b9cad2111fd9b2117c040c291c3b25
Created:         7.5.2013 10:51:52
Detections:         1
Determination:         Inconclusive
            - Boost by Reason as Optional.AdvancedMicroDevices.D

---------------------------------------------------------------------------------

File path:         c:\program files\sandboxie\sbiedll.dll
Publisher:         Sandboxie Holdings, LLC
Signer:         SANDBOXIE L.T.D
MD5:             c271ab9e42dae1a1b4a8263d5d48e012
SHA-1:             44ab360727465876211308b077a0ac823fdc5bf3
Created:         17.1.2014 21:01:08
Detections:         1
Determination:         Inconclusive
            - Trend Micro House Call as TROJ_GEN.F47V0929 (Undefined malware)

---------------------------------------------------------------------------------

File path:         c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
Publisher:         Adobe Systems Incorporated
Signer:         Adobe Systems, Incorporated
MD5:             fe821f6fa60e9df9fdee69a23488bbab
SHA-1:             f6a5c0e05ab0b7ffa81a3637e4a4110458a38e1d
Created:         23.9.2012 20:43:34
Detections:         1
Determination:         Inconclusive
            - Rising Antivirus as PE:Malware.Sality!6.EDB (Undefined malware)

---------------------------------------------------------------------------------

File path:         c:\program files\sandboxie\sbiectrl.exe
Publisher:         Sandboxie Holdings, LLC
Signer:         SANDBOXIE L.T.D
MD5:             27d60574d2277b771930f871c83f4bea
SHA-1:             55d6b17345ec622287b3d961f9377c44766539ec
Created:         17.1.2014 21:01:10
Detections:         1
Determination:         Inconclusive
            - Trend Micro House Call as TROJ_GEN.F47V1211 (Undefined malware)

---------------------------------------------------------------------------------

File path:         c:\users\aydın\appdata\local\facebook\update\facebookupdate.exe
Publisher:         Facebook Inc.
Signer:         Facebook, Inc.
MD5:             2a3fb4c98f139038e23330d2439db8a4
SHA-1:             d33c799d1d26e00cc2d843ac4a94be78fdfcf9da
Created:         3.5.2014 02:10:12
Detections:         2
Determination:         Inconclusive
            - Boost by Reason as UnneededApp.Startup.Facebook.O
            - Rising Antivirus as PE:Trojan.GenericKDV!6.B5C (Undefined malware)

---------------------------------------------------------------------------------

File path:         c:\users\aydın\appdata\roaming\raidcall\plugins\nprcplugin.dll
Publisher:         Raidcall
MD5:             492100c9050d4b6a10eab7f3ae60a552
SHA-1:             321214fe8fc2d02f3d09c7973a282ef7e7298267
Created:         11.4.2014 14:45:04
Detections:         1
Determination:         Inconclusive
            - Emsisoft Anti-Malware as Gen:Variant.Kazy.341569 (Undefined malware)

---------------------------------------------------------------------------------

File path:         c:\users\aydın\appdata\local\temp\quarantine.exe
Publisher:       
MD5:             7b6e97a6695e4ae05c269e971907bc9d
SHA-1:             514ee53e5208712308e1b860bc2c0f714b5e581c
Created:         2.3.2014 22:39:04
Detections:         1
Determination:         Inconclusive
            - CMC Antivirus as Trojan.Win32.Generic!O (Undefined malware)

---------------------------------------------------------------------------------

File path:         c:\users\aydın\downloads\adwcleaner_3.211.exe
Publisher:       
MD5:             9ec73884d7d7bfec9eed7eaf3122a0be
SHA-1:             5021acf55bd6df31511cd225bea7c97920953c9a
Created:         5.6.2014 14:56:18
Detections:         1
Determination:         Inconclusive
            - CMC Antivirus as Trojan.Win32.Generic!O (Undefined malware)

---------------------------------------------------------------------------------

File path:         c:\users\aydın\desktop\spyhunter4\spyhunter4.exe
Publisher:         Enigma Software Group USA, LLC.
Signer:         Enigma Software Group USA, LLC
MD5:             5cc17e58897698d2e29c1fc2cf9013d6
SHA-1:             339be3313b55482beee68864050c2f0a37173aec
Created:         5.6.2014 15:50:27
Detections:         2
Determination:         Inconclusive
            - Baidu Antivirus as Trojan.Win32.FakeAV (Undefined malware)
            - Bkav FE as HW32.Pedka (Undefined malware)

---------------------------------------------------------------------------------

File path:         C:\Users\aydın\Desktop\DİĞER\sa-mp-0.3z-R1-install.exe
Publisher:       
MD5:             ad5f4d2bd4de3d3d657612b527f9bd79
SHA-1:             4cb7052e330d58c510628f06db06cec21ebe96d0
Created:         23.5.2014 21:35:57
Detections:         1
Determination:         Inconclusive
            - Antiy Labs AVL as Worm[Email]/Win32.NetSky (Undefined malware)

---------------------------------------------------------------------------------

File path:         C:\Users\aydın\Desktop\DİĞER\TachkaMenyalka.exe
Publisher:       
MD5:             e0652ea9420b230f3fb7517d650b28b6
SHA-1:             b854070a6889e3c937e9c0a06b8a781cf022c8ad
Created:         11.4.2014 01:44:47
Detections:         14
Determination:         UndefinedMalware
            - MicroWorld eScan as Trojan.Generic.11044431 (Undefined malware)
            - nProtect as Trojan.Generic.11044431 (Undefined malware)
            - McAfee as Artemis!E0652EA9420B (Undefined malware)
            - Norman as Suspicious_Gen5.AJZFW (Ignore)
            - avast! as Win32:Malware-gen (Undefined malware)
            - Bitdefender as Trojan.Generic.11044431 (Undefined malware)
            - Lavasoft Ad-Aware as Trojan.Generic.11044431 (Undefined malware)
            - F-Secure as Trojan.Generic.11044431 (Undefined malware)
            - Avira AntiVir as TR/Agent.432128.30 (Undefined malware)
            - McAfee Web Gateway as Artemis!E0652EA9420B (Undefined malware)
            - Emsisoft Anti-Malware as Trojan.Generic.11044431 (Undefined malware)
            - G Data as Trojan.Generic.11044431 (Undefined malware)
            - Commtouch SDK as W32/GenBl.E0652EA9!Olympus (Undefined malware)
            - IKARUS anti.virus as Trojan.Agent (Undefined malware)

---------------------------------------------------------------------------------

File path:         c:\users\aydın\desktop\oyunlar\deliricez\fmodex.dll
Publisher:         Firelight Technologies
MD5:             eba950db3e985fde316e97a8e5231773
SHA-1:             4d98d3570f32c80a57a2dbbe528e485d0a3b05a3
Created:         11.4.2014 02:02:19
Detections:         1
Determination:         Inconclusive
            - ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined malware)

---------------------------------------------------------------------------------

File path:         c:\users\aydın\desktop\oyunlar\deliricez\fmod_event.dll
Publisher:         Firelight Technologies
MD5:             e43bef093dda0d29810ad8a53df157a2
SHA-1:             6255e27fd01afc9b68ab08fcbd9a618271acca10
Created:         11.4.2014 02:02:19
Detections:         1
Determination:         Inconclusive
            - ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined malware)

---------------------------------------------------------------------------------

File path:         c:\users\aydın\desktop\oyunlar\deliricez\fmod_event_net.dll
Publisher:         Firelight Technologies
MD5:             a2817b26095a3204d90cd9b532f44fe3
SHA-1:             fb2667207f3959567f0c7d5f429c2d72d8286a41
Created:         11.4.2014 02:02:19
Detections:         1
Determination:         Inconclusive
            - ByteHero BDV as Trojan.Malware.Win32.xPack.i (Undefined malware)

---------------------------------------------------------------------------------

File path:         c:\windows\secoh-qad.exe
Publisher:       
MD5:             38de5b216c33833af710e88f7f64fc98
SHA-1:             66c72019eafa41bbf3e708cc3824c7c4447bdab6
Created:         11.4.2014 10:21:20
Detections:         1
Determination:         Inconclusive
            - VIPRE Antivirus as RiskTool.Win32.ProcessPatcher.Sml!cobra (Adware)

---------------------------------------------------------------------------------

File path:         c:\windows\system32\amdocl_ld64.exe
Publisher:       
MD5:             dd3e0fe46f9ab3f9a339f4dd3b2b2e4c
SHA-1:             0e588225a6910502de93d5b9695a85f5251ad0e4
Created:         13.12.2013 09:23:24
Detections:         1
Determination:         Inconclusive
            - Bkav FE as HW32.TsCabk (Undefined malware)

---------------------------------------------------------------------------------

File path:         c:\windows\syswow64\pnkbstrb.exe
Publisher:       
Signer:         Even Balance, Inc.
MD5:             cab7847b047f435607859dee19e1a119
SHA-1:             5212b18defa121ff44fcff758db56c92b9672caa
Created:         17.4.2014 21:28:35
Detections:         1
Determination:         Inconclusive
            - Trend Micro House Call as TROJ_GEN.F47V0609 (Undefined malware)

---------------------------------------------------------------------------------

File path:         c:\users\aydın\appdata\local\facebook\update\1.2.205.0\facebookcrashhandler.exe
Publisher:         Facebook Inc.
Signer:         Facebook, Inc.
MD5:             2a3fb4c98f139038e23330d2439db8a4
SHA-1:             d33c799d1d26e00cc2d843ac4a94be78fdfcf9da
Created:         3.5.2014 02:10:11
Detections:         2
Determination:         Inconclusive
            - Boost by Reason as UnneededApp.Startup.Facebook.O
            - Rising Antivirus as PE:Trojan.GenericKDV!6.B5C (Undefined malware)

---------------------------------------------------------------------------------

File path:         c:\users\aydın\appdata\local\facebook\update\1.2.205.0\facebookupdate.exe
Publisher:         Facebook Inc.
Signer:         Facebook, Inc.
MD5:             2a3fb4c98f139038e23330d2439db8a4
SHA-1:             d33c799d1d26e00cc2d843ac4a94be78fdfcf9da
Created:         3.5.2014 02:10:11
Detections:         2
Determination:         Inconclusive
            - Boost by Reason as UnneededApp.Startup.Facebook.O
            - Rising Antivirus as PE:Trojan.GenericKDV!6.B5C (Undefined malware)

---------------------------------------------------------------------------------

File path:         c:\users\aydın\appdata\local\punkbuster\twz\pb\pnkbstrb.exe
Publisher:       
Signer:         Even Balance, Inc.
MD5:             cab7847b047f435607859dee19e1a119
SHA-1:             5212b18defa121ff44fcff758db56c92b9672caa
Created:         17.4.2014 21:32:06
Detections:         1
Determination:         Inconclusive
            - Trend Micro House Call as TROJ_GEN.F47V0609 (Undefined malware)
 
Tekrar tarama yap ve tarama bittiğinde altta yazdıklarıma sağ tıkla remove, yes, yes tıkla.
c:\program files\sandboxie\sbiedll.dll
c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
c:\program files\sandboxie\sbiectrl.exe
c:\users\aydın\appdata\local\facebook\update\facebookupdate.exe
c:\users\aydın\appdata\roaming\raidcall (nprcplugin.dll)
c:\users\aydın\appdata\local\temp\quarantine.exe
c:\users\aydın\downloads\adwcleaner_3.211.exe
c:\users\aydın\desktop\spyhunter4
C:\Users\aydın\Desktop\DİĞER\sa-mp-0.3z-R1-install.exe
C:\Users\aydın\Desktop\DİĞER\TachkaMenyalka.exe
c:\users\aydın\desktop\oyunlar\deliricez\fmodex.dll
c:\users\aydın\desktop\oyunlar\deliricez\fmod_event.dll
c:\users\aydın\desktop\oyunlar\deliricez\fmod_event_net.dll
c:\windows\secoh-qad.exe (Buna dikkat et kesin silinmesi lazım)
c:\windows\system32\amdocl_ld64.exe
c:\windows\syswow64\pnkbstrb.exe
c:\users\aydın\appdata\local\facebook\update\1.2.205.0\facebookcrashhandler.exe
c:\users\aydın\appdata\local\facebook\update\1.2.205.0\facebookupdate.exe
c:\users\aydın\appdata\local\punkbuster\twz\pb\pnkbstrb.exe


Bunları yaparsan %80 düzelir(yeniden başlattıktan sonra ve kısayolları tekrar kontrol ettikten sonra). Eğer düzelmez ise deneyim gerektirdiği için TW ile bağlanmam gerekli. Google klasöründe saklanan bir zararlı olma ihtimali var (tabi düzelmez ise).
 
Tekrar tarıyor ama tarama bittiğinde bana sadece bu 2 resimdeki seçenekler kalıyor. Bu dediklerin için programda bir seçenek göremedim.

Orv8V5p.png

gs7oHSQ.png
 
@Murat5038 'in yardımıyla sorunu çözdük. Sağ olsun bu saate kadar yardım etti ve sorunu çözdü ayrıca da bir sürü yeni düzenleme yaptı. Sanırım sorunu kayıt defterinde v9'u aratıp bir girdiyi değiştirerek çözdük. Ama bunun yanında bir sürü programı falan temizledik. Çok teşekkürler :)
 
Öncelikle merhabalar, üstte belirttiğiniz yönergeleri eksiksiz yaptığıma inanıyorum ki umarım öyledir, hala bu can sıkıcı problem devam etmekte yardımcı olabilirseniz çok sevineceğim.
 
Uyarı! Bu konu 10 yıl önce açıldı.
Muhtemelen daha fazla tartışma gerekli değildir ki bu durumda yeni bir konu başlatmayı öneririz. Eğer yine de cevabınızın gerekli olduğunu düşünüyorsanız buna rağmen cevap verebilirsiniz.

Yeni konular

Geri
Yukarı