ComboFix virüs sonucu(pc'de virüs var mı)

RedDevil

RedDevil

Profesör
Katılım
29 Kasım 2008
Mesajlar
1,458
Reaksiyon puanı
19
Puanları
218
furko64 dedi ki:
Verdiğin bilgi için teşşekürler
Emsisoft Emergency Kit 3.0.0.1 herhangi bir kısıtlama var mı mesela Malwarebytes Anti-Malware 'de 15 gün kısıtlaması vardı

- - - Mesaj Güncellendi - - -

Birde sence IObit Malware Fighter nasıl ?
Genişletmek için tıkla ...

Kısıtlama yok. Free versiyon. Özele bakarsan Mbam full olacak :)

IOBİT gerek yok bunlar yeter.
 
F

furko64

Asistan
Katılım
1 Ocak 2013
Mesajlar
169
Reaksiyon puanı
0
Puanları
0
Teşşekürler bu konuda biraz başım yandıda dikkatli olmak istiyorum o yüzden
 
RedDevil

RedDevil

Profesör
Katılım
29 Kasım 2008
Mesajlar
1,458
Reaksiyon puanı
19
Puanları
218
Rica ederim. Kullandığın anti veya is. ise güncelle. Kaçırıyorsa virüs vb. değiştir. İnternetten indirdiğin dosya, program, rar veya zip dosyalarını kesin tarat. Olmadı güvenemiyorsun diyelim. O zaman virüs total sitesi ile yaklaşık 45-46 tane anti ile tarıyor.

Son olarak şifrelerini değiştir. Önceden kendin denemek amaçlı kurmadıysan kesin tüm girdiğin site ve mail adreslerinin şifrelerini değiştir.
 
T800

T800

Profesör
Katılım
13 Mart 2012
Mesajlar
2,300
Reaksiyon puanı
6
Puanları
218
İlk kez combofix ile tarama yapıyorum sonunda da bu yazılar çıktı bunlar ne anlama geliyor ? Ve şuan pc'de virüs var mı acaba :confused1:

Kod: 
ComboFix 13-06-08.02 - Machine 11.06.2013   9:40.3.2 - x64 MINIMAL
Microsoft Windows 7 Ultimate   6.1.7601.1.1254.90.1055.18.3071.2486 [GMT 3:00]
Running from: c:\users\Machine\Downloads\combofix-15.01-tamindir.exe
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-11 to 2013-06-11  )))))))))))))))))))))))))))))))
.
.
2013-06-11 06:43 . 2013-06-11 06:43    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-06-10 12:22 . 2013-05-25 15:00    168288    ----a-w-    c:\windows\system32\drivers\idmwfp.sys
2013-06-10 10:24 . 2013-06-10 10:24    --------    d-----w-    c:\program files (x86)\Wise
2013-06-05 10:00 . 2013-06-05 10:00    --------    d-----w-    c:\program files (x86)\Realtek
2013-06-02 09:37 . 2013-06-03 10:17    --------    d-----w-    c:\program files\Microsoft Silverlight
2013-06-02 09:37 . 2013-06-03 10:17    --------    d-----w-    c:\program files (x86)\Microsoft Silverlight
2013-06-02 06:17 . 2013-06-02 06:17    --------    d-----w-    c:\windows\tr
2013-06-02 06:15 . 2013-06-02 06:15    --------    d-----w-    c:\program files (x86)\Microsoft SQL Server Compact Edition
2013-06-02 06:14 . 2013-06-02 06:14    --------    d-----w-    c:\windows\PCHEALTH
2013-06-02 06:14 . 2013-06-02 06:15    --------    d-----w-    c:\program files (x86)\Windows Live
2013-06-02 06:09 . 2013-06-02 06:09    --------    d-----w-    c:\program files (x86)\Common Files\Windows Live
2013-05-31 10:25 . 2013-05-31 10:25    --------    d-----w-    c:\program files (x86)\Common Files\Adobe
2013-05-29 20:22 . 2013-05-29 20:22    --------    d-----w-    c:\program files (x86)\Microsoft SkyDrive
2013-05-29 20:21 . 2013-05-29 20:21    --------    d-----w-    c:\programdata\Microsoft SkyDrive
2013-05-29 09:26 . 2013-05-29 09:26    --------    d-----w-    c:\program files (x86)\Windows Phone
2013-05-29 09:25 . 2013-05-29 09:25    --------    d-----w-    c:\programdata\Applications
2013-05-27 09:43 . 2013-05-27 09:43    --------    d-----w-    c:\programdata\ASUS
2013-05-27 09:43 . 2013-05-27 09:43    --------    d-----w-    c:\program files (x86)\ASUS
2013-05-26 08:06 . 2012-06-09 17:21    206336    ----a-w-    c:\windows\system32\unrar64.dll
2013-05-26 08:06 . 2011-12-07 17:37    148992    ----a-w-    c:\windows\system32\lagarith.dll
2013-05-26 08:06 . 2013-04-29 18:00    127488    ----a-w-    c:\windows\system32\ff_vfw.dll
2013-05-26 08:06 . 2013-05-26 08:06    --------    d-----w-    c:\program files\K-Lite Codec Pack x64
2013-05-25 14:58 . 2013-06-06 09:46    --------    d-----w-    c:\program files (x86)\AIMP3
2013-05-25 08:06 . 2013-05-25 08:05    971680    ----a-w-    c:\windows\system32\deployJava1.dll
2013-05-25 08:06 . 2013-05-25 08:05    311200    ----a-w-    c:\windows\system32\javaws.exe
2013-05-25 08:06 . 2013-05-25 08:05    1092512    ----a-w-    c:\windows\system32\npDeployJava1.dll
2013-05-25 08:06 . 2013-05-25 08:05    188832    ----a-w-    c:\windows\system32\javaw.exe
2013-05-25 08:06 . 2013-05-25 08:05    188320    ----a-w-    c:\windows\system32\java.exe
2013-05-25 08:06 . 2013-05-25 08:05    108448    ----a-w-    c:\windows\system32\WindowsAccessBridge-64.dll
2013-05-25 08:05 . 2013-05-25 08:05    --------    d-----w-    c:\program files\Java
2013-05-25 08:04 . 2013-05-25 08:05    --------    d-----w-    c:\programdata\Ashampoo
2013-05-25 08:04 . 2013-05-25 08:04    --------    d-----w-    c:\program files (x86)\Ashampoo
2013-05-24 21:29 . 2013-05-24 21:29    --------    d-----w-    c:\program files\Wireless Console 2
2013-05-24 21:25 . 2013-05-24 21:26    --------    d-----w-    c:\programdata\AVG2013
2013-05-24 21:25 . 2013-05-24 21:25    --------    d-----w-    C:\$AVG
2013-05-24 21:24 . 2013-05-24 21:24    --------    d-----w-    c:\program files\AVG
2013-05-24 21:23 . 2013-06-11 06:03    --------    d-----w-    c:\programdata\MFAData
2013-05-24 21:23 . 2013-05-24 21:23    --------    d--h--w-    c:\programdata\Common Files
2013-05-24 21:21 . 2013-05-24 21:21    --------    d-----w-    c:\program files (x86)\FinalWire
2013-05-24 21:19 . 2013-05-24 21:19    --------    d-----w-    c:\programdata\VS Revo Group
2013-05-24 21:19 . 2009-12-30 08:21    31800    ----a-w-    c:\windows\system32\drivers\revoflt.sys
2013-05-24 21:19 . 2013-05-24 21:19    --------    d-----w-    c:\program files\VS Revo Group
2013-05-24 21:17 . 2013-05-24 21:17    --------    d-----w-    c:\program files (x86)\TeamViewer
2013-05-24 21:14 . 2013-05-24 21:14    --------    d-----w-    c:\program files (x86)\Common Files\Skype
2013-05-24 21:14 . 2013-05-24 21:14    --------    d-----r-    c:\program files (x86)\Skype
2013-05-24 21:14 . 2013-05-24 21:14    --------    d-----w-    c:\programdata\Skype
2013-05-24 21:12 . 2013-06-09 08:52    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-24 21:12 . 2013-06-09 08:52    692104    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-24 21:12 . 2013-05-24 21:12    --------    d-----w-    c:\windows\SysWow64\Macromed
2013-05-24 21:12 . 2013-05-24 21:12    --------    d-----w-    c:\windows\system32\Macromed
2013-05-24 21:03 . 2013-06-11 06:10    45056    ----a-w-    c:\windows\system32\acovcnt.exe
2013-05-24 20:33 . 2013-05-24 20:33    --------    d-----w-    c:\program files\Motorola
2013-05-24 19:03 . 2013-05-24 19:03    --------    d-----w-    c:\programdata\IDM
2013-05-24 19:03 . 2013-06-11 05:02    --------    d-----w-    c:\program files (x86)\Internet Download Manager
2013-05-24 19:01 . 2013-05-24 19:01    --------    d-----w-    c:\program files (x86)\Mozilla Maintenance Service
2013-05-24 19:00 . 2013-05-24 19:00    --------    d-----w-    c:\program files\VideoLAN
2013-05-24 19:00 . 2013-05-24 19:00    --------    d-----w-    c:\program files (x86)\Mp3tag
2013-05-24 18:59 . 2013-05-24 18:59    --------    d-----w-    c:\program files\WinRAR
2013-05-24 18:55 . 2013-05-24 22:10    --------    d-----w-    c:\program files\ASUS
2013-05-24 18:55 . 2006-10-09 16:07    183296    ----a-w-    c:\windows\SysWow64\ACEngSvr.exe
2013-05-24 18:54 . 2013-05-24 18:54    --------    d-----w-    c:\program files (x86)\ATK Hotkey
2013-05-24 18:43 . 2013-05-13 22:48    9460464    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{AB6A9D7E-0762-4624-9E3C-E6D9BC5CD149}\mpengine.dll
2013-05-24 18:36 . 2013-04-12 14:45    1656680    ----a-w-    c:\windows\system32\drivers\ntfs.sys
2013-05-24 18:36 . 2013-03-19 06:04    5550424    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-05-24 18:36 . 2013-03-19 05:04    3968856    ----a-w-    c:\windows\SysWow64\ntkrnlpa.exe
2013-05-24 18:36 . 2013-03-19 05:04    3913560    ----a-w-    c:\windows\SysWow64\ntoskrnl.exe
2013-05-24 18:36 . 2013-03-19 05:46    43520    ----a-w-    c:\windows\system32\csrsrv.dll
2013-05-24 18:36 . 2013-03-19 04:47    6656    ----a-w-    c:\windows\SysWow64\apisetschema.dll
2013-05-24 18:36 . 2013-03-19 03:06    112640    ----a-w-    c:\windows\system32\smss.exe
2013-05-24 18:34 . 2013-04-10 06:01    265064    ----a-w-    c:\windows\system32\drivers\dxgmms1.sys
2013-05-24 18:34 . 2013-04-10 06:01    983400    ----a-w-    c:\windows\system32\drivers\dxgkrnl.sys
2013-05-24 18:34 . 2011-02-03 11:25    144384    ----a-w-    c:\windows\system32\cdd.dll
2013-05-24 18:34 . 2013-03-19 05:53    48640    ----a-w-    c:\windows\system32\wwanprotdim.dll
2013-05-24 18:34 . 2013-03-19 05:53    230400    ----a-w-    c:\windows\system32\wwansvc.dll
2013-05-24 18:34 . 2013-02-12 04:12    19968    ----a-w-    c:\windows\system32\drivers\usb8023.sys
2013-05-24 18:34 . 2013-01-24 06:01    223752    ----a-w-    c:\windows\system32\drivers\fvevol.sys
2013-05-24 18:21 . 2013-05-24 18:21    0    ----a-w-    c:\windows\ativpsrm.bin
2013-05-24 18:13 . 2013-05-24 18:13    --------    d-----w-    c:\program files\Realtek
2013-05-24 18:12 . 2013-06-05 10:04    --------    d--h--w-    c:\program files (x86)\InstallShield Installation Information
2013-05-24 18:12 . 2013-06-05 10:05    --------    d--h--w-    c:\program files (x86)\Temp
2013-05-24 18:12 . 2013-01-16 13:02    2079816    ----a-w-    c:\windows\RtlExUpd.dll
2013-05-24 18:12 . 2013-05-24 18:12    --------    d-----w-    c:\program files (x86)\Common Files\InstallShield
2013-05-24 18:11 . 2013-05-24 18:11    --------    d-----w-    c:\program files (x86)\ATI Technologies
2013-05-24 18:11 . 2013-05-24 18:11    --------    d-----w-    c:\program files\ATI
2013-05-24 18:11 . 2013-05-24 18:11    --------    d-----w-    c:\program files\ATI Technologies
2013-05-24 18:07 . 2013-05-29 20:22    --------    d-----w-    c:\users\Machine
2013-05-24 18:07 . 2013-05-24 18:07    --------    d-sh--we    c:\users\Default\Belgelerim
2013-05-24 18:07 . 2013-05-24 18:07    --------    d-sh--we    c:\programdata\Sık Kullanılanlar
2013-05-24 18:07 . 2013-05-24 18:07    --------    d-sh--we    c:\programdata\Belgeler
2013-05-24 18:07 . 2013-05-24 18:07    --------    d-----w-    C:\Recovery
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-02 06:15 . 2012-07-17 11:37    22240    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-03 13:15 . 2013-01-20 22:37    75016696    ----a-w-    c:\windows\system32\MRT.exe
2013-05-01 23:06 . 2010-11-21 03:27    278800    ------w-    c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-05-24 18:40    135168    ----a-w-    c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-24 18:40    350208    ----a-w-    c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-24 18:40    308736    ----a-w-    c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-24 18:40    111104    ----a-w-    c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-24 18:40    474624    ----a-w-    c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-24 18:40    2176512    ----a-w-    c:\windows\apppatch\AcGenral.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-06-04 16:05    222832    ----a-w-    c:\users\Machine\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-06-04 16:05    222832    ----a-w-    c:\users\Machine\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-06-04 16:05    222832    ----a-w-    c:\users\Machine\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
R1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
R2 ASLDRService64;ASLDR Service64;c:\program files (x86)\ATK Hotkey\ASLDRSrv64.exe;c:\program files (x86)\ATK Hotkey\ASLDRSrv64.exe [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe;c:\program files\AVG\AVG2013\avgidsagent.exe [x]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe;c:\program files\AVG\AVG2013\avgwdsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]
R2 WiseBootAssistant;Wise Boot Assistant;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe;c:\program files (x86)\Wise\Wise Care 365\BootTime.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 netw5v64;Windows Vista 64 Bit için Intel(R) Wireless WiFi Link 5000 Serisi Bağdaştırıcı Sürücüsü;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\Drivers\StkCMini.sys;c:\windows\SYSNATIVE\Drivers\StkCMini.sys [x]
R3 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\System32\StkCSrv.exe;c:\windows\SYSNATIVE\StkCSrv.exe [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]
R3 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Etkinleştirme Teknolojileri Hizmeti;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-24 21:12]
.
2013-06-10 c:\windows\Tasks\Wise Turbo Checker.job
- c:\program files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2013-06-10 07:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-06-04 16:05    261744    ----a-w-    c:\users\Machine\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-06-04 16:05    261744    ----a-w-    c:\users\Machine\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-06-04 16:05    261744    ----a-w-    c:\users\Machine\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-11-15 23:07    23496    ----a-w-    c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-03-29 13513288]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com.tr/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Bütün linkleri IDM ile indir - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: IDM ile indir - c:\program files (x86)\Internet Download Manager\IEExt.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Machine\AppData\Roaming\Mozilla\Firefox\Profiles\l0y0d5d8.default\
FF - prefs.js: browser.startup.homepage - www.google.com.tr
FF - ExtSQL: 2013-05-24 22:03; mozilla_cc@internetdownloadmanager.com; c:\users\Machine\AppData\Roaming\IDM\idmmzcc5
FF - ExtSQL: 2013-05-25 00:08; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Machine\AppData\Roaming\Mozilla\Firefox\Profiles\l0y0d5d8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-05-25 00:08; {F53C93F1-07D5-430c-86D4-C9531B27DFAF}; c:\users\Machine\AppData\Roaming\Mozilla\Firefox\Profiles\l0y0d5d8.default\extensions\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}
FF - ExtSQL: 2013-05-26 11:14; client@anonymox.net; c:\users\Machine\AppData\Roaming\Mozilla\Firefox\Profiles\l0y0d5d8.default\extensions\client@anonymox.net.xpi
FF - ExtSQL: 2013-06-04 22:59; dephormation@dephormation.org.uk; c:\users\Machine\AppData\Roaming\Mozilla\Firefox\Profiles\l0y0d5d8.default\extensions\dephormation@dephormation.org.uk.xpi
FF - ExtSQL: 2013-06-10 18:43; translator@zoli.bod; c:\users\Machine\AppData\Roaming\Mozilla\Firefox\Profiles\l0y0d5d8.default\extensions\translator@zoli.bod.xpi
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] [MENTION=83344]Deni[/MENTION]ed: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] [MENTION=83344]Deni[/MENTION]ed: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] [MENTION=83344]Deni[/MENTION]ed: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] [MENTION=83344]Deni[/MENTION]ed: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] [MENTION=83344]Deni[/MENTION]ed: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] [MENTION=83344]Deni[/MENTION]ed: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] [MENTION=83344]Deni[/MENTION]ed: (A) (Users) [MENTION=83344]Deni[/MENTION]ed: (A) (Everyone) [MENTION=53985]allo[/MENTION]wed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] [MENTION=83344]Deni[/MENTION]ed: (Full) (Everyone)
.
Completion time: 2013-06-11  09:45:08
ComboFix-quarantined-files.txt  2013-06-11 06:45
.
Pre-Run: 23.058.796.544 bayt boş
Post-Run: 22.992.089.088 bayt boş
.
- - End Of File - - 60C05C9FEB3A4D2A0CE6383C0942BA8F
A36C5E4F47E84449FF07ED3517B43A31
 
Cevap yazmak için kayıt ol veya giriş yap

Benzer konular

Ahmet Kerem Yücel
Dünya Üzerindeki Gelmiş Geçmiş En Detaylı MCU İzleme,Okuma,Oynama Sıralaması!
Cevaplar
0
Görüntüleme
375
Ahmet Kerem Yücel
Ahmet Kerem Yücel
leonardodavincii
  • Kilitli
Rehber Bios'a virüs bulaşabilir mi? Cevap: Evet! (Kanıt içerir)
Cevaplar
3
Görüntüleme
1K
_Zaur_
_Zaur_
Lord Erenify
Dizi Breaking Bad
Cevaplar
6
Görüntüleme
1K
53'lük Genç
53'lük Genç
HARBİKIZ
Rehber Herkes İhtiyacı Olan W-11 Iso Hazırlayabilir (detaylı anlatım)
Cevaplar
0
Görüntüleme
1K
HARBİKIZ
HARBİKIZ
Eymnee
Soru Yanlış sürücü sıkıntı çıkarır mı?
Cevaplar
0
Görüntüleme
965
Eymnee
Eymnee

SDN Haberleri

Son mesajlar

Üst