Şimdi Ara

Combofix Log'unu ne yapacağım ?

Sıcak Fırsatlarda Tıklananlar

Editörün Seçtiği Fırsatlar

GÖNBELER 1 Kg - Dana Eti Sucuk Afyonkarahisar - %100 Dana Eti : Amazon.com.tr: Gıda Ürünleri https://www.amazon.com.tr/dp/B0C17NBTTX 6 gün önce paylaşıldı

KARACA MOMENTUM DİLİMLEME BIÇAĞI : Amazon.com.tr: Mutfak https://www.amazon.com.tr/dp/B0C7C2KD5Y 9 sa. önce paylaşıldı

Salomon Techamphibian 5 Su AyakkabısıErkek : Amazon.com.tr: Moda https://www.amazon.com.tr/dp/B0BS9QNBVF 13 sa. önce paylaşıldı

Daha Fazla

Bu Konudaki Kullanıcılar: Daha Az

2 Misafir - 2 Masaüstü

5 sn

5
Cevap

0
Favori

2.843
Tıklama

Daha Fazla
İstatistik

Konu İstatistikleri Yükleniyor

Konuya Özel

0 oy

Öne Çıkar

Cevapla

Sayfa: 1

Giriş

Mesaj

Arkadaşlar bir sorunla karşı karşıyayım bazı arkadaşlarım combofix indir tarat falan dediler.Yaptım.

Log dosyası acıldı en son.Onu ne yapacağım ? Lütfen yardımcı olur musunuz ?

ComboFix 10-02-01.03 - Etq 02.02.2010  13:48:43.1.2 - x86 
  Microsoft Windows XP Professional  5.1.2600.2.1254.90.1055.18.503.329 [GMT 2:00] 
  Running from: c:\documents and settings\Etq\Desktop\ComboFix.exe 
  . 
   
  (((((((((((((((((((((((((((((((((((((((   Other Deletions   ))))))))))))))))))))))))))))))))))))))))))))))))) 
  . 
   
  c:\windows\system32\scrrntr.dll 
  c:\windows\TEMP\uqa1.tmp 
   
  . 
  (((((((((((((((((((((((((   Files Created from 2010-01-02 to 2010-02-02  ))))))))))))))))))))))))))))))) 
  . 
   
  2010-02-02 11:15 . 2010-02-02 11:15	--------	d-----w-	C:\GamersFirst 
   
  . 
  ((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))) 
  . 
  2010-02-02 08:58 . 2010-02-02 08:29	--------	d-----w-	c:\program files\Valve 
  2010-02-02 08:57 . 2010-02-02 08:56	--------	d-----w-	c:\program files\sXe Injected 
  2010-02-02 08:54 . 2010-02-02 08:24	--------	d-----w-	c:\documents and settings\All Users\Application Data\Messenger Plus! 
  2010-02-02 08:45 . 2010-02-02 08:34	--------	d-----w-	c:\documents and settings\All Users\Application Data\NOS 
  2010-02-02 08:35 . 2010-02-02 08:35	--------	d-----w-	c:\documents and settings\All Users\Application Data\McAfee Security Scan 
  2010-02-02 08:35 . 2010-02-02 08:35	--------	d-----w-	c:\documents and settings\All Users\Application Data\McAfee 
  2010-02-02 08:35 . 2010-02-02 08:35	--------	d-----w-	c:\program files\McAfee Security Scan 
  2010-02-02 08:35 . 2010-02-02 08:34	1203678	----a-w-	c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\SecurityScan_Release.exe 
  2010-02-02 08:33 . 2010-02-02 08:33	--------	d-----w-	c:\program files\Google 
  2010-02-02 08:29 . 2010-02-02 08:29	--------	d-----w-	c:\program files\Documents and Settings 
  2010-02-02 08:24 . 2010-02-02 08:24	--------	d-----w-	c:\program files\Conduit 
  2010-02-02 08:24 . 2010-02-02 08:24	--------	d-----w-	c:\program files\Messenger_Plus_Live 
  2010-02-02 08:24 . 2010-02-02 08:24	--------	d-----w-	c:\program files\Messenger Plus! Live 
  2010-02-02 08:21 . 2010-02-02 08:11	12912	----a-w-	c:\documents and settings\Etq\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 
  2010-02-02 08:21 . 2010-02-02 08:21	--------	d-----w-	c:\program files\Microsoft 
  2010-02-02 08:21 . 2010-02-02 08:21	--------	d-----w-	c:\program files\Windows Live 
  2010-02-02 08:21 . 2010-02-02 08:21	--------	d-----w-	c:\program files\Windows Live SkyDrive 
  2010-02-02 08:18 . 2010-02-02 08:18	--------	d-----w-	c:\program files\Common Files\Windows Live 
  2010-02-02 08:13 . 2010-02-02 08:13	--------	d-----w-	c:\program files\Realtek AC97 
  2010-02-02 08:13 . 2010-02-02 08:06	--------	d--h--w-	c:\program files\InstallShield Installation Information 
  2010-02-02 08:13 . 2010-02-02 08:05	--------	d-----w-	c:\program files\Common Files\InstallShield 
  2010-02-02 08:11 . 2010-02-02 08:11	--------	d-----w-	c:\documents and settings\Etq\Application Data\ATI 
  2010-02-02 08:11 . 2010-02-02 08:11	126	----a-w-	c:\documents and settings\Etq\Local Settings\Application Data\fusioncache.dat 
  2010-02-02 08:10 . 2010-02-02 08:10	--------	d-----w-	c:\program files\Common Files\ATI Technologies 
  2010-02-02 08:08 . 2010-02-02 08:06	--------	d-----w-	c:\program files\ATI Technologies 
  2010-02-02 08:08 . 2001-11-22 12:00	61302	----a-w-	c:\windows\system32\perfc01F.dat 
  2010-02-02 08:08 . 2001-11-22 12:00	368944	----a-w-	c:\windows\system32\perfh01F.dat 
  2010-02-02 07:59 . 2010-02-02 07:59	--------	d-----w-	c:\program files\microsoft frontpage 
  2010-02-02 07:58 . 2010-02-02 07:58	86327	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat 
  2010-02-02 07:55 . 2010-02-02 07:55	21736	----a-w-	c:\windows\system32\emptyregdb.dat 
  2010-01-18 06:30 . 2010-01-18 06:30	348160	----a-w-	c:\windows\system32\msvcr71.dll 
  2010-01-18 06:30 . 2010-01-18 06:30	499712	----a-w-	c:\windows\system32\msvcp71.dll 
  . 
   
  (((((((((((((((((((((((((((((((((((((   Reg Loading Points   )))))))))))))))))))))))))))))))))))))))))))))))))) 
  . 
  . 
  *Note* empty entries & legit default entries are not shown  
  REGEDIT4 
   
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] 
  "{9b339f6e-ddcd-401b-8764-230adbd01761}"= "c:\program files\Messenger_Plus_Live\tbMess.dll" [2009-12-31 2349080] 
   
  [HKEY_CLASSES_ROOT\clsid\{9b339f6e-ddcd-401b-8764-230adbd01761}] 
   
  [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9b339f6e-ddcd-401b-8764-230adbd01761}] 
  2009-12-31 09:53	2349080	----a-w-	c:\program files\Messenger_Plus_Live\tbMess.dll 
   
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] 
  "{9b339f6e-ddcd-401b-8764-230adbd01761}"= "c:\program files\Messenger_Plus_Live\tbMess.dll" [2009-12-31 2349080] 
   
  [HKEY_CLASSES_ROOT\clsid\{9b339f6e-ddcd-401b-8764-230adbd01761}] 
   
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] 
  "{9B339F6E-DDCD-401B-8764-230ADBD01761}"= "c:\program files\Messenger_Plus_Live\tbMess.dll" [2009-12-31 2349080] 
   
  [HKEY_CLASSES_ROOT\clsid\{9b339f6e-ddcd-401b-8764-230adbd01761}] 
   
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
  "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 4061658] 
  "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-02 39408] 
   
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
  "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056] 
  "SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536] 
   
  [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] 
  "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] 
   
  c:\documents and settings\All Users\Start Menu\Programlar\BaŸlang‡\ 
  McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] 
   
  [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] 
  "%windir%\\system32\\sessmgr.exe"= 
  "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= 
  "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= 
  "c:\\Program Files\\Valve\\hl.exe"= 
   
  S3 ddsxeiservice;ddsxeiservice2;c:\program files\sXe Injected\ddsxei.sys [02.02.2010 01:48 93056] 
  S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15.01.2010 14:49 404954] 
  . 
  . 
  ------- Supplementary Scan ------- 
  . 
  uStart Page = hxxp://search.localstrike.com.ar/ 
  uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 
  mStart Page = hxxp://search.localstrike.com.ar/ 
  uSearchAssistant = hxxp://www.google.com/ie 
  uSearchURL,(Default) = hxxp://www.google.com/search?q=%s 
  IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html 
  TCP: {5A185248-0A96-4CAE-A3A8-DC474F61FBE2} = 208.67.222.222,208.67.220.220 
  . 
   
  ************************************************************************** 
   
  catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,http://www.gmer.net 
  Rootkit scan 2010-02-02 13:54 
  Windows 5.1.2600 Service Pack 2 NTFS 
   
  scanning hidden processes ...   
   
  scanning hidden autostart entries ...  
   
  scanning hidden files ...   
   
  scan completed successfully 
  hidden files: 0 
   
  ************************************************************************** 
  . 
  --------------------- DLLs Loaded Under Running Processes --------------------- 
   
  - - - - - - - > 'winlogon.exe'(528) 
  c:\windows\system32\Ati2evxx.dll 
  . 
  ------------------------ Other Running Processes ------------------------ 
  . 
  c:\windows\system32\Ati2evxx.exe 
  c:\windows\system32\Ati2evxx.exe 
  c:\windows\system32\wscntfy.exe 
  . 
  ************************************************************************** 
  . 
  Completion time: 2010-02-02  13:55:06 - machine was rebooted 
  ComboFix-quarantined-files.txt  2010-02-02 11:55 
   
  Pre-Run: 74.232.819.712 bayt boş 
  Post-Run: 74.329.858.048 bayt boş 
   
  WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe 
  [boot loader] 
  timeout=2 
  default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS 
  [operating systems] 
  c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons 
  multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 
   
  - - End Of File - - D3F0A81FE43D386B86F2672CFDFDD965

Buda log'um.

bilsisco

Yüzbaşı

384 Mesaj

Tüm Başarılarını Gör

DownFast

Yüzbaşı

291 Mesaj

Tüm Başarılarını Gör

benim combofix logum incelerseniz teşekkürler:
ComboFix 11-08-31.05 - KULLANICI ADI 01.09.2011 12:30:33.2.2 - x86 MINIMAL
Microsoft Windows 7 Starter 6.1.7600.0.1254.90.1055.18.1789.1296 [GMT 3:00]
Running from: c:\users\KULLANICI ADI\Desktop\ComboFix.exe
AV: COMODO Antivirus *Enabled/Updated* {7554F4C5-5EC0-2FC6-8192-8DF831DBED51}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\system32\x86
c:\windows\system32\x86\chklogo6.exe
c:\windows\system32\x86\chklogo6.wtl
c:\windows\system32\x86\chklogo6_faileddrivers.txt
c:\windows\system32\x86\wttlog.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-08-01 to 2011-09-01 )))))))))))))))))))))))))))))))
.
.
2011-09-01 09:33 . 2011-09-01 09:33 -------- d-----w- c:\users\KULLANICI ADI\AppData\Local\temp
2011-09-01 09:21 . 2011-09-01 09:21 -------- d-----r- c:\users\Public
2011-09-01 09:15 . 2011-09-01 09:15 -------- d-----w- c:\users\KULLANICI ADI\AppData\Local\COMODO
2011-09-01 09:05 . 2011-09-01 09:05 -------- d-----w- C:\VritualRoot
2011-08-31 20:16 . 2011-08-31 20:16 -------- dc-h--w- c:\programdata\{BABF6F4E-3651-4AC1-876A-46BE5B95D594}
2011-08-31 17:23 . 2011-08-31 18:32 -------- d-----w- c:\programdata\PopCap Games
2011-08-31 17:23 . 2011-08-31 18:32 -------- d-----w- c:\program files\PopCap Games
2011-08-31 12:12 . 2011-08-31 16:01 -------- d-----w- c:\programdata\Comodo
2011-08-31 12:12 . 2011-08-31 12:19 -------- d-----w- c:\program files\COMODO
2011-08-31 12:10 . 2011-08-31 12:12 -------- d-----w- c:\programdata\Comodo Downloader
2011-08-26 11:21 . 2009-08-28 02:33 228784 ----a-w- c:\windows\system32\drivers\SynTP.sys
2011-08-26 11:21 . 2009-08-28 02:32 120104 ----a-w- c:\windows\system32\SynTPCo4.dll
2011-08-26 11:21 . 2009-08-28 02:32 161064 ----a-w- c:\windows\system32\SynTPAPI.dll
2011-08-26 11:21 . 2009-08-28 02:32 206120 ----a-w- c:\windows\system32\SynCtrl.dll
2011-08-26 11:21 . 2009-08-07 01:49 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2011-08-26 11:21 . 2009-08-28 02:32 169256 ----a-w- c:\windows\system32\SynCOM.dll
2011-08-26 11:19 . 2011-08-26 11:19 125 ----a-w- c:\windows\xUninstall.bat
2011-08-26 11:18 . 2009-09-23 02:25 120432 ----a-w- c:\windows\system32\drivers\jmcr.sys
2011-08-26 11:18 . 2011-08-26 20:41 -------- d-----w- c:\windows\JMCR_DIR
2011-08-26 11:17 . 2005-04-03 20:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2011-08-26 11:17 . 2005-04-03 20:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2011-08-26 11:17 . 2005-04-03 20:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2011-08-26 11:17 . 2005-04-03 20:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2011-08-26 11:17 . 2005-04-03 19:59 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-08-26 11:17 . 2011-08-26 11:17 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2011-08-26 11:17 . 2011-08-26 11:17 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-08-25 12:20 . 2011-08-26 11:06 -------- dc----w- c:\programdata\{A269F35F-278A-4343-BE66-64698EED33E3}
2011-08-18 13:30 . 2011-08-26 11:07 -------- d-----w- c:\program files\Microsoft Security Essentials
2011-08-09 14:30 . 2011-08-26 20:41 -------- d--h--w- c:\programdata\{39448D14-6F91-434E-9F7F-270990A869D3}
2011-08-07 11:00 . 2011-08-07 11:00 -------- d-----w- c:\users\KULLANICI ADI\AppData\Roaming\GlarySoft
2011-08-06 21:07 . 2011-08-06 21:07 -------- d-----w- c:\program files\Glarysoft
2011-08-04 12:26 . 2011-08-31 20:14 -------- d-----w- c:\users\KULLANICI ADI\AppData\Local\Adobe
2011-08-02 15:22 . 2011-08-02 15:22 -------- d-----w- c:\program files\ElcomSoft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-03 11:55 . 2011-08-01 09:10 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-01 20:03 . 2011-08-01 20:03 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-08-01 20:03 . 2011-08-01 20:03 1060864 ----a-w- c:\windows\system32\mfc71.dll
2011-07-30 11:30 . 2011-07-30 11:30 388096 ----a-r- c:\users\KULLANICI ADI\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-07-30 11:30 . 2011-07-30 11:30 388096 ----a-r- c:\users\KULLANICI ADI\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-07-20 06:44 . 2011-07-30 13:46 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A076BAC3-797E-4147-9B18-5EF00BCAFC53}\mpengine.dll
2011-07-05 09:40 . 2011-07-05 09:40 365376 ----a-w- c:\windows\system32\drivers\krnl_akl.sys
2011-06-30 06:38 . 2011-06-30 06:38 82400 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-06-30 06:38 . 2011-06-30 06:38 37592 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-06-30 06:38 . 2011-06-30 06:38 238960 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-06-30 06:38 . 2011-06-30 06:38 19088 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-06-30 06:37 . 2011-06-30 06:37 285256 ----a-w- c:\windows\system32\guard32.dll
2009-10-01 14:43 . 2009-10-13 18:40 26739584 ----a-w- c:\program files\Adobe Acrobat Reader.exe
2011-06-16 04:56 . 2011-08-03 18:49 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"SiSTray"="c:\program files\SiS VGA Utilities\SiSTray.exe" [2009-09-04 552960]
"HotkeyOSD Software"="c:\program files\Hotkey\HotKey.exe" [2008-07-25 1351680]
"AntiLogger"="c:\program files\AntiLogger\AntiLogger.exe" [2011-07-14 2885064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-08-28 1557800]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-30 2554696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti-keylogger]
2011-07-05 09:40 399168 ----a-w- c:\program files\Anti-keylogger\Anti-keylogger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BisonHK]
2008-03-25 12:46 77824 ----a-w- c:\windows\BisonCam\BisonHK.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-01-15 14:20 103720 ----a-w- c:\program files\CyberLink\Power2Go\CLMLSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeLay]
2008-03-11 14:08 53248 ----a-w- c:\windows\BisonCam\DeLay.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 13:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Go_Menu]
2008-01-04 08:02 222504 ----a-w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2007-03-14 18:01 71216 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2009-08-28 02:32 1557800 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
R1 AntiLog32;AntiLog32;c:\program files\AntiLogger\AntiLog32.sys [2011-07-14 121560]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-06-30 238960]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-06-30 37592]
R1 krnl_akl;Anti-keylogger Kernel Service;c:\windows\system32\drivers\krnl_akl.sys [2011-07-05 365376]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
R2 PowerBiosServer;PowerBiosServer;c:\program files\Hotkey\PowerBiosServer.exe [2008-07-10 36864]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-09-23 120432]
R3 RTL8167;Realtek 8167 NT Sürücüsü;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-08-12 376320]
R3 SiS6350;SiS6350;c:\windows\system32\DRIVERS\SISGRKMD.sys [2009-09-04 464384]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Aygıtı NDIS 6.0 Sürücüsü;c:\windows\system32\DRIVERS\SiSGB6.sys [2009-07-13 48128]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2011-06-30 19088]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.tr/
IE: Microsoft Excel'e &Ver - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\KULLANICI ADI\AppData\Roaming\Mozilla\Firefox\Profiles\fdda5gs5.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.tr/
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
MSConfigStartUp-CPA - c:\program files\COMODO\COMODO GeekBuddy\VALA.exe
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
AddRemove-{26604C7E-A313-4D12-867F-7C6E7820BE4C} - c:\program files\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vsdatant]
"ImagePath"=""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-09-01 12:34:30
ComboFix-quarantined-files.txt 2011-09-01 09:34
.
Pre-Run: 89.507.270.656 bayt boş
Post-Run: 89.453.539.328 bayt boş
.
- - End Of File - - 13791B5CF5202472C108E44AEF10B364

Sayfa: 1

Benzer içerikler

Ip işlemleri

Bu mesaj IP'si ile atılan mesajları ara Bu kullanıcının son IP'si ile atılan mesajları ara Bu mesaj IP'si ile kullanıcı ara Bu kullanıcının son IP'si ile kullanıcı ara

KAPAT X

%40
Kazan

%2,8
Kazan

%6,5
Kazan

%25
Kazan

%1,6
Kazan

%3,2
Kazan

%5,5
Kazan

%3,2
Kazan

%5
Kazan

%3,2
Kazan

%5
Kazan

%2
Kazan

Alışveriş Yaptıkça Para Kazan Harekete Geç »