oktaybabababa@hotmail.com

Merhaba arkadaşlar, combofix ile tarama yaptım raporum bu şekilde

ComboFix 15-06-30.01 - OKTAY 04.07.2015 16:47:44.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1254.90.1033.18.2047.797 [GMT 3:00]
Running from: c:\users\OKTAY\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2015-06-04 to 2015-07-04 )))))))))))))))))))))))))))))))
.
.
2015-07-04 13:55 . 2015-07-04 13:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-04 13:47 . 2015-07-04 13:47 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EA710474-F7B2-43AA-9BBD-0C18AF8BA41F}\offreg.2768.dll
2015-07-04 13:18 . 2015-07-04 13:21 -------- d-s---w- c:\windows\system32\GWX
2015-07-04 01:03 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2015-07-03 23:52 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2015-07-03 23:52 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\system32\esent.dll
2015-07-03 23:52 . 2011-03-11 05:31 74240 ----a-w- c:\windows\system32\fsutil.exe
2015-07-03 23:52 . 2011-03-11 05:39 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys
2015-07-03 23:52 . 2011-03-11 05:39 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys
2015-07-03 23:52 . 2011-03-11 05:38 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2015-07-03 23:52 . 2011-03-11 05:38 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys
2015-07-03 23:52 . 2011-03-11 05:38 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys
2015-07-03 23:52 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2015-07-03 23:52 . 2015-05-23 03:00 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2015-07-03 23:51 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\explorer.exe
2015-07-03 23:51 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDYAK.DLL
2015-07-03 23:51 . 2015-07-03 23:51 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EA710474-F7B2-43AA-9BBD-0C18AF8BA41F}\offreg.3424.dll
2015-07-03 23:51 . 2014-07-09 01:29 6144 ----a-w- c:\windows\system32\KBDBASH.DLL
2015-07-03 23:51 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\system32\d2d1.dll
2015-07-03 23:16 . 2015-07-03 23:16 -------- d-s---w- c:\windows\system32\CompatTel
2015-07-03 23:16 . 2015-07-03 23:16 -------- d-----w- c:\windows\system32\appraiser
2015-07-03 23:16 . 2015-07-03 23:16 -------- d-----w- c:\windows\Migration
2015-07-03 17:04 . 2015-07-03 17:04 231424 ----a-w- c:\windows\system32\mswsock.dll
2015-07-03 17:04 . 2015-07-03 17:04 49152 ----a-w- c:\windows\system32\taskhost.exe
2015-07-03 16:49 . 2015-07-03 16:49 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EA710474-F7B2-43AA-9BBD-0C18AF8BA41F}\offreg.3988.dll
2015-07-03 16:14 . 2015-06-23 22:23 9252600 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EA710474-F7B2-43AA-9BBD-0C18AF8BA41F}\mpengine.dll
2015-07-03 14:45 . 2012-11-20 13:13 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2015-07-03 14:45 . 2012-11-20 13:13 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2015-07-03 14:45 . 2012-11-20 13:13 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2015-07-03 14:45 . 2012-11-20 13:13 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2015-07-03 14:45 . 2015-07-03 14:45 -------- d-----w- c:\program files\Razer
2015-07-03 14:45 . 2015-07-03 14:45 -------- d-----w- c:\programdata\Razer
2015-07-03 08:16 . 2015-07-02 21:24 -------- d-----w- c:\windows\Panther
2015-07-03 08:15 . 2015-07-03 08:15 -------- d-----w- C:\Boot
2015-07-03 01:31 . 2014-11-11 02:44 186880 ----a-w- c:\windows\system32\pku2u.dll
2015-07-03 01:17 . 2015-01-09 02:48 635904 ----a-w- c:\windows\system32\perftrack.dll
2015-07-03 01:17 . 2015-01-09 02:48 27136 ----a-w- c:\windows\system32\powertracker.dll
2015-07-03 01:17 . 2015-01-09 02:48 76800 ----a-w- c:\windows\system32\wdi.dll
2015-07-03 01:12 . 2013-07-03 03:36 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
2015-07-03 01:12 . 2013-07-03 03:36 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
2015-07-03 01:12 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\system32\wpdshext.dll
2015-07-03 01:12 . 2013-10-04 01:58 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2015-07-03 01:12 . 2013-10-04 01:56 168960 ----a-w- c:\windows\system32\credui.dll
2015-07-03 01:12 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2015-07-03 01:12 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2015-07-03 01:12 . 2011-04-29 02:46 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2015-07-03 01:12 . 2011-04-29 02:46 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2015-07-03 01:12 . 2011-04-29 02:46 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2015-07-03 01:12 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2015-07-03 01:11 . 2014-11-11 01:32 74752 ----a-w- c:\windows\system32\drivers\tdx.sys
2015-07-03 01:11 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll
2015-07-03 01:11 . 2014-10-30 01:45 155136 ----a-w- c:\windows\system32\charmap.exe
2015-07-03 01:04 . 2011-02-18 05:39 31232 ----a-w- c:\windows\system32\prevhost.exe
2015-07-03 01:04 . 2013-10-30 02:19 301568 ----a-w- c:\windows\system32\msieftp.dll
2015-07-03 01:04 . 2014-07-14 01:42 654336 ----a-w- c:\windows\system32\rpcrt4.dll
2015-07-03 01:03 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2015-07-03 01:03 . 2011-10-01 04:37 708608 ----a-w- c:\program files\Common Files\System\wab32.dll
2015-07-03 01:03 . 2011-03-03 05:38 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2015-07-03 01:03 . 2011-03-03 05:36 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2015-07-03 01:03 . 2013-10-19 01:36 159232 ----a-w- c:\windows\system32\imagehlp.dll
2015-07-03 01:03 . 2014-06-16 01:44 730048 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2015-07-03 01:03 . 2014-06-16 01:44 219072 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2015-07-03 01:03 . 2014-06-16 01:40 107520 ----a-w- c:\windows\system32\cdd.dll
2015-07-03 01:01 . 2015-05-25 17:00 2384384 ----a-w- c:\windows\system32\win32k.sys
2015-07-03 01:01 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll
2015-07-03 01:01 . 2011-08-17 04:19 75776 ----a-w- c:\windows\system32\psisrndr.ax
2015-07-03 01:01 . 2011-12-30 05:27 478720 ----a-w- c:\windows\system32\timedate.cpl
2015-07-03 00:58 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2015-07-03 00:57 . 2014-10-04 01:42 3221504 ----a-w- c:\windows\system32\mstscax.dll
2015-07-03 00:57 . 2014-10-04 01:42 131584 ----a-w- c:\windows\system32\aaclient.dll
2015-07-03 00:57 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2015-07-03 00:57 . 2011-07-09 02:30 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2015-07-03 00:57 . 2011-04-27 02:17 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2015-07-03 00:57 . 2011-04-27 02:17 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2015-07-03 00:56 . 2014-09-04 05:04 372736 ----a-w- c:\windows\system32\rastls.dll
2015-07-03 00:56 . 2011-08-27 04:26 233472 ----a-w- c:\windows\system32\oleacc.dll
2015-07-03 00:55 . 2014-01-28 02:07 185344 ----a-w- c:\windows\system32\wwansvc.dll
2015-07-03 00:55 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2015-07-03 00:55 . 2015-04-11 03:07 54656 ----a-w- c:\windows\system32\drivers\stream.sys
2015-07-03 00:55 . 2013-04-26 04:55 492544 ----a-w- c:\windows\system32\win32spl.dll
2015-07-03 00:55 . 2015-03-04 04:16 249784 ----a-w- c:\windows\system32\clfs.sys
2015-07-03 00:55 . 2015-03-04 04:10 58880 ----a-w- c:\windows\system32\clfsw32.dll
2015-07-03 00:55 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe
2015-07-03 00:55 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll
2015-07-03 00:54 . 2011-05-03 04:30 741376 ----a-w- c:\windows\system32\inetcomm.dll
2015-07-03 00:54 . 2013-08-28 00:57 434688 ----a-w- c:\windows\system32\scavengeui.dll
2015-07-03 00:54 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2015-07-03 00:54 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2015-07-03 00:54 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2015-07-03 00:54 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2015-07-03 00:53 . 2015-01-17 02:30 828928 ----a-w- c:\windows\system32\msctf.dll
2015-07-03 00:53 . 2014-02-04 02:07 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2015-07-03 00:53 . 2014-02-04 02:07 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2015-07-03 00:53 . 2014-02-04 02:07 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2015-07-03 00:53 . 2014-02-04 02:00 2048 ----a-w- c:\windows\system32\iologmsg.dll
2015-07-03 00:53 . 2015-01-31 03:32 919552 ----a-w- c:\windows\system32\rdpcorets.dll
2015-07-03 00:53 . 2015-01-31 02:52 134656 ----a-w- c:\windows\system32\rdpudd.dll
2015-07-03 00:53 . 2015-01-31 02:51 15872 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2015-07-03 00:52 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2015-07-03 00:52 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2015-07-03 00:52 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2015-07-03 00:52 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2015-07-03 00:52 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2015-07-03 00:52 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2015-07-03 00:52 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2015-07-03 00:52 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2015-07-03 00:52 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2015-07-03 00:52 . 2015-03-05 04:06 305152 ----a-w- c:\windows\system32\gdi32.dll
2015-07-03 00:47 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2015-07-03 00:47 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll
2015-07-03 00:47 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll
2015-07-03 00:43 . 2015-04-18 02:56 342016 ----a-w- c:\windows\system32\certcli.dll
2015-07-03 00:43 . 2014-06-03 09:29 1805824 ----a-w- c:\windows\system32\authui.dll
2015-07-03 00:43 . 2014-06-03 09:30 101824 ----a-w- c:\windows\system32\consent.exe
2015-07-03 00:43 . 2014-06-03 09:29 337408 ----a-w- c:\windows\system32\msihnd.dll
2015-07-03 00:42 . 2014-08-01 11:35 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2015-07-03 00:41 . 2013-10-04 01:17 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
2015-07-03 00:41 . 2013-10-04 01:49 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2015-07-03 00:40 . 2015-04-13 03:19 259072 ----a-w- c:\windows\system32\services.exe
2015-07-03 00:40 . 2014-06-06 09:44 509440 ----a-w- c:\windows\system32\qedit.dll
2015-07-03 00:40 . 2014-04-05 02:25 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2015-07-03 00:40 . 2014-04-05 02:24 187840 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2015-07-03 00:40 . 2013-11-26 11:11 240576 ----a-w- c:\windows\system32\drivers\netio.sys
2015-07-03 00:39 . 2014-05-30 06:36 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2015-07-03 00:39 . 2014-06-18 22:23 156824 ----a-w- c:\windows\system32\mscorier.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" [2013-12-06 747264]
"RazerGameBooster"="c:\program files\Razer\Razer Game Booster\RazerGameBooster.exe" [2013-11-22 61152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-07-03 102912]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2015-01-31 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys [x]
R3 xspirit;xspirit;c:\windows\xspirit.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-12-06 209408]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 RzKLService;RzKLService;c:\program files\Razer\Razer Game Booster\RzKLService.exe [2013-11-22 105448]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-09-24 77312]
S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-07-13 657408]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-02 22:20 990024 ----a-w- c:\program files\Google\Chrome\Application\43.0.2357.130\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-07-02 22:19]
.
2015-07-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-07-02 22:19]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.joygame.com/games.aspx?g=2001
TCP: DhcpNameServer = 192.168.1.1 0.0.0.0
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1212)
c:\program files\Razer\Razer Game Booster\EasyHook32.dll
.
Completion time: 2015-07-04 16:58:41
ComboFix-quarantined-files.txt 2015-07-04 13:58
.
Pre-Run: 57.099.911.168 bytes free
Post-Run: 57.073.995.776 bytes free
.
- - End Of File - - 3D0C5D2F654C9DAD5DC705C45D9A59E5
A36C5E4F47E84449FF07ED3517B43A31

Benzer içerikler