Üye Girişi
Bağlan Google+ ile Bağlan Facebook ile Bağlan
Yeni Kayıt
Tüm Forumlar
  • Tüm Forumlar
  • İşletim Sistemleri ve Yazılımlar
  • Yazılım Genel
  • Güvenlik Programları
  • Bu Konuda
Şimdi Ara

combofix log yardım?

Sıcak Fırsatlarda Tıklananlar
Editörün Seçtiği Fırsatlar
Daha Fazla
Bu Konudaki Kullanıcılar: Daha Az
1 Misafir - 1 Masaüstü
5 sn
5
Cevap
0
Favori
1.662
Tıklama
Daha Fazla
İstatistik
  • Konu İstatistikleri Yükleniyor
Konuya Özel
0 oy
Öne Çıkar
Cevapla
Sayfa: 1
Giriş
Mesaj
  • arkadaslar ben bi internet kafeye format attım ama pc ye trojen atmış olabilir diye combofixle tarattım ama sonucu anlayamadım :D bi yardım edin buda log

    ComboFix 10-08-27.03 - ömer 29.08.2010 1:32.1.2 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1254.90.1055.18.2047.1591 [GMT 3:00]
    Running from: d:\lazim\18628-ComboFix-180610.exe
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\system32\scrrntr.dll
    D:\x3xh.exe

    .
    ((((((((((((((((((((((((( Files Created from 2010-07-28 to 2010-08-28 )))))))))))))))))))))))))))))))
    .

    2010-08-28 16:09 . 2009-06-10 10:33 457248 ----a-w- c:\windows\system32\nvudisp.exe
    2010-08-28 16:09 . 2009-06-04 13:39 457248 ----a-w- c:\windows\system32\NVUNINST.EXE
    2010-08-26 21:17 . 2010-08-26 21:17 410984 ----a-w- c:\windows\system32\deploytk.dll
    2010-08-26 21:17 . 2010-08-26 21:17 -------- d-----w- c:\program files\Java
    2010-08-26 21:16 . 2010-08-26 21:17 -------- d-----w- c:\program files\LimeWire
    2010-08-26 14:48 . 2009-10-20 16:20 265728 -c----w- c:\windows\system32\dllcache\http.sys
    2010-08-26 14:34 . 2010-08-26 14:34 -------- d-----w- c:\program files\TeamViewer
    2010-08-25 21:36 . 2010-08-25 21:37 -------- d-----w- c:\program files\Valve
    2010-08-25 21:22 . 2010-08-25 21:22 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Codemasters
    2010-08-25 21:21 . 2009-07-13 16:04 839680 ----a-w- c:\windows\system32\mkl_vml_p4.dll
    2010-08-25 21:21 . 2009-07-13 16:04 532480 ----a-w- c:\windows\system32\mkl_vml_p3.dll
    2010-08-25 21:21 . 2009-07-13 16:04 512000 ----a-w- c:\windows\system32\mkl_vml_def.dll
    2010-08-25 21:21 . 2009-07-13 16:04 3485696 ----a-w- c:\windows\system32\mkl_p4.dll
    2010-08-25 21:21 . 2009-07-13 16:04 2793472 ----a-w- c:\windows\system32\mkl_p3.dll
    2010-08-25 21:21 . 2009-07-13 16:04 2174976 ----a-w- c:\windows\system32\mkl_lapack32.dll
    2010-08-25 21:21 . 2009-07-13 16:04 2125824 ----a-w- c:\windows\system32\mkl_lapack64.dll
    2010-08-25 21:21 . 2009-10-16 08:19 872448 ----a-w- c:\windows\system32\rapture3d_oal.dll
    2010-08-25 21:21 . 2009-07-13 16:04 2441216 ----a-w- c:\windows\system32\mkl_def.dll
    2010-08-25 21:21 . 2009-07-13 16:04 184320 ----a-w- c:\windows\system32\libguide40.dll
    2010-08-25 20:55 . 2010-08-25 20:55 -------- d-----w- c:\program files\Codemasters
    2010-08-25 20:50 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
    2010-08-25 20:50 . 2010-08-25 20:50 -------- d-----w- C:\4dc44fcaf6df5e1a08863bc8aad4
    2010-08-25 20:48 . 2010-08-25 20:48 -------- d-----w- C:\0c22d3df87ad16071bce98f05a
    2010-08-25 20:48 . 2010-08-25 20:48 -------- d-----w- C:\a9b16186ef45887ade9a
    2010-08-25 20:31 . 2006-08-01 07:02 49152 ------r- c:\windows\system32\ChCfg.exe
    2010-08-25 20:30 . 2010-08-25 20:30 315392 ----a-w- c:\windows\HideWin.exe
    2010-08-25 20:30 . 2007-07-26 09:09 520192 ------r- c:\windows\RtlExUpd.dll
    2010-08-25 20:29 . 2007-08-01 03:39 12536 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS
    2010-08-25 20:18 . 2006-06-14 10:44 12288 ----a-r- c:\windows\system32\drivers\EIO_XP.sys
    2010-08-25 20:16 . 2010-08-25 20:16 12288 ----a-w- c:\windows\system32\drivers\EIO64_xp.sys
    2010-08-25 20:08 . 2004-07-09 01:26 354816 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll
    2010-08-25 20:08 . 2004-07-09 01:26 354816 ----a-w- c:\windows\system32\psisdecd.dll
    2010-08-25 20:08 . 2004-07-09 01:26 52096 -c--a-w- c:\windows\system32\dllcache\msdv.sys
    2010-08-25 20:08 . 2004-07-09 01:26 52096 ----a-w- c:\windows\system32\drivers\msdv.sys
    2010-08-25 20:08 . 2004-07-09 01:26 15104 -c--a-w- c:\windows\system32\dllcache\mpe.sys
    2010-08-25 20:08 . 2004-07-09 01:26 15104 ----a-w- c:\windows\system32\drivers\mpe.sys
    2010-08-25 20:08 . 2004-07-09 01:26 11392 -c--a-w- c:\windows\system32\dllcache\bdasup.sys
    2010-08-25 20:08 . 2004-07-09 01:26 11392 ----a-w- c:\windows\system32\drivers\bdasup.sys
    2010-08-25 20:08 . 2002-12-11 21:14 46592 ----a-w- c:\windows\system32\dxdllreg.exe
    2010-08-25 20:08 . 2002-08-29 00:41 31744 -c--a-w- c:\windows\system32\dllcache\pid.dll
    2010-08-25 20:08 . 2006-12-28 03:44 84992 ----a-r- c:\windows\system32\drivers\AtiHdAud.sys
    2010-08-25 19:57 . 2008-04-13 11:45 6272 ----a-w- c:\windows\system32\drivers\splitter.sys
    2010-08-25 19:57 . 2008-04-13 09:39 142592 ----a-w- c:\windows\system32\drivers\aec.sys
    2010-08-25 19:57 . 2008-04-13 11:45 56576 ----a-w- c:\windows\system32\drivers\swmidi.sys
    2010-08-25 19:57 . 2008-04-13 11:45 52864 ----a-w- c:\windows\system32\drivers\DMusic.sys
    2010-08-25 19:57 . 2008-04-13 11:39 7552 ----a-w- c:\windows\system32\drivers\MSKSSRV.sys
    2010-08-25 19:57 . 2008-04-13 11:45 2944 ----a-w- c:\windows\system32\drivers\drmkaud.sys
    2010-08-25 19:57 . 2008-04-13 11:39 4992 ----a-w- c:\windows\system32\drivers\MSPQM.sys
    2010-08-25 19:57 . 2008-04-13 12:17 83072 ----a-w- c:\windows\system32\drivers\wdmaud.sys
    2010-08-25 19:57 . 2008-04-13 11:39 5376 ----a-w- c:\windows\system32\drivers\MSPCLOCK.sys
    2010-08-25 19:57 . 2008-04-13 12:15 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys
    2010-08-25 19:57 . 2008-04-13 11:45 172416 ----a-w- c:\windows\system32\drivers\kmixer.sys
    2010-08-25 19:56 . 2001-08-17 20:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
    2010-08-25 19:56 . 2008-03-21 11:35 146048 -c--a-w- c:\windows\system32\dllcache\portcls.sys
    2010-08-25 19:56 . 2008-03-21 11:35 146048 ----a-w- c:\windows\system32\drivers\portcls.sys
    2010-08-25 19:56 . 2002-12-11 21:14 4096 ----a-w- c:\windows\system32\ksuser.dll
    2010-08-25 19:56 . 2008-04-13 08:45 60160 -c--a-w- c:\windows\system32\dllcache\drmk.sys
    2010-08-25 19:56 . 2008-04-13 08:45 60160 ----a-w- c:\windows\system32\drivers\drmk.sys
    2010-08-25 19:56 . 2008-04-14 08:36 57600 ----a-w- c:\windows\system32\drivers\redbook.sys
    2010-08-25 19:56 . 2010-08-25 19:56 0 ----a-w- c:\windows\ativpsrm.bin
    2010-08-25 19:55 . 2006-07-11 18:38 110592 ----a-w- c:\windows\system32\drivers\nvtcp.sys
    2010-08-25 19:55 . 2006-06-29 12:40 208896 ----a-w- c:\windows\system32\nvunrm.exe
    2010-08-25 19:55 . 2008-04-14 09:00 74240 ----a-w- c:\windows\system32\usbui.dll
    2010-08-25 19:39 . 2008-05-02 09:11 235131 ----a-w- C:\pmtimer.exe
    2010-08-25 19:39 . 2008-05-02 09:11 282725 ----a-w- C:\DSPdsblr.exe
    2010-08-25 19:39 . 2008-05-02 09:11 364721 ----a-w- C:\DPsFnshr.exe
    2010-08-25 19:39 . 2008-04-08 10:46 55808 ----a-w- C:\devcon.exe
    2010-08-25 19:39 . 2008-04-08 10:46 20992 ----a-w- C:\makePNF.exe
    2010-08-25 19:39 . 2008-04-08 10:46 137728 ----a-w- C:\mute.exe
    2010-08-25 19:39 . 2005-04-12 23:21 22240 ----a-w- c:\windows\system32\drivers\WmFilter.sys
    2010-08-25 19:38 . 2006-07-19 11:27 13568 ----a-w- c:\windows\system32\drivers\L8042Kbd.sys
    2010-08-25 19:28 . 2008-02-26 08:01 4737024 ------r- c:\windows\system32\drivers\RtkHDAud.sys
    2010-08-25 19:28 . 2007-05-14 08:12 3526464 ----a-w- c:\windows\system32\drivers\RtHDMI.sys
    2010-08-25 19:28 . 2007-11-20 10:15 1826816 ------r- c:\windows\SkyTel.exe
    2010-08-25 19:28 . 2007-11-07 09:31 1191936 ------r- c:\windows\RtlUpd.exe
    2010-08-25 19:28 . 2007-03-23 11:19 9715200 ------r- c:\windows\RTLCPL.exe
    2010-08-25 19:28 . 2006-07-21 08:14 86016 ------r- c:\windows\SoundMan.exe
    2010-08-25 19:28 . 2008-02-19 07:34 16858112 ------r- c:\windows\RTHDCPL.exe
    2010-08-25 19:28 . 2007-06-28 08:44 2165760 ------r- c:\windows\MicCal.exe
    2010-08-25 19:28 . 2007-01-16 08:39 1191936 ----a-w- c:\windows\RtkUpd.exe
    2010-08-25 19:28 . 2006-05-04 08:26 2808832 ------r- c:\windows\alcwzrd.exe
    2010-08-25 19:28 . 2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe
    2010-08-25 19:26 . 2006-07-11 18:37 261632 ----a-w- c:\windows\system32\drivers\nvsnpu.sys
    2010-08-25 19:26 . 2006-07-11 18:38 20480 ----a-w- c:\windows\system32\drivers\nvnetbus.sys
    2010-08-25 19:26 . 2006-07-11 18:38 57856 ----a-w- c:\windows\system32\drivers\NVENETFD.sys
    2010-08-25 19:26 . 2006-07-11 18:38 1160448 ----a-w- c:\windows\system32\drivers\nvnrm.sys
    2010-08-25 19:26 . 2006-07-11 18:36 201728 ----a-w- c:\windows\system32\fdco1ins.dll
    2010-08-25 19:26 . 2006-07-11 18:36 201728 ----a-w- c:\windows\system32\fdco1.dll
    2010-08-25 19:26 . 2006-06-29 12:40 35840 ----a-w- c:\windows\system32\nvconrm.dll
    2010-08-25 19:26 . 2006-07-11 18:36 11264 ----a-w- c:\windows\system32\bdco1ins.dll
    2010-08-25 19:26 . 2006-07-11 18:36 11264 ----a-w- c:\windows\system32\bdco1.dll
    2010-08-25 19:23 . 2008-02-26 05:51 2863616 -c--a-w- c:\windows\system32\dllcache\ati2mtag.sys
    2010-08-25 19:23 . 2008-02-26 05:51 2863616 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
    2010-08-25 19:23 . 2008-02-26 03:02 126976 ----a-w- c:\windows\system32\Oemdspif.dll
    2010-08-25 19:21 . 2006-06-19 03:37 36864 ----a-w- c:\windows\system32\drivers\AmdK8.sys
    2010-08-25 19:21 . 2006-02-26 15:02 5810 ----a-w- c:\windows\system32\drivers\ASACPI.sys
    2010-08-25 19:21 . 2010-08-25 19:31 -------- d-----w- C:\D
    2010-08-25 19:21 . 2010-08-25 17:19 -------- d--h--w- c:\documents and settings\Default User.WINDOWS
    2010-08-25 19:21 . 2010-08-25 17:06 -------- d-----w- c:\documents and settings\All Users.WINDOWS
    2010-08-25 19:17 . 2010-08-25 19:20 -------- d-----w- c:\windows\system32\drivers\UMDF
    2010-08-25 19:17 . 2010-08-25 19:20 -------- d-----w- c:\windows\L2Schemas
    2010-08-25 19:17 . 2010-08-25 19:19 -------- d-----w- c:\windows\system32\tr
    2010-08-25 19:02 . 2010-08-25 19:02 -------- d-sh--w- c:\documents and settings\LocalService.NT AUTHORITY\IETldCache
    2010-08-25 18:58 . 2010-06-18 11:39 16896 -c----w- c:\windows\system32\dllcache\iecompat.dll
    2010-08-25 18:57 . 2010-06-24 14:53 11077120 -c----w- c:\windows\system32\dllcache\ieframe.dll
    2010-08-25 18:57 . 2010-06-24 12:24 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
    2010-08-25 18:57 . 2010-06-24 12:23 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll
    2010-08-25 18:57 . 2010-06-24 12:23 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
    2010-08-25 18:57 . 2010-06-24 12:23 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
    2010-08-25 18:57 . 2010-06-24 12:23 1986560 -c----w- c:\windows\system32\dllcache\iertutil.dll
    2010-08-25 18:57 . 2010-06-24 12:23 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
    2010-08-25 18:45 . 2010-08-25 18:45 -------- d-----w- c:\program files\MSXML 4.0
    2010-08-25 17:46 . 2007-07-11 13:09 20480 ----a-w- c:\windows\FixCamera.exe
    2010-08-25 17:46 . 2006-07-03 07:31 94208 ----a-w- c:\windows\amcap.exe
    2010-08-25 17:46 . 2007-05-10 10:18 835584 ----a-w- c:\windows\vsnp325.exe
    2010-08-25 17:46 . 2007-04-21 06:30 270336 ----a-w- c:\windows\tsnp325.exe
    2010-08-25 17:46 . 2010-08-25 17:46 -------- d-----w- c:\program files\Common Files\snp325
    2010-08-25 17:46 . 2007-06-22 13:33 10368384 ----a-w- c:\windows\system32\drivers\snp325.sys
    2010-08-25 17:46 . 2007-05-31 06:01 57344 ----a-w- c:\windows\system32\vsnp325.dll
    2010-08-25 17:46 . 2006-04-12 09:11 147456 ----a-w- c:\windows\system32\rsnp325.dll
    2010-08-25 17:46 . 2005-11-23 10:55 53248 ----a-w- c:\windows\system32\csnp325.dll
    2010-08-25 17:45 . 2010-06-24 12:18 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
    2010-08-25 17:45 . 2010-06-23 11:28 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
    2010-08-25 17:45 . 2010-02-22 22:04 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
    2010-08-25 17:45 . 2010-06-24 12:18 78336 -c----w- c:\windows\system32\dllcache\ieencode.dll

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-08-26 18:36 . 2010-08-25 17:06 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
    2010-08-26 15:12 . 2008-04-15 12:00 81498 ----a-w- c:\windows\system32\perfc01F.dat
    2010-08-26 15:12 . 2008-04-15 12:00 427984 ----a-w- c:\windows\system32\perfh01F.dat
    2010-08-25 21:36 . 2010-08-23 19:02 -------- d--h--w- c:\program files\InstallShield Installation Information
    2010-08-25 21:21 . 2010-08-23 20:32 -------- d-----w- c:\program files\BRS
    2010-08-25 21:19 . 2008-07-20 01:41 445016 ----a-w- c:\windows\system32\wrap_oal.dll
    2010-08-25 21:19 . 2008-07-20 01:41 109144 ----a-w- c:\windows\system32\OpenAL32.dll
    2010-08-25 17:56 . 2010-08-23 20:03 -------- d-----w- c:\program files\TeamSpeak 3 Client
    2010-08-25 17:28 . 2010-08-23 18:44 -------- d-----w- c:\program files\Windows Live
    2010-08-25 17:08 . 2010-08-25 17:15 22486 ----a-r- c:\windows\system32\config\systemprofile\Application Data\Microsoft\Installer\{A743BBCC-3438-4BB3-8397-6C9D9AC125A6}\Timershot_1.exe
    2010-08-25 17:08 . 2010-08-25 17:15 22486 ----a-r- c:\windows\system32\config\systemprofile\Application Data\Microsoft\Installer\{A743BBCC-3438-4BB3-8397-6C9D9AC125A6}\ARPPRODUCTICON.exe
    2010-08-25 17:08 . 2010-08-25 17:08 22486 ----a-r- c:\documents and settings\Default User.WINDOWS\Application Data\Microsoft\Installer\{A743BBCC-3438-4BB3-8397-6C9D9AC125A6}\Timershot_1.exe
    2010-08-25 17:08 . 2010-08-25 17:08 22486 ----a-r- c:\documents and settings\Default User.WINDOWS\Application Data\Microsoft\Installer\{A743BBCC-3438-4BB3-8397-6C9D9AC125A6}\ARPPRODUCTICON.exe
    2010-08-25 17:08 . 2010-08-25 17:15 318 ----a-r- c:\windows\system32\config\systemprofile\Application Data\Microsoft\Installer\{2FBF04DC-404C-4FA4-BA28-99903080D2B9}\ARPPRODUCTICON.exe
    2010-08-25 17:08 . 2010-08-25 17:08 318 ----a-r- c:\documents and settings\Default User.WINDOWS\Application Data\Microsoft\Installer\{2FBF04DC-404C-4FA4-BA28-99903080D2B9}\ARPPRODUCTICON.exe
    2010-08-25 17:08 . 2010-08-25 17:15 318 ----a-r- c:\windows\system32\config\systemprofile\Application Data\Microsoft\Installer\{1CB92574-96F2-467B-B793-5CEB35C40C29}\ARPPRODUCTICON.exe
    2010-08-25 17:08 . 2010-08-25 17:08 318 ----a-r- c:\documents and settings\Default User.WINDOWS\Application Data\Microsoft\Installer\{1CB92574-96F2-467B-B793-5CEB35C40C29}\ARPPRODUCTICON.exe
    2010-08-25 17:04 . 2010-08-25 17:04 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\GroupPolicy
    2010-08-25 17:04 . 2010-08-25 17:04 21736 ----a-w- c:\windows\system32\emptyregdb.dat
    2010-08-25 17:02 . 2010-08-25 17:02 -------- d-----w- c:\program files\LiraConv
    2010-08-25 10:33 . 2010-08-23 19:08 -------- d-----w- c:\program files\ATI Technologies
    2010-08-24 14:04 . 2010-08-23 19:24 -------- d-----w- c:\program files\WarRock
    2010-08-23 22:08 . 2010-08-23 19:25 -------- d-----w- c:\program files\Metin2
    2010-08-23 20:44 . 2010-08-23 20:44 -------- d-----w- c:\program files\Microsoft
    2010-08-23 20:44 . 2010-08-23 20:44 -------- d-----w- c:\program files\Windows Live SkyDrive
    2010-08-23 20:36 . 2010-08-23 20:36 -------- d-----w- c:\program files\Common Files\Windows Live
    2010-08-23 20:31 . 2010-08-23 20:31 -------- d-----w- c:\program files\MSBuild
    2010-08-23 20:31 . 2010-08-23 20:31 -------- d-----w- c:\program files\Reference Assemblies
    2010-08-23 20:30 . 2010-08-23 20:30 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
    2010-08-23 20:30 . 2010-08-23 20:30 -------- d-----w- c:\program files\OpenAL
    2010-08-23 19:59 . 2010-08-23 19:59 -------- d-----w- c:\program files\Common Files\Adobe
    2010-08-23 19:42 . 2010-08-23 19:42 -------- d-----w- c:\program files\MSXML 6.0
    2010-08-23 19:22 . 2010-08-23 19:22 -------- d-----w- c:\program files\HP
    2010-08-23 19:22 . 2010-08-23 19:17 -------- d--h--w- c:\program files\Avago-HP
    2010-08-23 19:14 . 2010-08-23 19:14 -------- d-----w- c:\program files\AAALOGO2010
    2010-08-23 19:12 . 2010-08-23 19:12 -------- d-----w- c:\program files\Common Files\ATI Technologies
    2010-08-23 19:07 . 2010-08-23 18:58 -------- d-----w- c:\program files\Common Files\InstallShield
    2010-08-23 19:07 . 2010-08-23 19:07 -------- d-----w- c:\program files\My Company Name
    2010-08-23 19:07 . 2010-08-23 19:06 -------- d-----w- c:\program files\ASUS
    2010-08-23 19:04 . 2010-08-23 19:04 -------- d-----w- c:\program files\AMD
    2010-08-23 19:02 . 2010-08-23 19:02 -------- d-----w- c:\program files\Realtek
    2010-08-23 19:00 . 2010-08-23 19:00 -------- d-----w- c:\program files\NVIDIA Corporation
    2010-08-23 18:54 . 2010-08-23 18:54 -------- d-----w- c:\program files\Common Files\Logitech
    2010-08-23 18:54 . 2010-08-23 18:54 -------- d-----w- c:\program files\Logitech
    2010-08-23 18:51 . 2010-08-23 18:51 -------- d-----w- c:\program files\Ahead
    2010-08-23 18:51 . 2010-08-23 18:51 -------- d-----w- c:\program files\Common Files\Ahead
    2010-08-23 18:43 . 2010-08-23 18:43 -------- d-----w- c:\program files\Nero
    2010-08-23 18:43 . 2010-08-23 18:43 -------- d-----w- c:\program files\Common Files\Nero
    2010-08-23 18:43 . 2010-08-23 18:43 -------- d-----w- c:\program files\Winamp
    2010-08-23 18:43 . 2010-08-23 18:43 -------- d-----w- c:\program files\Internet Download Manager
    2010-08-23 18:35 . 2010-08-23 18:35 -------- d-----w- c:\program files\microsoft frontpage
    2010-08-18 05:58 . 2010-08-18 05:58 499712 ----a-w- c:\windows\system32\msvcp71.dll
    2010-08-18 05:58 . 2010-08-18 05:58 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2010-06-30 12:24 . 2008-04-15 12:00 149504 ----a-w- c:\windows\system32\schannel.dll
    2010-06-24 21:29 . 2008-07-20 01:44 1861120 ----a-w- c:\windows\system32\win32k.sys
    2010-06-24 12:24 . 2008-07-20 01:44 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-06-21 15:27 . 2008-04-15 12:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
    2010-06-17 14:03 . 2008-04-15 12:00 80384 ----a-w- c:\windows\system32\iccvid.dll
    2010-06-14 14:31 . 2010-08-25 17:05 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
    2010-06-14 07:42 . 2008-04-15 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
    "ASUS SmartDoctor"="c:\program files\ASUS\SmartDoctor\SmartDoctor.exe" [2007-12-18 1126400]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632]
    "FixCamera"="c:\windows\FixCamera.exe" [2007-07-11 20480]
    "tsnp325"="c:\windows\tsnp325.exe" [2007-04-21 270336]
    "snp325"="c:\windows\vsnp325.exe" [2007-05-10 835584]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
    "ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-10-23 380928]
    "RTHDCPL"="RTHDCPL.EXE" [2008-02-19 16858112]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-08-26 136600]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-10 13758464]
    "nwiz"="nwiz.exe" [2009-06-10 1657376]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-10 86016]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "ShowDeskFix"="shell32" [X]

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "c:\\Program Files\\Codemasters\\DiRT2\\dirt2_game.exe"=
    "c:\\Program Files\\Valve\\hl.exe"=
    "c:\\Program Files\\ASUS\\GamerOSD\\SBS.exe"=
    "c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
    "c:\\Program Files\\LimeWire\\LimeWire.exe"=

    S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [25.08.2010 20:46 10368384]
    .
    Contents of the 'Scheduled Tasks' folder

    2010-08-28 c:\windows\Tasks\WGASetup.job
    - c:\windows\system32\KB905474\wgasetup.exe [2010-08-25 19:18]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com.tr/
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,http://www.gmer.net
    Rootkit scan 2010-08-29 01:38
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(688)
    c:\windows\system32\Ati2evxx.dll

    - - - - - - - > 'explorer.exe'(3500)
    c:\windows\system32\WININET.dll
    c:\windows\system32\wpdshserviceobj.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\portabledevicetypes.dll
    c:\windows\system32\portabledeviceapi.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\system32\nvsvc32.exe
    c:\windows\system32\Ati2evxx.exe
    c:\windows\system32\Ati2evxx.exe
    c:\windows\RTHDCPL.EXE
    c:\windows\system32\RUNDLL32.EXE
    c:\windows\ATKKBService.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\windows\system32\wbem\wmiapsrv.exe
    .
    **************************************************************************
    .
    Completion time: 2010-08-29 01:42:49 - machine was rebooted
    ComboFix-quarantined-files.txt 2010-08-28 22:42

    Pre-Run: 11.528.597.504 bayt boş
    Post-Run: 12.897.562.624 bayt boş

    WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

    - - End Of File - - C2648925CF4FB1FE86F4F063BE8D7E87







  • Bu bilgisayarda hala zararlı yazılımlar var, tavsiyem Kaspersky Removal Tool ile güvenli modda tarama yaptırın.
  • aga bir zahmet de suna bakiverin lutfen. oneclickmoviez.com denen siteye girdim dun girmez olaydim girdigim anda hem peerblock hem trial eset acikken pc mde vista internet security denen bir malware resmen pc min anasini duzdu. combofix uyguladim, verdigim zahmetten ozur dilerim ama sunu da bilmenizi isterim ki dun yaklasik 5 saat boyunca ben zahmet cektim bunu da bilin lutfen, elimde su log text var:

    ComboFix 11-08-15.06 - MUSTANG 15.08.2011 5:01.2.2 - x86
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1254.90.1055.18.3069.2036 [GMT 3:00]
    Running from: c:\users\MUSTANG\Documents\Downloads\Programs\ComboFix.exe
    SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\MUSTANG\AppData\Local\dxc.exe
    c:\users\MUSTANG\AppData\Local\ljx.exe
    c:\windows\system32\no
    c:\windows\system32\no\DPCrProv.dll.mui
    c:\windows\system32\no\DPSDApi.dll.mui
    c:\windows\system32\SV
    c:\windows\system32\SV\DPCrProv.dll.mui
    c:\windows\system32\SV\DPSDApi.dll.mui
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-07-15 to 2011-08-15 )))))))))))))))))))))))))))))))
    .
    .
    2011-08-15 01:21 . 2011-08-15 01:21 -------- d-----w- c:\program files\PC Tools Registry Tool
    2011-08-15 01:00 . 2011-07-01 12:36 149456 ----a-w- c:\windows\SGDetectionTool.dll
    2011-08-15 00:50 . 2011-08-15 00:55 -------- d-----w- c:\programdata\PC Tools
    2011-08-13 00:34 . 2011-07-13 03:39 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4ECDFFDA-9D95-4AB9-B366-7F6903957684}\mpengine.dll
    2011-08-12 00:12 . 2011-07-22 02:44 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2011-08-12 00:12 . 2011-07-22 03:00 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
    2011-08-12 00:12 . 2011-07-22 02:46 194048 ----a-w- c:\program files\Internet Explorer\IEShims.dll
    2011-08-12 00:12 . 2011-07-22 02:54 1797632 ----a-w- c:\windows\system32\jscript9.dll
    2011-08-11 22:43 . 2011-06-06 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
    2011-08-11 22:36 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2011-08-11 22:36 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-08-11 22:34 . 2011-07-06 15:31 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
    2011-08-11 22:13 . 2011-06-17 20:13 905104 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2011-08-09 18:09 . 2011-08-09 18:09 -------- d-----w- c:\program files\GetData
    2011-08-09 00:11 . 2011-08-09 00:11 -------- d-----w- c:\program files\Recuva
    2011-08-08 23:32 . 2011-08-08 23:32 -------- d-----w- c:\users\MUSTANG\AppData\Local\Apps
    2011-08-08 23:32 . 2011-08-08 23:32 -------- d-----w- c:\program files\Active Data Recovery Software
    2011-07-20 19:00 . 2011-07-20 19:00 -------- d-----w- c:\program files\Comical
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-07-22 02:48 . 2011-08-12 00:12 1126912 ----a-w- c:\windows\system32\wininet.dll
    2011-06-23 13:19 . 2011-06-23 13:19 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-06-17 16:03 . 2011-08-11 22:34 375808 ----a-w- c:\windows\system32\winsrv.dll
    2011-06-11 05:33 . 2011-06-11 05:33 161792 ----a-w- c:\windows\system32\msls31.dll
    2011-06-11 05:33 . 2011-06-11 05:33 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
    2011-06-11 05:33 . 2011-06-11 05:33 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2011-06-11 05:33 . 2011-06-11 05:33 86528 ----a-w- c:\windows\system32\iesysprep.dll
    2011-06-11 05:33 . 2011-06-11 05:33 63488 ----a-w- c:\windows\system32\tdc.ocx
    2011-06-11 05:33 . 2011-06-11 05:33 48640 ----a-w- c:\windows\system32\mshtmler.dll
    2011-06-11 05:33 . 2011-06-11 05:33 367104 ----a-w- c:\windows\system32\html.iec
    2011-06-11 05:33 . 2011-06-11 05:33 74752 ----a-w- c:\windows\system32\iesetup.dll
    2011-06-11 05:33 . 2011-06-11 05:33 23552 ----a-w- c:\windows\system32\licmgr10.dll
    2011-06-11 05:33 . 2011-06-11 05:33 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
    2011-06-11 05:33 . 2011-06-11 05:33 420864 ----a-w- c:\windows\system32\vbscript.dll
    2011-06-11 05:33 . 2011-06-11 05:33 152064 ----a-w- c:\windows\system32\wextract.exe
    2011-06-11 05:33 . 2011-06-11 05:33 150528 ----a-w- c:\windows\system32\iexpress.exe
    2011-06-11 05:33 . 2011-06-11 05:33 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2011-06-11 05:33 . 2011-06-11 05:33 11776 ----a-w- c:\windows\system32\mshta.exe
    2011-06-11 05:33 . 2011-06-11 05:33 101888 ----a-w- c:\windows\system32\admparse.dll
    2011-06-11 05:33 . 2011-06-11 05:33 35840 ----a-w- c:\windows\system32\imgutil.dll
    2011-06-11 05:33 . 2011-06-11 05:33 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
    2011-06-02 13:34 . 2011-07-14 12:39 2043392 ----a-w- c:\windows\system32\win32k.sys
    2011-06-02 12:49 . 2011-06-02 12:49 720896 ----a-w- c:\windows\iun6002ev.exe
    2011-05-24 16:14 . 2009-10-03 20:03 222080 ------w- c:\windows\system32\MpSigStub.exe
    2009-11-25 19:23 24576 --sha-w- c:\windows\System32\8257.tmp
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    2010-09-28 19:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
    .
    [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
    [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2010-01-25 3179952]
    "ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-07-12 226904]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
    "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]
    "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-03-14 202032]
    "OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288]
    "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
    "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
    "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-06-27 442467]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
    "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
    "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]
    "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2009-03-10 468264]
    "DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-12-01 842816]
    "PCTools FGuard"="c:\program files\PC Tools Security\BDT\FGuard.exe" [2011-07-01 247760]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "mixer1"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKLM\~\startupfolder\C:^Users^MUSTANG^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
    path=c:\users\MUSTANG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
    backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
    backupExtension=.Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
    2010-01-25 09:45 3179952 ----a-w- c:\program files\Internet Download Manager\IDMan.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
    2008-02-26 11:08 2289664 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    2010-11-09 23:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    R2 .1254489507;1254489507;c:\program files\1254489507\FARUQ1254489507L.exe [x]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-11-26 135664]
    R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
    R3 gupdatem;Google Güncelleme Hizmeti (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-11-26 135664]
    R3 ICDUSB3;ICDUSB3;c:\windows\system32\Drivers\ICDUSB3.sys [2008-08-18 11264]
    R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [2011-02-18 371472]
    R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    S0 Amddfltr;Amd Disk Lower Filter Driver;c:\windows\system32\DRIVERS\Amddfltr.sys [2008-01-07 15416]
    S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2011-07-11 263888]
    S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2010-07-16 338880]
    S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2010-07-16 656320]
    S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD.sys [2011-03-10 233976]
    S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [2008-06-27 77824]
    S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools Security\BDT\BDTUpdateService.exe [2011-07-01 337872]
    S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 26168]
    S2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-03-26 341328]
    S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2008-03-26 595248]
    S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
    S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-01-23 52736]
    S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296]
    S3 vfs101x;vfs101x;c:\windows\system32\drivers\vfs101x.sys [2008-03-26 40752]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    WindowsMobile REG_MULTI_SZ wcescomm rapimgr
    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2008-02-26 11:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-26 10:30]
    .
    2011-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-26 10:30]
    .
    2010-07-09 c:\windows\Tasks\HPCeeScheduleForMUSTANG.job
    - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-06-11 12:14]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://search.babylon.com/home
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=tr_tr&c=83&bd=Pavilion&pf=cnnb
    IE: &AOL Araç Çubuğu Araması - c:\programdata\AOL\ieToolbar\resources\tr-TR\local\search.html
    IE: Bütün linkleri IDM ile indir - c:\program files\Internet Download Manager\IEGetAll.htm
    IE: FLV video içeriğini IDM ile indir - c:\program files\Internet Download Manager\IEGetVL.htm
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: IDM ile indir - c:\program files\Internet Download Manager\IEExt.htm
    IE: Microsoft Excel'e &Ver - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
    LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
    TCP: DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{516E27A9-EAEA-42E2-B7CE-CB709954353D}: NameServer = 4.2.2.1,4.2.2.2
    TCP: Interfaces\{982EB1B2-8A9D-4CE7-8A59-6B437F016D89}: NameServer = 4.2.2.5,4.2.2.6
    FF - ProfilePath - c:\users\MUSTANG\AppData\Roaming\Mozilla\Firefox\Profiles\ax8b3yf3.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1460988&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.startup.homepage - about:blank
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1460988&q=
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
    FF - Ext: IMDb Preview: {10187899-7ffe-4f9a-b9d2-35fdb3b49690} - %profile%\extensions\{10187899-7ffe-4f9a-b9d2-35fdb3b49690}
    FF - Ext: FlashGot: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - %profile%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: gTranslate: {aff87fa2-a58e-4edd-b852-0a20203c1e17} - %profile%\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}
    FF - Ext: YouTube mp3: info@youtube-mp3.org - %profile%\extensions\info@youtube-mp3.org
    FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF - Ext: DigitalPersona Extension: otis@digitalpersona.com - c:\program files\DigitalPersona\Bin\FirefoxExt
    FF - Ext: Browser Defender Toolbar: {cb84136f-9c44-433a-9048-c5cd9df1dc16} - c:\program files\PC Tools Security\BDT\Firefox
    FF - Ext: IDM CC: mozilla_cc@internetdownloadmanager.com - c:\users\MUSTANG\AppData\Roaming\IDM\idmmzcc3
    FF - Ext: DigitalPersona Extension: otis@digitalpersona.com - c:\program files\DigitalPersona\Bin\firefoxext
    .
    - - - - ORPHANS REMOVED - - - -
    .
    HKLM-Run-Freecorder FLV Service - c:\program files\Freecorder\FLVSrvc.exe
    HKLM-Run-BvtUtility - c:\program files\BvT Grup\BvT Live Tv\BvtUtility.exe
    MSConfigStartUp-Babylon Client - c:\program files\Babylon\Babylon-Pro\Babylon.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,http://www.gmer.net
    Rootkit scan 2011-08-15 05:17
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    .
    c:\windows\TEMP\TMP00000008C84D601346298E41 524288 bytes
    .
    scan completed successfully
    hidden files: 1
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-3454186023-2170774988-2969336722-1002_Classes\CLSID\{05364f7b-d8b3-416d-96f6-827e63fb704c}]
    @Denied: (Full) (Everyone)
    @Allowed: (Read) (RestrictedCode)
    "Model"=dword:0000012f
    "Therad"=dword:00000015
    "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
    1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
    .
    [HKEY_USERS\S-1-5-21-3454186023-2170774988-2969336722-1002_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
    @Denied: (Full) (Everyone)
    "scansk"=hex(0):24,de,1e,16,21,f4,45,48,1f,fa,a7,1d,90,7a,6c,1d,fc,6f,29,a2,2d,
    89,8a,31,a6,7d,b0,7b,3c,23,35,1f,24,1a,95,81,c7,a7,81,b6,00,00,00,00,00,00,\
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:000000b5
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'Explorer.exe'(4496)
    c:\program files\DigitalPersona\Bin\DpoFeedb.dll
    c:\program files\DigitalPersona\Bin\DpoSet.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\system32\Ati2evxx.exe
    c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
    c:\windows\system32\Ati2evxx.exe
    c:\windows\system32\WLANExt.exe
    c:\program files\DigitalPersona\Bin\DpHostW.exe
    c:\windows\system32\agrsmsvc.exe
    c:\program files\Common Files\LightScribe\LSSrvc.exe
    c:\windows\system32\PnkBstrA.exe
    c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
    c:\program files\CyberLink\Shared Files\RichVideo.exe
    c:\program files\Microsoft\BingBar\SeaPort.EXE
    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    c:\windows\system32\conime.exe
    c:\windows\system32\wbem\unsecapp.exe
    c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
    c:\program files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
    c:\windows\ehome\ehmsas.exe
    c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
    c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
    c:\program files\Synaptics\SynTP\SynTPHelper.exe
    c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
    c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
    c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    .
    **************************************************************************
    .
    Completion time: 2011-08-15 05:25:56 - machine was rebooted
    ComboFix-quarantined-files.txt 2011-08-15 02:25
    ComboFix2.txt 2010-07-09 23:00
    .
    Pre-Run: 2.957.864.960 bayt boş
    Post-Run: 2.483.736.576 bayt boş
    .
    - - End Of File - - DF16D47D7A71640D3472EF5CCDAC2C2F




  • Sisteminizde rootkit de var.
  • incelerseniz teşekkürler

    ComboFix 11-08-31.05 - KULLANICI ADI 01.09.2011 12:30:33.2.2 - x86 MINIMAL
    Microsoft Windows 7 Starter 6.1.7600.0.1254.90.1055.18.1789.1296 [GMT 3:00]
    Running from: c:\users\KULLANICI ADI\Desktop\ComboFix.exe
    AV: COMODO Antivirus *Enabled/Updated* {7554F4C5-5EC0-2FC6-8192-8DF831DBED51}
    FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
    SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ---- Previous Run -------
    .
    c:\windows\system32\x86
    c:\windows\system32\x86\chklogo6.exe
    c:\windows\system32\x86\chklogo6.wtl
    c:\windows\system32\x86\chklogo6_faileddrivers.txt
    c:\windows\system32\x86\wttlog.dll
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-08-01 to 2011-09-01 )))))))))))))))))))))))))))))))
    .
    .
    2011-09-01 09:33 . 2011-09-01 09:33 -------- d-----w- c:\users\KULLANICI ADI\AppData\Local\temp
    2011-09-01 09:21 . 2011-09-01 09:21 -------- d-----r- c:\users\Public
    2011-09-01 09:15 . 2011-09-01 09:15 -------- d-----w- c:\users\KULLANICI ADI\AppData\Local\COMODO
    2011-09-01 09:05 . 2011-09-01 09:05 -------- d-----w- C:\VritualRoot
    2011-08-31 20:16 . 2011-08-31 20:16 -------- dc-h--w- c:\programdata\{BABF6F4E-3651-4AC1-876A-46BE5B95D594}
    2011-08-31 17:23 . 2011-08-31 18:32 -------- d-----w- c:\programdata\PopCap Games
    2011-08-31 17:23 . 2011-08-31 18:32 -------- d-----w- c:\program files\PopCap Games
    2011-08-31 12:12 . 2011-08-31 16:01 -------- d-----w- c:\programdata\Comodo
    2011-08-31 12:12 . 2011-08-31 12:19 -------- d-----w- c:\program files\COMODO
    2011-08-31 12:10 . 2011-08-31 12:12 -------- d-----w- c:\programdata\Comodo Downloader
    2011-08-26 11:21 . 2009-08-28 02:33 228784 ----a-w- c:\windows\system32\drivers\SynTP.sys
    2011-08-26 11:21 . 2009-08-28 02:32 120104 ----a-w- c:\windows\system32\SynTPCo4.dll
    2011-08-26 11:21 . 2009-08-28 02:32 161064 ----a-w- c:\windows\system32\SynTPAPI.dll
    2011-08-26 11:21 . 2009-08-28 02:32 206120 ----a-w- c:\windows\system32\SynCtrl.dll
    2011-08-26 11:21 . 2009-08-07 01:49 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
    2011-08-26 11:21 . 2009-08-28 02:32 169256 ----a-w- c:\windows\system32\SynCOM.dll
    2011-08-26 11:19 . 2011-08-26 11:19 125 ----a-w- c:\windows\xUninstall.bat
    2011-08-26 11:18 . 2009-09-23 02:25 120432 ----a-w- c:\windows\system32\drivers\jmcr.sys
    2011-08-26 11:18 . 2011-08-26 20:41 -------- d-----w- c:\windows\JMCR_DIR
    2011-08-26 11:17 . 2005-04-03 20:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
    2011-08-26 11:17 . 2005-04-03 20:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
    2011-08-26 11:17 . 2005-04-03 20:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
    2011-08-26 11:17 . 2005-04-03 20:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
    2011-08-26 11:17 . 2005-04-03 19:59 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
    2011-08-26 11:17 . 2011-08-26 11:17 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
    2011-08-26 11:17 . 2011-08-26 11:17 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
    2011-08-25 12:20 . 2011-08-26 11:06 -------- dc----w- c:\programdata\{A269F35F-278A-4343-BE66-64698EED33E3}
    2011-08-18 13:30 . 2011-08-26 11:07 -------- d-----w- c:\program files\Microsoft Security Essentials
    2011-08-09 14:30 . 2011-08-26 20:41 -------- d--h--w- c:\programdata\{39448D14-6F91-434E-9F7F-270990A869D3}
    2011-08-07 11:00 . 2011-08-07 11:00 -------- d-----w- c:\users\KULLANICI ADI\AppData\Roaming\GlarySoft
    2011-08-06 21:07 . 2011-08-06 21:07 -------- d-----w- c:\program files\Glarysoft
    2011-08-04 12:26 . 2011-08-31 20:14 -------- d-----w- c:\users\KULLANICI ADI\AppData\Local\Adobe
    2011-08-02 15:22 . 2011-08-02 15:22 -------- d-----w- c:\program files\ElcomSoft
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-08-03 11:55 . 2011-08-01 09:10 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-08-01 20:03 . 2011-08-01 20:03 1700352 ----a-w- c:\windows\system32\gdiplus.dll
    2011-08-01 20:03 . 2011-08-01 20:03 1060864 ----a-w- c:\windows\system32\mfc71.dll
    2011-07-30 11:30 . 2011-07-30 11:30 388096 ----a-r- c:\users\KULLANICI ADI\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-07-30 11:30 . 2011-07-30 11:30 388096 ----a-r- c:\users\KULLANICI ADI\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-07-20 06:44 . 2011-07-30 13:46 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A076BAC3-797E-4147-9B18-5EF00BCAFC53}\mpengine.dll
    2011-07-05 09:40 . 2011-07-05 09:40 365376 ----a-w- c:\windows\system32\drivers\krnl_akl.sys
    2011-06-30 06:38 . 2011-06-30 06:38 82400 ----a-w- c:\windows\system32\drivers\inspect.sys
    2011-06-30 06:38 . 2011-06-30 06:38 37592 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
    2011-06-30 06:38 . 2011-06-30 06:38 238960 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
    2011-06-30 06:38 . 2011-06-30 06:38 19088 ----a-w- c:\windows\system32\drivers\cmderd.sys
    2011-06-30 06:37 . 2011-06-30 06:37 285256 ----a-w- c:\windows\system32\guard32.dll
    2009-10-01 14:43 . 2009-10-13 18:40 26739584 ----a-w- c:\program files\Adobe Acrobat Reader.exe
    2011-06-16 04:56 . 2011-08-03 18:49 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]
    "SiSTray"="c:\program files\SiS VGA Utilities\SiSTray.exe" [2009-09-04 552960]
    "HotkeyOSD Software"="c:\program files\Hotkey\HotKey.exe" [2008-07-25 1351680]
    "AntiLogger"="c:\program files\AntiLogger\AntiLogger.exe" [2011-07-14 2885064]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-08-28 1557800]
    "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-30 2554696]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\System32\guard32.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux1"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti-keylogger]
    2011-07-05 09:40 399168 ----a-w- c:\program files\Anti-keylogger\Anti-keylogger.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BisonHK]
    2008-03-25 12:46 77824 ----a-w- c:\windows\BisonCam\BisonHK.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
    2008-01-15 14:20 103720 ----a-w- c:\program files\CyberLink\Power2Go\CLMLSvc.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeLay]
    2008-03-11 14:08 53248 ----a-w- c:\windows\BisonCam\DeLay.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    2009-07-26 13:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Go_Menu]
    2008-01-04 08:02 222504 ----a-w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
    2007-03-14 18:01 71216 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
    2009-08-28 02:32 1557800 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
    .
    R1 AntiLog32;AntiLog32;c:\program files\AntiLogger\AntiLog32.sys [2011-07-14 121560]
    R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-06-30 238960]
    R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-06-30 37592]
    R1 krnl_akl;Anti-keylogger Kernel Service;c:\windows\system32\drivers\krnl_akl.sys [2011-07-05 365376]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
    R2 PowerBiosServer;PowerBiosServer;c:\program files\Hotkey\PowerBiosServer.exe [2008-07-10 36864]
    R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-09-23 120432]
    R3 RTL8167;Realtek 8167 NT Sürücüsü;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
    R3 RTL8187B;Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-08-12 376320]
    R3 SiS6350;SiS6350;c:\windows\system32\DRIVERS\SISGRKMD.sys [2009-09-04 464384]
    R3 SiSGbeLH;SiS191/SiS190 Ethernet Aygıtı NDIS 6.0 Sürücüsü;c:\windows\system32\DRIVERS\SiSGB6.sys [2009-07-13 48128]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
    S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2011-06-30 19088]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com.tr/
    IE: Microsoft Excel'e &Ver - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\users\KULLANICI ADI\AppData\Roaming\Mozilla\Firefox\Profiles\fdda5gs5.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.tr/
    .
    - - - - ORPHANS REMOVED - - - -
    .
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    MSConfigStartUp-CPA - c:\program files\COMODO\COMODO GeekBuddy\VALA.exe
    AddRemove-LSI Soft Modem - c:\windows\agrsmdel
    AddRemove-{26604C7E-A313-4D12-867F-7C6E7820BE4C} - c:\program files\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vsdatant]
    "ImagePath"=""
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2011-09-01 12:34:30
    ComboFix-quarantined-files.txt 2011-09-01 09:34
    .
    Pre-Run: 89.507.270.656 bayt boş
    Post-Run: 89.453.539.328 bayt boş
    .
    - - End Of File - - 13791B5CF5202472C108E44AEF10B364



    < Bu mesaj bu kişi tarafından değiştirildi DownFast -- 6 Eylül 2011; 17:01:00 >




    • 
Sayfa: 1

Benzer içerikler

- x
Bildirim
mesajınız kopyalandı (ctrl+v) yapıştırmak istediğiniz yere yapıştırabilirsiniz.
Hizmet kalitesi için çerezleri kullanabiliriz. DH’ye girerek kullanım izni vermiş sayılırsınız.
Anladım Veri Politikamız