Yeni Kayıt
Konudaki Resimler
|
Hızlı 
Bildirim
Hiç Bir Exe Dosyası Çalışmıyor ve Silinemiyor!
Sıcak Fırsatlarda Tıklananlar
Editörün Seçtiği Fırsatlar
Daha Fazla 
Bu Konudaki Kullanıcılar:
Daha Az 
2 Misafir - 2 Masaüstü
Giriş
Mesaj
-
-
güvenli modda girip combofix dener misin? -
yükleyip çalıştırdım, sorun gitmedi. Oluşturduğu log u aşağıda yazdım:
He bir de ne yaptıysa artık firefox css dosyalarını yüklemiyor...
ComboFix 12-06-16.02 - Hp 18.06.2012 12:46:26.2.2 - x86 NETWORK
Microsoft Windows 7 Starter 6.1.7601.1.1254.90.1055.18.2013.1567 [GMT 3:00]
Running from: c:\users\Hp\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Enabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\system\VI30AUT.DLL
c:\windows\unin0416.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-05-18 to 2012-06-18 )))))))))))))))))))))))))))))))
.
.
2012-06-18 09:52 . 2012-06-18 09:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-18 09:30 . 2012-06-18 09:53 -------- d-----w- c:\users\Hp\AppData\Local\temp
2012-06-18 07:48 . 2012-06-18 07:48 -------- d-----w- c:\program files\Unlocker
2012-06-17 07:48 . 2012-06-17 07:48 -------- d-----w- c:\users\Guest
2012-06-16 12:14 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A4ECB2CF-12AF-4D39-918F-EDDE5C356170}\mpengine.dll
2012-06-16 12:07 . 2012-06-16 12:07 -------- d-----w- C:\found.000
2012-06-15 12:56 . 2012-06-15 12:56 -------- d-----w- c:\users\Hp\AppData\Local\Macromedia
2012-06-09 13:44 . 2012-06-16 20:47 -------- d-----w- c:\program files\Patriots
2012-06-09 13:27 . 2012-06-09 13:27 -------- d-----w- c:\program files\Cisco Systems
2012-06-09 13:20 . 2012-06-09 13:20 -------- d-----w- c:\programdata\Cisco Systems
2012-06-04 12:52 . 2010-11-25 03:59 603240 ----a-w- c:\windows\system32\drivers\RTL8192su.sys
2012-06-04 12:18 . 2012-06-04 12:18 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys
2012-06-04 12:17 . 2012-06-04 12:17 -------- d-----w- c:\windows\OPTIONS
2012-06-04 12:17 . 2012-06-04 12:17 -------- d-----w- c:\windows\system32\REALTEK 11n USB Wireless LAN Driver and Utility
2012-06-04 09:37 . 2012-06-04 09:39 -------- d-----w- c:\users\Public\ItkData
2012-06-04 09:37 . 2012-06-04 09:37 -------- d-----w- c:\program files\LGInternetKit
2012-06-04 09:35 . 2008-12-02 06:40 28672 ----a-r- c:\users\Hp\AppData\Roaming\Microsoft\Windows\Templates\F\UnInstallMSI.exe
2012-06-04 09:35 . 2008-12-01 11:29 16896 ----a-r- c:\users\Hp\AppData\Roaming\Microsoft\Windows\Templates\F\UnInstallMSI64.exe
2012-06-04 09:35 . 2008-12-01 11:29 14336 ----a-r- c:\users\Hp\AppData\Roaming\Microsoft\Windows\Templates\F\UnInstallMSI32.exe
2012-06-04 09:35 . 2008-11-26 11:59 6450574 ----a-w- c:\users\Hp\AppData\Roaming\Microsoft\Windows\Templates\F\tools\LGInternetKit_V3.0.0.24_Setup.exe
2012-06-04 09:35 . 2008-11-23 01:16 460288 ----a-r- c:\users\Hp\AppData\Roaming\Microsoft\Windows\Templates\F\tools\LGUSBModemDrivers_WHQL_ML_Ver_4.9.4_All.msi
2012-06-04 09:35 . 2008-04-01 09:15 20480 ----a-r- c:\users\Hp\AppData\Roaming\Microsoft\Windows\Templates\F\SendScsiCmd.dll
2012-06-02 17:32 . 2012-06-02 17:34 -------- d-----w- c:\program files\Football Generation
2012-06-02 10:42 . 2012-06-02 10:42 119808 ----a-w- c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
2012-05-30 17:15 . 2012-05-30 17:15 -------- d-----w- c:\program files\Project 3 Interactive
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-16 09:22 . 2012-05-16 09:22 0 ----a-w- c:\windows\REG4D07.tmp
2012-05-05 11:49 . 2012-04-11 19:28 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-05 11:49 . 2011-09-06 15:03 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-04 15:47 . 2012-05-16 09:18 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-04-04 15:47 . 2011-09-06 15:06 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-02 20:34 . 2012-04-02 20:33 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2012-03-31 04:39 . 2012-05-12 05:45 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-12 05:45 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-31 02:36 . 2012-05-12 05:45 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-03-30 10:23 . 2012-05-12 05:45 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-06-06 09:41 . 2011-09-10 09:03 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2012-06-02 10:42 . 2012-06-02 10:42 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{a2d8f477-f908-478d-a77a-5d934a922bc0}"= "c:\program files\Kurulum\prxtbKuru.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{a2d8f477-f908-478d-a77a-5d934a922bc0}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a2d8f477-f908-478d-a77a-5d934a922bc0}]
2011-05-09 08:49 176936 ----a-w- c:\program files\Kurulum\prxtbKuru.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{a2d8f477-f908-478d-a77a-5d934a922bc0}"= "c:\program files\Kurulum\prxtbKuru.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{a2d8f477-f908-478d-a77a-5d934a922bc0}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A2D8F477-F908-478D-A77A-5D934A922BC0}"= "c:\program files\Kurulum\prxtbKuru.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{a2d8f477-f908-478d-a77a-5d934a922bc0}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-05-16 14:53 554008 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-05-16 14:53 554008 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-05-16 14:53 554008 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-05-16 14:53 554008 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-01-24 3478336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2012-06-02 30192]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
REALTEK 11n USB Wireless LAN Utility.lnk - c:\program files\Realtek\11n USB Wireless LAN Utility\RtWLan.exe [2012-6-4 876544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^Users^Hp^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Ekran Kırpıcı ve Başlatıcı.lnk]
path=c:\users\Hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Ekran Kırpıcı ve Başlatıcı.lnk
backup=c:\windows\pss\OneNote 2007 Ekran Kırpıcı ve Başlatıcı.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2011-03-15 15:42 499608 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
2011-01-12 05:08 1523360 ----a-w- c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-01-24 13:19 3478336 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-09-12 08:30 136176 ----atw- c:\users\Hp\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2010-10-16 02:36 171032 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2010-10-16 02:36 137752 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2010-10-16 02:36 170520 ----a-w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 08:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
R1 MpKsl00c1fe44;MpKsl00c1fe44;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D21DD018-C046-4B10-B5D3-9331CAEFDB6F}\MpKsl00c1fe44.sys [x]
R1 MpKsl01dd0a37;MpKsl01dd0a37;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F5142881-DBF3-4462-A798-2B908EA10158}\MpKsl01dd0a37.sys [x]
R1 MpKsl141793a7;MpKsl141793a7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A40319D0-CD94-4A9E-A30F-00CE7E1545CC}\MpKsl141793a7.sys [x]
R1 MpKsl16c3dfbf;MpKsl16c3dfbf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8DCA1ADF-089F-4A55-83FD-F19512E328A9}\MpKsl16c3dfbf.sys [x]
R1 MpKsl2271f607;MpKsl2271f607;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9DA41263-A6EF-4325-BECC-2325871BA744}\MpKsl2271f607.sys [x]
R1 MpKsl24a42ff2;MpKsl24a42ff2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A0753994-1F0D-4F99-9AB3-45E31AF73D4C}\MpKsl24a42ff2.sys [x]
R1 MpKsl2ab15375;MpKsl2ab15375;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A1515271-74CF-4C96-A68D-5739CCC403F2}\MpKsl2ab15375.sys [x]
R1 MpKsl2c607c02;MpKsl2c607c02;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{01F5CBAD-2C19-43A0-83B8-229A0A2D85B1}\MpKsl2c607c02.sys [x]
R1 MpKsl4757a422;MpKsl4757a422;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3AEABFDE-2242-4E9F-AB82-C40D743D0CB1}\MpKsl4757a422.sys [x]
R1 MpKsl49179483;MpKsl49179483;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EB03D196-1ABB-4A50-8928-FD88DE192F00}\MpKsl49179483.sys [x]
R1 MpKsl510ad220;MpKsl510ad220;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3467958E-027F-4F95-8D92-7339A3815F7A}\MpKsl510ad220.sys [x]
R1 MpKsl5196dcf0;MpKsl5196dcf0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AC5503EF-9144-4F73-B8AF-956993B4F8A5}\MpKsl5196dcf0.sys [x]
R1 MpKsl5666d061;MpKsl5666d061;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{813143D2-7B44-465F-BF70-AAA190122798}\MpKsl5666d061.sys [x]
R1 MpKsl576aceaf;MpKsl576aceaf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4F2F3DF7-61F5-46DD-A401-10D5CFEDE0C7}\MpKsl576aceaf.sys [x]
R1 MpKsl5b9f8e88;MpKsl5b9f8e88;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3CAD3D69-1BF3-4C10-B456-99BC6088562B}\MpKsl5b9f8e88.sys [x]
R1 MpKsl60194ea1;MpKsl60194ea1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3467958E-027F-4F95-8D92-7339A3815F7A}\MpKsl60194ea1.sys [x]
R1 MpKsl7258ce20;MpKsl7258ce20;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{70EF7D95-4110-402F-B946-2F5C685C65F5}\MpKsl7258ce20.sys [x]
R1 MpKsl8804902d;MpKsl8804902d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8DCA1ADF-089F-4A55-83FD-F19512E328A9}\MpKsl8804902d.sys [x]
R1 MpKsl8bfe624f;MpKsl8bfe624f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9EF83262-2D83-4005-B15A-3D71C852C311}\MpKsl8bfe624f.sys [x]
R1 MpKsl8d4a655a;MpKsl8d4a655a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{950642DF-8C72-4EDC-B033-059C98FF147E}\MpKsl8d4a655a.sys [x]
R1 MpKsl8f84b228;MpKsl8f84b228;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8E3EB720-68F4-4A6D-AD01-0D3731A38846}\MpKsl8f84b228.sys [x]
R1 MpKsl9342a272;MpKsl9342a272;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0146BE85-8221-4403-A166-4C51D5CC0E3C}\MpKsl9342a272.sys [x]
R1 MpKsl96a8940c;MpKsl96a8940c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{073FB2E3-AF0F-413F-BD00-62B099DB5A99}\MpKsl96a8940c.sys [x]
R1 MpKsl98c83d07;MpKsl98c83d07;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C64941B0-5C29-4E26-8188-AE15E2D1F32E}\MpKsl98c83d07.sys [x]
R1 MpKsla16bd130;MpKsla16bd130;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{46516ADB-CD2E-42BA-A6AB-F256E0C043E7}\MpKsla16bd130.sys [x]
R1 MpKsla3b44b01;MpKsla3b44b01;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3AEABFDE-2242-4E9F-AB82-C40D743D0CB1}\MpKsla3b44b01.sys [x]
R1 MpKsla509e140;MpKsla509e140;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{59533C9F-AAD5-4C8C-8617-9F11447A8E37}\MpKsla509e140.sys [x]
R1 MpKsla76ef6f6;MpKsla76ef6f6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CDC43667-1131-4430-A812-E4CB09BB69F4}\MpKsla76ef6f6.sys [x]
R1 MpKslb06a0060;MpKslb06a0060;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F5142881-DBF3-4462-A798-2B908EA10158}\MpKslb06a0060.sys [x]
R1 MpKslb29ba099;MpKslb29ba099;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BDE286A7-7EAD-4498-B57A-E519A4383ADC}\MpKslb29ba099.sys [x]
R1 MpKslb38db5cb;MpKslb38db5cb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8ECB9410-4C9D-4695-9818-78F34C128BB9}\MpKslb38db5cb.sys [x]
R1 MpKslbf0a9ce9;MpKslbf0a9ce9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{073FB2E3-AF0F-413F-BD00-62B099DB5A99}\MpKslbf0a9ce9.sys [x]
R1 MpKslc251bf85;MpKslc251bf85;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{047E1424-DBAA-4CEF-8BF0-6A611C09219A}\MpKslc251bf85.sys [x]
R1 MpKslc407142a;MpKslc407142a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{226788C0-7FB1-4E3D-BDC6-838EFECD8D66}\MpKslc407142a.sys [x]
R1 MpKslc94b85b7;MpKslc94b85b7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{96F33ADC-F299-4A99-9F32-28346EE08F50}\MpKslc94b85b7.sys [x]
R1 MpKsld6ef0623;MpKsld6ef0623;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ABC7CC22-5224-4AF2-A353-0FA8BDB1C198}\MpKsld6ef0623.sys [x]
R1 MpKsld73eacdf;MpKsld73eacdf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2973F734-D96D-4B0B-A548-D7B85E188ED4}\MpKsld73eacdf.sys [x]
R1 MpKslde84fb1e;MpKslde84fb1e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{60FA0438-FD40-4D00-BE8B-B8EE6F99C1DE}\MpKslde84fb1e.sys [x]
R1 MpKsle002167f;MpKsle002167f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{154D96FF-1EBC-4FCD-AB13-5E2EFDD6B5B8}\MpKsle002167f.sys [x]
R1 MpKsle4173f66;MpKsle4173f66;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{70EF7D95-4110-402F-B946-2F5C685C65F5}\MpKsle4173f66.sys [x]
R1 MpKslebfe9b49;MpKslebfe9b49;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{70EF7D95-4110-402F-B946-2F5C685C65F5}\MpKslebfe9b49.sys [x]
R1 MpKslec19b776;MpKslec19b776;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BFD660F6-1291-45B4-8F2E-2973B3A9149C}\MpKslec19b776.sys [x]
R1 MpKslec499d94;MpKslec499d94;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5BF717F9-4F5E-4C49-88B8-6A4F006521EA}\MpKslec499d94.sys [x]
R1 MpKslf80c744f;MpKslf80c744f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{154D96FF-1EBC-4FCD-AB13-5E2EFDD6B5B8}\MpKslf80c744f.sys [x]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Güncelleme Hizmeti (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-09-09 135664]
R2 Realtek92SU;Realtek92SU;c:\program files\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2007-07-27 36864]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2009-12-18 11336]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2012-06-02 30192]
R3 gupdatem;Google Güncelleme Hizmeti (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-09-09 135664]
R3 iscFlash;iscFlash;c:\users\Hp\AppData\Local\Temp\pft66B.tmp\iscflash.sys [x]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-06 113120]
R3 o1394bul;o1394bul;c:\users\Hp\AppData\Local\Temp\o1394bul.sys [x]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 603240]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 UCORESYS;UCORESYS;c:\swsetup\sp48295\UCORESYS.SYS [2006-11-13 15696]
R4 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [2012-01-12 131888]
R4 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-06 242240]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11352]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 23856]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2012-01-10 25600]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2012-01-10 267880]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 11:49]
.
2012-06-18 c:\windows\Tasks\DriverScanner.job
- c:\program files\Uniblue\DriverScanner\dsmonitor.exe [2012-05-02 11:07]
.
2012-06-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-09 11:13]
.
2012-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-09 11:13]
.
2012-06-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1894705620-644979765-930100149-1000Core.job
- c:\users\Hp\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-17 08:30]
.
2012-06-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1894705620-644979765-930100149-1000UA.job
- c:\users\Hp\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-17 08:30]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com.tr/
IE: Microsoft Excel'e &Ver - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
TCP: DhcpNameServer = 195.175.39.40 195.175.39.39 192.168.1.1
TCP: Interfaces\{3348BE6F-76EA-4863-B4EA-BFA8C7A04056}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Hp\AppData\Roaming\Mozilla\Firefox\Profiles\r8gimx64.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2342185&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://google.com.tr
getElementById('urlbar').style.maxWidth='250px'
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{b12785f5-d8d0-4530-a3ea-5c4263b85bef} - (no file)
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
WebBrowser-{B12785F5-D8D0-4530-A3EA-5C4263B85BEF} - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
MSConfigStartUp-NBAgent - c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe
AddRemove-Grand Theft Auto - c:\program files\Rockstar Games\Grand Theft Auto\Uninst.isu
AddRemove-LucasArts' Outlaws - c:\windows\unin0416.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\bm_installer.exe
AddRemove-Little Fighter 2 Dark - c:\program files\Little Fighter 2 Dark\Uninstal.exe
AddRemove-UnityWebPlayer - c:\users\Hp\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Completion time: 2012-06-18 12:56:28 - machine was rebooted
ComboFix-quarantined-files.txt 2012-06-18 09:56
.
Pre-Run: 66.905.333.760 bayt boş
Post-Run: 66.529.222.656 bayt boş
.
- - End Of File - - 39F82F267E1A590E3DB5BB0EFF5B05A2
-
format tek çözüm görünüyor. kaspersky kuruluyken nasıl bulaşmış orası ayrı muamma tabiki. -
Şimdi combofixden sonra exe dosyaları güvenli modda silinebilir oldu. Ama windowsu normal olarak başlattığımda yine ya hoşgeldin ekranında ya da masaüstünde bilgisayar kilitleniyor.bir de hoşgeldin ekranında siyah boş ekran görünüp kayboluyor bir anda.
Bir de WmiPrvSE.exe var görev yöneticisinde. windowsun kendi işlemiymiş ama daha önce gördüğümü hatırlamıyorum. Açıklamasında Host, Server falan diyor acaba bir virüs bilgisayarımı host'a çevirmeye mi kalkışıyor :S -
peki görev yöneticisinde kaç tane dll.host var -
hiç yok :/ ama iki tane WmiPrvSe var. ayrıca demin farkettim, "windows media player ağ paylaşım hizmeti"nden "windows nt geliştirme bilmemnesi"ne kadar benimle alakası olmayan bir sürü SYSTEM işlemi var.
Sayfa:
1
Ip işlemleri
Bu mesaj IP'si ile atılan mesajları ara Bu kullanıcının son IP'si ile atılan mesajları ara Bu mesaj IP'si ile kullanıcı ara Bu kullanıcının son IP'si ile kullanıcı ara
KAPAT X
Bu mesaj IP'si ile atılan mesajları ara Bu kullanıcının son IP'si ile atılan mesajları ara Bu mesaj IP'si ile kullanıcı ara Bu kullanıcının son IP'si ile kullanıcı ara
KAPAT X
