Loguma bakar mısınız...

19-09-2019, 11:52:53

#1
Diaz

Açık Profil bilgileri

Özel Mesaj Gönder

Diaz tarafından gönderilen tüm mesajları bul

Diaz'ı arkadaş olarak ekle

Platinum
Arkadaslar keylogger şuphem var viruslu exe ye tikladim yardimci olur musunuz

ComboFix 15-06-18.01 - user 21.06.2015 1:22.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1254.90.1055.18.3564.2261 [GMT 3:00]
Running from: c:\users\user\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated*
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\user\AppData\Local\.#
c:\users\user\AppData\Local\.#\[email protected]@19F66A8.###
c:\users\user\AppData\Local\.#\[email protected]@19F66B8.###
c:\users\user\AppData\Local\.#\[email protected]@19F6708.###
c:\users\user\AppData\Local\.#\[email protected]@19F6718.###
c:\users\user\AppData\Local\.#\[email protected]@19F6758.###
c:\users\user\AppData\Local\.#\[email protected]@19F6768.###
c:\users\user\AppData\Local\.#\[email protected]@18966A8.###
c:\users\user\AppData\Local\.#\[email protected]@18966B8.###
c:\users\user\AppData\Local\.#\[email protected]@1896708.###
c:\users\user\AppData\Local\.#\[email protected]@1896718.###
c:\users\user\AppData\Local\.#\[email protected]@1896758.###
c:\users\user\AppData\Local\.#\[email protected]@1896768.###
c:\users\user\AppData\Local\.#\[email protected]@16309E0.###
c:\users\user\AppData\Local\.#\[email protected]@16309F0.###
c:\users\user\AppData\Local\.#\[email protected]@1630A10.###
c:\users\user\AppData\Local\.#\[email protected]@1630A20.###
c:\users\user\AppData\Local\.#\[email protected]@1630A60.###
c:\users\user\AppData\Local\.#\[email protected]@1630A70.###
c:\users\user\AppData\Local\.#\[email protected]@17C66A8.###
c:\users\user\AppData\Local\.#\[email protected]@17C66B8.###
c:\users\user\AppData\Local\.#\[email protected]@17C6708.###
c:\users\user\AppData\Local\.#\[email protected]@17C6718.###
c:\users\user\AppData\Local\.#\[email protected]@17C6758.###
c:\users\user\AppData\Local\.#\[email protected]@17C6768.###
c:\users\user\AppData\Local\.#\[email protected]@16F66A8.###
c:\users\user\AppData\Local\.#\[email protected]@16F66B8.###
c:\users\user\AppData\Local\.#\[email protected]@16F6708.###
c:\users\user\AppData\Local\.#\[email protected]@16F6718.###
c:\users\user\AppData\Local\.#\[email protected]@16F6758.###
c:\users\user\AppData\Local\.#\[email protected]@16F6768.###
c:\users\user\AppData\Local\.#\[email protected]@19B66A8.###
c:\users\user\AppData\Local\.#\[email protected]@19B66B8.###
c:\users\user\AppData\Local\.#\[email protected]@19B6708.###
c:\users\user\AppData\Local\.#\[email protected]@19B6718.###
c:\users\user\AppData\Local\.#\[email protected]@19B6758.###
c:\users\user\AppData\Local\.#\[email protected]@19B6768.###
c:\users\user\AppData\Local\.#\[email protected]@1EE09E0.###
c:\users\user\AppData\Local\.#\[email protected]@1EE09F0.###
c:\users\user\AppData\Local\.#\[email protected]@1EE0A10.###
c:\users\user\AppData\Local\.#\[email protected]@1EE0A20.###
c:\users\user\AppData\Local\.#\[email protected]@1EE0A60.###
c:\users\user\AppData\Local\.#\[email protected]@1EE0A70.###
c:\users\user\AppData\Local\.#\[email protected]@18166A8.###
c:\users\user\AppData\Local\.#\[email protected]@18166B8.###
c:\users\user\AppData\Local\.#\[email protected]@1816708.###
c:\users\user\AppData\Local\.#\[email protected]@1816718.###
c:\users\user\AppData\Local\.#\[email protected]@1816758.###
c:\users\user\AppData\Local\.#\[email protected]@1816768.###
c:\users\user\AppData\Local\.#\[email protected]@16C66A8.###
c:\users\user\AppData\Local\.#\[email protected]@16C66B8.###
c:\users\user\AppData\Local\.#\[email protected]@16C6708.###
c:\users\user\AppData\Local\.#\[email protected]@16C6718.###
c:\users\user\AppData\Local\.#\[email protected]@16C6758.###
c:\users\user\AppData\Local\.#\[email protected]@16C6768.###
c:\users\user\AppData\Local\.#\[email protected]@17566A8.###
c:\users\user\AppData\Local\.#\[email protected]@17566B8.###
c:\users\user\AppData\Local\.#\[email protected]@1756708.###
c:\users\user\AppData\Local\.#\[email protected]@1756718.###
c:\users\user\AppData\Local\.#\[email protected]@1756758.###
c:\users\user\AppData\Local\.#\[email protected]@18366A8.###
c:\users\user\AppData\Local\.#\[email protected]@18366B8.###
c:\users\user\AppData\Local\.#\[email protected]@1836708.###
c:\users\user\AppData\Local\.#\[email protected]@1836718.###
c:\users\user\AppData\Local\.#\[email protected]@1836758.###
c:\users\user\AppData\Local\.#\[email protected]@1836768.###
c:\users\user\AppData\Local\.#\[email protected]@1C766A8.###
c:\users\user\AppData\Local\.#\[email protected]@1C766B8.###
c:\users\user\AppData\Local\.#\[email protected]@1C76708.###
c:\users\user\AppData\Local\.#\[email protected]@1C76718.###
c:\users\user\AppData\Local\.#\[email protected]@1C76758.###
c:\users\user\AppData\Local\.#\[email protected]@16E09E0.###
c:\users\user\AppData\Local\.#\[email protected]@16E09F0.###
c:\users\user\AppData\Local\.#\[email protected]@16E0A10.###
c:\users\user\AppData\Local\.#\[email protected]@16E0A20.###
c:\users\user\AppData\Local\.#\[email protected]@16E0A60.###
c:\users\user\AppData\Local\.#\[email protected]@16E0A70.###
c:\users\user\AppData\Local\.#\[email protected]@16C66A8.###
c:\users\user\AppData\Local\.#\[email protected]@16C66B8.###
c:\users\user\AppData\Local\.#\[email protected]@16C6708.###
c:\users\user\AppData\Local\.#\[email protected]@16C6718.###
c:\users\user\AppData\Local\.#\[email protected]@16C6758.###
c:\users\user\AppData\Local\.#\[email protected]@16C6768.###
c:\users\user\AppData\Local\.#\[email protected]@1B566A8.###
c:\users\user\AppData\Local\.#\[email protected]@1B566B8.###
c:\users\user\AppData\Local\.#\[email protected]@1B56708.###
c:\users\user\AppData\Local\.#\[email protected]@1B56718.###
c:\users\user\AppData\Local\.#\[email protected]@1B56758.###
c:\users\user\AppData\Local\.#\[email protected]@1B56768.###
c:\users\user\AppData\Local\CikcikOkey.exe
c:\users\user\AppData\Local\ckck
c:\users\user\AppData\Local\ckck\cfnt.ini
c:\users\user\AppData\Local\ckck\klmn.ini
c:\users\user\AppData\Local\ckck\pingtime1.ini
c:\users\user\AppData\Local\ckck\ringin.wav
c:\users\user\AppData\Local\KdvliOkey.exe
D:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2015-05-20 to 2015-06-20 )))))))))))))))))))))))))))))))
.
.
2015-06-20 22:27 . 2015-06-20 22:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-06-20 21:58 . 2015-06-20 21:58 -------- d-----w- c:\programdata\Norton
2015-06-20 21:18 . 2015-04-17 02:43 44712 ----a-w- c:\windows\system32\drivers\iSafeNetFilter.sys
2015-06-20 21:18 . 2015-06-16 03:42 48784 ----a-w- c:\windows\system32\drivers\iSafeKrnlBoot.sys
2015-06-20 21:18 . 2015-06-20 21:18 -------- d-----w- c:\program files\Elex-tech
2015-06-20 20:59 . 2015-06-20 21:39 -------- d-----w- C:\Downloads
2015-06-20 20:58 . 2015-06-20 20:58 -------- d-----w- c:\programdata\FreeDownloadManager.ORG
2015-06-20 20:58 . 2015-06-20 20:58 -------- d-----w- c:\program files\Free Download Manager
2015-06-19 17:16 . 2015-06-19 17:16 -------- d-----w- c:\program files\Internet Download Manager
2015-06-19 16:22 . 2015-06-19 16:22 50728 ----a-w- c:\windows\system32\drivers\vrtaucbl.sys
2015-06-19 16:22 . 2015-06-19 16:23 -------- d-----w- c:\program files\Virtual Audio Cable
2015-06-19 10:01 . 2015-06-19 10:01 -------- d-----w- c:\programdata\KONAMI
2015-06-19 10:01 . 2015-06-19 10:01 -------- d-----w- c:\program files\KONAMI
2015-06-18 20:30 . 2015-06-18 20:30 -------- d-----w- c:\program files\Cheat Engine
2015-06-18 20:21 . 2015-06-18 20:21 -------- d-----w- c:\programdata\ATI
2015-06-18 20:20 . 2015-06-18 20:20 0 ----a-w- c:\windows\ativpsrm.bin
2015-06-18 20:18 . 2015-06-18 20:18 -------- d-----w- c:\programdata\AMD
2015-06-18 20:18 . 2015-06-18 20:18 -------- d-----w- c:\program files\AMD AVT
2015-06-18 20:16 . 2015-06-18 20:16 -------- d-----w- c:\program files\AMD
2015-06-18 20:15 . 2015-06-18 20:15 -------- d-----w- c:\program files\Common Files\ATI Technologies
2015-06-18 20:13 . 2015-06-18 20:13 -------- d-----w- c:\program files\Microsoft.NET
2015-06-18 20:11 . 2015-06-18 20:11 -------- d-----w- c:\programdata\Package Cache
2015-06-18 20:11 . 2015-06-18 20:17 -------- d-----w- c:\program files\ATI Technologies
2015-06-18 20:10 . 2015-06-18 20:10 -------- d-----w- c:\program files\ATI
2015-06-18 19:39 . 2015-06-18 20:10 -------- d-----w- C:\AMD
2015-06-18 19:37 . 2008-10-15 03:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2015-06-18 19:37 . 2008-10-15 03:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2015-06-18 19:37 . 2008-10-15 03:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2015-06-18 19:28 . 2015-06-18 18:41 -------- d-----w- c:\windows\Panther
2015-06-18 19:28 . 2015-06-18 19:28 -------- d-----w- C:\Boot
2015-06-18 19:15 . 2015-06-18 19:15 -------- d-----w- c:\program files\TeamSpeak 3 Client
2015-06-18 19:11 . 2015-06-18 19:11 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2015-06-18 19:11 . 2015-06-18 19:11 -------- d-----w- c:\program files\Winamp
2015-06-18 19:09 . 2015-06-18 20:46 -------- d-----w- c:\program files\TeamViewer
2015-06-18 19:09 . 2015-06-18 19:09 -------- d-----w- c:\program files\Notepad++
2015-06-18 19:09 . 2015-06-18 19:09 -------- d-----w- c:\program files\Common Files\Java
2015-06-18 19:08 . 2015-06-18 19:08 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-06-18 19:08 . 2015-06-18 19:08 -------- d-----w- c:\program files\Java
2015-06-18 19:08 . 2015-06-18 19:08 -------- d-----w- c:\programdata\Oracle
2015-06-18 19:07 . 2015-06-18 19:07 -------- d-----w- c:\program files\Microsoft Silverlight
2015-06-18 19:06 . 2015-06-18 19:06 -------- d-----w- c:\programdata\IDM
2015-06-18 19:06 . 2015-06-18 19:07 -------- d-----w- c:\program files\Google
2015-06-18 19:02 . 2015-06-18 19:03 -------- d-----w- c:\program files\Mozilla Maintenance Service
2015-06-18 18:56 . 2015-05-18 01:51 9265072 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\\mpengine.dll
2015-06-18 18:56 . 2015-02-24 01:23 246920 ------w- c:\windows\system32\MpSigStub.exe
2015-06-18 18:41 . 2015-06-20 22:12 -------- d-----w- c:\users\user
2015-06-18 18:40 . 2015-06-18 18:40 -------- d-sh--we c:\users\Default\Belgelerim
2015-06-18 18:40 . 2015-06-18 18:40 -------- d-sh--we c:\programdata\Sık Kullanılanlar
2015-06-18 18:40 . 2015-06-18 18:40 -------- d-sh--we c:\programdata\Belgeler
2015-06-18 18:40 . 2015-06-18 18:40 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2015-05-18 05:15 . 2015-05-18 05:15 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2015-05-18 05:15 . 2015-05-18 05:15 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2015-05-18 05:15 . 2015-05-18 05:15 62464 ----a-w- c:\windows\system32\iesetup.dll
2015-05-18 05:15 . 2015-05-18 05:15 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2015-05-18 05:15 . 2015-05-18 05:15 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2015-05-18 05:15 . 2015-05-18 05:15 504320 ----a-w- c:\windows\system32\vbscript.dll
2015-05-18 05:15 . 2015-05-18 05:15 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2015-05-18 05:15 . 2015-05-18 05:15 4305920 ----a-w- c:\windows\system32\jscript9.dll
2015-05-18 05:15 . 2015-05-18 05:15 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2015-05-18 05:15 . 2015-05-18 05:15 341504 ----a-w- c:\windows\system32\html.iec
2015-05-18 05:15 . 2015-05-18 05:15 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2015-05-18 05:15 . 2015-05-18 05:15 2052608 ----a-w- c:\windows\system32\inetcpl.cpl
2015-05-18 05:15 . 2015-05-18 05:15 1882112 ----a-w- c:\windows\system32\wininet.dll
2015-05-18 05:15 . 2015-05-18 05:15 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2015-05-18 05:15 . 2015-05-18 05:15 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2015-05-18 05:15 . 2015-05-18 05:15 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2015-05-18 05:10 . 2015-05-18 05:10 86016 ----a-w- c:\windows\system32\iesysprep.dll
2015-05-18 05:10 . 2015-05-18 05:10 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-05-18 05:10 . 2015-05-18 05:10 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-05-18 05:10 . 2015-05-18 05:10 645120 ----a-w- c:\windows\system32\jsIntl.dll
2015-05-18 05:10 . 2015-05-18 05:10 62464 ----a-w- c:\windows\system32\tdc.ocx
2015-05-18 05:10 . 2015-05-18 05:10 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-05-18 05:10 . 2015-05-18 05:10 36352 ----a-w- c:\windows\system32\imgutil.dll
2015-05-18 05:10 . 2015-05-18 05:10 24576 ----a-w- c:\windows\system32\licmgr10.dll
2015-05-18 05:10 . 2015-05-18 05:10 194048 ----a-w- c:\windows\system32\elshyph.dll
2015-05-18 05:10 . 2015-05-18 05:10 182272 ----a-w- c:\windows\system32\msls31.dll
2015-05-18 05:10 . 2015-05-18 05:10 151552 ----a-w- c:\windows\system32\iexpress.exe
2015-05-18 05:10 . 2015-05-18 05:10 139264 ----a-w- c:\windows\system32\wextract.exe
2015-05-18 05:10 . 2015-05-18 05:10 13312 ----a-w- c:\windows\system32\mshta.exe
2015-05-18 05:10 . 2015-05-18 05:10 111616 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-05-18 05:09 . 2015-05-18 05:09 342016 ----a-w- c:\windows\system32\certcli.dll
2015-05-18 05:09 . 2015-05-18 05:09 248832 ----a-w- c:\windows\system32\schannel.dll
2015-05-18 05:09 . 2015-05-18 05:09 259072 ----a-w- c:\windows\system32\services.exe
2015-05-18 05:08 . 2015-05-18 05:08 67584 ----a-w- c:\windows\system32\dwmapi.dll
2015-05-18 05:08 . 2015-05-18 05:08 1372160 ----a-w- c:\windows\system32\dwmcore.dll
2015-05-18 05:08 . 2015-05-18 05:08 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNativ e_v0300.dll
2015-05-18 05:07 . 2015-05-18 05:07 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-05-18 05:07 . 2015-05-18 05:07 1237504 ----a-w- c:\windows\system32\msxml3.dll
2015-05-18 05:07 . 2015-05-18 05:07 305152 ----a-w- c:\windows\system32\gdi32.dll
2015-05-18 05:06 . 2015-05-18 05:06 22528 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\jnwppr.d ll
2015-05-18 05:06 . 2015-05-18 05:06 216064 ----a-w- c:\windows\system32\InkEd.dll
2015-05-18 05:06 . 2015-05-18 05:06 19968 ----a-w- c:\windows\system32\jnwmon.dll
2015-05-18 05:06 . 2015-05-18 05:06 58880 ----a-w- c:\windows\system32\clfsw32.dll
2015-05-18 05:06 . 2015-05-18 05:06 249784 ----a-w- c:\windows\system32\clfs.sys
2015-05-18 05:05 . 2015-05-18 05:05 62464 ----a-w- c:\windows\system32\aelupsvc.dll
2015-05-18 05:05 . 2015-05-18 05:05 5120 ----a-w- c:\windows\system32\shimeng.dll
2015-05-18 05:05 . 2015-05-18 05:05 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-05-18 05:05 . 2015-05-18 05:05 295936 ----a-w- c:\windows\system32\apphelp.dll
2015-05-18 05:05 . 2015-05-18 05:05 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-05-18 05:05 . 2015-05-18 05:05 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-05-18 05:05 . 2015-05-18 05:05 20992 ----a-w- c:\windows\system32\sdbinst.exe
2015-05-18 05:05 . 2015-05-18 05:05 909312 ----a-w- c:\windows\system32\FntCache.dll
2015-05-18 05:05 . 2015-05-18 05:05 2382336 ----a-w- c:\windows\system32\win32k.sys
2015-05-18 05:05 . 2015-05-18 05:05 1250816 ----a-w- c:\windows\system32\DWrite.dll
2015-05-18 05:04 . 2015-05-18 05:04 514560 ----a-w- c:\windows\system32\drivers\http.sys
2015-05-18 05:03 . 2015-05-18 05:03 2744320 ----a-w- c:\windows\system32\rdpcorets.dll
2015-05-18 05:03 . 2015-05-18 05:03 221184 ----a-w- c:\windows\system32\rdpudd.dll
2015-05-18 05:03 . 2015-05-18 05:03 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2015-05-18 05:03 . 2015-05-18 05:03 1230848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-05-18 05:02 . 2015-05-18 05:02 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2015-05-18 05:01 . 2015-05-18 05:01 988160 ----a-w- c:\windows\system32\drmv2clt.dll
2015-05-18 05:01 . 2015-05-18 05:01 9728 ----a-w- c:\windows\system32\pcawrk.exe
2015-05-18 05:01 . 2015-05-18 05:01 96768 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-05-18 05:01 . 2015-05-18 05:01 8704 ----a-w- c:\windows\system32\pcaevts.dll
2015-05-18 05:01 . 2015-05-18 05:01 8192 ----a-w- c:\windows\system32\spwmp.dll
2015-05-18 05:01 . 2015-05-18 05:01 8192 ----a-w- c:\windows\system32\pcalua.exe
2015-05-18 05:01 . 2015-05-18 05:01 81408 ----a-w- c:\windows\system32\cryptsp.dll
2015-05-18 05:01 . 2015-05-18 05:01 78784 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-05-18 05:01 . 2015-05-18 05:01 744960 ----a-w- c:\windows\system32\blackbox.dll
2015-05-18 05:01 . 2015-05-18 05:01 617984 ----a-w- c:\windows\system32\wmdrmsdk.dll
2015-05-18 05:01 . 2015-05-18 05:01 593920 ----a-w- c:\windows\system32\drivers\PEAuth.sys
2015-05-18 05:01 . 2015-05-18 05:01 521384 ----a-w- c:\windows\system32\winload.exe
2015-05-18 05:01 . 2015-05-18 05:01 519680 ----a-w- c:\windows\system32\qdvd.dll
2015-05-18 05:01 . 2015-05-18 05:01 50688 ----a-w- c:\windows\system32\appidapi.dll
2015-05-18 05:01 . 2015-05-18 05:01 504320 ----a-w- c:\windows\system32\msscp.dll
2015-05-18 05:01 . 2015-05-18 05:01 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-05-18 05:01 . 2015-05-18 05:01 50176 ----a-w- c:\windows\system32\rrinstaller.exe
2015-05-18 05:01 . 2015-05-18 05:01 50176 ----a-w- c:\windows\system32\drivers\appid.sys
2015-05-18 05:01 . 2015-05-18 05:01 489984 ----a-w- c:\windows\system32\evr.dll
2015-05-18 05:01 . 2015-05-18 05:01 475136 ----a-w- c:\windows\system32\audiosrv.dll
2015-05-18 05:01 . 2015-05-18 05:01 455752 ----a-w- c:\windows\system32\winresume.exe
2015-05-18 05:01 . 2015-05-18 05:01 442880 ----a-w- c:\windows\system32\AUDIOKSE.dll
2015-05-18 05:01 . 2015-05-18 05:01 4096 ----a-w- c:\windows\system32\msdxm.ocx
2015-05-18 05:01 . 2015-05-18 05:01 4096 ----a-w- c:\windows\system32\dxmasf.dll
2015-05-18 05:01 . 2015-05-18 05:01 409272 ----a-w- c:\windows\system32\ci.dll
2015-05-18 05:01 . 2015-05-18 05:01 406016 ----a-w- c:\windows\system32\drmmgrtn.dll
2015-05-18 05:01 . 2015-05-18 05:01 374784 ----a-w- c:\windows\system32\AudioEng.dll
2015-05-18 05:01 . 2015-05-18 05:01 354816 ----a-w- c:\windows\system32\mfplat.dll
2015-05-18 05:01 . 2015-05-18 05:01 3209728 ----a-w- c:\windows\system32\mf.dll
2015-05-18 05:01 . 2015-05-18 05:01 28160 ----a-w- c:\windows\system32\pcadm.dll
2015-05-18 05:01 . 2015-05-18 05:01 27648 ----a-w- c:\windows\system32\appidsvc.dll
2015-05-18 05:01 . 2015-05-18 05:01 275968 ----a-w- c:\windows\system32\EncDump.dll
2015-05-18 05:01 . 2015-05-18 05:01 265216 ----a-w- c:\windows\system32\msnetobj.dll
2015-05-18 05:01 . 2015-05-18 05:01 23040 ----a-w- c:\windows\system32\mfpmp.exe
2015-05-18 05:01 . 2015-05-18 05:01 2048 ----a-w- c:\windows\system32\mferror.dll
2015-05-18 05:01 . 2015-05-18 05:01 195584 ----a-w- c:\windows\system32\AudioSes.dll
2015-05-18 05:01 . 2015-05-18 05:01 179200 ----a-w- c:\windows\system32\wintrust.dll
2015-05-18 05:01 . 2015-05-18 05:01 16896 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-05-18 05:01 . 2015-05-18 05:01 157184 ----a-w- c:\windows\system32\pcasvc.dll
2015-05-18 05:01 . 2015-05-18 05:01 143872 ----a-w- c:\windows\system32\cryptsvc.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2015-05-14 5669480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R3 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-05-18 102912]
R3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2013-08-27 595968]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 642520]
R3 iSafeKrnlBoot;YAC Boot Driver;c:\windows\system32\DRIVERS\iSafeKrnlBoot.s ys [2015-06-16 48784]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominipor t.sys [2015-05-18 14848]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2015-05-18 24064]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsus bflt.sys [2015-05-18 49152]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2015-05-18 26880]
S1 iSafeKrnl;YAC Mini-Filter Driver;c:\program files\Elex-tech\YAC\iSafeKrnl.sys [2015-06-16 226024]
S1 iSafeKrnlKit;YAC Kit Driver;c:\program files\Elex-tech\YAC\iSafeKrnlKit.sys [2015-06-16 96424]
S1 iSafeKrnlMon;YAC Monitor Driver;c:\program files\Elex-tech\YAC\iSafeKrnlMon.sys [2015-06-16 43536]
S1 iSafeKrnlR3;YAC Ring3 Driver;c:\program files\Elex-tech\YAC\iSafeKrnlR3.sys [2015-06-16 71744]
S1 iSafeNetFilter;YAC NDIS Driver;c:\windows\system32\DRIVERS\iSafeNetFilter. sys [2015-04-17 44712]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-12-06 209408]
S2 iSafeService;YAC Service;c:\program files\Elex-tech\YAC\iSafeSvc.exe [2015-06-16 118048]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-09 169432]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-09-24 77312]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys [2015-06-19 50728]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\TeeDriver.sys [2013-12-09 86488]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2014-06-05 714968]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - SMR501
*Deregistered* - SMR501
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\]
2015-06-18 19:07 986440 ----a-w- c:\program files\Google\Chrome\Application\43.0.2357.124\Inst aller\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-06-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-06-18 19:06]
.
2015-06-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-06-18 19:06]
.
.
------- Supplementary Scan -------
.
IE: Free Download Manager ile indir - file://c:\program files\Free Download Manager\dllink.htm
IE: Free Download Manager ile secileni indir - file://c:\program files\Free Download Manager\dlselected.htm
IE: Free Download Manager ile tumunu indir - file://c:\program files\Free Download Manager\dlall.htm
IE: Videoyu Free Download Manager ile indir - file://c:\program files\Free Download Manager\dlfvideo.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath -
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-06-21 01:29:10
ComboFix-quarantined-files.txt 2015-06-20 22:29
.
Pre-Run: 73.240.895.488 bayt boş
Post-Run: 73.050.832.896 bayt boş
.
- - End Of File - - 811FBCB1C93B83983B65BCBDFCBD5CD3
A36C5E4F47E84449FF07ED3517B43A31
__________________