-_-_-_-_-_-Combofix Loguma Bakabilirmisiniz-_-_-_-_-_- Arkadaşlar ?

19-09-2019, 11:58:02

#1
Diaz

Açık Profil bilgileri

Özel Mesaj Gönder

Diaz tarafından gönderilen tüm mesajları bul

Diaz'ı arkadaş olarak ekle

Platinum
merhaba arkadaşlar benim pcde combofix ile bir tarama yaptım ve sonucu :
tarama yapmamın sebebi pcde ram cok fazla yeniyodu [kullanılıyodu (oncekine gore] ,birşeyler oluyodu işte siz anladınız loguma bir bakın bakalım virus felan bulmuşmu ...
not:bide bu virusler vs. şeyler onemlimi yani combofix iyiki bulmuş dedirtcek şeylermi kısacası zararlımı gerci virusun zararlısı olmaz ama .

-.-.-İŞTE LOGUM-.-.-

ComboFix 13-07-31.02 - cls 24.04.2014 11:40:34.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1254.90.1055.18.2047.566 [GMT 3:00]
Running from: c:usersclsDownloadsComboFix-tamindir.exe
AV: avast! Antivirus *Disabled/Updated*
SP: avast! Antivirus *Disabled/Updated*
SP: Windows Defender *Enabled/Outdated*
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:windowssecurityDatabase mp.edb
c:windowsSysWow64rapsvid.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------Legacy_NPF
.
.
((((((((((((((((((((((((( Files Created from 2014-03-24 to 2014-04-24 )))))))))))))))))))))))))))))))
.
.
2014-04-23 13:21 . 2014-04-23 13:38 -------- d-----w- c:usersclsAppDataRoamingGetRightToGo
2014-04-19 05:52 . 2014-04-14 17:13 96168 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll
2014-04-18 18:42 . 2014-04-19 05:52 -------- d-----w- crogramdataOracle
2014-04-18 18:42 . 2014-04-19 05:52 -------- d-----w- crogram files (x86)Java
2014-04-18 18:29 . 2014-04-18 18:29 -------- d-----w- crogram files (x86)Common FilesJava
2014-04-18 18:00 . 2014-04-17 02:31 10651704 ----a-w- crogramdataMicrosoftWindows DefenderDefinition Updatesmpengine.dll
2014-04-18 17:51 . 2014-04-18 17:51 -------- d-----w- crogram files (x86)Common FilesGretech Corporation
2014-04-18 17:47 . 2014-04-23 13:36 -------- d-----w- crogramdataGRETECH
2014-04-18 17:19 . 2014-04-18 17:19 29208 ----a-w- c:windowssystem32driversswHwid.sys
2014-04-18 17:19 . 2014-04-18 17:19 43152 ----a-w- c:windowsvastSS.scr
2014-04-18 13:34 . 2014-04-18 13:34 48648 ----a-w- crogramdataMicrosoftehomePackagesMCEClientU XUpdateableMarkup-3Markup.dll
2014-04-15 16:48 . 2014-04-15 16:51 -------- d-----w- crogramdataMTA San Andreas All
2014-04-15 15:11 . 2014-04-15 15:11 -------- d-----w- c:usersclsAppDataLocalSkype
2014-04-15 15:10 . 2014-04-15 15:11 -------- d-----r- crogram files (x86)Skype
2014-04-15 15:10 . 2014-04-15 15:10 -------- d-----w- crogram files (x86)Common FilesSkype
2014-04-15 15:09 . 2014-04-15 15:09 -------- d-----w- c:usersclsAppDataLocalWMTools Downloaded Files
2014-04-15 13:08 . 2008-04-14 06:00 3679744 ----a-w- crogramdataMicrosoftWindowsStart MenuWindows Live Movie Maker.exe
2014-04-15 13:07 . 2014-04-15 15:18 -------- d-----w- crogram files (x86)Windows Movie Maker
2014-04-14 15:27 . 2014-04-15 15:57 -------- dc----w- c:usersclsAppDataLocalMigWiz
2014-03-28 20:20 . 2014-05-05 21:26 119512 ----a-w- c:windowssystem32driversMBAMSwissArmy.sys
2014-03-28 20:19 . 2014-04-05 10:44 -------- d-----w- crogram files (x86)Malwarebytes Anti-Malware
2014-03-28 20:19 . 2014-04-03 06:51 63192 ----a-w- c:windowssystem32driversmwac.sys
2014-03-28 20:19 . 2014-04-03 06:51 88280 ----a-w- c:windowssystem32driversmbamchameleon.sys
2014-03-28 16:28 . 2014-03-28 16:28 -------- d-----w- crogram files (x86)Mozilla Maintenance Service
2014-03-28 16:28 . 2014-03-15 08:41 46704 ----a-w- crogram files (x86)Mozilla Firefoxrowsercomponentsrowsercomps.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2014-04-21 12:44 . 2013-09-24 06:17 48648 ----a-w- crogramdataMicrosoftehomePackagesMCEClientU XUpdateableMarkupMarkup.dll
2014-04-21 12:43 . 2013-09-24 06:16 524624 ----a-w- crogramdataMicrosoftehomePackagesMCESpotlig htMCESpotlightSpotlightResources.dll
2014-04-18 17:19 . 2014-01-12 11:36 85328 ----a-w- c:windowssystem32driversswstm.sys
2014-04-18 17:19 . 2013-09-22 13:45 423240 ----a-w- c:windowssystem32driversswsp.sys
2014-04-18 17:19 . 2013-09-22 13:45 93568 ----a-w- c:windowssystem32driversswRdr2.sys
2014-04-18 17:19 . 2013-09-22 13:45 1039096 ----a-w- c:windowssystem32driversswSnx.sys
2014-04-18 17:19 . 2013-09-22 13:45 208416 ----a-w- c:windowssystem32driversswVmm.sys
2014-04-18 17:19 . 2013-09-22 13:45 65776 ----a-w- c:windowssystem32driversswRvrt.sys
2014-04-18 17:19 . 2013-09-22 13:45 79184 ----a-w- c:windowssystem32driversswMonFlt.sys
2014-04-18 17:19 . 2013-09-22 13:45 334648 ----a-w- c:windowssystem32swBoot.exe
2014-04-18 13:34 . 2013-10-06 15:56 524624 ----a-w- crogramdataMicrosoftehomePackagesMCESpotlig htMCESpotlight-2SpotlightResources.dll
2014-04-03 06:50 . 2014-01-16 17:12 25816 ----a-w- c:windowssystem32driversmbam.sys
2014-03-31 06:35 . 2010-11-21 03:27 270496 ------w- c:windowssystem32MpSigStub.exe
2014-03-14 17:38 . 2013-09-22 13:42 71048 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl
2014-03-14 17:38 . 2013-09-22 13:42 692616 ----a-w- c:windowsSysWow64FlashPlayerApp.exe
2014-03-10 16:17 . 2014-01-19 09:11 128288 ----a-w- c:windowssystem32IObitSmartDefragExtension.dll
2014-03-03 16:45 . 2013-10-06 15:56 48648 ----a-w- crogramdataMicrosoftehomePackagesMCEClientU XUpdateableMarkup-2Markup.dll
2014-02-26 05:39 . 2013-11-27 18:40 117024 ----a-w- c:windowssystem32BootDefrag.exe
2013-02-07 12:22 . 2013-02-07 12:22 50330 ----a-w- crogram files (x86)AntiDust.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurre ntVersionRun]
"Sidebar"="crogram filesWindows Sidebarsidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoft WindowsCurrentVersionRun]
"AvastUI.exe"="crogram filesAVAST SoftwareAvastAvastUI.exe" [2014-04-18 3873704]
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurr entversionpoliciessystem]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontro lsession manager]
BootExecute REG_MULTI_SZ autocheck autochk *
.
R0 BootDefragDriver;BootDefragDriver;c:windowsSyste m32driversBootDefragDriver.sys;c:windowsSYSNAT IVEdriversBootDefragDriver.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework6 44.0.30319mscorsvw.exe;c:windowsMicrosoft.NET Framework644.0.30319mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;crogram files (x86)SkypeUpdaterUpdater.exe;crogram files (x86)SkypeUpdaterUpdater.exe [x]
R3 dmvsc;dmvsc;c:windowssystem32driversdmvsc.sys; c:windowsSYSNATIVEdriversdmvsc.sys [x]
R3 e1yexpress;Intel(R) Gigabit Ağ Bağlantıları Surucusu;c:windowssystem32DRIVERSe1y60x64.sys; c:windowsSYSNATIVEDRIVERSe1y60x64.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:windowssystem32DRIVERSew_hwusbdev.sys ;c:windowsSYSNATIVEDRIVERSew_hwusbdev.sys [x]
R3 mvusbews;USB EWS Device;c:windowssystem32Driversmvusbews.sys;c: windowsSYSNATIVEDriversmvusbews.sys [x]
R3 netw5v64;Windows Vista 64 Bit icin Intel(R) Wireless WiFi Link 5000 Serisi Bağdaştırıcı Surucusu;c:windowssystem32DRIVERSetw5v64.sys; c:windowsSYSNATIVEDRIVERSetw5v64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:windowssystem32driversdpvideominipor t.sys;c:windowsSYSNATIVEdriversdpvideominipor t.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:windowssystem32DRIVERSVS TAZL6.SYS;c:windowsSYSNATIVEDRIVERSVSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:windowssystem32DRIVERSVS TDPV6.SYS;c:windowsSYSNATIVEDRIVERSVSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:windowssystem32DRIVER SVSTCNXT6.SYS;c:windowsSYSNATIVEDRIVERSVSTCNX T6.SYS [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:windowssystem32driversSynth3dVsc.sys; c:windowsSYSNATIVEdriversSynth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:windowssystem32drivers erminpt.sys;c: windowsSYSNATIVEdrivers erminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:windowssystem32drivers sus bflt.sys;c:windowsSYSNATIVEdrivers susbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:windowssystem32driversTsUsbGD.sys;c: windowsSYSNATIVEdriversTsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:windowssystem32drivers susbhub.sys;c:wi ndowsSYSNATIVEdrivers susbhub.sys [x]
R3 VGPU;VGPU;c:windowssystem32driversdvgkmd.sys; c:windowsSYSNATIVEdriversdvgkmd.sys [x]
R3 WatAdminSvc;Windows Etkinleştirme Teknolojileri Hizmeti;c:windowssystem32WatWatAdminSvc.exe;c: windowsSYSNATIVEWatWatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;crogram files (x86)IObitGame Booster 3DriverWinRing0x64.sys;crogram files (x86)IObitGame Booster 3DriverWinRing0x64.sys [x]
R4 HP LaserJet Service;HP LaserJet Service;crogram files (x86)HPHPLaserJetServiceHPLaserJetService.exe;c rogram files (x86)HPHPLaserJetServiceHPLaserJetService.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 SmartDefragDriver;SmartDefragDriver;c:windowsSys tem32DriversSmartDefragDriver.sys;c:windowsSYS NATIVEDriversSmartDefragDriver.sys [x]
S0 sptd;sptd;c:windowsSystemRootSystem32Drivers sptd.sys;c:windowsSystemRootSystem32Driverss ptd.sys [x]
S1 aswSnx;aswSnx;c:windowssystem32driversswSnx.s ys;c:windowsSYSNATIVEdriversswSnx.sys [x]
S1 aswSP;aswSP;c:windowssystem32driversswSP.sys; c:windowsSYSNATIVEdriversswSP.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32tiesrxx.exe;c:window sSYSNATIVEtiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:windowssystem32driversswHwid.sys ;c:windowsSYSNATIVEdriversswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:windowssystem32driverss wMonFlt.sys;c:windowsSYSNATIVEdriversswMonFlt .sys [x]
S2 aswStm;aswStm;c:windowssystem32driversswStm.s ys;c:windowsSYSNATIVEdriversswStm.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;crogram files (x86)SkypeToolbarsAutoUpdateSkypeC2CAutoUpdate Svc.exe;crogram files (x86)SkypeToolbarsAutoUpdateSkypeC2CAutoUpdate Svc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;crogram files (x86)SkypeToolbarsPNRSvcSkypeC2CPNRSvc.exe;c: program files (x86)SkypeToolbarsPNRSvcSkypeC2CPNRSvc.exe [x]
S2 HPSIService;HP SI Service;c:windowssystem32HPSIsvc.exe;c:windows SYSNATIVEHPSIsvc.exe [x]
S2 mbamchameleon;mbamchameleon;c:windowssystem32dr iversmbamchameleon.sys;c:windowsSYSNATIVEdrive rsmbamchameleon.sys [x]
S2 MBAMScheduler;MBAMScheduler;crogram files (x86)Malwarebytes Anti-Malwarembamscheduler.exe;crogram files (x86)Malwarebytes Anti-Malwarembamscheduler.exe [x]
S2 MBAMService;MBAMService;crogram files (x86)Malwarebytes Anti-Malwarembamservice.exe;crogram files (x86)Malwarebytes Anti-Malwarembamservice.exe [x]
S2 VmbService;Vodafone Mobile Broadband Servisi;crogram files (x86)VodafoneVodafone Mobile BroadbandBinVmbService.exe;crogram files (x86)VodafoneVodafone Mobile BroadbandBinVmbService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:windowssystem32driversAtihdW76.sys;c :windowsSYSNATIVEdriversAtihdW76.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:windowssystem32DRIVERSdtsoftbus01.sys ;c:windowsSYSNATIVEDRIVERSdtsoftbus01.sys [x]
S3 ew_usbenumfilter;huawei_CompositeFilter;c:windows system32DRIVERSew_usbenumfilter.sys;c:windows SYSNATIVEDRIVERSew_usbenumfilter.sys [x]
S3 huawei_cdcacm;huawei_cdcacm;c:windowssystem32DR IVERSew_jucdcacm.sys;c:windowsSYSNATIVEDRIVERS ew_jucdcacm.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:windowssys tem32DRIVERSew_jubusenum.sys;c:windowsSYSNATIV EDRIVERSew_jubusenum.sys [x]
S3 huawei_ext_ctrl;huawei_ext_ctrl;c:windowssystem3 2DRIVERSew_juextctrl.sys;c:windowsSYSNATIVEDR IVERSew_juextctrl.sys [x]
S3 huawei_wwanecm;huawei_wwanecm;c:windowssystem32 DRIVERSew_juwwanecm.sys;c:windowsSYSNATIVEDRIV ERSew_juwwanecm.sys [x]
S3 MBAMProtector;MBAMProtector;c:windowssystem32dr iversmbam.sys;c:windowsSYSNATIVEdriversmbam.s ys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:windowssystem32dr iversMBAMSwissArmy.sys;c:windowsSYSNATIVEdrive rsMBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:windo wssystem32driversmwac.sys;c:windowsSYSNATIVE driversmwac.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys;c: windowsSYSNATIVEDRIVERSRt64win7.sys [x]
S3 vvftav303;vvftav303;c:windowssystem32driversv ftav303.sys;c:windowsSYSNATIVEdriversvftav303 .sys [x]
S3 ZSMC0303;A4 TECH PC Camera H;c:windowssystem32DriversusbVM303.sys;c:wind owsSYSNATIVEDriversusbVM303.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MBAMWEBACCESSCONTROL
.
Contents of the 'Scheduled Tasks' folder
.
2014-03-14 c:windowsTasksAdobe Flash Player Updater.job
- c:windowsSysWOW64MacromedFlashFlashPlayerUpda teService.exe [2013-09-23 17:38]
.
2014-04-24 c:windowsTasksGlaryInitialize 4.job
- crogram files (x86)Glary Utilities 4Initialize.exe [2014-04-14 08:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurr entversionexplorershelliconoverlayidentifiers avast]
@=""
[HKEY_CLASSES_ROOTCLSID]
2014-04-18 17:19 290888 ----a-w- crogram filesAVAST SoftwareAvastshShA64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:windowssystem32lank.htm
uStart Page = about:blank
mDefault_Search_URL = hxxp://www.google.com.tr
mDefault_Page_URL = hxxp://www.google.com.tr
mStart Page = hxxp://www.linkzb.com
mSearch Page = hxxp://www.google.com.tr
mSearch Bar = hxxp://www.google.com.tr
mCustomizeSearch = hxxp://www.google.com.tr
mSearchAssistant =
IE: Microsoft Excel'e &Ver - crogra~2MICROS~1Office12EXCEL.EXE/3000
TCP: Interfaces: NameServer = 212.65.140.141 212.65.128.1
TCP: Interfaces: NameServer = 212.65.140.141 212.65.128.1
TCP: Interfaces: NameServer = 212.65.140.141 212.65.128.1
TCP: Interfaces: NameServer = 212.65.140.141 212.65.128.1
FF - ProfilePath - c:usersclsAppDataRoamingMozillaFirefoxProfi les 51kymk0.default
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com.tr
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-IMFservice
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINEsystemControlSet001ControlCl ass0AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINEsystemControlSet001ControlCl ass1AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINEsystemControlSet001ControlCl ass2AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINEsystemControlSet001ControlCl ass3AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINEsystemControlSet001ControlPC WSecurity]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
crogram filesAVAST SoftwareAvastAvastSvc.exe
crogram files (x86)Alcohol SoftAlcohol 120StarWindStarWindServiceAE.exe
crogram files (x86)Malwarebytes Anti-Malwarembam.exe
crogram files (x86)GRETECHGomPlayerGOM.EXE
.
************************************************** ************************
.
Completion time: 2014-04-24 11:58:43 - machine was rebooted
ComboFix-quarantined-files.txt 2014-04-24 08:58
.
Pre-Run: 55.628.242.944 bayt boş
Post-Run: 54.750.515.200 bayt boş
.
- - End Of File - - E6C4120417A7A9342BD12CFC03E525C2
A36C5E4F47E84449FF07ED3517B43A31

:k a21:: rolleyes::con fused::k a10::rolley es:
__________________