Yeni Kayıt
Konudaki Resimler
< Bu mesaj bu kişi tarafından değiştirildi ßurock -- 23 Nisan 2013; 18:24:27 > |
Hızlı 
Bildirim
ANTİVİRÜS SİTELERİNE GİREMİYORUM
Sıcak Fırsatlarda Tıklananlar
Editörün Seçtiği Fırsatlar
Daha Fazla 
Bu Konudaki Kullanıcılar:
Daha Az 
2 Misafir - 2 Masaüstü
Giriş
Mesaj
-
-
http://www.softpedia.com/get/Antivirus/SmitfraudFix.shtml
bu programı deneyin kendi bilgisayarınızdan indiremezseniz başka bir bilgisayardan indirip flash diskle taşıyıp taratın bilgisayarınızı . -
Tarama tamamlanmadan kapanıyor program. -
quote:
Orijinalden alıntı: ßurock
Tarama tamamlanmadan kapanıyor program.
açılışta f8 tuşuna basarak güvenli kipte açıp o şekilde taramayı dener misiniz . -
quote:
Orijinalden alıntı: kara duman
quote:
Orijinalden alıntı: ßurock
Tarama tamamlanmadan kapanıyor program.
açılışta f8 tuşuna basarak güvenli kipte açıp o şekilde taramayı dener misiniz .
Malesef değişen birşey olmadı. -
Combofix ile de tarattım rapor burada.
ComboFix 13-04-18.02 - Burak 18.04.2013 16:21:51.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1254.90.1055.18.8094.5906 [GMT 3:00]
Running from: c:\users\Burak\Downloads\Programs\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Outdated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Kaspersky Anti-Virus *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Burak\AppData\Roaming\GetValue.vbs
c:\windows\SysWow64\404Fix.exe
c:\windows\SysWow64\Agent.OMZ.Fix.exe
c:\windows\SysWow64\dumphive.exe
c:\windows\SysWow64\IEDFix.C.exe
c:\windows\SysWow64\IEDFix.exe
c:\windows\SysWow64\o4Patch.exe
c:\windows\SysWow64\Process.exe
c:\windows\SysWow64\SrchSTS.exe
c:\windows\SysWow64\tmp.reg
c:\windows\SysWow64\VACFix.exe
c:\windows\SysWow64\VCCLSID.exe
c:\windows\SysWow64\WS2Fix.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-03-18 to 2013-04-18 )))))))))))))))))))))))))))))))
.
.
2013-04-18 13:31 . 2013-04-18 13:31 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-04-18 13:31 . 2013-04-18 13:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-18 13:05 . 2013-04-18 13:05 -------- d-----w- c:\windows\SysWow64\SmitfraudFix
2013-04-18 11:23 . 2013-04-18 13:07 35 ----a-w- c:\users\Burak\AppData\Roaming\SetValue.bat
2013-04-17 15:21 . 2012-07-11 14:09 64856 ----a-w- c:\windows\system32\klfphc.dll
2013-04-17 15:20 . 2013-04-17 15:20 -------- d-----w- c:\windows\ELAMBKUP
2013-04-17 15:20 . 2013-04-18 13:11 -------- d-----w- c:\programdata\Kaspersky Lab
2013-04-17 15:20 . 2013-04-17 15:20 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2013-04-17 15:20 . 2012-08-13 15:24 89432 ----a-w- c:\windows\system32\drivers\klflt.sys
2013-04-17 15:20 . 2012-08-13 15:24 611160 ----a-w- c:\windows\system32\drivers\klif.sys
2013-04-16 18:42 . 2013-04-16 18:42 -------- d-----w- c:\program files (x86)\Password Protection Manager
2013-04-16 09:22 . 2013-04-16 09:22 68672 ----a-w- c:\windows\system32\TurboShell_105.dll
2013-04-16 09:22 . 2013-04-16 09:22 32320 ----a-w- c:\windows\system32\drivers\FNETTBOH_305.SYS
2013-04-16 09:22 . 2013-04-16 09:22 -------- d-----w- c:\users\Burak\AppData\Roaming\FNET
2013-04-16 09:22 . 2013-04-16 09:22 -------- d-----w- c:\programdata\FNET
2013-04-16 09:22 . 2013-04-16 09:22 16648 ----a-w- c:\windows\system32\drivers\FNETURPX.SYS
2013-04-16 09:21 . 2013-04-16 09:22 -------- d-----w- c:\program files (x86)\Data Transfer Accelerator
2013-04-15 11:54 . 2013-04-15 11:54 -------- d-----w- c:\users\Burak\AppData\Roaming\Malwarebytes
2013-04-15 11:54 . 2013-04-15 11:54 -------- d-----w- c:\programdata\Malwarebytes
2013-04-15 09:28 . 2013-04-15 09:28 -------- d-----w- c:\users\Burak\AppData\Local\ElevatedDiagnostics
2013-04-15 09:19 . 2013-03-19 02:50 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D85D6416-AD44-4F45-8E90-F55565BCA5B2}\mpengine.dll
2013-04-04 09:10 . 2012-07-12 01:18 100728 ----a-w- c:\windows\system32\drivers\NEOFLTR_720_21397.SYS
2013-04-04 09:10 . 2013-04-04 09:10 -------- d-----w- c:\program files (x86)\Juniper Networks
2013-04-04 09:09 . 2013-04-04 09:10 -------- d-----w- c:\users\Burak\AppData\Roaming\Juniper Networks
2013-04-04 09:09 . 2013-04-04 09:09 -------- d-----w- c:\users\Burak\AppData\Local\Juniper Networks
2013-04-04 09:04 . 2013-03-19 02:50 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-04-04 07:48 . 2012-11-29 14:42 972264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{84AB78DE-1606-4EF4-B036-AF099E3A9890}\gapaengine.dll
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\SysWow64\GPhotos.scr
2013-03-25 13:56 . 2002-07-17 15:23 45056 ----a-w- c:\windows\SysWow64\WNASPI32.DLL
2013-03-25 13:56 . 2002-07-17 15:20 84832 ----a-w- c:\windows\SysWow64\drivers\ASPI32.SYS
2013-03-25 13:47 . 2013-03-25 13:47 -------- d-----w- c:\users\Burak\AppData\Roaming\Free MP3 WMA OGG Converter
2013-03-25 13:46 . 2013-03-25 13:55 -------- d-----w- c:\program files (x86)\Free MP3 WMA OGG Converter
2013-03-24 19:06 . 2013-03-24 19:06 -------- d-----w- c:\users\Burak\AppData\Roaming\ImTOO Software Studio
2013-03-24 19:05 . 2013-03-24 19:09 -------- d-----w- c:\program files (x86)\ImTOO
2013-03-22 16:47 . 2013-03-22 16:47 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-03-21 22:59 . 2013-03-21 22:59 -------- d-----w- c:\users\Burak\AppData\Local\FLT
2013-03-21 16:32 . 2013-03-21 16:40 -------- d-----w- c:\program files (x86)\F1 2012
2013-03-20 16:19 . 2013-03-21 16:31 -------- d-----w- c:\users\Burak\Games
2013-03-20 16:03 . 2013-03-20 16:03 -------- d-----w- c:\users\Burak\AppData\Roaming\{869EE0AC-9F81-4D49-81EA-C21890B3CCC9}
2013-03-20 16:03 . 2013-03-20 16:03 -------- d-----w- c:\users\Burak\AppData\Roaming\{74865409-33C7-4D66-B1BE-5AF1BAA53947}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-18 22:05 . 2013-03-18 22:05 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-18 22:05 . 2012-09-12 10:00 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-03-18 16:51 . 2013-03-16 10:44 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-03-18 16:51 . 2013-03-16 10:44 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-03-18 16:51 . 2013-03-16 10:44 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-03-18 16:51 . 2012-10-25 05:45 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-03-16 08:44 . 2012-09-04 21:01 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-16 08:43 . 2012-09-04 21:01 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-12 20:33 . 2012-12-07 14:53 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-03-12 20:33 . 2012-10-28 09:25 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-03-11 22:39 . 2012-10-28 09:25 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-02-13 21:30 . 2012-09-04 20:56 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-02-10 03:25 . 2013-02-22 19:26 9422672 ----a-w- c:\windows\system32\nvcuda.dll
2013-02-10 03:25 . 2013-02-22 19:26 7964680 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-02-10 03:25 . 2013-02-22 19:26 7569184 ----a-w- c:\windows\system32\nvopencl.dll
2013-02-10 03:25 . 2013-02-22 19:26 6267240 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-02-10 03:25 . 2013-02-22 19:26 420128 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2013-02-10 03:25 . 2013-02-22 19:26 364832 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2013-02-10 03:25 . 2013-02-22 19:26 30496 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2013-02-10 03:25 . 2013-02-22 19:26 2911008 ----a-w- c:\windows\system32\nvcuvid.dll
2013-02-10 03:25 . 2013-02-22 19:26 2726176 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-02-10 03:25 . 2013-02-22 19:26 26947360 ----a-w- c:\windows\system32\nvoglv64.dll
2013-02-10 03:25 . 2013-02-22 19:26 2350368 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-02-10 03:25 . 2013-02-22 19:26 20534560 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-02-10 03:25 . 2013-02-22 19:26 1990944 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-02-10 03:25 . 2013-02-22 19:26 1807136 ----a-w- c:\windows\system32\nvdispco6420294.dll
2013-02-10 03:25 . 2013-02-22 19:26 15275744 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-02-10 03:25 . 2013-02-22 19:26 1510176 ----a-w- c:\windows\system32\nvdispgenco6420162.dll
2013-02-10 03:25 . 2013-02-22 19:26 12862400 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-02-10 03:25 . 2013-02-22 19:26 11040544 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-02-10 03:25 . 2013-02-22 19:26 2528840 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-02-10 03:25 . 2013-02-22 19:26 25256736 ----a-w- c:\windows\system32\nvcompiler.dll
2013-02-10 03:25 . 2013-02-22 19:26 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-02-10 03:25 . 2012-09-05 14:01 963776 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-02-10 03:25 . 2012-09-05 14:01 17987192 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-02-10 03:25 . 2012-09-05 14:01 15038296 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-02-10 03:25 . 2012-06-26 01:57 2854344 ----a-w- c:\windows\system32\nvapi64.dll
2013-02-10 03:25 . 2012-06-26 01:57 250504 ----a-w- c:\windows\system32\nvinitx.dll
2013-02-10 03:25 . 2012-06-26 01:57 205184 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-02-10 03:25 . 2012-06-26 01:57 1114144 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-02-10 01:04 . 2012-06-26 01:57 6393120 ----a-w- c:\windows\system32\nvcpl.dll
2013-02-10 01:04 . 2012-06-26 01:57 3472672 ----a-w- c:\windows\system32\nvsvc64.dll
2013-02-10 01:04 . 2012-06-26 01:57 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-02-10 01:04 . 2012-06-26 01:57 76064 ----a-w- c:\windows\system32\nv3dappshextr.dll
2013-02-10 01:04 . 2012-06-26 01:57 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-02-10 01:04 . 2012-06-26 01:57 564000 ----a-w- c:\windows\SysWow64\oemdspif.dll
2013-02-10 01:04 . 2012-06-26 01:57 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-02-10 01:04 . 2012-06-26 01:57 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-02-10 01:04 . 2012-06-26 01:57 1012000 ----a-w- c:\windows\system32\nv3dappshext.dll
2013-02-09 13:25 . 2012-06-26 01:57 3035306 ----a-w- c:\windows\system32\nvcoproc.bin
2013-02-05 23:04 . 2013-02-05 23:04 42184 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2013-01-30 10:53 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-20 13:59 . 2013-01-20 13:59 230320 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-20 13:59 . 2012-03-20 17:44 130008 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2013-01-30 17:30 233288 ----a-w- c:\program files (x86)\Hotspot Shield\HssIE\HssIE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Burak\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Burak\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Burak\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-06-26 39408]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-08-30 3519936]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-04-17 802136]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-04-26 3111744]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-12-20 1476104]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2012-12-18 578560]
"Facebook Update"="c:\users\Burak\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-11-24 138096]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-12 291608]
"LockKey"="c:\program files (x86)\LockKey\LockKey.exe" [2011-08-26 337776]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2011-11-24 548864]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"Intelligent Touchpad"="c:\program files\Lenovo\Intelligent Touchpad\TouchZone.exe" [2011-12-08 291272]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-06-26 329056]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-12-20 310280]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"Data Transfer Accelerator"="c:\program files (x86)\Data Transfer Accelerator\Data Transfer Accelerator.exe" [2013-04-16 5166856]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe" [2012-08-17 218880]
.
c:\users\Burak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Burak\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-2-2 1380128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 NSDSvc;Fast boot service of lenovo;c:\windows\System32\NSDSvc.exe [2011-12-24 120160]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-12-05 195584]
R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS [2013-04-16 32320]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-27 34200]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Etkinleştirme Teknolojileri Hizmeti;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-04 1255736]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 HybridDisk;HybridDisk;c:\windows\System32\DRIVERS\HybridDiskX64.sys [2010-03-03 38496]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-12 16152]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [2012-06-26 39008]
S0 NSD;NSD;c:\windows\system32\drivers\nsd.sys [2011-12-24 24160]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2013-02-10 30496]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [2013-04-16 16648]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2013-02-05 42184]
S1 hybridcfile;hybridcfile;c:\windows\system32\DRIVERS\HybridCFileX64.sys [2010-03-03 13920]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2012-08-02 28504]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [2012-06-08 54104]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [2012-08-13 178008]
S1 NEOFLTR_720_21397;Juniper Networks TDI Filter Driver (NEOFLTR_720_21397);c:\windows\system32\Drivers\NEOFLTR_720_21397.SYS [2012-07-12 100728]
S1 Nsdfltr;Nsdfltr;c:\windows\system32\drivers\Nsdfltr.sys [2011-12-22 59488]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-05 659968]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-05 135952]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2013-02-08 536360]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2013-02-08 389928]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-08-02 158944]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-08 594704]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2012-06-26 30816]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-12-05 195584]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-14 283200]
S3 hswpan;WPAN Driver;c:\windows\system32\DRIVERS\hswpan.sys [2012-01-27 109056]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-12 356120]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-12 788760]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-27 25496]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-08-25 173656]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [2012-05-25 29016]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2012-07-25 29016]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-11-15 111216]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2011-09-02 76056]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2011-09-02 15128]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2012-09-11 121416]
S3 NisSrv;Microsoft Ağ İnceleme;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2013-01-03 42328]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [2011-12-06 952832]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-15 09:27 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-04 08:44]
.
2013-04-18 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2012-12-12 14:28]
.
2012-11-24 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1170093808-3577676598-1004938600-1002Core.job
- c:\users\Burak\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-24 21:37]
.
2012-11-24 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1170093808-3577676598-1004938600-1002UA.job
- c:\users\Burak\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-24 21:37]
.
2013-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-26 02:22]
.
2013-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-26 02:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Burak\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Burak\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Burak\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Burak\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 00:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-06-26 02:21 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-06-26 789856]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-06-26 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-06-26 6200368]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-03 1580368]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.tr/
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://lenovo.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Bütün linkleri IDM ile indir - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: IDM ile indir - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Microsoft Excel'e &Ver - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: OneNote'a G&önder - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{D14CC7B3-9927-4B04-9F03-50B61F7A902A}: NameServer = 8.8.4.4,8.8.8.8
TCP: Interfaces\{D14CC7B3-9927-4B04-9F03-50B61F7A902A}\14E64627F6964624572716B6: NameServer = 8.8.4.4,8.8.8.8
TCP: Interfaces\{D14CC7B3-9927-4B04-9F03-50B61F7A902A}\944424: NameServer = 8.8.4.4,8.8.8.8
TCP: Interfaces\{D14CC7B3-9927-4B04-9F03-50B61F7A902A}\A5978554C4: NameServer = 8.8.4.4,8.8.8.8
TCP: Interfaces\{D14CC7B3-9927-4B04-9F03-50B61F7A902A}\C696E6B6379737: NameServer = 8.8.4.4,8.8.8.8
FF - ProfilePath - c:\users\Burak\AppData\Roaming\Mozilla\Firefox\Profiles\2hnkzcbe.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.tr/
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1170093808-3577676598-1004938600-1002\Software\SecuROM\License information*]
"datasecu"=hex:07,56,77,1c,7c,d5,bc,9a,89,04,b6,7c,eb,41,90,09,d4,22,da,81,3a,
a6,72,61,8d,9a,e2,e5,ac,2b,68,d6,16,e8,2f,f4,d7,62,15,a7,3d,52,4e,26,a8,b7,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_USERS\S-1-5-21-1170093808-3577676598-1004938600-1002_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):04,e5,92,81,88,ef,ce,d4,4d,ff,b2,53,f6,89,45,4f,3d,42,4d,99,3f,
52,42,05,b3,64,f8,23,bd,f9,b0,b1,d4,6b,c3,eb,ca,c4,8d,67,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-1170093808-3577676598-1004938600-1002_Classes\Wow6432Node\CLSID\{cec0ca84-f804-414f-8e0d-6a3a77b48da9}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000040
"Therad"=dword:00000002
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-18 16:33:41
ComboFix-quarantined-files.txt 2013-04-18 13:33
ComboFix2.txt 2013-04-17 16:57
ComboFix3.txt 2013-04-17 16:13
.
Pre-Run: 241.259.507.712 bayt boş
Post-Run: 240.938.700.800 bayt boş
.
- - End Of File - - 1381780CB7D77141FEA8535B0FD82EA4
-
birde şunla taratırmısın ayrıca sisteminizde 2 tane antivirüs var gerek yok boşuna kastırmayın bilgisayarınızı 2 antivirüs daha fazla güvenlik demek değildir .
http://www.bdtools.net/download/bd_rem_tool.zip -
quote:
Orijinalden alıntı: kara duman
birde şunla taratırmısın ayrıca sisteminizde 2 tane antivirüs var gerek yok boşuna kastırmayın bilgisayarınızı 2 antivirüs daha fazla güvenlik demek değildir .
http://www.bdtools.net/download/bd_rem_tool.zip
Could not load trufosalt.sys hatasını alıyorum.Çalışmıyor program. -
Process explorer tarzı bir programla sistemde çalışan dosyaları inceleyin.Şüphelendiklerinizi sağ tıklayıp properties deyin.Orada incelemelerinizi yapın, gereksiz gördüklerinize sağ tıklayın Kill Process yada altında program varsa kill process tree deyin.Virüs ise işe yaramayabilir bazı dosyalarda, o yüzden dosya yolunu seçip unlocker ile silin.Bir noktadan sonra mutlu sona ulaşacaksınızdır bence.quote:
Orijinalden alıntı: ßurockquote:
Orijinalden alıntı: kara duman
birde şunla taratırmısın ayrıca sisteminizde 2 tane antivirüs var gerek yok boşuna kastırmayın bilgisayarınızı 2 antivirüs daha fazla güvenlik demek değildir .
http://www.bdtools.net/download/bd_rem_tool.zip
Could not load trufosalt.sys hatasını alıyorum.Çalışmıyor program.
Alıntıları Göster
-
Sorun hala devam etmekte ... -
disk'i başka bir pc de taratma imkanın varsa bir dene.
Ağdan virüs taraması yapan bir antivirüs programı ile 2. bir pc'den de tarama yapabilirsin. -
quote:
Orijinalden alıntı: ßurock
Sorun hala devam etmekte ...
sorun hala devam ediyorsa doğru cevabı ben vereyim o zaman.
Başlat>çalıştır bölümüne secpol.msc yaz. açılan ekranda sol taraftaki listede "yerel bilgisayarda güvenlik ilkesi" gibisinden bir klasör olacak onu seç. ve sağ tarafta bi kayıt varsa çift tıkla. burada 1-2 tane filtrelenmiş kayıt göreceksin. onları sil, sorun düzelir. -
quote:
Orijinalden alıntı: HALO®
quote:
Orijinalden alıntı: ßurock
Sorun hala devam etmekte ...
sorun hala devam ediyorsa doğru cevabı ben vereyim o zaman.
Başlat>çalıştır bölümüne secpol.msc yaz. açılan ekranda sol taraftaki listede "yerel bilgisayarda güvenlik ilkesi" gibisinden bir klasör olacak onu seç. ve sağ tarafta bi kayıt varsa çift tıkla. burada 1-2 tane filtrelenmiş kayıt göreceksin. onları sil, sorun düzelir.
secpol.msc windows tarafından bulunamıyor? -
quote:
Orijinalden alıntı: ßurock
quote:
Orijinalden alıntı: HALO®
quote:
Orijinalden alıntı: ßurock
Sorun hala devam etmekte ...
sorun hala devam ediyorsa doğru cevabı ben vereyim o zaman.
Başlat>çalıştır bölümüne secpol.msc yaz. açılan ekranda sol taraftaki listede "yerel bilgisayarda güvenlik ilkesi" gibisinden bir klasör olacak onu seç. ve sağ tarafta bi kayıt varsa çift tıkla. burada 1-2 tane filtrelenmiş kayıt göreceksin. onları sil, sorun düzelir.
secpol.msc windows tarafından bulunamıyor?
Maalesef işletim sistemin home premium olduğu için secpol.msc bilgisayarında bulunmuyor. Ancak bu işi hacky bir yöntemle de çözebilirsin.
Aşağıdaki registry keyi altında yazılı birkaç key daha göreceksin. o keyleri dikkatli bir şekilde incele içinde antivirüslerin güncelleme sunucularının yazılı olduğu bir anahtar göreceksin. anahtarı silince engelleme kalkacaktır.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local
veya registry editordan 94.75.236.122(kaspersky güncelleme sunucusu ipsi) nolu ip adresini bul ve denk gelen kaydı sil.
son olarak diyelim ki engelleme kalktı kaspersky'i güncelledin. tarama yapsan dahi kaspersky gidip de virüsün yarattığı ayarları geri almaz. diğer ip kayıtları duracaktır.
o yüzden en temiz ve zor yöntem hacky bir şekilde windows üzerine secpol.msc'yi kurmak ve secpol üzerinden bu kayıtları silmektir. internette bununla ilgili bilgiler var ancak ingilizce gerektirir ve pek de kolay değil.
sorunu gideremezsen PM ile teamviewer ID ve şifreni gönderirsen bilgisayarına bağlanıp sorunu çözmende yardımcı olabilirim.
haa bir de şunu mutlaka dene, çalıştır'dan services.msc yaz ve ipsec policy agent isimli servisi durdur. tekrar antivirüs sitelerine girip giremediğini kontrol et. ayrıca windows/system32/drivers/ altındaki hosts dosyanda bir kayıt olmadığına emin ol!
< Bu mesaj bu kişi tarafından değiştirildi HALO® -- 1 Mayıs 2013; 22:55:55 >
-
Uzun uzun uğraşıcağına format at. -
quote:
Orijinalden alıntı: Naruto45
Uzun uzun uğraşıcağına format at.
+1 -
C:\Windows\System32\drivers\etc altında hots yada host dosyasını silin girersiniz -
Gorev yoneticisi calisiyor mu dener misiniz?
< Bu ileti mobil sürüm kullanılarak atıldı > -
Konu 1 yıllık sorun çözüldü -
Bende böyle birşey yaşadım hiçbir anti virüs sitesine giremiyordum hatta bilgisayarın yavaşladığını anlıyordum video açarken siyah ekranda kalıyordu vb. anti virüs programları denedim(farklı sitelerden indirebildim) ama tam kaldırcakken engelliyordu bu yüzden iptal oluyordu windows defender sürekli tehtit buldu orda tek tek kendim denereyek yaptım ilk hepsini tek tek seçerek kaldır dedim ama tekrar geldi sonra karantinaya al dedim falan derken en sonunda antivirüs sitesine girebiliyorum fakat halâ virüsün oldundan eminim sadece ara ara çıkıyor oda uyarı olarak sonra karantinaya al diyorum gidiyor, kısaca tamamen kaldırmayı yapamadım ama en azından çok yavaşlamasını ve sitelere girme engelini atlattım yine de böyle kullanmak sağlıklı değil bir süre düzgün kullanmak için yaptığım şekli deneyebilirsiniz. Bu arada tarama yaparken atlandı falan diyorsa o bildirime basıp atlacak ögelerin hepsini kaldırın böylece tarama yaparken onlara da bakıyor.
Benzer içerikler
- balkona kamera takmak yasal mi
- combofix windows 10
- bu sitenin sertifikasının iptal edilip edilmediği bilgisi alınamıyor
- gmail şifre kırma
- diğer virüsten koruma sağlayıcılarını kullanıyorsunuz hatası
- windows defender kapatma
- en iyi antivirüs programı
Ip işlemleri
Bu mesaj IP'si ile atılan mesajları ara Bu kullanıcının son IP'si ile atılan mesajları ara Bu mesaj IP'si ile kullanıcı ara Bu kullanıcının son IP'si ile kullanıcı ara
KAPAT X
Bu mesaj IP'si ile atılan mesajları ara Bu kullanıcının son IP'si ile atılan mesajları ara Bu mesaj IP'si ile kullanıcı ara Bu kullanıcının son IP'si ile kullanıcı ara
KAPAT X
