TornTV sorunsalı !

M

medal55

Kilopat
Katılım
5 Haziran 2014
Mesajlar
205
Daha fazla  
Cinsiyet
Erkek
Uploaded'dan bir dosya indiriyodum ve indirmeden önce indirme yöneticisinide seçtiğimi fark ettim. Kendi kendine kuruluma başladı. Devam edilsin mi diye sordu hayır dedim ama yine de devam etti. Sonucunda ise Torn TV adlı virüs ortaya çıktı. Ben bunu denetim masasından kaldırdım şu an ne C:'de ne de görev yöneticisinde gösteriyor ama yine de içimi kuruntu kapladı çünkü denetim masasından ne kadar güvenlidir emin değilim. Combofix attım ve log raporu aşağıda. Sorun olup olmadığını söyleyebilir misiniz ? Teşekkür ederim .

Kod: 
ComboFix 14-09-18.01 - PC-PC 20.09.2014  22:27:38.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1254.90.1055.18.8136.5845 [GMT 3:00]
Running from: c:\users\PC-PC\Downloads\ComboFix.exe
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Kişisel güvenlik duvarı *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_globalUpdate
.
.
(((((((((((((((((((((((((   Files Created from 2014-08-20 to 2014-09-20  )))))))))))))))))))))))))))))))
.
.
2014-09-20 19:21 . 2012-08-03 22:18    317429    ----a-w-    c:\windows\systemcs6856.exe
2014-09-20 19:16 . 2014-09-20 19:16    1518488    ----a-w-    c:\users\PC-PC\AppData\Roaming\UM.exe
2014-09-20 19:16 . 2014-09-20 19:16    1965464    ----a-w-    c:\users\PC-PC\AppData\Roaming\CCAAGIA.exe
2014-09-20 19:14 . 2014-09-20 19:14    --------    d-----w-    c:\users\PC-PC\AppData\Roaming\WebExtend
2014-09-20 19:14 . 2014-09-20 19:14    --------    d-----w-    c:\users\PC-PC\AppData\Local\Chromium
2014-09-20 19:13 . 2014-09-20 19:13    1518488    ----a-w-    c:\users\PC-PC\AppData\Roaming\QHQERR.exe
2014-09-20 19:12 . 2014-09-20 19:12    1965464    ----a-w-    c:\users\PC-PC\AppData\Roaming\IVISI.exe
2014-09-20 19:12 . 2014-09-20 19:12    --------    d-----w-    c:\users\PC-PC\AppData\Local\globalUpdate
2014-09-20 19:12 . 2014-09-20 19:12    --------    d-----w-    c:\program files (x86)\globalUpdate
2014-09-20 19:05 . 2014-09-20 19:05    --------    d-----w-    c:\users\PC-PC\AppData\Local\Blizzard Entertainment
2014-09-20 19:05 . 2014-09-20 19:19    --------    d-----w-    c:\users\PC-PC\AppData\Roaming\Battle.net
2014-09-20 19:05 . 2014-09-20 19:06    --------    d-----w-    c:\users\PC-PC\AppData\Local\Battle.net
2014-09-20 19:03 . 2014-09-20 19:03    --------    d-----w-    c:\programdata\Battle.net
2014-09-20 18:52 . 2014-09-20 19:29    --------    d-----w-    c:\program files (x86)\Common Files\Blizzard Entertainment
2014-09-20 18:52 . 2014-09-20 19:05    --------    d-----w-    c:\programdata\Blizzard Entertainment
2014-09-20 09:29 . 2012-08-03 22:18    317429    ----a-w-    c:\windows\systemcs5281.exe
2014-09-16 17:44 . 2014-09-16 17:44    --------    d-----w-    c:\users\PC-PC\AppData\Roaming\Xilisoft
2014-09-16 17:39 . 2014-09-20 19:19    --------    d-----w-    c:\program files (x86)\Common Files\DVDVideoSoft
2014-09-16 17:39 . 2014-09-20 19:19    --------    d-----w-    c:\program files (x86)\DVDVideoSoft
2014-09-16 17:39 . 2014-09-20 19:19    --------    d-----w-    c:\users\PC-PC\AppData\Roaming\DVDVideoSoft
2014-09-16 17:33 . 2014-09-16 17:33    --------    d-----w-    c:\users\PC-PC\AppData\Local\Macromedia
2014-09-16 17:32 . 2014-09-16 17:32    --------    d-----w-    c:\users\PC-PC\AppData\Local\Mozilla
2014-09-16 17:32 . 2014-09-20 19:19    --------    d-----w-    c:\program files (x86)\Mozilla Maintenance Service
2014-09-14 08:27 . 2014-09-14 08:27    --------    d-----w-    c:\users\PC-PC\AppData\Roaming\StunlockStudios
2014-09-13 19:16 . 2014-09-13 19:16    --------    d-----w-    c:\users\PC-PC\AppData\Roaming\Unity
2014-09-11 19:17 . 2014-09-11 19:17    --------    d-----w-    c:\users\PC-PC\AppData\Local\Overwolf
2014-09-11 19:11 . 2014-09-20 19:19    --------    d-----w-    c:\program files\TeamSpeak 3 Client
2014-09-10 20:42 . 2014-09-10 20:42    --------    d-----w-    c:\users\PC-PC\AppData\Roaming\EncryptStick
2014-09-08 17:39 . 2006-08-21 03:06    27648    ----a-w-    c:\windows\system32\Spool\prtprocs\x64\SUGS1pc.dll
2014-09-08 17:38 . 2006-12-03 22:26    22016    ----a-w-    c:\windows\system32\SUGS1l6.dll
2014-09-08 17:38 . 2006-11-21 08:40    89600    ----a-w-    c:\windows\system32\SUGS1ci.dll
2014-09-08 17:38 . 2006-11-20 05:22    151552    ----a-w-    c:\windows\system32\SUGS1ci.exe
2014-09-08 17:38 . 2009-03-02 11:12    11576    ------w-    c:\windows\system32\drivers\SSPORT.SYS
2014-09-08 17:38 . 2009-03-02 11:12    53816    ------w-    c:\windows\system32\drivers\DGIVECP.SYS
2014-09-08 17:38 . 2014-09-08 17:38    --------    d-----w-    c:\program files (x86)\SAMSUNG
2014-09-08 17:35 . 2014-09-08 17:35    --------    d-----w-    C:\Temp
2014-09-03 10:50 . 2014-09-03 10:57    --------    d-----w-    c:\users\PC-PC\AppData\Local\Skyrim
2014-09-02 21:10 . 2014-09-03 10:10    --------    d-----w-    c:\users\PC-PC\AppData\Local\TeamSpeak 3 Client
2014-09-01 13:11 . 2014-09-01 13:11    --------    d-----w-    c:\programdata\Orbit
2014-09-01 09:27 . 2014-09-01 09:27    --------    d-----w-    c:\users\PC-PC\AppData\Roaming\TeamViewer
2014-09-01 09:27 . 2014-09-01 09:27    --------    d-----w-    c:\program files (x86)\TeamViewer
2014-09-01 00:30 . 2014-08-21 08:24    11319192    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{887D4615-DF91-4AC7-AFD3-B8C6E84475AE}\mpengine.dll
2014-08-31 18:34 . 2014-09-09 22:00    71344    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-31 18:34 . 2014-09-09 22:00    701104    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-31 18:33 . 2014-09-20 19:19    --------    d-----w-    c:\windows\system32\Macromed
2014-08-31 18:31 . 2014-08-31 18:32    --------    d-----w-    c:\users\PC-PC\AppData\Roaming\GameRanger
2014-08-30 11:07 . 2014-08-30 11:07    --------    d-----w-    c:\program files (x86)\Common Files\Skype
2014-08-27 21:12 . 2014-08-27 21:13    --------    d-----w-    c:\users\PC-PC\AppData\Local\Microsoft Games
2014-08-27 19:25 . 2014-09-20 19:19    --------    d-----w-    c:\users\PC-PC\AppData\Local\DayZ
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-13 20:46 . 2014-07-10 08:58    297088    ----a-w-    c:\windows\SysWow64\PnkBstrB.xtr
2014-09-13 20:46 . 2014-07-10 08:54    297088    ----a-w-    c:\windows\SysWow64\PnkBstrB.exe
2014-09-13 20:46 . 2014-07-10 08:54    280904    ----a-w-    c:\windows\SysWow64\PnkBstrB.ex0
2014-08-05 06:20 . 2014-07-05 22:47    270496    ------w-    c:\windows\system32\MpSigStub.exe
2014-07-11 15:10 . 2014-07-11 15:10    30424    ----a-w-    c:\windows\system32\drivers\ggsomc.sys
2014-07-11 15:10 . 2014-07-11 15:10    16088    ----a-w-    c:\windows\system32\drivers\ggflt.sys
2014-07-11 15:09 . 2014-07-11 15:09    34032    ----a-w-    c:\windows\system32\drivers\seehcri.sys
2014-07-10 09:08 . 2014-07-10 08:54    76152    ----a-w-    c:\windows\SysWow64\PnkBstrA.exe
2014-07-06 01:04 . 2014-07-05 23:45    14848    ----a-w-    c:\windows\system32\slwga.dll
2014-07-06 01:04 . 2014-07-05 23:45    13824    ----a-w-    c:\windows\SysWow64\slwga.dll
2014-07-06 01:04 . 2009-07-13 23:56    419840    ----a-w-    c:\windows\system32\systemcpl.dll
2014-07-06 01:04 . 2009-07-13 23:38    1008640    ----a-w-    c:\windows\system32\user32.dll
2014-07-06 01:04 . 2009-07-13 23:24    833024    ----a-w-    c:\windows\SysWow64\user32.dll
2014-07-06 00:15 . 2014-07-06 00:15    96768    ----a-w-    c:\windows\system32\mshtmled.dll
2014-07-06 00:15 . 2014-07-06 00:15    91648    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2014-07-06 00:15 . 2014-07-06 00:15    89088    ----a-w-    c:\windows\system32\RegisterIEPKEYs.exe
2014-07-06 00:15 . 2014-07-06 00:15    89088    ----a-w-    c:\windows\system32\ie4uinit.exe
2014-07-06 00:15 . 2014-07-06 00:15    86528    ----a-w-    c:\windows\SysWow64\iesysprep.dll
2014-07-06 00:15 . 2014-07-06 00:15    86016    ----a-w-    c:\windows\system32\jsproxy.dll
2014-07-06 00:15 . 2014-07-06 00:15    85504    ----a-w-    c:\windows\system32\iesetup.dll
2014-07-06 00:15 . 2014-07-06 00:15    82432    ----a-w-    c:\windows\system32\icardie.dll
2014-07-06 00:15 . 2014-07-06 00:15    816640    ----a-w-    c:\windows\system32\jscript.dll
2014-07-06 00:15 . 2014-07-06 00:15    76800    ----a-w-    c:\windows\SysWow64\SetIEInstalledDate.exe
2014-07-06 00:15 . 2014-07-06 00:15    76800    ----a-w-    c:\windows\system32\tdc.ocx
2014-07-06 00:15 . 2014-07-06 00:15    74752    ----a-w-    c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-07-06 00:15 . 2014-07-06 00:15    74752    ----a-w-    c:\windows\SysWow64\iesetup.dll
2014-07-06 00:15 . 2014-07-06 00:15    729088    ----a-w-    c:\windows\system32\msfeeds.dll
2014-07-06 00:15 . 2014-07-06 00:15    65024    ----a-w-    c:\windows\system32\pngfilt.dll
2014-07-06 00:15 . 2014-07-06 00:15    63488    ----a-w-    c:\windows\SysWow64\tdc.ocx
2014-07-06 00:15 . 2014-07-06 00:15    599040    ----a-w-    c:\windows\system32\vbscript.dll
2014-07-06 00:15 . 2014-07-06 00:15    55296    ----a-w-    c:\windows\system32\msfeedsbs.dll
2014-07-06 00:15 . 2014-07-06 00:15    534528    ----a-w-    c:\windows\system32\ieapfltr.dll
2014-07-06 00:15 . 2014-07-06 00:15    49664    ----a-w-    c:\windows\system32\imgutil.dll
2014-07-06 00:15 . 2014-07-06 00:15    48640    ----a-w-    c:\windows\SysWow64\mshtmler.dll
2014-07-06 00:15 . 2014-07-06 00:15    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2014-07-06 00:15 . 2014-07-06 00:15    453120    ----a-w-    c:\windows\system32\dxtmsft.dll
2014-07-06 00:15 . 2014-07-06 00:15    448512    ----a-w-    c:\windows\system32\html.iec
2014-07-06 00:15 . 2014-07-06 00:15    421376    ----a-w-    c:\windows\SysWow64\vbscript.dll
2014-07-06 00:15 . 2014-07-06 00:15    403248    ----a-w-    c:\windows\system32\iedkcs32.dll
2014-07-06 00:15 . 2014-07-06 00:15    39936    ----a-w-    c:\windows\system32\iernonce.dll
2014-07-06 00:15 . 2014-07-06 00:15    3695416    ----a-w-    c:\windows\system32\ieapfltr.dat
2014-07-06 00:15 . 2014-07-06 00:15    367104    ----a-w-    c:\windows\SysWow64\html.iec
2014-07-06 00:15 . 2014-07-06 00:15    35840    ----a-w-    c:\windows\SysWow64\imgutil.dll
2014-07-06 00:15 . 2014-07-06 00:15    30720    ----a-w-    c:\windows\system32\licmgr10.dll
2014-07-06 00:15 . 2014-07-06 00:15    282112    ----a-w-    c:\windows\system32\dxtrans.dll
2014-07-06 00:15 . 2014-07-06 00:15    267776    ----a-w-    c:\windows\system32\ieaksie.dll
2014-07-06 00:15 . 2014-07-06 00:15    249344    ----a-w-    c:\windows\system32\webcheck.dll
2014-07-06 00:15 . 2014-07-06 00:15    248320    ----a-w-    c:\windows\system32\ieui.dll
2014-07-06 00:15 . 2014-07-06 00:15    2382848    ----a-w-    c:\windows\SysWow64\mshtml.tlb
2014-07-06 00:15 . 2014-07-06 00:15    2382848    ----a-w-    c:\windows\system32\mshtml.tlb
2014-07-06 00:15 . 2014-07-06 00:15    237056    ----a-w-    c:\windows\system32\url.dll
2014-07-06 00:15 . 2014-07-06 00:15    23552    ----a-w-    c:\windows\SysWow64\licmgr10.dll
2014-07-06 00:15 . 2014-07-06 00:15    2338816    ----a-w-    c:\windows\system32\jscript9.dll
2014-07-06 00:15 . 2014-07-06 00:15    222208    ----a-w-    c:\windows\system32\msls31.dll
2014-07-06 00:15 . 2014-07-06 00:15    2148352    ----a-w-    c:\windows\system32\iertutil.dll
2014-07-06 00:15 . 2014-07-06 00:15    197120    ----a-w-    c:\windows\system32\msrating.dll
2014-07-06 00:15 . 2014-07-06 00:15    1810432    ----a-w-    c:\windows\SysWow64\jscript9.dll
2014-07-06 00:15 . 2014-07-06 00:15    17857536    ----a-w-    c:\windows\system32\mshtml.dll
2014-07-06 00:15 . 2014-07-06 00:15    173056    ----a-w-    c:\windows\system32\ieUnatt.exe
2014-07-06 00:15 . 2014-07-06 00:15    165888    ----a-w-    c:\windows\system32\iexpress.exe
2014-07-06 00:15 . 2014-07-06 00:15    163840    ----a-w-    c:\windows\system32\ieakui.dll
2014-07-06 00:15 . 2014-07-06 00:15    161792    ----a-w-    c:\windows\SysWow64\msls31.dll
2014-07-06 00:15 . 2014-07-06 00:15    160256    ----a-w-    c:\windows\system32\wextract.exe
2014-07-06 00:15 . 2014-07-06 00:15    160256    ----a-w-    c:\windows\system32\ieakeng.dll
2014-07-06 00:15 . 2014-07-06 00:15    152064    ----a-w-    c:\windows\SysWow64\wextract.exe
2014-07-06 00:15 . 2014-07-06 00:15    150528    ----a-w-    c:\windows\SysWow64\iexpress.exe
2014-07-06 00:15 . 2014-07-06 00:15    149504    ----a-w-    c:\windows\system32\occache.dll
2014-07-06 00:15 . 2014-07-06 00:15    1494016    ----a-w-    c:\windows\system32\inetcpl.cpl
2014-07-06 00:15 . 2014-07-06 00:15    145920    ----a-w-    c:\windows\system32\iepeers.dll
2014-07-06 00:15 . 2014-07-06 00:15    142848    ----a-w-    c:\windows\SysWow64\ieUnatt.exe
2014-07-06 00:15 . 2014-07-06 00:15    1427968    ----a-w-    c:\windows\SysWow64\inetcpl.cpl
2014-07-06 00:15 . 2014-07-06 00:15    1392128    ----a-w-    c:\windows\system32\wininet.dll
2014-07-06 00:15 . 2014-07-06 00:15    135168    ----a-w-    c:\windows\system32\IEAdvpack.dll
2014-07-06 00:15 . 2014-07-06 00:15    1348608    ----a-w-    c:\windows\system32\urlmon.dll
2014-07-06 00:15 . 2014-07-06 00:15    12800    ----a-w-    c:\windows\system32\mshta.exe
2014-07-06 00:15 . 2014-07-06 00:15    11776    ----a-w-    c:\windows\SysWow64\mshta.exe
2014-07-06 00:15 . 2014-07-06 00:15    114176    ----a-w-    c:\windows\system32\admparse.dll
2014-07-06 00:15 . 2014-07-06 00:15    1129472    ----a-w-    c:\windows\SysWow64\wininet.dll
2014-07-06 00:15 . 2014-07-06 00:15    11264    ----a-w-    c:\windows\system32\msfeedssync.exe
2014-07-06 00:15 . 2014-07-06 00:15    111616    ----a-w-    c:\windows\system32\iesysprep.dll
2014-07-06 00:15 . 2014-07-06 00:15    110592    ----a-w-    c:\windows\SysWow64\IEAdvpack.dll
2014-07-06 00:15 . 2014-07-06 00:15    10890240    ----a-w-    c:\windows\system32\ieframe.dll
2014-07-06 00:15 . 2014-07-06 00:15    103936    ----a-w-    c:\windows\system32\inseng.dll
2014-07-06 00:15 . 2014-07-06 00:15    101888    ----a-w-    c:\windows\SysWow64\admparse.dll
2014-07-05 22:50 . 2014-07-05 22:50    313256    ----a-w-    c:\windows\system32\javaws.exe
2014-07-05 22:50 . 2014-07-05 22:50    189352    ----a-w-    c:\windows\system32\javaw.exe
2014-07-05 22:50 . 2014-07-05 22:50    189352    ----a-w-    c:\windows\system32\java.exe
2014-07-05 22:50 . 2014-07-05 22:50    111016    ----a-w-    c:\windows\system32\WindowsAccessBridge-64.dll
2014-07-05 22:49 . 2014-07-05 22:49    283200    ----a-w-    c:\windows\system32\drivers\dtsoftbus01.sys
2014-07-05 22:05 . 2014-07-05 22:05    327008    ----a-w-    c:\windows\system32\RaCoInstx.dll
2014-03-20 11:53 . 2014-03-20 11:53    2174976    ----a-w-    c:\program files (x86)\Common Files\atimpenc.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2014-07-06 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
.
[-] 2014-07-06 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-08-28 3671904]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2014-07-30 467680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2013-09-09 490480]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
zzzzzzzzzzzzzzzzcs7626.lnk - c:\windows\systemcs7626.exe /SILENT, /VERYSILENT [2014-9-20 317429]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 servervo;VO Service component;c:\users\PC-PC\AppData\Roaming\VOPackage\VOsrv.exe;c:\users\PC-PC\AppData\Roaming\VOPackage\VOsrv.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 ggflt;SOMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 ggsomc;SOMC USB Flash Driver;c:\windows\system32\DRIVERS\ggsomc.sys;c:\windows\SYSNATIVE\DRIVERS\ggsomc.sys [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe;c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MSICDSetup;MSICDSetup;e:\cdriver64.sys;e:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;e:\ntiolib_x64.sys;e:\NTIOLib_X64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Ana Bilgisayar Denetleyici Değiştirici Sürücüsü;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
S2 MSI_Trigger_Service;MSI_Trigger_Service;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Sürücüsü;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 Genişletilebilir Ana Bilgisayar Denetleyici Sürücüsü;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 Ke2200;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys;c:\windows\SYSNATIVE\DRIVERS\seehcri.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - NTIOLIB_1_0_3
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-11 19:56    1096520    ----a-w-    c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-09-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-31 22:00]
.
2014-09-20 c:\windows\Tasks\CCAAGIA.job
- c:\users\PC-PC\AppData\Roaming\CCAAGIA.exe [2014-09-20 19:16]
.
2014-09-20 c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-20 19:15]
.
2014-09-20 c:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-20 19:15]
.
2014-09-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-05 22:51]
.
2014-09-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-05 22:51]
.
2014-09-20 c:\windows\Tasks\IVISI.job
- c:\users\PC-PC\AppData\Roaming\IVISI.exe [2014-09-20 19:12]
.
2014-09-20 c:\windows\Tasks\QHQERR.job
- c:\users\PC-PC\AppData\Roaming\QHQERR.exe [2014-09-20 19:13]
.
2014-09-20 c:\windows\Tasks\UM.job
- c:\users\PC-PC\AppData\Roaming\UM.exe [2014-09-20 19:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-11-15 23:07    23496    ----a-w-    c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"MBCfg64"="c:\windows\system32\MBCfg64.dll" [2013-08-29 40576]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-09-05 7199448]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com.tr/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Bütün Bağlantıları IDM ile İndir - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: IDM ile İndir - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Microsoft Excel'e &Ver - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: OneNote'a G&önder - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6F490FA7-031B-4F3A-BE5D-279628337247}\A5978554C4: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\PC-PC\AppData\Roaming\Mozilla\Firefox\Profiles\9vaw2tdq.default\
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-Voobly - c:\program files (x86)\Voobly\voobly.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-TornTv Downloader - c:\users\PC-PC\AppData\Roaming\TornTV.com\Torntv Downloader.exe
AddRemove-VOPackage - c:\users\PC-PC\AppData\Roaming\VOPackage\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3749243177-2025263043-11447749-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):e0,c3,27,ca,34,04,ab,09,37,aa,46,d5,9f,3a,eb,a7,8b,47,70,d3,aa,
   ff,72,63,b6,c1,ca,ef,2a,85,21,86,8d,ac,e8,f3,f1,be,df,ee,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3749243177-2025263043-11447749-1000_Classes\Wow6432Node\CLSID\{fc967626-feac-47ad-848e-3b8201b118c2}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000f8
"Therad"=dword:00000007
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
   1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
.
**************************************************************************
.
Completion time: 2014-09-20  22:34:54 - machine was rebooted
ComboFix-quarantined-files.txt  2014-09-20 19:34
.
Pre-Run: 111.994.896.384 bayt boş
Post-Run: 112.811.331.584 bayt boş
.
- - End Of File - - 1E3F18EE27384064859C257B43501520
A36C5E4F47E84449FF07ED3517B43A31
 
Tarihe göre sırala Puana göre sırala
Kod: 
Wow6432Node-HKCU-Run-Voobly - c:\program files (x86)\Voobly\voobly.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-TornTv Downloader - c:\users\PC-PC\AppData\Roaming\TornTV.com\Torntv Downloader.exe
AddRemove-VOPackage - c:\users\PC-PC\AppData\Roaming\VOPackage\uninstall.exe

Kaldırmış Combofix ama buralara tekrar bak sen. Önüne gelen her yerden de dosya indirme.
 
Artı 0 Eksi
Uyarı! Bu konu 10 yıl önce açıldı.
Muhtemelen daha fazla tartışma gerekli değildir ki bu durumda yeni bir konu başlatmayı öneririz. Eğer yine de cevabınızın gerekli olduğunu düşünüyorsanız buna rağmen cevap verebilirsiniz.

Benzer konular

Hasan Berk
  • Soru
CrossFire Sorunsalı
Mesaj
1
Görüntüleme
620
Buğra tulpar
B
D
  • Soru
Framerate Sorunsalı
Mesaj
2
Görüntüleme
2B
DaggerFall
D
Mertopaloglu
  • Soru
PCIe Sorunsalı
Mesaj
3
Görüntüleme
768
Mertopaloglu
Mertopaloglu
OzzyArk
  • Soru
Coil Whine sorunsalı
Mesaj
0
Görüntüleme
239
OzzyArk
OzzyArk
W
  • Soru
Video Donma Sorunsalı
Mesaj
5
Görüntüleme
1B
walpaper
W

Yeni konular

Yeni mesajlar

Geri
Yukarı