API tools faq
paste
Advertisement
pSkpt

ComboFix Sonucu

pSkpt
Jun 2nd, 2015
56
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 19.24 KB | None | 0 0
raw download clone embed print report
  1. ComboFix 15-05-31.01 - SONER 03.06.2015 0:36.1.2 - x86
  2. Microsoft Windows 7 Ultimate 6.1.7601.1.1254.90.1055.18.1919.1289 [GMT 3:00]
  3. Running from: c:\users\SONER\Downloads\Programs\ComboFix.exe
  4. AV: ESET Smart Security 8.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
  5. FW: ESET Kişisel güvenlik duvarı *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
  6. SP: ESET Smart Security 8.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
  7. SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  8. * Created a new restore point
  9. .
  10. .
  11. ((((((((((((((((((((((((( Files Created from 2015-05-02 to 2015-06-02 )))))))))))))))))))))))))))))))
  12. .
  13. .
  14. 2015-06-02 21:51 . 2015-06-02 21:51 -------- d-----w- c:\users\Default\AppData\Local\temp
  15. 2015-06-02 21:43 . 2015-06-02 21:43 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5F60B26D-DD94-47EF-88D4-AB059CE8C252}\offreg.2916.dll
  16. 2015-06-01 20:18 . 2015-06-01 20:18 -------- d-----w- c:\users\SONER\AppData\Roaming\Jedi
  17. 2015-06-01 18:51 . 2015-06-01 18:51 -------- d-----w- c:\users\SONER\AppData\Roaming\Lightshot
  18. 2015-06-01 15:13 . 2015-06-01 15:13 -------- d-----w- c:\users\SONER\.idlerc
  19. 2015-06-01 11:59 . 2015-06-01 11:59 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5F60B26D-DD94-47EF-88D4-AB059CE8C252}\offreg.2780.dll
  20. 2015-06-01 00:46 . 2015-06-01 00:47 -------- d-----w- C:\Python34
  21. 2015-06-01 00:20 . 2015-06-01 00:20 -------- d-----w- c:\users\SONER\AppData\Roaming\ProductData
  22. 2015-06-01 00:20 . 2015-06-01 00:20 -------- d-----w- c:\programdata\IObit
  23. 2015-06-01 00:20 . 2015-06-01 00:20 -------- d-----w- c:\programdata\ProductData
  24. 2015-06-01 00:20 . 2015-06-01 00:20 -------- d-----w- c:\program files\IObit
  25. 2015-06-01 00:19 . 2015-06-01 00:20 -------- d-----w- c:\users\SONER\AppData\Roaming\IObit
  26. 2015-05-31 23:34 . 2015-05-31 23:34 -------- d-----w- c:\users\SONER\AppData\Roaming\pyinstaller
  27. 2015-05-31 23:31 . 2014-05-03 19:03 403456 ----a-w- c:\windows\system32\pythoncom34.dll
  28. 2015-05-31 23:31 . 2014-05-03 19:02 104960 ----a-w- c:\windows\system32\pywintypes34.dll
  29. 2015-05-31 17:52 . 2015-05-31 23:08 -------- d-----w- c:\users\SONER\PycharmProjects
  30. 2015-05-31 15:53 . 2015-05-31 15:53 -------- d-----w- c:\users\SONER\AppData\Roaming\JetBrains
  31. 2015-05-31 15:52 . 2015-05-31 15:52 -------- d-----w- c:\users\SONER\.PyCharm40
  32. 2015-05-31 15:50 . 2015-06-01 11:18 -------- d-----w- c:\program files\JetBrains
  33. 2015-05-31 15:36 . 2015-05-31 15:36 -------- d-----w- c:\users\SONER\AppData\Roaming\gedit
  34. 2015-05-31 14:37 . 2015-05-31 14:37 -------- d-----w- c:\users\SONER\AppData\Local\pip
  35. 2015-05-29 01:11 . 2015-05-29 01:11 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5F60B26D-DD94-47EF-88D4-AB059CE8C252}\offreg.2824.dll
  36. 2015-05-28 09:08 . 2015-05-28 09:08 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5F60B26D-DD94-47EF-88D4-AB059CE8C252}\offreg.2356.dll
  37. 2015-05-28 08:59 . 2015-05-28 21:29 -------- d-----w- c:\program files\CCleaner
  38. 2015-05-27 01:20 . 2015-05-03 03:42 9265072 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5F60B26D-DD94-47EF-88D4-AB059CE8C252}\mpengine.dll
  39. 2015-05-20 15:15 . 2015-05-20 15:15 -------- d-----w- c:\users\SONER\AppData\Roaming\TightVNC
  40. 2015-05-20 15:11 . 2015-05-20 15:11 -------- d-----w- c:\program files\TightVNC
  41. 2015-05-15 19:31 . 2015-05-15 19:31 151552 ----a-w- c:\windows\KMSEmulator.exe
  42. 2015-05-15 19:26 . 2015-05-15 19:26 -------- d-----w- c:\windows\KMSServerService
  43. 2015-05-15 19:21 . 2015-05-15 19:20 151552 ----a-w- c:\windows\KMService.exe
  44. 2015-05-15 19:21 . 2015-05-15 19:20 8192 ----a-w- c:\windows\system32\srvany.exe
  45. 2015-05-15 19:06 . 2015-05-15 19:06 -------- d-----w- c:\program files\Microsoft Synchronization Services
  46. 2015-05-15 19:05 . 2015-05-15 19:05 -------- d-----w- c:\windows\PCHEALTH
  47. 2015-05-15 19:05 . 2015-05-15 19:05 -------- d-----w- c:\program files\Microsoft Sync Framework
  48. 2015-05-15 19:05 . 2015-05-15 19:05 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
  49. 2015-05-15 19:03 . 2015-05-15 19:03 -------- d-----w- c:\program files\Microsoft Visual Studio 8
  50. 2015-05-15 19:01 . 2015-05-15 19:01 -------- d-----w- c:\program files\Microsoft Analysis Services
  51. 2015-05-15 19:00 . 2015-05-15 19:00 -------- d-----r- C:\MSOCache
  52. 2015-05-15 18:33 . 2015-05-15 18:35 -------- d-----w- C:\OFFICE2013
  53. 2015-05-15 18:25 . 2015-05-15 19:30 -------- d-----w- c:\windows\AutoKMS
  54. 2015-05-14 19:43 . 2015-05-13 14:31 749664 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
  55. 2015-05-14 19:43 . 2015-05-13 14:29 104896 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
  56. 2015-05-13 14:29 . 2015-05-13 14:29 174888 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
  57. 2015-05-13 14:29 . 2015-05-13 14:29 127008 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
  58. 2015-05-13 14:29 . 2015-05-13 14:29 115672 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
  59. 2015-05-11 22:10 . 2015-05-28 23:03 -------- d-----w- c:\users\SONER\AppData\Roaming\IDM
  60. 2015-05-08 22:40 . 2015-05-08 22:40 -------- d-----w- c:\users\SONER\AppData\Roaming\LibreOffice
  61. 2015-05-08 22:13 . 2015-05-08 22:13 -------- d-----w- c:\program files\Sublime Text 3
  62. .
  63. .
  64. .
  65. (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
  66. .
  67. 2015-04-29 14:24 . 2015-04-29 14:24 161 ----a-w- c:\windows\apktool.bat
  68. 2015-04-18 01:06 . 2015-04-20 12:53 122432 ----a-w- c:\windows\system32\drivers\idmwfp.sys
  69. 2015-04-17 17:23 . 2014-10-22 23:07 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
  70. 2015-04-17 17:23 . 2014-10-22 23:07 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
  71. 2015-04-17 16:42 . 2015-04-17 16:42 26328 ----a-w- c:\windows\system32\drivers\ggsomc.sys
  72. 2015-04-17 16:42 . 2015-04-17 16:42 13528 ----a-w- c:\windows\system32\drivers\ggflt.sys
  73. 2015-04-17 15:34 . 2014-12-20 17:06 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
  74. 2015-03-16 15:42 . 2015-03-16 15:42 95608 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys
  75. 2015-03-11 03:30 . 2015-03-24 17:15 534528 ----a-w- c:\windows\system32\generaltel.dll
  76. 2015-03-11 03:30 . 2015-03-24 17:15 623616 ----a-w- c:\windows\system32\invagent.dll
  77. 2015-03-11 03:29 . 2015-03-24 17:15 327168 ----a-w- c:\windows\system32\devinv.dll
  78. 2015-03-11 03:29 . 2015-03-24 17:15 818176 ----a-w- c:\windows\system32\appraiser.dll
  79. 2015-03-11 03:29 . 2015-03-24 17:15 26112 ----a-w- c:\windows\system32\acmigration.dll
  80. 2015-03-11 03:29 . 2015-03-24 17:15 202752 ----a-w- c:\windows\system32\aepdu.dll
  81. 2015-03-11 03:29 . 2015-03-24 17:15 159744 ----a-w- c:\windows\system32\aepic.dll
  82. 2015-03-11 03:26 . 2015-03-24 17:15 892928 ----a-w- c:\windows\system32\aeinv.dll
  83. 2015-03-10 14:24 . 2015-03-10 14:24 51824 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
  84. 2015-03-10 14:24 . 2015-03-10 14:24 37928 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
  85. 2015-03-10 14:24 . 2015-03-10 14:24 193464 ----a-w- c:\windows\system32\drivers\eamonm.sys
  86. 2015-03-10 14:24 . 2015-03-10 14:24 176448 ----a-w- c:\windows\system32\drivers\epfw.sys
  87. 2015-03-10 14:24 . 2015-03-10 14:24 135808 ----a-w- c:\windows\system32\drivers\ehdrv.sys
  88. 2015-03-06 05:15 . 2015-03-10 22:30 137656 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
  89. 2015-03-06 05:15 . 2015-03-10 22:30 67512 ----a-w- c:\windows\system32\drivers\ksecdd.sys
  90. 2015-03-06 05:10 . 2015-03-10 22:30 172032 ----a-w- c:\windows\system32\wdigest.dll
  91. 2015-03-06 05:10 . 2015-03-10 22:30 65536 ----a-w- c:\windows\system32\TSpkg.dll
  92. 2015-03-06 05:10 . 2015-03-10 22:30 15872 ----a-w- c:\windows\system32\sspisrv.dll
  93. 2015-03-06 05:10 . 2015-03-10 22:30 100352 ----a-w- c:\windows\system32\sspicli.dll
  94. 2015-03-06 05:10 . 2015-03-10 22:30 248832 ----a-w- c:\windows\system32\schannel.dll
  95. 2015-03-06 05:10 . 2015-03-10 22:30 22016 ----a-w- c:\windows\system32\secur32.dll
  96. 2015-03-06 05:10 . 2015-03-10 22:30 259584 ----a-w- c:\windows\system32\msv1_0.dll
  97. 2015-03-06 05:10 . 2015-03-10 22:30 221184 ----a-w- c:\windows\system32\ncrypt.dll
  98. 2015-03-06 05:10 . 2015-03-10 22:30 550912 ----a-w- c:\windows\system32\kerberos.dll
  99. 2015-03-06 05:10 . 2015-03-10 22:30 1061376 ----a-w- c:\windows\system32\lsasrv.dll
  100. 2015-03-06 05:10 . 2015-03-10 22:30 17408 ----a-w- c:\windows\system32\credssp.dll
  101. 2015-03-06 05:09 . 2015-03-10 22:30 22528 ----a-w- c:\windows\system32\lsass.exe
  102. 2015-03-06 05:09 . 2015-03-10 22:30 50176 ----a-w- c:\windows\system32\auditpol.exe
  103. 2015-03-06 05:07 . 2015-03-10 22:30 60416 ----a-w- c:\windows\system32\msobjs.dll
  104. 2015-03-06 05:07 . 2015-03-10 22:30 146432 ----a-w- c:\windows\system32\msaudite.dll
  105. 2015-03-06 05:06 . 2015-03-10 22:30 686080 ----a-w- c:\windows\system32\adtschema.dll
  106. 2014-07-10 06:16 . 2014-07-10 06:16 2174976 ----a-w- c:\program files\Common Files\atimpenc.dll
  107. .
  108. .
  109. ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
  110. .
  111. .
  112. *Note* empty entries & legit default entries are not shown
  113. REGEDIT4
  114. .
  115. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
  116. @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
  117. [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
  118. 2014-04-21 08:02 23008 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
  119. .
  120. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  121. "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
  122. .
  123. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  124. "HControl"="c:\windows\ATK0100\HControl.exe" [2006-12-15 217088]
  125. "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-22 815104]
  126. "snp2std"="c:\windows\vsnp2std.exe" [2005-10-20 339968]
  127. "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-17 13605408]
  128. "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-04-17 92704]
  129. "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2015-01-28 5088456]
  130. "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
  131. "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
  132. .
  133. c:\users\SONER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
  134. Lightshot.lnk - c:\users\SONER\AppData\Roaming\Lightshot\Lightshot.exe [2015-6-1 477184]
  135. .
  136. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  137. "ConsentPromptBehaviorAdmin"= 0 (0x0)
  138. "ConsentPromptBehaviorUser"= 3 (0x3)
  139. "EnableLUA"= 0 (0x0)
  140. "EnableUIADesktopToggle"= 0 (0x0)
  141. "PromptOnSecureDesktop"= 0 (0x0)
  142. "SoftwareSASGeneration"= 1 (0x1)
  143. .
  144. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
  145. "NoResolveTrack"= 1 (0x1)
  146. .
  147. [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
  148. "aux"=wdmaud.drv
  149. .
  150. [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
  151. BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
  152. .
  153. [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SoftEther VPN Client Manager Startup.lnk]
  154. path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk
  155. backup=c:\windows\pss\SoftEther VPN Client Manager Startup.lnk.CommonStartup
  156. backupExtension=.CommonStartup
  157. .
  158. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  159. 2014-12-19 06:48 1022152 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
  160. .
  161. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
  162. 2013-03-21 02:10 472992 ----a-w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
  163. .
  164. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCEPServiceManager]
  165. 2013-03-13 10:39 1039248 ----a-w- c:\program files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
  166. .
  167. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
  168. 2014-03-04 09:19 3696912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
  169. .
  170. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jswtrayutil]
  171. 2008-09-26 16:03 528384 ----a-w- c:\program files\Jumpstart\jswtrayutil.exe
  172. .
  173. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
  174. 2015-04-10 08:57 335232 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
  175. .
  176. R2 AutoKMS;AutoKMS;c:\windows\AutoKMS\AutoKMS.exe [2015-05-15 734208]
  177. R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-02-18 315488]
  178. R2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
  179. R3 ESETCleanersDriver;ESET Cleaner Service;c:\windows\system32\Drivers\ESETCleanersDriver.sys [x]
  180. R3 ggflt;SOMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2015-04-17 13528]
  181. R3 ggsomc;SOMC USB Flash Driver;c:\windows\system32\DRIVERS\ggsomc.sys [2015-04-17 26328]
  182. R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-02-20 102912]
  183. R3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files\Jumpstart\jswpsapi.exe [2008-09-26 954368]
  184. R3 Neo_VPN;VPN Client Device Driver - VPN;c:\windows\system32\DRIVERS\Neo_0086.sys [2014-10-12 26208]
  185. R3 ptun0901;TAP Adapter V9 for Private Tunnel;c:\windows\system32\DRIVERS\ptun0901.sys [2014-08-08 23552]
  186. R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2015-01-31 15872]
  187. R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
  188. R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
  189. R3 tapSF0901;Spotflux Virtual Network Device Driver;c:\windows\system32\DRIVERS\tapSF0901.sys [x]
  190. R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
  191. R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
  192. R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2015-03-16 95608]
  193. R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
  194. R4 jswpbapi;JumpStart Push-Button Service;c:\program files\Jumpstart\jswpbapi.exe [2008-09-26 188416]
  195. S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2015-03-10 51824]
  196. S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-10-06 243128]
  197. S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2015-03-10 193464]
  198. S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2015-03-10 135808]
  199. S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2015-03-10 37928]
  200. S1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwf.sys [2008-05-15 20384]
  201. S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2015-05-13 749664]
  202. S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2015-05-13 104896]
  203. S1 ZAM;ZAM;c:\windows\System32\drivers\zam32.sys [2015-01-21 90344]
  204. S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2015-01-28 1349576]
  205. S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2015-04-18 122432]
  206. S2 KMService;KMService;c:\windows\system32\srvany.exe [2015-05-15 8192]
  207. S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2013-03-01 36600]
  208. S2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\System32\StkCSrv.exe [2007-04-19 24576]
  209. S3 netr28u;TP-LINK 150Mbps Wireless Lite N Adapter;c:\windows\system32\DRIVERS\netr28u.sys [2010-05-27 856928]
  210. S3 StkCMini;Syntek AVStream USB2.0 VGA WebCam;c:\windows\system32\Drivers\StkCMini.sys [2007-06-06 1260672]
  211. S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2015-05-13 115672]
  212. S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2015-05-13 127008]
  213. .
  214. .
  215. [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
  216. 2015-05-26 11:10 986440 ----a-w- c:\program files\Google\Chrome\Application\43.0.2357.81\Installer\chrmstp.exe
  217. .
  218. Contents of the 'Scheduled Tasks' folder
  219. .
  220. 2015-06-02 c:\windows\Tasks\Adobe Flash Player Updater.job
  221. - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-22 17:23]
  222. .
  223. 2015-05-15 c:\windows\Tasks\AutoKMSCustom.job
  224. - c:\windows\AutoKMS\AutoKMS.exe [2015-05-15 19:30]
  225. .
  226. 2015-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  227. - c:\program files\Google\Update\GoogleUpdate.exe [2014-10-08 00:35]
  228. .
  229. 2015-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  230. - c:\program files\Google\Update\GoogleUpdate.exe [2014-10-08 00:35]
  231. .
  232. 2015-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d041d2a836baa8.job
  233. - c:\program files\Google\Update\GoogleUpdate.exe [2014-10-08 00:35]
  234. .
  235. .
  236. ------- Supplementary Scan -------
  237. .
  238. mStart Page = about:blank
  239. IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
  240. IE: IDM ile indir - c:\program files\Internet Download Manager\IEExt.htm
  241. IE: Microsoft Excel'e &Ver - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
  242. IE: OneNote'a G&önder - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
  243. IE: Tüm bağlantıları IDM ile indir - c:\program files\Internet Download Manager\IEGetAll.htm
  244. Trusted Zone: hola.org
  245. TCP: DhcpNameServer = 10.106.4.20
  246. TCP: Interfaces\{105400E3-7A24-45ED-A8C4-97CEFB38E2CD}: NameServer = 8.8.8.8,8.8.4.4
  247. TCP: Interfaces\{105400E3-7A24-45ED-A8C4-97CEFB38E2CD}\3716271636C6572633: NameServer = 8.8.8.8,8.8.4.4
  248. TCP: Interfaces\{88B08F66-9E76-41F4-9B0A-DFE60749B7E3}: NameServer = 8.8.8.8,8.8.4.4
  249. TCP: Interfaces\{88B08F66-9E76-41F4-9B0A-DFE60749B7E3}\4505D2C494E4B4F5142414338313: NameServer = 8.8.8.8,8.8.4.4
  250. FF - ProfilePath - c:\users\SONER\AppData\Roaming\Mozilla\Firefox\Profiles\80z7id2g.default\
  251. FF - prefs.js: network.proxy.type - 2
  252. .
  253. - - - - ORPHANS REMOVED - - - -
  254. .
  255. BHO-{10921475-03CE-4E04-90CE-E2E7EF20C814} - c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
  256. ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
  257. MSConfigStartUp-SoftEther VPN Client UI Helper - c:\program files\SoftEther VPN Client\vpnclient.exe
  258. MSConfigStartUp-tvncontrol - c:\program files\TightVNC\tvnserver.exe
  259. AddRemove-pywin32-py3.4 - c:\python34\Removepywin32.exe
  260. AddRemove-UnityWebPlayer - c:\users\SONER\AppData\Local\Unity\WebPlayer\Uninstall.exe
  261. .
  262. .
  263. .
  264. --------------------- LOCKED REGISTRY KEYS ---------------------
  265. .
  266. [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
  267. @Denied: (2) (LocalSystem)
  268. "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
  269. d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a4,18,41,19,2b,d7,39,4d,a0,b6,94,\
  270. "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
  271. d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a4,18,41,19,2b,d7,39,4d,a0,b6,94,\
  272. .
  273. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  274. @Denied: (A) (Users)
  275. @Denied: (A) (Everyone)
  276. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  277. "BlindDial"=dword:00000000
  278. .
  279. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  280. @Denied: (Full) (Everyone)
  281. .
  282. Completion time: 2015-06-03 00:55:50
  283. ComboFix-quarantined-files.txt 2015-06-02 21:55
  284. .
  285. Pre-Run: 12.969.611.264 bayt boş
  286. Post-Run: 12.968.165.376 bayt boş
  287. .
  288. - - End Of File - - 322F30F01B62191E4EB580BC67A8D51D
  289. A36C5E4F47E84449FF07ED3517B43A31
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!