Comodo Güvenlik Duvarı Hakkında

  1. KısayolKısayol reportŞikayet pmÖzel Mesaj
    PsychoDawn
    PsychoDawn's avatar
    Kayıt Tarihi: 01/Nisan/2007
    Erkek

    combofix le de tarattım . bilgisayarı yeniden başlattım hala aynı şey sürekli bir bağlantıyı engelliyor . bağlantının ne oldugunu nereye oldugunu bulsam kolay olacak ama . . . bir boklar var modem arayüz şifrem falan değişiyor hep benden başka kullanan yok zaten .

  2. KısayolKısayol reportŞikayet pmÖzel Mesaj
    imlegend
    imlegend's avatar
    Banlanmış Üye
    Kayıt Tarihi: 04/Ocak/2010
    Erkek

    Daniel-Koo bunu yazdı:
    -----------------------------

    imlegend bunu yazdı:
    -----------------------------

    Anlamadığım bir nokta var. Şimdi chrome da sadece bir tane sayfa açık 100 küsür tane bağlantı var diyor. Bu ne ayaktır arkadaş.

     

    http://e1205.hizliresim.com/x/v/6v828.png

     


    -----------------------------

    O sayfa bir video sitesi veya büyük bir portal sayfası ise bu dediğin normaldir. 


    -----------------------------

    Hocam tahribat'tan bir sayfa. Başka hiç bir internet sayfası yok.

  3. KısayolKısayol reportŞikayet pmÖzel Mesaj
    pcdoktor636
    pcdoktor636's avatar
    Kayıt Tarihi: 12/Ocak/2010
    Erkek

    PsychoDawn bunu yazdı:
    -----------------------------

    combofix le de tarattım . bilgisayarı yeniden başlattım hala aynı şey sürekli bir bağlantıyı engelliyor . bağlantının ne oldugunu nereye oldugunu bulsam kolay olacak ama . . . bir boklar var modem arayüz şifrem falan değişiyor hep benden başka kullanan yok zaten .


    -----------------------------

    sen dediğim gibi yap hijackthis ve combofix logunu bir koy buraya.

  4. KısayolKısayol reportŞikayet pmÖzel Mesaj
    PsychoDawn
    PsychoDawn's avatar
    Kayıt Tarihi: 01/Nisan/2007
    Erkek

    pcdoktor636 bunu yazdı:
    -----------------------------

    PsychoDawn bunu yazdı:
    -----------------------------

    combofix le de tarattım . bilgisayarı yeniden başlattım hala aynı şey sürekli bir bağlantıyı engelliyor . bağlantının ne oldugunu nereye oldugunu bulsam kolay olacak ama . . . bir boklar var modem arayüz şifrem falan değişiyor hep benden başka kullanan yok zaten .


    -----------------------------

    sen dediğim gibi yap hijackthis ve combofix logunu bir koy buraya.


    -----------------------------

    combofix log vermedi nedense :S

    HijackThis log u aşağıda.

     

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 12:36:13, on 27.05.2012

    Platform: Windows 7  (WinNT 6.00.3504)

    MSIE: Internet Explorer v9.00 (9.00.8112.16421)

    Boot mode: Normal

     

    Running processes:

    C:\Users\Şafak\Local Settings\Apps\F.lux\flux.exe

    C:\Program Files (x86)\Steam\Steam.exe

    C:\Program Files (x86)\uTorrent\uTorrent.exe

    C:\Program Files (x86)\Internet Download Manager\IDMan.exe

    C:\Windows\SysWOW64\MAFWTray.exe

    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

    C:\Program Files (x86)\iTunes\iTunesHelper.exe

    C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe

    C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

    C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Windows\SysWOW64\rundll32.exe

    C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Şafak\AppData\Local\Google\Chrome\Application\chrome.exe

    C:\Users\Şafak\Downloads\Programs\HijackThis.exe

     

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/9514

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

    R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Şafak\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll

    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll

    O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

    O2 - BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll

    O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - (no file)

    O2 - BHO: Windows Live ID Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Şafak\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll

    O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

    O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll

    O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

    O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\system32\MAFWTray.exe

    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

    O4 - HKCU\..\Run: [F.lux] "C:\Users\Şafak\Local Settings\Apps\F.lux\flux.exe" /noshow

    O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED

    O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot

    O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm

    O8 - Extra context menu item: IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEExt.htm

    O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

    O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm

    O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm

    O8 - Extra context menu item: Turbo Internet: Bu bağlantıyı indir - C:\Program Files (x86)\Turbo Internet\exts\dl.html

    O8 - Extra context menu item: Turbo Internet: Bu sayfayı Yer İmlerine ekle - C:\Program Files (x86)\Turbo Internet\exts\addFav.html

    O9 - Extra button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL

    O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll

    O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

    O10 - Unknown file in Winsock LSP: c:\progra~2\turboi~1\plugin\_hfilter.dll

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O17 - HKLM\System\CCS\Services\Tcpip\..\{E9D2D4F8-2824-43BB-9EEF-37B2CEC3706B}: NameServer = 8.8.8.8,8.8.4.4

    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

    O23 - Service: Expat Shield Service (ExpatShieldService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe

    O23 - Service: Expat Shield Routing Service (ExpatSrv) - AnchorFree Inc. - C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe

    O23 - Service: Expat Shield Tray Service (ExpatTrayService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE

    O23 - Service: Expat Shield Monitoring Service (ExpatWd) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\hsswd.exe

    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

    O23 - Service: Google Güncelleme Hizmeti (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Güncelleme Hizmeti (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

    O23 - Service: iPod Servisi (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

    O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe

    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

    O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

    O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

     

    --

    End of file - 15230 bytes

  5. KısayolKısayol reportŞikayet pmÖzel Mesaj
    Daniel-Koo
    Daniel-Koo's avatar
    Kayıt Tarihi: 22/Ekim/2010
    Erkek

    PsychoDawn bunu yazdı:
    -----------------------------

    pcdoktor636 bunu yazdı:
    -----------------------------

    PsychoDawn bunu yazdı:
    -----------------------------

    combofix le de tarattım . bilgisayarı yeniden başlattım hala aynı şey sürekli bir bağlantıyı engelliyor . bağlantının ne oldugunu nereye oldugunu bulsam kolay olacak ama . . . bir boklar var modem arayüz şifrem falan değişiyor hep benden başka kullanan yok zaten .


    -----------------------------

    sen dediğim gibi yap hijackthis ve combofix logunu bir koy buraya.


    -----------------------------

    combofix log vermedi nedense :S

    HijackThis log u aşağıda.

     

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 12:36:13, on 27.05.2012

    Platform: Windows 7  (WinNT 6.00.3504)

    MSIE: Internet Explorer v9.00 (9.00.8112.16421)

    Boot mode: Normal

     

    Running processes:


    -----------------------------

    Combofix logu C'ye atıyor oraya bi bak


    ne diyon?
  6. KısayolKısayol reportŞikayet pmÖzel Mesaj
    PsychoDawn
    PsychoDawn's avatar
    Kayıt Tarihi: 01/Nisan/2007
    Erkek

    combofix klasörünün içinde de bu var 

     

    ComboFix 12-05-26.02 - Şafak 27.05.2012   1:21:27.1.4 - x64

    Microsoft Windows 7 Ultimate   6.1.7600.0.1254.90.1055.18.4095.2362 [GMT 3:00]

    Running from: C:\ComboFix\ComboFix.exe

    AV: COMODO Antivirus *Enabled/Updated* {458BB331-2324-0753-3D5F-1472EB102AC0}

    FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}

    SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

     * Created a new restore point

     

     

    (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

     

     

    C:\install.exe

    C:\Program Files (x86)\sXe Injected

    C:\Program Files (x86)\sXe Injected\chromechange.exe

    C:\Program Files (x86)\sXe Injected\ddsxei.sys

    C:\Program Files (x86)\sXe Injected\default.reg

    C:\Program Files (x86)\sXe Injected\firechange.exe

    C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\background.html

    C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\background.js

    C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\example.html

    C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\icon128.png

    C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\icon19.png

    C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\manifest.json

    C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\options.css

    C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\options.html

    C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\options.js

    C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\README.md

    C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\redirect.html

    C:\Program Files (x86)\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\redirect.js

    C:\Program Files (x86)\sXe Injected\localstrike-search.xml

    C:\Program Files (x86)\sXe Injected\newtaburl_local.xpi

    C:\Program Files (x86)\sXe Injected\Preferences

    C:\Program Files (x86)\sXe Injected\search.ini

    C:\Program Files (x86)\sXe Injected\speeddial.ini

    C:\Program Files (x86)\sXe Injected\sXe-I EULA.txt

    C:\Program Files (x86)\sXe Injected\sXe Injected.exe

    C:\Program Files (x86)\sXe Injected\sXe Injected.txt

    C:\Program Files (x86)\sXe Injected\sXe.dll

    C:\Program Files (x86)\sXe Injected\test.exe

    C:\Program Files (x86)\sXe Injected\TopSites.plist

    C:\Program Files (x86)\sXe Injected\uninstall.exe

    C:\Program Files (x86)\sXe Injected\uninstall.ini

    C:\Program Files (x86)\sXe Injected\Web Data

    C:\Program Files (x86)\sXe Injected\web.dll

    C:\ProgramData\Propellerhead Software\ReCycle

    C:\ProgramData\Propellerhead Software\ReCycle\ReCycle210.dat

    C:\Users\AFAK~1\AppData\Local\Temp\~2FB0.tmp

    C:\Users\Şafak\AppData\Local\Temp\~2FB0.tmp

    C:\Windows\PFRO.log

     

     

    (((((((((((((((((((((((((   Files Created from 2012-04-26 to 2012-05-26  )))))))))))))))))))))))))))))))

     

     

  7. KısayolKısayol reportŞikayet pmÖzel Mesaj
    PsychoDawn
    PsychoDawn's avatar
    Kayıt Tarihi: 01/Nisan/2007
    Erkek

    up

  8. KısayolKısayol reportŞikayet pmÖzel Mesaj
    pcdoktor636
    pcdoktor636's avatar
    Kayıt Tarihi: 12/Ocak/2010
    Erkek

    hocam sisteminde rat var.

    flux isimli rat. hala bu ratı kullananlar varmıymış ya :D

    C:\Users\Şafak\Local Settings\Apps\F.lux\flux.exe

    aha buraya yerleşmiş.

  9. KısayolKısayol reportŞikayet pmÖzel Mesaj
    Daniel-Koo
    Daniel-Koo's avatar
    Kayıt Tarihi: 22/Ekim/2010
    Erkek

    pcdoktor636 bunu yazdı:
    -----------------------------

    hocam sisteminde rat var.

    flux isimli rat. hala bu ratı kullananlar varmıymış ya :D

    C:\Users\Şafak\Local Settings\Apps\F.lux\flux.exe

    aha buraya yerleşmiş.


    -----------------------------

    O lalalalala. 

    Adamlar seni izlemiş hacı :| Web Cam var mıydı kötü bir durum :F 

    Comodo Firewall bunun önüne geçmiştir.


    ne diyon?
  10. KısayolKısayol reportŞikayet pmÖzel Mesaj
    pcdoktor636
    pcdoktor636's avatar
    Kayıt Tarihi: 12/Ocak/2010
    Erkek

    Daniel-Koo bunu yazdı:
    -----------------------------

    pcdoktor636 bunu yazdı:
    -----------------------------

    hocam sisteminde rat var.

    flux isimli rat. hala bu ratı kullananlar varmıymış ya :D

    C:\Users\Şafak\Local Settings\Apps\F.lux\flux.exe

    aha buraya yerleşmiş.


    -----------------------------

    O lalalalala. 

    Adamlar seni izlemiş hacı :| Web Cam var mıydı kötü bir durum :F 

    Comodo Firewall bunun önüne geçmiştir.


    -----------------------------

    geçmemişte olabilir kesin değil :)

    Kaldıki adamın amacına bağlı. gerçekten bu müridi hedef alarak yaptıysa izlemiştir.

    Ancak tanımıyorsa genelde webcame bakmazlar kız değilse geçer giderler :D

Toplam Hit: 3220 Toplam Mesaj: 25