Jump to content

Kayıt Defteri Kaydı Alma

SAYGINER

By SAYGINER,
in AutoIT

 Share

Recommended Posts

SAYGINER Newbie

SAYGINER

Posted
Posted
Merhaba arkadaşlar.İki gündür Zemana AntiLogger v1.9.2.819 programını autoit ile katılımsız yapmaya çalışıyorum.Programın sessiz kurulum parametresi yok.Bir türlü olmadı.Kayıt defteri değişikliklerini izleyip yapayım dedim ama Regshot programını kullandım bana ~res.txt adlı dosya oluşturdu.Fakat dosyada çok fazla değer var.Ben bunlardan hangilerini kullanmam gerekir.Dosyadaki başlıklar şöyle.
Anahtarlar silinmi?8
Anahtarlar eklenmi?16
Değerler silinmi?92
Dosyalar?eklenmi?4
Dosyaların özellikleri değiştirilmi?9
Klasörler eklenmi?1
Tüm değişiklikler:286
Bunlardan hangi vaya hangilerini kullanmam gerekir.Bir de Total-Uninstal programını kullanayım dedim o da bir çok kayıt çıkartıyor.Hangilerini almam gerektiğini bulamadım.Saygılarımla.
Link to comment
Share on other sites
SAYGINER Newbie

SAYGINER

Posted
  • Author
Posted (edited)

[quote name='blackman12' date='03 May 2012 - 13:19 ' timestamp='1336040355' post='1195850']
Onun yerine res.txt içeriğini verseydin ya.
[/quote]
Çok uzun olduğu için göndermemiştim.Buyrun
Regshot 1.8.2
Açıklamalar:
Zaman:2012/5/2 06:55:02 , 2012/5/2 06:56:06


----------------------------------
Anahtarlar silinmi?8
----------------------------------
HKU\.DEFAULT\Software\Classes\Local Settings\MuiCache\7F
HKU\.DEFAULT\Software\Classes\Local Settings\MuiCache\7F\8F259D79
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79
HKU\S-1-5-18\Software\Classes\Local Settings\MuiCache\7F
HKU\S-1-5-18\Software\Classes\Local Settings\MuiCache\7F\8F259D79

----------------------------------
Anahtarlar eklenmi?16
----------------------------------
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiLogger
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}
HKLM\SOFTWARE\MimarSinan\InstallAware\Ident.Cache\{014534FF-1D46-4A77-9B48-29EFD145995B}
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\SourceList
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\SourceList\Media
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\SourceList\Net
HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A56396B7B7E641342B6C6F5AC648A414
HKLM\SOFTWARE\Zemana
HKU\.DEFAULT\Software\Classes\Local Settings\MuiCache\80
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\80
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\80\8F259D79
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\80
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\80\8F259D79
HKU\S-1-5-18\Software\Classes\Local Settings\MuiCache\80

----------------------------------
Değerler silinmi?92
----------------------------------
HKU\.DEFAULT\Software\Classes\Local Settings\MuiCache\7F\8F259D79\LanguageList: 'tr-TR tr en-US en'
HKU\.DEFAULT\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%SystemRoot%\system32\p2pcollab.dll,-8042: "Eşler Arası Güven"
HKU\.DEFAULT\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%SystemRoot%\system32\qagentrt.dll,-10: "Sistem Durumu Kimlik Doğrulaması"
HKU\.DEFAULT\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%SystemRoot%\system32\dnsapi.dll,-103: "Etki Alanı Adı Sistemi (DNS) Sunucu Güveni"
HKU\.DEFAULT\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%SystemRoot%\System32\fveui.dll,-843: "BitLocker Sürücü Şifrelemesi"
HKU\.DEFAULT\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%SystemRoot%\System32\fveui.dll,-844: "BitLocker Veri Kurtarma Aracısı"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\LanguageList: 'tr-TR tr en-US en'
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@"%windir%\System32\ie4uinit.exe",-732: "Internet'te bilgi ve Web sitesi bulur ve görüntüler."
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\System32\ie4uinit.exe,-734: "Internet Explorer"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\unregmp2.exe,-4: "Windows Media Player"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\DeviceCenter.dll,-1000: "Aygıtlar ve Yazıcılar"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\sud.dll,-1: "Varsayılan Programlar"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\explorer.exe,-7021: "Yardım ve Destek"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%SystemRoot%\system32\p2pcollab.dll,-8042: "Eşler Arası Güven"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%SystemRoot%\system32\dnsapi.dll,-103: "Etki Alanı Adı Sistemi (DNS) Sunucu Güveni"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@zipfldr.dll,-10148: "Sıkıştırılmış klasör"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@sendmail.dll,-4: "Posta alıcısı"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\FXSRESM.dll,-120: "Faks alıcısı"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@sendmail.dll,-21: "Masaüstü (kısayol oluştur)"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\ntshrui.dll,-103: "Bununl&a paylaş"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\ntshrui.dll,-5112: "Seçili öğeleri ağdaki diğer kişilerle paylaşın."
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\NetworkExplorer.dll,-1: "Ağ"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\regedit.exe,-309: "Kayıt Girdileri"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@"%systemroot%\system32\windowspowershell\v1.0\powershell.exe",-111: "Performs object-based (command-line) functions"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@"%windir%\System32\ie4uinit.exe",-738: "Internet Explorer'ı ActiveX denetimleri veya tarayıcı uzantıları olmadan başlat."
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\unregmp2.exe,-9800: "&Windows Media Player listesine ekle"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\unregmp2.exe,-9801: "Windows &Media Player ile Yürüt"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\notepad.exe,-469: "Metin Belgesi"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\regedit.exe,-310: "&Birleştir"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\System32\ie4uinit.exe,-735: "Internet Explorer (64 bit)"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\ehome\ehres.dll,-100: "Windows Media Center"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Program Files\Windows Sidebar\sidebar.exe,-1005: "Masaüstü Araç Galerisi"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\wucltux.dll,-1: "Windows Update"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\XpsRchVw.exe,-102: "XPS Görüntüleyicisi"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%systemroot%\ehome\ehres.dll,-116: "TV, filmler, müzik ve resimler dahil olmak üzere dijital ve istendiğinde medya için ev eğlence seçeneğini açar."
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%systemroot%\syswow64\unregmp2.exe,-155: "Müzik, video, CD, ve DVD'leri içeren dijital medyaları yürütür."
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%systemroot%\system32\XpsRchVw.exe,-103: "XPS belgelerini görüntüleyin, dijital olarak imzalayın ve ilgili izinleri ayarlayın"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe,-291: "Matematiksel Giriş Paneli"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\displayswitch.exe,-320: "Projektöre Bağlan"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\mstsc.exe,-4000: "Uzak Masaüstü Bağlantısı"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\OobeFldr.dll,-33056: "Başlarken"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\System32\SyncCenter.dll,-3000: "Eşitleme Merkezi"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Program Files\windows journal\journal.exe,-62005: "Tablet PC"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%windir%\system32\mstsc.exe,-4001: "Başka bir yerde bulunan bilgisayara bağlanmak ve program çalıştırıp dosyalara erişmek için bilgisayarınızı kullanın."
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%windir%\system32\displayswitch.exe,-321: "Bilgisayarınızı ekran kablosuyla bir projektöre bağlayın."
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%CommonProgramFiles%\Microsoft Shared\Ink\mip.exe,-292: "Matematiksel Giriş Paneli"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\LanguageList: 'tr-TR tr en-US en'
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@"%windir%\System32\ie4uinit.exe",-732: "Internet'te bilgi ve Web sitesi bulur ve görüntüler."
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\System32\ie4uinit.exe,-734: "Internet Explorer"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\unregmp2.exe,-4: "Windows Media Player"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\DeviceCenter.dll,-1000: "Aygıtlar ve Yazıcılar"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\sud.dll,-1: "Varsayılan Programlar"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\explorer.exe,-7021: "Yardım ve Destek"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@%SystemRoot%\system32\p2pcollab.dll,-8042: "Eşler Arası Güven"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@%SystemRoot%\system32\dnsapi.dll,-103: "Etki Alanı Adı Sistemi (DNS) Sunucu Güveni"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@zipfldr.dll,-10148: "Sıkıştırılmış klasör"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@sendmail.dll,-4: "Posta alıcısı"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\FXSRESM.dll,-120: "Faks alıcısı"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@sendmail.dll,-21: "Masaüstü (kısayol oluştur)"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\ntshrui.dll,-103: "Bununl&a paylaş"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\ntshrui.dll,-5112: "Seçili öğeleri ağdaki diğer kişilerle paylaşın."
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\NetworkExplorer.dll,-1: "Ağ"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\regedit.exe,-309: "Kayıt Girdileri"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@"%systemroot%\system32\windowspowershell\v1.0\powershell.exe",-111: "Performs object-based (command-line) functions"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@"%windir%\System32\ie4uinit.exe",-738: "Internet Explorer'ı ActiveX denetimleri veya tarayıcı uzantıları olmadan başlat."
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\unregmp2.exe,-9800: "&Windows Media Player listesine ekle"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\unregmp2.exe,-9801: "Windows &Media Player ile Yürüt"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\notepad.exe,-469: "Metin Belgesi"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\regedit.exe,-310: "&Birleştir"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\System32\ie4uinit.exe,-735: "Internet Explorer (64 bit)"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\ehome\ehres.dll,-100: "Windows Media Center"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Program Files\Windows Sidebar\sidebar.exe,-1005: "Masaüstü Araç Galerisi"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\wucltux.dll,-1: "Windows Update"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\XpsRchVw.exe,-102: "XPS Görüntüleyicisi"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@%systemroot%\ehome\ehres.dll,-116: "TV, filmler, müzik ve resimler dahil olmak üzere dijital ve istendiğinde medya için ev eğlence seçeneğini açar."
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@%systemroot%\syswow64\unregmp2.exe,-155: "Müzik, video, CD, ve DVD'leri içeren dijital medyaları yürütür."
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@%systemroot%\system32\XpsRchVw.exe,-103: "XPS belgelerini görüntüleyin, dijital olarak imzalayın ve ilgili izinleri ayarlayın"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe,-291: "Matematiksel Giriş Paneli"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\displayswitch.exe,-320: "Projektöre Bağlan"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\mstsc.exe,-4000: "Uzak Masaüstü Bağlantısı"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\system32\OobeFldr.dll,-33056: "Başlarken"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Windows\System32\SyncCenter.dll,-3000: "Eşitleme Merkezi"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@C:\Program Files\windows journal\journal.exe,-62005: "Tablet PC"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@%windir%\system32\mstsc.exe,-4001: "Başka bir yerde bulunan bilgisayara bağlanmak ve program çalıştırıp dosyalara erişmek için bilgisayarınızı kullanın."
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@%windir%\system32\displayswitch.exe,-321: "Bilgisayarınızı ekran kablosuyla bir projektöre bağlayın."
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\7F\8F259D79\@%CommonProgramFiles%\Microsoft Shared\Ink\mip.exe,-292: "Matematiksel Giriş Paneli"
HKU\S-1-5-18\Software\Classes\Local Settings\MuiCache\7F\8F259D79\LanguageList: 'tr-TR tr en-US en'
HKU\S-1-5-18\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%SystemRoot%\system32\p2pcollab.dll,-8042: "Eşler Arası Güven"
HKU\S-1-5-18\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%SystemRoot%\system32\qagentrt.dll,-10: "Sistem Durumu Kimlik Doğrulaması"
HKU\S-1-5-18\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%SystemRoot%\system32\dnsapi.dll,-103: "Etki Alanı Adı Sistemi (DNS) Sunucu Güveni"
HKU\S-1-5-18\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%SystemRoot%\System32\fveui.dll,-843: "BitLocker Sürücü Şifrelemesi"
HKU\S-1-5-18\Software\Classes\Local Settings\MuiCache\7F\8F259D79\@%SystemRoot%\System32\fveui.dll,-844: "BitLocker Veri Kurtarma Aracısı"

----------------------------------
Değerler eklenmi?130
----------------------------------
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AntiLogger: ""C:\Program Files (x86)\AntiLogger\AntiLogger.exe" /minimized"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiLogger\DisplayIcon: "C:\ProgramData\{2954F7C6-7A4E-4504-8DC4-C1DC7D251C94}\Zemana_AntiLogger_Setup.exe"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiLogger\DisplayName: "AntiLogger"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiLogger\UninstallString: ""C:\ProgramData\{2954F7C6-7A4E-4504-8DC4-C1DC7D251C94}\Zemana_AntiLogger_Setup.exe" REMOVE=TRUE MODIFY=FALSE"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiLogger\ModifyPath: "C:\ProgramData\{2954F7C6-7A4E-4504-8DC4-C1DC7D251C94}\Zemana_AntiLogger_Setup.exe"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiLogger\Publisher: "Zemana Ltd."
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiLogger\Contact: "[email protected]"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiLogger\HelpLink: "http://www.zemana.com"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiLogger\URLUpdateInfo: "http://www.zemana.com"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiLogger\Comments: "All rights reserved."
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiLogger\InstallLocation: "C:\Program Files (x86)\AntiLogger"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\AuthorizedCDFPrefix: ""
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\Comments: ""
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\Contact: ""
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\DisplayVersion: "1.9.2.819"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\HelpLink: ""
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\HelpTelephone: ""
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\InstallDate: "20120502"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\InstallLocation: "C:\Program Files (x86)\AntiLogger"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\InstallSource: "C:\Users\3-C\AppData\Local\Temp\mia4\"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\NoModify: 0x00000001
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\NoRemove: 0x00000001
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\NoRepair: 0x00000001
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\Publisher: "Zemana Ltd."
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\Readme: ""
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\Size: ""
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\EstimatedSize: 0x000014F5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\SystemComponent: 0x00000001
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\URLInfoAbout: ""
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\URLUpdateInfo: ""
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\VersionMajor: 0x00000001
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\VersionMinor: 0x00000009
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\WindowsInstaller: 0x00000001
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\Version: 0x01090002
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\Language: 0x00000409
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\DisplayName: "AntiLogger"
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{014534FF-1D46-4A77-9B48-29EFD145995B}\UninstallString: "C:\ProgramData\{2954F7C6-7A4E-4504-8DC4-C1DC7D251C94}\Zemana_AntiLogger_Setup.exe"
HKLM\SOFTWARE\MimarSinan\InstallAware\Ident.Cache\{014534FF-1D46-4A77-9B48-29EFD145995B}\: "C:\ProgramData\{2954F7C6-7A4E-4504-8DC4-C1DC7D251C94}\"
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FEATURE_ID: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FB95EE170: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F9A7C88B3: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F1DE8F811: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F171F7AE7: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F5F5F999B: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F44B80218: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F85EFC7C2: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FAF1EECB4: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F387A124: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FCB63A3FC: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FB5F8F61: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F77A4B0E6: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FF0F09FF5: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F83E44E21: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FF42FCC6: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FD7CD8679: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F709E792D: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F59BFBC4B: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FCEB44D2E: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FD182C781: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F3775E5F1: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F4DA06D22: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FF6E33BE1: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FF96B0154: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F16AB24B7: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F936CABCB: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FEA6C7D4E: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F3406812B: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FC44C4700: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F3D59225: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FBEBFAB51: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FF9E0ECB3: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FD0939126: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FB134DF82: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FDF1A9A0A: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F6E0F55B5: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F103DD6D7: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FA478C9DD: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FEF9D20C4: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F196DB702: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\F3B8558D8: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FE3EE1372: ""
HKLM\SOFTWARE\Classes\Installer\Features\FF43541064D177A4B98492FE1D5499B5\FE40BB62C: ""
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\SourceList\Net\1: "C:\Users\3-C\AppData\Local\Temp\mia82F6.tmp\data\"
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\SourceList\Net\2: "C:\Users\3-C\AppData\Local\Temp\mia4"
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\SourceList\Media\MediaPackage: "\Users\3-C\AppData\Local\Temp\mia82F6.tmp\"
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\SourceList\Media\1: ";"
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\SourceList\PackageName: "Zemana_AntiLogger_Setup.msi"
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\SourceList\LastUsedSource: "n;1;C:\Users\3-C\AppData\Local\Temp\mia82F6.tmp\data\"
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\ProductName: "AntiLogger"
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\PackageCode: "6C7F4592E4A74054D84C1CCDD752C149"
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\Language: 0x00000409
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\Version: 0x01090002
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\Assignment: 0x00000001
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\AdvertiseFlags: 0x00000184
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\InstanceType: 0x00000000
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\AuthorizedLUAApp: 0x00000000
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\DeploymentFlags: 0x00000002
HKLM\SOFTWARE\Classes\Installer\Products\FF43541064D177A4B98492FE1D5499B5\Clients: ':'
HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A56396B7B7E641342B6C6F5AC648A414\FF43541064D177A4B98492FE1D5499B5: ""
HKLM\SOFTWARE\Zemana\ZAL-SessionId: 0x5EB23EF7
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts\C:\Users\3-C\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AntiLogger\AntiLogger.lnk: 0x00000001
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiLogger\AntiLogger.lnk: 0x00000001
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\P:\Hfref\3-P\NccQngn\Ybpny\Grzc\zvn82S6.gzc\Mrznan_NagvYbttre_Frghc.rkr: 00 00 00 00 00 00 00 00 02 00 00 00 65 15 00 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count\{7P5N40RS-N0SO-4OSP-874N-P0S2R0O9SN8R}\NagvYbttre\NagvYbttre.rkr: 00 00 00 00 00 00 00 00 03 00 00 00 AC 11 00 00 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF 00 00 80 BF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\80\8F259D79\LanguageList: 'tr-TR tr en-US en'
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\80\8F259D79\@"%windir%\System32\ie4uinit.exe",-732: "Internet'te bilgi ve Web sitesi bulur ve görüntüler."
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\regedit.exe,-309: "Kayıt Girdileri"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\system32\notepad.exe,-469: "Metin Belgesi"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\system32\ntshrui.dll,-103: "Bununl&a paylaş"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\system32\ntshrui.dll,-5112: "Seçili öğeleri ağdaki diğer kişilerle paylaşın."
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\System32\ie4uinit.exe,-734: "Internet Explorer"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\system32\unregmp2.exe,-4: "Windows Media Player"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\system32\DeviceCenter.dll,-1000: "Aygıtlar ve Yazıcılar"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\system32\sud.dll,-1: "Varsayılan Programlar"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\explorer.exe,-7021: "Yardım ve Destek"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\80\8F259D79\@%SystemRoot%\system32\p2pcollab.dll,-8042: "Eşler Arası Güven"
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\MuiCache\80\8F259D79\@%SystemRoot%\system32\dnsapi.dll,-103: "Etki Alanı Adı Sistemi (DNS) Sunucu Güveni"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\80\8F259D79\LanguageList: 'tr-TR tr en-US en'
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\80\8F259D79\@"%windir%\System32\ie4uinit.exe",-732: "Internet'te bilgi ve Web sitesi bulur ve görüntüler."
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\regedit.exe,-309: "Kayıt Girdileri"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\system32\notepad.exe,-469: "Metin Belgesi"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\system32\ntshrui.dll,-103: "Bununl&a paylaş"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\system32\ntshrui.dll,-5112: "Seçili öğeleri ağdaki diğer kişilerle paylaşın."
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\System32\ie4uinit.exe,-734: "Internet Explorer"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\system32\unregmp2.exe,-4: "Windows Media Player"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\system32\DeviceCenter.dll,-1000: "Aygıtlar ve Yazıcılar"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\system32\sud.dll,-1: "Varsayılan Programlar"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\80\8F259D79\@C:\Windows\explorer.exe,-7021: "Yardım ve Destek"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\80\8F259D79\@%SystemRoot%\system32\p2pcollab.dll,-8042: "Eşler Arası Güven"
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\MuiCache\80\8F259D79\@%SystemRoot%\system32\dnsapi.dll,-103: "Etki Alanı Adı Sistemi (DNS) Sunucu Güveni"
Değerler değiştirilmi?26
----------------------------------
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\GlobalAssocChangedCounter: 0x000000D6
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\GlobalAssocChangedCounter: 0x000000D7
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx: 1D 00 00 00 14 00 00 00 03 00 00 00 2C 00 00 00 24 00 00 00 00 00 00 00 29 00 00 00 2A 00 00 00 01 00 00 00 0F 00 00 00 2B 00 00 00 1A 00 00 00 02 00 00 00 04 00 00 00 23 00 00 00 28 00 00 00 20 00 00 00 1B 00 00 00 19 00 00 00 16 00 00 00 0C 00 00 00 07 00 00 00 12 00 00 00 13 00 00 00 27 00 00 00 21 00 00 00 26 00 00 00 25 00 00 00 11 00 00 00 22 00 00 00 1F 00 00 00 06 00 00 00 1E 00 00 00 1C 00 00 00 0D 00 00 00 18 00 00 00 10 00 00 00 17 00 00 00 15 00 00 00 0E 00 00 00 0B 00 00 00 08 00 00 00 09 00 00 00 0A 00 00 00 05 00 00 00 FF FF FF FF
HKU\S-1-5-21-2364720041-329696966-366428550-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx: 2C 00 00 00 1D 00 00 00 14 00 00 00 03 00 00 00 24 00 00 00 00 00 00 00 29 00 00 00 2A 00 00 00 01 00 00 00 0F 00 00 00 2B 00 00 00 1A 00 00 00 02 00 00 00 04 00 00 00 23 00 00 00 28 00 00 00 20 00 00 00 1B 00 00 00 19 00 00 00 16 00 00 00 0C 00 00 00 07 00 00 00 12 00 00 00 13 00 00 00 27 00 00 00 21 00 00 00 26 00 00 00 25 00 00 00 11 00 00 00 22 00 00 00 1F 00 00 00 06 00 00 00 1E 00 00 00 1C 00 00 00 0D 00 00 00 18 00 00 00 10 00 00 00 17 00 00 00 15 00 00 00 0E 00 00 00 0B 00 00 00 08 00 00 00 09 00 00 00 0A 00 00 00 05 00 00 00 FF FF FF FF
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx: 1D 00 00 00 14 00 00 00 03 00 00 00 2C 00 00 00 24 00 00 00 00 00 00 00 29 00 00 00 2A 00 00 00 01 00 00 00 0F 00 00 00 2B 00 00 00 1A 00 00 00 02 00 00 00 04 00 00 00 23 00 00 00 28 00 00 00 20 00 00 00 1B 00 00 00 19 00 00 00 16 00 00 00 0C 00 00 00 07 00 00 00 12 00 00 00 13 00 00 00 27 00 00 00 21 00 00 00 26 00 00 00 25 00 00 00 11 00 00 00 22 00 00 00 1F 00 00 00 06 00 00 00 1E 00 00 00 1C 00 00 00 0D 00 00 00 18 00 00 00 10 00 00 00 17 00 00 00 15 00 00 00 0E 00 00 00 0B 00 00 00 08 00 00 00 09 00 00 00 0A 00 00 00 05 00 00 00 FF FF FF FF
HKU\S-1-5-21-2364720041-329696966-366428550-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx: 2C 00 00 00 1D 00 00 00 14 00 00 00 03 00 00 00 24 00 00 00 00 00 00 00 29 00 00 00 2A 00 00 00 01 00 00 00 0F 00 00 00 2B 00 00 00 1A 00 00 00 02 00 00 00 04 00 00 00 23 00 00 00 28 00 00 00 20 00 00 00 1B 00 00 00 19 00 00 00 16 00 00 00 0C 00 00 00 07 00 00 00 12 00 00 00 13 00 00 00 27 00 00 00 21 00 00 00 26 00 00 00 25 00 00 00 11 00 00 00 22 00 00 00 1F 00 00 00 06 00 00 00 1E 00 00 00 1C 00 00 00 0D 00 00 00 18 00 00 00 10 00 00 00 17 00 00 00 15 00 00 00 0E 00 00 00 0B 00 00 00 08 00 00 00 09 00 00 00 0A 00 00 00 05 00 00 00 FF FF FF FF

----------------------------------
Dosyalar?eklenmi?4
----------------------------------
C:\WINDOWS\Installer\52a441.msi
C:\WINDOWS\Installer\{014534FF-1D46-4A77-9B48-29EFD145995B}\ty5c0.0.0.05cImages5cIcons5.ico
C:\WINDOWS\Prefetch\SVCHOST.EXE-80F4A784.pf
C:\WINDOWS\Prefetch\ZEMANA_ANTILOGGER_SETUP.EXE-42B9A713.pf

----------------------------------
Dosyaların özellikleri değiştirilmi?9
----------------------------------
C:\WINDOWS\Prefetch\ANTILOGGER.EXE-2BCDB1F1.pf
C:\WINDOWS\Prefetch\IEXPLORE.EXE-4B6C9213.pf
C:\WINDOWS\Prefetch\INSHLPR.EXE-4C2E94E5.pf
C:\WINDOWS\Prefetch\INSHLPR.EXE-FD90CE13.pf
C:\WINDOWS\Prefetch\KEYGEN.EXE-32D2E697.pf
C:\WINDOWS\Prefetch\MSIEXEC.EXE-A2D55CB6.pf
C:\WINDOWS\Prefetch\MSIEXEC.EXE-E09A077A.pf
C:\WINDOWS\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
C:\WINDOWS\Prefetch\ZEMANA_ANTILOGGER_1.9.2.819.E-A0CF78B6.pf

----------------------------------
Klasörler eklenmi?1
----------------------------------
C:\WINDOWS\Installer\{014534FF-1D46-4A77-9B48-29EFD145995B}

----------------------------------
Tüm değişiklikler:286

yardımlarınızı bekliyorum

Edited by SAYGINER
Link to comment
Share on other sites
SAYGINER Newbie

SAYGINER

Posted
  • Author
Posted

Zemana AntiLogger v1.9.2.819 şu kodlarla kurmaya çalıştım fakat lisanslayamadım.
Lisans kodu bu F77012C8E6416F8FFB299B03D23530A3
fakat reg kayıtlarında çıkmıyorBu arada yazdığım ilk mesaja cevap alamayınca reg kaydını WinINSTALL LE. adlı programla almaya çalıştım.
Run('Zemana_AntiLogger_1.9.2.819.exe')
_WinWaitActivate("Select Setup Language","&Cancel")
Send("{ENTER}")
_WinWaitActivate("AntiLogger - InstallAware Wizard","&Next >")
Send("{ENTER}")
_WinWaitActivate("AntiLogger - InstallAware Wizard","I &accept the terms ")
Send("{ENTER}")
_WinWaitActivate("AntiLogger - InstallAware Wizard","C:\Program Files\Ant")
Send("{ENTER}")
_WinWaitActivate("AntiLogger - InstallAware Wizard","< &Back")
Send("{ENTER}")
_WinWaitActivate("AntiLogger - InstallAware Wizard","&Run AntiLogger now")
Send("{ENTER}")
ProcessClose("Zemana AntiLogger 1.9.2.819")
RegWrite('HKCR\Installer\Products\FF43541064D177A4B98492FE1D5499B5', 'AdvertiseFlags', 'REG_DWORD', '388')
RegWrite('HKCR\Installer\Products\FF43541064D177A4B98492FE1D5499B5', 'Assignment', 'REG_DWORD', '1')
RegWrite('HKCR\Installer\Products\FF43541064D177A4B98492FE1D5499B5', 'AuthorizedLUAApp', 'REG_DWORD', '0')
RegWrite('HKCR\Installer\Products\FF43541064D177A4B98492FE1D5499B5', 'InstanceType', 'REG_DWORD', '0')
RegWrite('HKCR\Installer\Products\FF43541064D177A4B98492FE1D5499B5', 'Language', 'REG_DWORD', '1033')
RegWrite('HKCR\Installer\Products\FF43541064D177A4B98492FE1D5499B5', 'PackageCode', 'REG_SZ','[color="#FF0000"]6C7F4592E4A74054D84C1CCDD752C149[/color]')
RegWrite('HKCR\Installer\Products\FF43541064D177A4B98492FE1D5499B5', 'ProductName', 'REG_SZ','AntiLogger')
RegWrite('HKCR\Installer\Products\FF43541064D177A4B98492FE1D5499B5', 'Version', 'REG_DWORD', '17367042')
RegWrite('HKCR\Installer\Products\FF43541064D177A4B98492FE1D5499B5\SourceList\Media', '1', 'REG_SZ',';')
RegWrite('HKCR\Installer\Products\FF43541064D177A4B98492FE1D5499B5\SourceList\Media', 'MediaPackage', 'REG_SZ','\DOCUME~1\AKREP\LOCALS~1\Temp\mia35.tmp\')
RegWrite('HKCR\Installer\Products\FF43541064D177A4B98492FE1D5499B5\SourceList\Net')
RegWrite('HKCR\Installer\UpgradeCodes\A56396B7B7E641342B6C6F5AC648A414', 'FF43541064D177A4B98492FE1D5499B5', 'REG_SZ','')
RegWrite('HKCU\SessionInformation', 'ProgramCount', 'REG_DWORD', '4')
RegWrite('HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}\iexplore', 'Count', 'REG_DWORD', '3974')
RegWrite('HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}\iexplore', 'Time', 'REG_BINARY', Binary('0xdc0705000400030010002e0013000300'))
RegWrite('HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run', 'AntiLogger', 'REG_SZ','"@ProgFiles\AntiLogger\AntiLogger.exe" /minimized')
RegWrite('HKLM\SOFTWARE\MimarSinan\InstallAware\Ident.Cache\{014534FF-1D46-4A77-9B48-29EFD145995B}', '', 'REG_SZ','@CommonAppData\{2954F7C6-7A4E-4504-8DC4-C1DC7D251C94}\')
RegWrite('HKLM\SOFTWARE\Zemana', 'ZAL-SessionId', 'REG_DWORD', '1588739831')

; ===================== !!! Incorrect Data !!! =====================
; HKEY_CLASSES_ROOT\Installer\Products\FF43541064D177A4B98492FE1D5499B5 ==> Clients"=MultiSZ:":","
; HKEY_CLASSES_ROOT\Installer\Products\FF43541064D177A4B98492FE1D5499B5\SourceList ==> LastUsedSource"=ExpandSZ:"n;1;@ShortDriveC\DOCUME~1\AKREP\LOCALS~1\Temp\mia35.tmp\data\
; HKEY_CLASSES_ROOT\Installer\Products\FF43541064D177A4B98492FE1D5499B5\SourceList\Net ==> 1"=ExpandSZ:"@ShortDriveC\DOCUME~1\AKREP\LOCALS~1\Temp\mia35.tmp\data\
; HKEY_CLASSES_ROOT\Installer\Products\FF43541064D177A4B98492FE1D5499B5\SourceList\Net ==> 2"=ExpandSZ:"@ShortDriveC\DOCUME~1\AKREP\LOCALS~1\Temp\mia2


Func _WinWaitActivate($title,$text,$timeout=0)
WinWait($title,$text,$timeout)
If Not WinActive($title,$text) Then WinActivate($title,$text)
WinWaitActive($title,$text,$timeout)
EndFunc

Saygılar.

Link to comment
Share on other sites
blackman12 Newbie

blackman12

Posted
Posted

Kullandığın yöntem doğru ama izleme stilin yanlış, kurulum anından itibaren izletirsen eline çok kabarık bir res.txt geçer. onun yerine programı kur lisanslama ekranını aç lisans bilgilerini inputlara gir ama okeye basma. sonra regshotla ilk capture ı al sonra okeye bas ve ikinci captureı alıp res.txt yi elde et. çok daha sade bir sonuç çıkacak ortaya. birde HKU (HKEY_USERS) ta çıkan verileri kaale alma direk onları silebilirsin, çünkü her makinede SID numaraları farklıdır. Son olarak REGSHOT kullan, gördüğüm kadarıyla sen THINSTALL gibi bir program kullanıyorsun dosyaları da takip ettirmişsin çünkü

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...