gunescelik71
Öğrenci
- Katılım
- 1 Mart 2018
- Mesajlar
- 1
- Reaksiyon puanı
- 0
- Puanları
- 1
- Yaş
- 29
Arkadaşlar son zamanlarda bilgisayarıma virüs bulaştığı konusunda içime kurt düştü . Bende combofixle pcyi tarattıım. Log dosyasını analiz konusunda yardımcı olabilcek varmı. Log dosyası aşağıdaki gibi:
Kod:
ComboFix 18-02-16.01 - Furkan 01.03.2018 20:21:28.1.8 - x64 NETWORK
Microsoft Windows 7 Ultimate 6.1.7601.1.1254.90.1055.18.8101.7140 [GMT 3:00]
Running from: c:\users\Furkan\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FinalDeleteFile.exe
c:\users\Furkan\AppData\Roaming\Declare.ini
.
.
((((((((((((((((((((((((( Files Created from 2018-02-01 to 2018-03-01 )))))))))))))))))))))))))))))))
.
.
2018-03-01 17:25 . 2018-03-01 17:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2018-02-28 13:44 . 2018-02-28 13:44 -------- d-----w- c:\windows\SysWow64\NV
2018-02-28 13:44 . 2018-02-28 13:44 -------- d-----w- c:\windows\system32\NV
2018-02-27 13:19 . 2017-12-08 22:25 798520 ----a-w- c:\windows\SysWow64\vulkan-1.dll
2018-02-27 13:19 . 2017-12-08 22:25 490808 ----a-w- c:\windows\SysWow64\vulkaninfo.exe
2018-02-27 13:19 . 2017-12-08 22:24 928568 ----a-w- c:\windows\system32\vulkan-1.dll
2018-02-27 13:19 . 2017-12-08 22:24 591672 ----a-w- c:\windows\system32\vulkaninfo.exe
2018-02-27 13:19 . 2018-02-27 13:19 -------- d-----w- c:\program files (x86)\VulkanRT
2018-02-27 12:28 . 2018-02-27 12:28 -------- d-----w- c:\users\Furkan\AppData\Local\IsolatedStorage
2018-02-27 12:27 . 2018-02-27 12:27 -------- d-----w- c:\program files (x86)\Microsoft XNA
2018-02-25 07:53 . 2018-02-25 07:53 -------- d-----w- c:\users\Furkan\AppData\Roaming\KingRoot
2018-02-25 07:53 . 2018-02-25 07:53 -------- d-----w- c:\users\Furkan\AppData\Roaming\Tencent
2018-02-25 07:53 . 2018-02-25 08:36 -------- d-----w- c:\program files (x86)\KingRoot
2018-02-24 15:58 . 2018-02-24 15:59 -------- d-----w- c:\users\Furkan\AppData\Local\Discord
2018-02-24 07:33 . 2018-02-24 07:33 -------- d-----w- c:\programdata\Synaptics
2018-02-22 14:02 . 2018-02-22 18:12 -------- d-----w- c:\users\Furkan\AppData\Roaming\FileZilla
2018-02-22 14:02 . 2018-02-22 14:20 -------- d-----w- c:\users\Furkan\AppData\Local\FileZilla
2018-02-22 14:02 . 2018-02-22 14:02 -------- d-----w- c:\program files\FileZilla FTP Client
2018-02-22 13:30 . 2017-09-05 01:54 69104 ----a-w- c:\windows\system32\vsocklib.dll
2018-02-22 13:30 . 2017-09-05 01:54 65008 ----a-w- c:\windows\SysWow64\vsocklib.dll
2018-02-22 13:30 . 2017-09-05 01:54 93248 ----a-w- c:\windows\system32\drivers\vsock.sys
2018-02-22 13:30 . 2017-09-18 03:21 95704 ----a-w- c:\windows\system32\drivers\vmx86.sys
2018-02-22 13:30 . 2017-09-18 03:32 367080 ----a-w- c:\windows\SysWow64\vmnetdhcp.exe
2018-02-22 13:30 . 2017-09-18 03:32 402408 ----a-w- c:\windows\SysWow64\vmnat.exe
2018-02-22 13:29 . 2017-09-18 03:32 46040 ----a-w- c:\windows\system32\drivers\vmnet.sys
2018-02-22 13:29 . 2017-09-18 03:32 43992 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2018-02-22 13:29 . 2017-09-18 03:32 134104 ----a-w- c:\windows\system32\vnetinst.dll
2018-02-22 13:29 . 2017-09-18 03:33 1134056 ----a-w- c:\windows\system32\vnetlib64.dll
2018-02-22 13:29 . 2017-08-30 22:11 83008 ----a-w- c:\windows\system32\drivers\hcmon.sys
2018-02-22 13:28 . 2018-02-22 13:28 -------- d-----w- c:\program files (x86)\Common Files\ThinPrint
2018-02-22 13:28 . 2018-02-22 13:28 -------- d-----w- c:\program files\Common Files\VMware
2018-02-19 16:44 . 2018-02-19 19:10 -------- d-----w- c:\users\furkanözel
2018-02-19 16:13 . 2018-02-19 16:13 -------- d-----w- c:\programdata\Furkan
2018-02-19 08:01 . 2018-02-19 19:03 -------- d-----w- c:\program files\CCleaner
2018-02-18 19:04 . 2018-02-19 19:03 -------- d-----w- c:\program files\KMSpico
2018-02-18 18:34 . 2018-02-18 18:34 -------- d-----w- c:\users\Furkan\AppData\Roaming\EpicNet Inc
2018-02-18 18:32 . 2018-02-18 20:07 -------- d-----w- c:\program files (x86)\Xum2wqPNitLT
2018-02-18 18:32 . 2018-02-18 18:32 -------- d-----w- c:\users\Furkan\AppData\Roaming\FastDataX
2018-02-18 18:32 . 2018-02-18 19:34 -------- d-----w- C:\Applications
2018-02-18 18:31 . 2018-02-19 04:41 -------- d--h--w- c:\windows\rss
2018-02-17 07:51 . 2018-02-17 07:51 -------- d-----w- c:\program files (x86)\VMware
2018-02-16 18:26 . 2018-02-16 18:26 -------- d-----w- c:\windows\system32\appmgmt
2018-02-15 15:03 . 2018-02-15 15:03 -------- d-----w- c:\users\Furkan\ansel
2018-02-15 15:02 . 2017-12-15 02:03 59240 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2018-02-15 15:01 . 2018-02-15 15:01 -------- d-----w- c:\programdata\GroupPolicy
2018-02-12 13:18 . 2018-02-25 21:31 -------- d-----w- c:\users\Furkan\AppData\Roaming\VMware
2018-02-12 13:18 . 2018-02-25 21:31 -------- d-----w- c:\users\Furkan\AppData\Local\VMware
2018-02-12 13:16 . 2018-02-22 13:30 -------- dc----w- c:\windows\system32\DRVSTORE
2018-02-12 13:15 . 2018-03-01 05:54 -------- d-----w- c:\programdata\VMware
2018-02-12 13:14 . 2018-02-22 13:28 -------- d-----w- c:\program files (x86)\Common Files\VMware
2018-02-10 19:03 . 2018-02-10 19:49 -------- d-----w- c:\users\Furkan\AppData\Roaming\Hideman
2018-02-10 19:01 . 2018-02-10 19:02 -------- d-----w- c:\program files (x86)\Hideman
2018-02-10 00:34 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2018-02-10 00:34 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2018-02-09 23:24 . 2018-02-23 13:44 -------- d-----w- c:\program files (x86)\Zemana AntiMalware
2018-02-09 23:24 . 2018-02-09 23:24 -------- d-----w- c:\users\Furkan\AppData\Local\Zemana
2018-02-09 15:13 . 2018-02-09 15:20 -------- d-----w- C:\W7P_Backups
2018-02-09 15:12 . 2018-02-09 15:20 -------- d-----w- C:\SkinPack
2018-02-05 16:20 . 2018-02-22 18:22 -------- d-----w- C:\PAYDAY 2
2018-02-03 22:40 . 2018-02-03 23:31 -------- d-----w- c:\users\Furkan\AppData\Roaming\Wise_Reminder
2018-02-03 22:39 . 2018-02-03 22:39 -------- d-----w- c:\program files (x86)\Wise
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2018-02-25 05:36 . 2018-01-19 15:56 505232 ----a-w- c:\windows\system32\nvumdshimx.dll
2018-02-25 05:36 . 2018-01-19 15:56 419488 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2018-02-25 05:35 . 2018-01-19 15:56 182600 ----a-w- c:\windows\system32\nvinitx.dll
2018-02-25 05:35 . 2018-01-19 15:56 159712 ----a-w- c:\windows\SysWow64\nvinit.dll
2018-02-25 05:34 . 2018-01-19 15:56 15558416 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2018-02-25 05:34 . 2018-01-19 15:56 4424400 ----a-w- c:\windows\system32\nvapi64.dll
2018-02-23 20:01 . 2018-01-19 15:58 1951 ----a-w- c:\windows\NvContainerRecovery.bat
2018-02-23 19:22 . 2018-01-19 15:58 5953096 ----a-w- c:\windows\system32\nvcpl.dll
2018-02-23 19:22 . 2018-01-19 15:58 2587992 ----a-w- c:\windows\system32\nvsvc64.dll
2018-02-23 19:22 . 2018-01-19 15:58 81752 ----a-w- c:\windows\system32\nv3dappshextr.dll
2018-02-23 19:22 . 2018-01-19 15:58 633984 ----a-w- c:\windows\system32\nv3dappshext.dll
2018-02-23 19:22 . 2018-01-19 15:58 451144 ----a-w- c:\windows\system32\nvmctray.dll
2018-02-23 19:22 . 2018-01-19 15:58 1768008 ----a-w- c:\windows\system32\nvsvcr.dll
2018-02-23 19:22 . 2018-01-19 15:58 122896 ----a-w- c:\windows\system32\nvshext.dll
2018-02-16 14:48 . 2018-01-19 15:58 8083703 ----a-w- c:\windows\system32\nvcoproc.bin
2018-01-21 12:16 . 2018-01-21 12:16 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2018-01-21 12:16 . 2018-01-21 12:16 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2018-01-19 15:14 . 2018-01-19 12:58 65456 ----a-w- c:\windows\system32\drivers\UAExt.sys
2018-01-19 11:57 . 2018-01-19 11:56 3851784 ----a-w- c:\windows\SysWow64\d3dx9_39.dll
2018-01-10 14:33 . 2018-01-19 15:58 2425656 ----a-w- c:\windows\system32\nvspcap64.dll
2018-01-10 14:33 . 2018-01-19 15:58 2090800 ----a-w- c:\windows\SysWow64\nvspcap.dll
2018-01-10 14:33 . 2018-01-19 15:58 1310008 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2018-01-10 09:41 . 2018-01-19 15:58 1951 ----a-w- c:\windows\NvTelemetryContainerRecovery.bat
2018-01-04 01:39 . 2018-01-19 15:56 57792 ----a-w- c:\windows\system32\drivers\nvvhci.sys
2018-01-04 01:39 . 2018-01-19 15:56 1975184 ----a-w- c:\windows\system32\nvdispco6439065.dll
2018-01-04 01:39 . 2018-01-19 15:56 1674544 ----a-w- c:\windows\system32\nvdispgenco6439065.dll
2018-01-04 01:39 . 2018-01-19 13:52 532792 ----a-w- c:\windows\system32\OpenCL.DLL
2018-01-04 01:39 . 2018-01-19 13:52 437648 ----a-w- c:\windows\SysWow64\OpenCL.DLL
2017-12-22 09:35 . 2018-01-22 18:03 4936432 ----a-w- c:\programdata\Microsoft\Windows\Templates\Bloody6\Setup.exe
2017-12-21 23:59 . 2017-12-21 23:59 105984 ----a-w- c:\windows\system32\frapsv64.dll
2017-12-21 23:59 . 2017-12-21 23:59 94208 ----a-w- c:\windows\SysWow64\frapsvid.dll
2017-12-18 12:07 . 2018-01-19 15:58 187704 ----a-w- c:\windows\system32\nvaudcap64v.dll
2017-12-18 12:06 . 2018-01-19 15:58 152976 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2017-12-08 22:25 . 2017-12-08 22:25 798520 ----a-w- c:\windows\SysWow64\vulkan-1-1-0-65-1.dll
2017-12-08 22:25 . 2017-12-08 22:25 490808 ----a-w- c:\windows\SysWow64\vulkaninfo-1-1-0-65-1.exe
2017-12-08 22:24 . 2017-12-08 22:24 928568 ----a-w- c:\windows\system32\vulkan-1-1-0-65-1.dll
2017-12-08 22:24 . 2017-12-08 22:24 591672 ----a-w- c:\windows\system32\vulkaninfo-1-1-0-65-1.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2017-12-15 3111712]
"Bloody2"="c:\program files (x86)\Bloody6\Bloody6\Bloody6.exe" [2018-01-15 16226032]
"Discord"="c:\users\Furkan\AppData\Local\Discord\app-0.0.300\Discord.exe" [2018-01-08 57821176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:a781ac904 /wow /dir:C:\Program
.
R1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
R1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
R2 AudioDeviceService;AudioDeviceService;c:\windows\system32\AudioDeviceService.exe;c:\windows\SYSNATIVE\AudioDeviceService.exe [x]
R2 AvrcpService;AvrcpService;c:\program files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe;c:\program files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [x]
R2 BTDevManager;BTDevManager;c:\program files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe;c:\program files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
R2 NvTelemetryContainer;NVIDIA Telemetry Container;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [x]
R2 RtkBleServ;RtkBleServ;c:\program files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe;c:\program files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [x]
R2 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe;c:\windows\UnsignedThemesSvc.exe [x]
R2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys;c:\windows\SYSNATIVE\drivers\uxpatch.sys [x]
R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
R2 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [x]
R2 vstor2-mntapi20-shared;Vstor2 MntApi 2.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi20-shared.sys;SysWOW64\drivers\vstor2-mntapi20-shared.sys [x]
R2 YandexBrowserService;Yandex.Browser Update Service;c:\program files (x86)\Yandex\YandexBrowser\18.1.1.839\service_update.exe;c:\program files (x86)\Yandex\YandexBrowser\18.1.1.839\service_update.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IntcDAud;Intel(R) Ekran İçin Ses;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver;c:\windows\system32\DRIVERS\RtkBtfilter.sys;c:\windows\SYSNATIVE\DRIVERS\RtkBtfilter.sys [x]
R3 RTSUER;Realtek USB Card Reader - UER;c:\windows\system32\Drivers\RtsUer.sys;c:\windows\SYSNATIVE\Drivers\RtsUer.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 UAExt;UAExt;c:\windows\system32\DRIVERS\UAExt.sys;c:\windows\SYSNATIVE\DRIVERS\UAExt.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Ana Bilgisayar Denetleyici Değiştirici Sürücüsü;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Virtual Machine Communication Interface Sockets driver;c:\windows\system32\DRIVERS\vsock.sys;c:\windows\SYSNATIVE\DRIVERS\vsock.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Sürücüsü;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 Genişletilebilir Ana Bilgisayar Denetleyici Sürücüsü;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 nvvhci;NVVHCI Enumerator Service;c:\windows\system32\DRIVERS\nvvhci.sys;c:\windows\SYSNATIVE\DRIVERS\nvvhci.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2018-03-01 c:\windows\Tasks\Yandex Browser güncellemesi.job
- c:\users\Furkan\AppData\Local\Yandex\YandexBrowser\Application\browser.exe [2018-01-19 10:12]
.
2018-03-01 c:\windows\Tasks\Yandex Browser'ın sistem güncellemesi.job
- c:\program files (x86)\Yandex\YandexBrowser\18.1.1.839\service_update.exe [2018-02-20 10:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"BtServer"="c:\program files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe" [2014-06-06 217088]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-05-30 13550152]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{F791A188-699D-4FD4-955A-EB59E89B1907}"= "c:\skinpack\ThemeResourceChanger.dll" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
LSP: %windir%\system32\vsocklib.dll
TCP: DhcpNameServer = 192.168.42.129
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-Reload Icons Cache 1.00 - c:\program files (x86)\Mr Blade Design's\Reload Icons Cache\Uninstall.exe
AddRemove-TSEV Skyrim LE_is1 - d:\tsev skyrim le\unins000.exe
AddRemove-{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD} - c:\windows\system32\SupportAppPBHostless Modem\Setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2018-03-01 20:26:45
ComboFix-quarantined-files.txt 2018-03-01 17:26
ComboFix2.txt 2018-02-19 16:36
.
Pre-Run: 328.117.927.936 bayt boş
Post-Run: 328.057.651.200 bayt boş
.
- - End Of File - - 9C7ECA1C234298DDD3EF3F4FFD408452
A36C5E4F47E84449FF07ED3517B43A31
