Durup dururken oldu bu mesela chromeda bi sekmeye tıklıyorum kapanıyor yeni bi sekmede açıyorum o kalıyor açtıgım site yeni bi sekmede açılıyo pc win8 köşeler çalışmıyo neden ?? farenin pili bitimştir diye touch pad le denedim ondada aynı
Farede yada sistemde sorun var acil
- Konuyu başlatan GaLaXyy
- Başlangıç tarihi
ComboFix,AVG ve Microsoft Essentials gibi Anti-Virüs programlarıyla taratmanızı öneriyorum.AVG virüsle alakalı şeyleri silen tek program diyebilirim.Benim bütün yediğim virüsleri temizledi.Şiddetle tavsiye ediyorum.Genellikle virüs yüzünden böyle şeyler oluyor.
- Konuyu başlatan
- #6
Dosya.tc - cretsiz, Hzl ve Kolay Dosya Paylam
combofixin verdiği rapor burda neymiş pcmin hastalığı arkadşlar
ComboFix 13-08-21.01 - JamaLL 22.08.2013 4:01.2.4 - x64
Microsoft Windows 8 Single Language 6.2.9200.0.1254.90.1055.18.8083.6066 [GMT 3:00]
Running from: c:\users\JamaLL\Downloads\ComboFix-tamindir.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-07-22 to 2013-08-22 )))))))))))))))))))))))))))))))
.
.
2013-08-22 01:05 . 2013-08-22 01:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-22 00:28 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F896DB0A-D5FB-4C1C-9A06-796B8BD8025E}\mpengine.dll
2013-08-21 20:44 . 2013-05-02 15:29 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-21 15:57 . 2013-08-21 20:07 -------- d-----w- c:\programdata\Kaspersky Lab
2013-08-21 15:57 . 2013-08-21 15:57 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2013-08-21 15:10 . 2013-08-21 20:24 -------- d-----w- c:\program files (x86)\GUM22FB.tmp
2013-08-21 15:01 . 2013-04-17 17:20 26432 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-08-20 13:33 . 2013-08-20 13:33 -------- d-----w- c:\program files (x86)\PhotoScape
2013-08-20 10:57 . 2013-08-20 10:57 240304 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10214.bin
2013-08-19 10:40 . 2013-08-19 10:40 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-08-19 10:40 . 2013-08-19 10:41 -------- d-----w- c:\programdata\IObit
2013-08-19 10:40 . 2013-08-19 10:40 -------- d-----w- c:\program files (x86)\IObit
2013-08-18 18:22 . 2013-08-18 18:22 -------- d-----w- c:\programdata\StarApp
2013-08-18 17:08 . 2013-08-22 00:50 -------- d-----w- c:\programdata\BetterSoft
2013-08-18 17:07 . 2013-08-18 18:22 -------- d-----w- c:\programdata\InstallMate
2013-08-17 18:34 . 2013-08-19 19:33 -------- d-----w- c:\programdata\YTD Video Downloader
2013-08-17 18:34 . 2013-08-17 18:34 -------- d-----w- c:\program files (x86)\GreenTree Applications
2013-08-17 08:46 . 2012-10-12 06:13 109568 ----a-w- c:\windows\system32\dskquota.dll
2013-08-17 08:44 . 2012-10-11 05:45 3236864 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2013-08-17 08:43 . 2012-10-11 07:13 58088 ----a-w- c:\windows\system32\drivers\dam.sys
2013-08-17 08:42 . 2012-11-08 04:25 523776 ----a-w- c:\windows\SysWow64\WSShared.dll
2013-08-17 08:41 . 2012-11-06 07:52 277736 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2013-08-17 08:25 . 2013-01-09 23:23 2094592 ----a-w- c:\windows\system32\mmc.exe
2013-08-17 08:23 . 2012-08-31 00:52 17888 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2013-08-17 08:23 . 2012-08-31 00:53 17888 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2013-08-17 08:19 . 2013-05-15 02:25 888320 ----a-w- c:\windows\system32\autochk.exe
2013-08-17 08:18 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-08-16 20:30 . 2013-06-27 22:04 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-16 20:30 . 2013-06-27 22:04 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-16 17:14 . 2006-12-08 09:02 251672 ----a-w- c:\windows\SysWow64\xactengine2_5.dll
2013-08-16 17:14 . 2006-12-08 09:00 390424 ----a-w- c:\windows\system32\xactengine2_5.dll
2013-08-16 17:14 . 2006-11-15 08:38 17688 ----a-w- c:\windows\system32\x3daudio1_1.dll
2013-08-16 17:14 . 2006-11-29 10:06 469264 ----a-w- c:\windows\system32\d3dx10.dll
2013-08-16 17:14 . 2006-11-29 10:06 440080 ----a-w- c:\windows\SysWow64\d3dx10.dll
2013-08-16 17:12 . 2006-03-31 09:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
2013-08-16 16:48 . 2013-08-16 16:48 -------- d-----w- c:\program files (x86)\Activision
2013-08-16 00:04 . 2013-08-16 00:04 -------- d-----w- c:\windows\system32\MRT
2013-08-15 21:27 . 2013-03-22 03:49 2382336 ----a-w- c:\windows\SysWow64\esent.dll
2013-08-15 21:27 . 2013-03-21 22:47 2851840 ----a-w- c:\windows\system32\esent.dll
2013-08-15 21:25 . 2012-12-13 04:00 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-15 21:25 . 2012-12-13 03:59 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-08-15 21:20 . 2012-10-24 03:25 26624 ----a-w- c:\windows\system32\ReAgentc.exe
2013-08-15 21:20 . 2012-10-24 02:48 24064 ----a-w- c:\windows\SysWow64\ReAgentc.exe
2013-08-15 21:20 . 2013-04-02 23:37 25088 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-08-15 21:20 . 2013-04-02 23:12 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-08-15 21:16 . 2013-03-02 08:23 375808 ----a-w- c:\windows\SysWow64\ReAgent.dll
2013-08-15 21:16 . 2013-03-02 02:44 1011200 ----a-w- c:\windows\system32\reseteng.dll
2013-08-15 21:16 . 2012-12-15 04:55 443392 ----a-w- c:\windows\system32\ReAgent.dll
2013-08-15 21:16 . 2012-11-03 05:26 132096 ----a-w- c:\windows\system32\sysreset.exe
2013-08-15 21:16 . 2012-11-03 05:25 945152 ----a-w- c:\windows\system32\resetengmig.dll
2013-08-15 20:31 . 2013-08-21 20:24 -------- d-----w- c:\windows\system32\drivers\NISx64\1404000.028
2013-08-15 19:26 . 2013-07-26 03:12 2877440 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-08-15 19:26 . 2013-07-26 03:12 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2013-08-15 19:24 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe
2013-08-15 19:24 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-08-15 19:24 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2013-08-15 19:24 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-15 19:24 . 2013-07-09 06:07 2233168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-15 19:24 . 2013-03-02 09:59 411880 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-08-15 19:18 . 2012-11-07 23:04 149264 ----a-w- c:\program files\Windows Defender\SymSrv.dll
2013-08-15 19:18 . 2012-11-07 23:04 1558912 ----a-w- c:\program files\Windows Defender\DbgHelp.dll
2013-08-15 19:18 . 2013-07-13 06:16 1889280 ----a-w- c:\windows\system32\crypt32.dll
2013-08-15 19:18 . 2013-07-13 04:23 1568256 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-08-15 19:18 . 2013-07-13 06:18 337408 ----a-w- c:\windows\system32\wintrust.dll
2013-08-15 19:18 . 2013-07-13 06:16 68096 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-15 19:18 . 2013-07-13 06:15 98304 ----a-w- c:\windows\system32\apprepsync.dll
2013-08-15 19:18 . 2013-07-13 06:15 124416 ----a-w- c:\windows\system32\apprepapi.dll
2013-08-15 19:18 . 2013-07-13 04:24 261120 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-08-15 19:18 . 2013-07-13 04:23 87040 ----a-w- c:\windows\SysWow64\apprepapi.dll
2013-08-15 19:18 . 2013-07-13 04:23 74240 ----a-w- c:\windows\SysWow64\apprepsync.dll
2013-08-15 19:17 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-15 19:17 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-08-15 19:15 . 2013-02-05 22:29 370688 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2013-08-15 19:15 . 2013-02-05 22:28 215552 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2013-08-15 19:15 . 2013-04-11 22:30 1421312 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-08-15 19:15 . 2013-04-11 22:22 1838080 ----a-w- c:\windows\system32\DWrite.dll
2013-08-15 19:15 . 2013-02-02 05:41 1437184 ----a-w- c:\windows\SysWow64\GdiPlus.dll
2013-08-15 19:15 . 2013-02-02 05:31 1690624 ----a-w- c:\windows\system32\GdiPlus.dll
2013-08-15 19:14 . 2013-05-04 06:59 2842112 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-15 19:14 . 2013-05-04 04:57 2620928 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-08-15 19:13 . 2013-05-15 22:35 144384 ----a-w- c:\windows\system32\tssdisai.dll
2013-08-15 19:13 . 2012-11-10 04:23 132608 ----a-w- c:\windows\SysWow64\poqexec.exe
2013-08-15 19:13 . 2012-11-10 04:23 148480 ----a-w- c:\windows\system32\poqexec.exe
2013-08-15 19:13 . 2012-11-10 04:22 122880 ----a-w- c:\windows\system32\VmHostAI.dll
2013-08-15 19:13 . 2012-11-10 04:22 126976 ----a-w- c:\windows\system32\RDWebAI.dll
2013-08-15 19:13 . 2012-11-10 04:20 135680 ----a-w- c:\windows\system32\appserverai.dll
2013-08-15 19:12 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-08-15 19:12 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-08-15 19:12 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-08-15 19:12 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-08-15 19:12 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-08-15 19:12 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-08-15 19:12 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-08-15 19:12 . 2013-04-16 02:34 1455368 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-08-15 19:12 . 2013-01-10 01:40 303848 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-08-15 19:11 . 2012-10-10 07:04 94208 ----a-w- c:\windows\system32\synceng.dll
2013-08-15 19:11 . 2012-10-10 06:31 72192 ----a-w- c:\windows\SysWow64\synceng.dll
2013-08-15 19:11 . 2012-11-26 04:21 71168 ----a-w- c:\windows\SysWow64\ncryptsslp.dll
2013-08-15 19:11 . 2012-11-26 04:20 86016 ----a-w- c:\windows\system32\ncryptsslp.dll
2013-08-15 18:22 . 2013-06-01 09:25 496640 ----a-w- c:\windows\SysWow64\qedit.dll
2013-08-15 18:22 . 2013-06-01 09:21 595968 ----a-w- c:\windows\system32\qedit.dll
2013-08-15 17:15 . 2012-10-24 03:25 13312 ----a-w- c:\windows\system32\pcalua.exe
2013-08-15 17:15 . 2012-10-24 03:24 405504 ----a-w- c:\windows\system32\pcasvc.dll
2013-08-15 17:15 . 2012-10-24 03:24 31232 ----a-w- c:\windows\system32\pcadm.dll
2013-08-15 17:15 . 2012-10-24 03:05 11776 ----a-w- c:\windows\system32\pcaevts.dll
2013-08-15 17:09 . 2013-03-15 00:17 861184 ----a-w- c:\windows\system32\drivers\http.sys
2013-08-15 17:07 . 2012-12-16 08:28 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-08-15 17:07 . 2012-12-16 08:20 35328 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-08-15 17:07 . 2012-12-16 08:08 362496 ----a-w- c:\windows\system32\atmfd.dll
2013-08-15 17:07 . 2012-12-16 07:57 300032 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-08-15 17:07 . 2012-11-08 04:24 75776 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-08-15 17:07 . 2012-11-08 04:24 10752 ----a-w- c:\windows\SysWow64\dciman32.dll
2013-08-15 17:07 . 2012-11-08 04:20 96256 ----a-w- c:\windows\system32\fontsub.dll
2013-08-15 17:07 . 2012-11-08 04:20 14336 ----a-w- c:\windows\system32\dciman32.dll
2013-08-15 17:07 . 2012-11-08 04:02 3072 ----a-w- c:\windows\system32\lpk.dll
2013-08-15 17:07 . 2012-11-08 04:01 3072 ----a-w- c:\windows\SysWow64\lpk.dll
2013-08-15 17:06 . 2013-08-15 17:06 -------- d-----w- c:\program files (x86)\VideoLAN
2013-08-15 16:42 . 2012-11-01 04:41 1802240 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-08-15 16:42 . 2012-11-01 04:41 1438720 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-08-15 16:42 . 2012-11-01 04:40 2361344 ----a-w- c:\windows\system32\msxml6.dll
2013-08-15 16:42 . 2012-11-01 04:40 1836032 ----a-w- c:\windows\system32\msxml3.dll
2013-08-15 16:42 . 2012-11-01 04:21 2048 ----a-w- c:\windows\system32\msxml6r.dll
2013-08-15 16:42 . 2012-11-01 04:21 2048 ----a-w- c:\windows\system32\msxml3r.dll
2013-08-15 16:42 . 2012-11-01 04:20 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2013-08-15 16:42 . 2012-11-01 04:20 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-15 20:32 . 2012-11-12 08:10 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-08-15 16:57 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-07-03 12:04 . 2013-07-03 12:04 81744 ----a-w- c:\windows\SysWow64\mfcm100.dll
2013-07-03 12:04 . 2013-07-03 12:04 81744 ----a-w- c:\windows\SysWow64\mfcm100u.dll
2013-07-03 12:04 . 2013-07-03 12:04 4397384 ----a-w- c:\windows\SysWow64\mfc100.dll
2013-07-03 12:04 . 2013-07-03 12:04 773968 ----a-w- c:\windows\SysWow64\msvcr100.dll
2013-07-03 12:03 . 2013-07-03 12:03 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll
2013-07-03 12:03 . 2013-07-03 12:03 4422992 ----a-w- c:\windows\SysWow64\mfc100u.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\JamaLL\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-08-15 138096]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-12 642216]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2012-08-15 2994880]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-05-10 37960]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-08-15 97392]
"CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2012-06-08 111120]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2012-07-12 491120]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-09-12 56128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
R0 SymELAM;Symantec ELAM Driver;c:\windows\system32\drivers\NISx64\1404000.028\SymELAM.sys;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\SymELAM.sys [x]
R2 SWUpdateService;SW Update Service;c:\programdata\Samsung\SW Update Service\SWMAgent.exe;c:\programdata\Samsung\SW Update Service\SWMAgent.exe [x]
R3 amd_sata;amd_sata;c:\windows\System32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]
R3 amd_xata;amd_xata;c:\windows\System32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
R3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130715.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [x]
R3 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\ccSetx64.sys [x]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
R3 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130820.006\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130820.006\IDSvia64.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\SYMDS64.SYS [x]
R3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\SYMEFA64.SYS [x]
R3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\Ironx64.SYS [x]
R3 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1404000.028\SYMNETS.SYS [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\System32\drivers\amdkmpfd.sys;c:\windows\SYSNATIVE\drivers\amdkmpfd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 ccSet_NARA;NARA Settings Manager;c:\windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NARAx64\0401000.00E\ccSetx64.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Easy Launcher;Easy Launcher;c:\program files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe;c:\program files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_HID;Bluetooth HID Device;c:\windows\system32\DRIVERS\btath_hid.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hid.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Bluetooth Düşük Enerji Sürücüsü;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 IntcDAud;Intel(R) Ekran İçin Ses;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 RadioHIDMini;Radio HID Mini-driver;c:\windows\System32\drivers\RadioHIDMini.sys;c:\windows\SYSNATIVE\drivers\RadioHIDMini.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-21 20:32 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-705760066-427170638-3659814590-1001Core.job
- c:\users\JamaLL\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-15 14:11]
.
2013-08-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-705760066-427170638-3659814590-1001UA.job
- c:\users\JamaLL\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-15 14:11]
.
2013-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-21 15:10]
.
2013-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-21 15:10]
.
2013-08-14 c:\windows\Tasks\Synaptics TouchPad Enhancements.job
- c:\program files\Synaptics\SynTP\SynTPEnh.exe [2012-10-16 11:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-08-10 13191824]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-09-17 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-09-17 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-09-17 441888]
"BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-12-05 766080]
"BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-12-05 128640]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://samsung13.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 62.248.80.164 62.248.80.163
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{26A97EFF-0FB7-D67E-824F-8C3105EEA9A5} - c:\programdata\saufe Save\5210ff6bbb7d0.dll
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{0379029A-3735-B2C5-F4A4-D97436ADB374} - c:\programdata\InstallMate\{1EAD0156-BF84-4590-A77B-F7A6C54E23A0}\Setup.exe
AddRemove-{924C3DC2-8E4E-432E-F973-9A2174A39774} - c:\programdata\saufe Save\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Completion time: 2013-08-22 04:06:57
ComboFix-quarantined-files.txt 2013-08-22 01:06
.
Pre-Run: 628.099.735.552 bytes free
Post-Run: 627.691.507.712 bytes free
.
- - End Of File - - AF9FFD607BE5137D25746EC7B09E016E
combofixin verdiği rapor burda neymiş pcmin hastalığı arkadşlar
ComboFix 13-08-21.01 - JamaLL 22.08.2013 4:01.2.4 - x64
Microsoft Windows 8 Single Language 6.2.9200.0.1254.90.1055.18.8083.6066 [GMT 3:00]
Running from: c:\users\JamaLL\Downloads\ComboFix-tamindir.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-07-22 to 2013-08-22 )))))))))))))))))))))))))))))))
.
.
2013-08-22 01:05 . 2013-08-22 01:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-22 00:28 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F896DB0A-D5FB-4C1C-9A06-796B8BD8025E}\mpengine.dll
2013-08-21 20:44 . 2013-05-02 15:29 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-21 15:57 . 2013-08-21 20:07 -------- d-----w- c:\programdata\Kaspersky Lab
2013-08-21 15:57 . 2013-08-21 15:57 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2013-08-21 15:10 . 2013-08-21 20:24 -------- d-----w- c:\program files (x86)\GUM22FB.tmp
2013-08-21 15:01 . 2013-04-17 17:20 26432 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-08-20 13:33 . 2013-08-20 13:33 -------- d-----w- c:\program files (x86)\PhotoScape
2013-08-20 10:57 . 2013-08-20 10:57 240304 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10214.bin
2013-08-19 10:40 . 2013-08-19 10:40 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-08-19 10:40 . 2013-08-19 10:41 -------- d-----w- c:\programdata\IObit
2013-08-19 10:40 . 2013-08-19 10:40 -------- d-----w- c:\program files (x86)\IObit
2013-08-18 18:22 . 2013-08-18 18:22 -------- d-----w- c:\programdata\StarApp
2013-08-18 17:08 . 2013-08-22 00:50 -------- d-----w- c:\programdata\BetterSoft
2013-08-18 17:07 . 2013-08-18 18:22 -------- d-----w- c:\programdata\InstallMate
2013-08-17 18:34 . 2013-08-19 19:33 -------- d-----w- c:\programdata\YTD Video Downloader
2013-08-17 18:34 . 2013-08-17 18:34 -------- d-----w- c:\program files (x86)\GreenTree Applications
2013-08-17 08:46 . 2012-10-12 06:13 109568 ----a-w- c:\windows\system32\dskquota.dll
2013-08-17 08:44 . 2012-10-11 05:45 3236864 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2013-08-17 08:43 . 2012-10-11 07:13 58088 ----a-w- c:\windows\system32\drivers\dam.sys
2013-08-17 08:42 . 2012-11-08 04:25 523776 ----a-w- c:\windows\SysWow64\WSShared.dll
2013-08-17 08:41 . 2012-11-06 07:52 277736 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2013-08-17 08:25 . 2013-01-09 23:23 2094592 ----a-w- c:\windows\system32\mmc.exe
2013-08-17 08:23 . 2012-08-31 00:52 17888 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2013-08-17 08:23 . 2012-08-31 00:53 17888 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2013-08-17 08:19 . 2013-05-15 02:25 888320 ----a-w- c:\windows\system32\autochk.exe
2013-08-17 08:18 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-08-16 20:30 . 2013-06-27 22:04 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-16 20:30 . 2013-06-27 22:04 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-16 17:14 . 2006-12-08 09:02 251672 ----a-w- c:\windows\SysWow64\xactengine2_5.dll
2013-08-16 17:14 . 2006-12-08 09:00 390424 ----a-w- c:\windows\system32\xactengine2_5.dll
2013-08-16 17:14 . 2006-11-15 08:38 17688 ----a-w- c:\windows\system32\x3daudio1_1.dll
2013-08-16 17:14 . 2006-11-29 10:06 469264 ----a-w- c:\windows\system32\d3dx10.dll
2013-08-16 17:14 . 2006-11-29 10:06 440080 ----a-w- c:\windows\SysWow64\d3dx10.dll
2013-08-16 17:12 . 2006-03-31 09:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
2013-08-16 16:48 . 2013-08-16 16:48 -------- d-----w- c:\program files (x86)\Activision
2013-08-16 00:04 . 2013-08-16 00:04 -------- d-----w- c:\windows\system32\MRT
2013-08-15 21:27 . 2013-03-22 03:49 2382336 ----a-w- c:\windows\SysWow64\esent.dll
2013-08-15 21:27 . 2013-03-21 22:47 2851840 ----a-w- c:\windows\system32\esent.dll
2013-08-15 21:25 . 2012-12-13 04:00 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-15 21:25 . 2012-12-13 03:59 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-08-15 21:20 . 2012-10-24 03:25 26624 ----a-w- c:\windows\system32\ReAgentc.exe
2013-08-15 21:20 . 2012-10-24 02:48 24064 ----a-w- c:\windows\SysWow64\ReAgentc.exe
2013-08-15 21:20 . 2013-04-02 23:37 25088 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-08-15 21:20 . 2013-04-02 23:12 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-08-15 21:16 . 2013-03-02 08:23 375808 ----a-w- c:\windows\SysWow64\ReAgent.dll
2013-08-15 21:16 . 2013-03-02 02:44 1011200 ----a-w- c:\windows\system32\reseteng.dll
2013-08-15 21:16 . 2012-12-15 04:55 443392 ----a-w- c:\windows\system32\ReAgent.dll
2013-08-15 21:16 . 2012-11-03 05:26 132096 ----a-w- c:\windows\system32\sysreset.exe
2013-08-15 21:16 . 2012-11-03 05:25 945152 ----a-w- c:\windows\system32\resetengmig.dll
2013-08-15 20:31 . 2013-08-21 20:24 -------- d-----w- c:\windows\system32\drivers\NISx64\1404000.028
2013-08-15 19:26 . 2013-07-26 03:12 2877440 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-08-15 19:26 . 2013-07-26 03:12 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2013-08-15 19:24 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe
2013-08-15 19:24 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-08-15 19:24 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2013-08-15 19:24 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-15 19:24 . 2013-07-09 06:07 2233168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-15 19:24 . 2013-03-02 09:59 411880 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-08-15 19:18 . 2012-11-07 23:04 149264 ----a-w- c:\program files\Windows Defender\SymSrv.dll
2013-08-15 19:18 . 2012-11-07 23:04 1558912 ----a-w- c:\program files\Windows Defender\DbgHelp.dll
2013-08-15 19:18 . 2013-07-13 06:16 1889280 ----a-w- c:\windows\system32\crypt32.dll
2013-08-15 19:18 . 2013-07-13 04:23 1568256 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-08-15 19:18 . 2013-07-13 06:18 337408 ----a-w- c:\windows\system32\wintrust.dll
2013-08-15 19:18 . 2013-07-13 06:16 68096 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-15 19:18 . 2013-07-13 06:15 98304 ----a-w- c:\windows\system32\apprepsync.dll
2013-08-15 19:18 . 2013-07-13 06:15 124416 ----a-w- c:\windows\system32\apprepapi.dll
2013-08-15 19:18 . 2013-07-13 04:24 261120 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-08-15 19:18 . 2013-07-13 04:23 87040 ----a-w- c:\windows\SysWow64\apprepapi.dll
2013-08-15 19:18 . 2013-07-13 04:23 74240 ----a-w- c:\windows\SysWow64\apprepsync.dll
2013-08-15 19:17 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-15 19:17 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-08-15 19:15 . 2013-02-05 22:29 370688 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2013-08-15 19:15 . 2013-02-05 22:28 215552 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2013-08-15 19:15 . 2013-04-11 22:30 1421312 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-08-15 19:15 . 2013-04-11 22:22 1838080 ----a-w- c:\windows\system32\DWrite.dll
2013-08-15 19:15 . 2013-02-02 05:41 1437184 ----a-w- c:\windows\SysWow64\GdiPlus.dll
2013-08-15 19:15 . 2013-02-02 05:31 1690624 ----a-w- c:\windows\system32\GdiPlus.dll
2013-08-15 19:14 . 2013-05-04 06:59 2842112 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-15 19:14 . 2013-05-04 04:57 2620928 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-08-15 19:13 . 2013-05-15 22:35 144384 ----a-w- c:\windows\system32\tssdisai.dll
2013-08-15 19:13 . 2012-11-10 04:23 132608 ----a-w- c:\windows\SysWow64\poqexec.exe
2013-08-15 19:13 . 2012-11-10 04:23 148480 ----a-w- c:\windows\system32\poqexec.exe
2013-08-15 19:13 . 2012-11-10 04:22 122880 ----a-w- c:\windows\system32\VmHostAI.dll
2013-08-15 19:13 . 2012-11-10 04:22 126976 ----a-w- c:\windows\system32\RDWebAI.dll
2013-08-15 19:13 . 2012-11-10 04:20 135680 ----a-w- c:\windows\system32\appserverai.dll
2013-08-15 19:12 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-08-15 19:12 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-08-15 19:12 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-08-15 19:12 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-08-15 19:12 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-08-15 19:12 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-08-15 19:12 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-08-15 19:12 . 2013-04-16 02:34 1455368 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-08-15 19:12 . 2013-01-10 01:40 303848 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-08-15 19:11 . 2012-10-10 07:04 94208 ----a-w- c:\windows\system32\synceng.dll
2013-08-15 19:11 . 2012-10-10 06:31 72192 ----a-w- c:\windows\SysWow64\synceng.dll
2013-08-15 19:11 . 2012-11-26 04:21 71168 ----a-w- c:\windows\SysWow64\ncryptsslp.dll
2013-08-15 19:11 . 2012-11-26 04:20 86016 ----a-w- c:\windows\system32\ncryptsslp.dll
2013-08-15 18:22 . 2013-06-01 09:25 496640 ----a-w- c:\windows\SysWow64\qedit.dll
2013-08-15 18:22 . 2013-06-01 09:21 595968 ----a-w- c:\windows\system32\qedit.dll
2013-08-15 17:15 . 2012-10-24 03:25 13312 ----a-w- c:\windows\system32\pcalua.exe
2013-08-15 17:15 . 2012-10-24 03:24 405504 ----a-w- c:\windows\system32\pcasvc.dll
2013-08-15 17:15 . 2012-10-24 03:24 31232 ----a-w- c:\windows\system32\pcadm.dll
2013-08-15 17:15 . 2012-10-24 03:05 11776 ----a-w- c:\windows\system32\pcaevts.dll
2013-08-15 17:09 . 2013-03-15 00:17 861184 ----a-w- c:\windows\system32\drivers\http.sys
2013-08-15 17:07 . 2012-12-16 08:28 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-08-15 17:07 . 2012-12-16 08:20 35328 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-08-15 17:07 . 2012-12-16 08:08 362496 ----a-w- c:\windows\system32\atmfd.dll
2013-08-15 17:07 . 2012-12-16 07:57 300032 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-08-15 17:07 . 2012-11-08 04:24 75776 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-08-15 17:07 . 2012-11-08 04:24 10752 ----a-w- c:\windows\SysWow64\dciman32.dll
2013-08-15 17:07 . 2012-11-08 04:20 96256 ----a-w- c:\windows\system32\fontsub.dll
2013-08-15 17:07 . 2012-11-08 04:20 14336 ----a-w- c:\windows\system32\dciman32.dll
2013-08-15 17:07 . 2012-11-08 04:02 3072 ----a-w- c:\windows\system32\lpk.dll
2013-08-15 17:07 . 2012-11-08 04:01 3072 ----a-w- c:\windows\SysWow64\lpk.dll
2013-08-15 17:06 . 2013-08-15 17:06 -------- d-----w- c:\program files (x86)\VideoLAN
2013-08-15 16:42 . 2012-11-01 04:41 1802240 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-08-15 16:42 . 2012-11-01 04:41 1438720 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-08-15 16:42 . 2012-11-01 04:40 2361344 ----a-w- c:\windows\system32\msxml6.dll
2013-08-15 16:42 . 2012-11-01 04:40 1836032 ----a-w- c:\windows\system32\msxml3.dll
2013-08-15 16:42 . 2012-11-01 04:21 2048 ----a-w- c:\windows\system32\msxml6r.dll
2013-08-15 16:42 . 2012-11-01 04:21 2048 ----a-w- c:\windows\system32\msxml3r.dll
2013-08-15 16:42 . 2012-11-01 04:20 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2013-08-15 16:42 . 2012-11-01 04:20 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-15 20:32 . 2012-11-12 08:10 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-08-15 16:57 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-07-03 12:04 . 2013-07-03 12:04 81744 ----a-w- c:\windows\SysWow64\mfcm100.dll
2013-07-03 12:04 . 2013-07-03 12:04 81744 ----a-w- c:\windows\SysWow64\mfcm100u.dll
2013-07-03 12:04 . 2013-07-03 12:04 4397384 ----a-w- c:\windows\SysWow64\mfc100.dll
2013-07-03 12:04 . 2013-07-03 12:04 773968 ----a-w- c:\windows\SysWow64\msvcr100.dll
2013-07-03 12:03 . 2013-07-03 12:03 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll
2013-07-03 12:03 . 2013-07-03 12:03 4422992 ----a-w- c:\windows\SysWow64\mfc100u.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\JamaLL\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-08-15 138096]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-12 642216]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2012-08-15 2994880]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-05-10 37960]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-08-15 97392]
"CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2012-06-08 111120]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2012-07-12 491120]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-09-12 56128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
R0 SymELAM;Symantec ELAM Driver;c:\windows\system32\drivers\NISx64\1404000.028\SymELAM.sys;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\SymELAM.sys [x]
R2 SWUpdateService;SW Update Service;c:\programdata\Samsung\SW Update Service\SWMAgent.exe;c:\programdata\Samsung\SW Update Service\SWMAgent.exe [x]
R3 amd_sata;amd_sata;c:\windows\System32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]
R3 amd_xata;amd_xata;c:\windows\System32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
R3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130715.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [x]
R3 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\ccSetx64.sys [x]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
R3 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130820.006\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130820.006\IDSvia64.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\SYMDS64.SYS [x]
R3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\SYMEFA64.SYS [x]
R3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\Ironx64.SYS [x]
R3 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1404000.028\SYMNETS.SYS [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\System32\drivers\amdkmpfd.sys;c:\windows\SYSNATIVE\drivers\amdkmpfd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 ccSet_NARA;NARA Settings Manager;c:\windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NARAx64\0401000.00E\ccSetx64.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Easy Launcher;Easy Launcher;c:\program files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe;c:\program files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_HID;Bluetooth HID Device;c:\windows\system32\DRIVERS\btath_hid.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hid.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Bluetooth Düşük Enerji Sürücüsü;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 IntcDAud;Intel(R) Ekran İçin Ses;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 RadioHIDMini;Radio HID Mini-driver;c:\windows\System32\drivers\RadioHIDMini.sys;c:\windows\SYSNATIVE\drivers\RadioHIDMini.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-21 20:32 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-705760066-427170638-3659814590-1001Core.job
- c:\users\JamaLL\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-15 14:11]
.
2013-08-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-705760066-427170638-3659814590-1001UA.job
- c:\users\JamaLL\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-08-15 14:11]
.
2013-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-21 15:10]
.
2013-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-21 15:10]
.
2013-08-14 c:\windows\Tasks\Synaptics TouchPad Enhancements.job
- c:\program files\Synaptics\SynTP\SynTPEnh.exe [2012-10-16 11:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-08-10 13191824]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-09-17 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-09-17 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-09-17 441888]
"BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-12-05 766080]
"BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-12-05 128640]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://samsung13.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 62.248.80.164 62.248.80.163
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{26A97EFF-0FB7-D67E-824F-8C3105EEA9A5} - c:\programdata\saufe Save\5210ff6bbb7d0.dll
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{0379029A-3735-B2C5-F4A4-D97436ADB374} - c:\programdata\InstallMate\{1EAD0156-BF84-4590-A77B-F7A6C54E23A0}\Setup.exe
AddRemove-{924C3DC2-8E4E-432E-F973-9A2174A39774} - c:\programdata\saufe Save\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Completion time: 2013-08-22 04:06:57
ComboFix-quarantined-files.txt 2013-08-22 01:06
.
Pre-Run: 628.099.735.552 bytes free
Post-Run: 627.691.507.712 bytes free
.
- - End Of File - - AF9FFD607BE5137D25746EC7B09E016E
Son düzenleme:
