ASUS.YAL
Kilopat
- Katılım
- 9 Kasım 2015
- Mesajlar
- 133
Daha fazla
- Cinsiyet
- Erkek
Bana PC'min sorununun nerede olduğunu bir açıklar mısınız? Buraları sansür 
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Asus\123.txt
c:\users\Asus\AppData\Local\assembly\tmp
c:\users\Asus\AppData\Roaming\Microsoft\Crypto\RSA\IDTAudio.exe
c:\users\Asus\AppData\Roaming\Microsoft\Crypto\RSA\MSAudio.exe
c:\users\Asus\Internet Explorer.lnk
c:\windows\Asus
c:\windows\security\Database\tmp.edb
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeUpdateService
.
.
((((((((((((((((((((((((( Files Created from 2016-02-26 to 2016-03-26 )))))))))))))))))))))))))))))))
.
.
2016-03-26 03:54 . 2016-03-26 03:54--------d-----w-c:\users\Default\AppData\Local\temp
2016-03-24 15:01 . 2016-03-24 15:01--------d-----w-c:\program files (x86)\BandiMPEG1
2016-03-23 21:55 . 2016-03-23 21:55--------d-----w-c:\program files\Common Files\Logitech
2016-03-23 21:51 . 2016-03-23 21:51--------d-----w-c:\programdata\LogiShrd
2016-03-23 21:50 . 2016-03-23 21:50--------d-----w-c:\users\Asus\AppData\Local\Logitech
2016-03-23 21:49 . 2016-03-23 21:50--------d-----w-c:\program files\Logitech Gaming Software
2016-03-23 21:49 . 2016-03-23 21:49--------d-----w-c:\users\Asus\AppData\Roaming\Logitech
2016-03-23 21:49 . 2016-03-23 21:49--------d-----w-c:\users\Asus\AppData\Roaming\Logishrd
2016-03-23 14:16 . 2016-03-23 14:17548947----a-w-C:\MCPR.exe
2016-03-23 08:34 . 2016-03-25 08:18--------d-----w-c:\program files (x86)\McAfee
2016-03-22 22:27 . 2016-03-22 22:27--------d-----w-c:\users\Asus\AppData\Roaming\Dev-Cpp
2016-03-22 22:26 . 2016-03-22 22:26--------d-----w-c:\program files (x86)\Dev-Cpp
2016-03-22 22:15 . 2016-03-22 22:15--------d-----w-c:\users\Asus\AppData\Roaming\TeamViewer
2016-03-22 22:15 . 2016-03-22 22:20--------d-----w-c:\program files (x86)\TeamViewer
2016-03-22 19:00 . 2016-03-22 19:01--------d-----w-c:\program files (x86)\Overwolf
2016-03-22 19:00 . 2016-03-22 19:00--------d-----w-c:\program files (x86)\Common Files\Overwolf
2016-03-22 19:00 . 2016-03-22 19:01--------d-----w-c:\programdata\Overwolf
2016-03-22 18:57 . 2016-03-23 07:58--------d-----w-c:\users\Asus\AppData\Local\Overwolf
2016-03-20 19:52 . 2016-03-26 03:47--------d-----w-c:\users\Asus\AppData\Roaming\TS3Client
2016-03-20 19:52 . 2016-03-20 19:52--------d-----w-c:\program files\TeamSpeak 3 Client
2016-03-20 18:36 . 2016-03-24 11:43--------d-----w-c:\users\Asus\AppData\Roaming\OBS
2016-03-20 18:36 . 2016-03-20 18:36--------d-----w-c:\program files\OBS
2016-03-20 18:36 . 2016-03-20 18:36--------d-----w-c:\program files (x86)\OBS
2016-03-18 13:02 . 2016-03-18 13:02--------d-----w-c:\users\Asus\AppData\Local\Nico Mak Computing
2016-03-18 13:02 . 2016-03-22 20:03--------d-----w-c:\users\Asus\AppData\Local\WinZip
2016-03-18 13:02 . 2016-03-18 13:02--------d-----w-c:\program files\WinZip
2016-03-18 12:58 . 2016-03-18 12:58--------d-----w-c:\programdata\UniqueId
2016-03-17 22:02 . 2016-03-17 22:02--------d-----w-c:\users\Asus\.cache
2016-03-16 19:00 . 2016-03-16 19:00--------d-----w-c:\users\Asus\AppData\Local\Macromedia
2016-03-16 18:51 . 2016-03-25 08:17--------d-----w-c:\program files (x86)\Mozilla Maintenance Service
2016-03-16 13:57 . 2016-03-16 14:06--------d-----w-c:\users\Asus\AppData\Local\Yandex
2016-03-16 13:56 . 2016-03-16 18:57--------d-----w-c:\users\Asus\AppData\Local\Mozilla
2016-03-16 13:56 . 2016-03-16 13:56--------d-----w-c:\users\Asus\AppData\Roaming\Yandex
2016-03-16 13:56 . 2016-03-16 13:56--------d-----w-c:\users\Asus\AppData\Local\Chromium
2016-03-16 13:54 . 2016-03-16 13:58--------d-----w-c:\users\Asus\AppData\Local\Media Get LLC
2016-03-16 13:48 . 2016-03-16 14:09--------d-----w-c:\windows\SysWow64\Spider-Man 3 Screensaver dir
2016-03-16 11:59 . 2016-03-16 11:59--------d-----w-c:\users\Asus\AppData\Local\http___www.julien-manici
2016-03-16 11:33 . 2016-03-08 06:15110016----a-w-c:\windows\SysWow64\nvStreaming.exe
2016-03-16 11:33 . 2016-02-14 01:47125720----a-w-c:\windows\SysWow64\vulkan-1.dll
2016-03-16 11:33 . 2016-02-14 01:46126232----a-w-c:\windows\system32\vulkan-1.dll
2016-03-16 11:33 . 2016-02-14 01:4542264----a-w-c:\windows\SysWow64\vulkaninfo.exe
2016-03-16 11:33 . 2016-02-14 01:4545848----a-w-c:\windows\system32\vulkaninfo.exe
2016-03-16 11:33 . 2016-03-16 11:33--------d-----w-c:\program files (x86)\VulkanRT
2016-03-16 02:57 . 2016-02-23 15:501571440----a-w-c:\windows\SysWow64\nvspcap.dll
2016-03-16 02:57 . 2016-02-23 15:501316000----a-w-c:\windows\SysWow64\nvspbridge.dll
2016-03-16 02:57 . 2016-02-23 15:491904392----a-w-c:\windows\system32\nvspcap64.dll
2016-03-16 02:57 . 2016-02-23 15:491756608----a-w-c:\windows\system32\nvspbridge64.dll
2016-03-16 02:57 . 2016-02-23 15:49112032----a-w-c:\windows\system32\NvRtmpStreamer64.dll
2016-03-16 02:57 . 2015-12-18 06:1147760----a-w-c:\windows\system32\drivers\nvvad64v.sys
2016-03-16 02:57 . 2015-12-18 06:1099472----a-w-c:\windows\system32\nvaudcap64v.dll
2016-03-16 02:57 . 2015-12-18 06:1090768----a-w-c:\windows\SysWow64\nvaudcap32v.dll
2016-03-14 21:18 . 2016-03-14 21:18--------d-----w-c:\program files (x86)\BlueStacks
2016-03-14 21:18 . 2016-03-14 21:18--------d-----w-c:\programdata\BlueStacks
2016-03-14 21:14 . 2016-03-14 21:14--------d-----w-c:\users\Asus\AppData\Local\Bluestacks
2016-03-13 18:23 . 2016-03-13 18:23--------d-----w-c:\windows\system32\drivers\etc\BACKUP
2016-03-13 15:24 . 2016-03-13 15:24--------d-----w-c:\program files (x86)\Unigine
2016-03-13 12:11 . 2016-03-13 20:19--------d-----w-c:\users\Asus\AppData\Roaming\Octoshape
2016-03-13 03:26 . 2016-03-13 03:26--------d-----w-c:\program files (x86)\Common Files\Intel
2016-03-08 22:33 . 2016-02-04 17:523211264----a-w-c:\windows\system32\win32k.sys
2016-03-08 22:28 . 2016-02-11 18:565572032----a-w-c:\windows\system32\ntoskrnl.exe
2016-03-08 22:27 . 2016-02-05 01:19381440----a-w-c:\windows\system32\mfds.dll
2016-03-08 09:54 . 2016-03-08 09:54--------d-----w-c:\users\Asus\AppData\Roaming\Opera Software
2016-03-08 09:54 . 2016-03-08 09:54--------d-----w-c:\users\Asus\AppData\Local\Opera Software
2016-03-08 09:51 . 2016-03-08 21:25--------d-----w-c:\program files (x86)\Opera
2016-03-07 15:03 . 2016-03-07 15:05--------d-----w-c:\users\Asus\AppData\Roaming\FLV Extract
2016-03-07 14:40 . 2016-03-24 16:51--------d-----w-c:\programdata\regid.1995-08.com.techsmith
2016-03-07 14:40 . 2016-03-07 14:40--------d-----w-c:\program files (x86)\QuickTime
2016-03-07 14:40 . 2016-03-07 14:40--------d-----w-c:\programdata\TechSmith
2016-03-07 14:40 . 2016-03-07 14:40--------d-----w-c:\program files (x86)\TechSmith
2016-03-07 12:54 . 2016-03-09 15:12--------d-----w-c:\users\Asus\AppData\Local\ElevatedDiagnostics
2016-03-07 10:45 . 2016-03-07 10:45--------d-----w-c:\program files (x86)\SAVITECH
2016-03-06 17:49 . 2016-03-06 17:49--------d-----w-c:\users\Asus\AppData\Roaming\MAGIX
2016-03-06 17:49 . 2016-03-06 17:49--------d-----w-c:\programdata\MAGIX
2016-03-05 21:49 . 2016-03-05 21:53--------d-----w-c:\users\Asus\AppData\Roaming\HD Tune Pro
2016-03-03 19:32 . 2016-03-03 19:32--------d-----w-C:\searchplugins
2016-03-03 18:52 . 2016-03-03 18:52--------d-----w-c:\users\Asus\AppData\Local\ManyCam
2016-03-03 17:42 . 2016-03-08 21:55--------d-----w-c:\program files (x86)\ManyCam
2016-03-03 17:42 . 2016-03-03 21:28--------d-----w-c:\users\Asus\AppData\Roaming\ManyCam
2016-02-29 22:45 . 2016-03-03 21:28--------d-----w-c:\program files\Speccy
2016-02-29 19:23 . 2016-03-03 21:28--------d-----w-c:\program files (x86)\LAV Filters
2016-02-29 00:59 . 2016-02-29 14:11--------d-----w-c:\program files (x86)\I-Doser Premium
2016-02-28 23:21 . 2016-02-28 23:21--------d-----w-c:\users\Asus\AppData\Local\Diagnostics
2016-02-27 01:45 . 2016-03-03 21:28--------d-----r-c:\users\Asus\Google Drive
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-25 16:39 . 2016-02-13 19:221048576----a-w-c:\windows\PE_Rom.dll
2016-03-23 23:19 . 2016-02-11 21:25797376----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
2016-03-23 23:19 . 2016-02-11 21:25142528----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-09 01:00 . 2014-05-19 15:12143659408----a-w-c:\windows\system32\mrt.exe
2016-03-08 10:07 . 2016-02-11 21:133711024----a-w-c:\windows\system32\nvapi64.dll
2016-03-08 10:07 . 2016-02-11 21:133283896----a-w-c:\windows\SysWow64\nvapi.dll
2016-03-08 10:07 . 2016-02-11 21:1318990976----a-w-c:\windows\system32\nvwgf2umx.dll
2016-03-08 10:07 . 2016-02-11 21:1314128496----a-w-c:\windows\SysWow64\nvd3dum.dll
2016-03-08 06:27 . 2016-02-11 21:132994232----a-w-c:\windows\system32\nvsvc64.dll
2016-03-08 06:27 . 2016-02-11 21:136369728----a-w-c:\windows\system32\nvcpl.dll
2016-03-08 06:27 . 2016-02-11 21:132561472----a-w-c:\windows\system32\nvsvcr.dll
2016-03-08 06:27 . 2016-02-11 21:131264064----a-w-c:\windows\system32\nvvsvc.exe
2016-03-08 06:27 . 2016-02-11 21:1383512----a-w-c:\windows\system32\nv3dappshextr.dll
2016-03-08 06:27 . 2016-02-11 21:1369568----a-w-c:\windows\system32\nvshext.dll
2016-03-08 06:27 . 2016-02-11 21:13532536----a-w-c:\windows\system32\nv3dappshext.dll
2016-03-08 06:27 . 2016-02-11 21:13392128----a-w-c:\windows\system32\nvmctray.dll
2016-03-07 04:23 . 2016-02-11 21:136203411----a-w-c:\windows\system32\nvcoproc.bin
2016-02-14 01:47 . 2016-02-14 01:47125720----a-w-c:\windows\SysWow64\vulkan-1-1-0-3-0.dll
2016-02-14 01:46 . 2016-02-14 01:46126232----a-w-c:\windows\system32\vulkan-1-1-0-3-0.dll
2016-02-14 01:45 . 2016-02-14 01:4542264----a-w-c:\windows\SysWow64\vulkaninfo-1-1-0-3-0.exe
2016-02-14 01:45 . 2016-02-14 01:4545848----a-w-c:\windows\system32\vulkaninfo-1-1-0-3-0.exe
2016-02-13 19:35 . 2016-02-13 19:3530352----a-w-c:\windows\system32\drivers\dtproscsibus.sys
2016-02-13 19:30 . 2016-02-13 19:3045688----a-w-c:\windows\system32\drivers\FNETHYRAMAS.SYS
2016-02-13 19:30 . 2016-02-13 19:3016648----a-w-c:\windows\system32\drivers\FNETURPX.SYS
2016-02-11 21:29 . 2016-02-13 19:24898144----a-w-c:\windows\SysWow64\npDeployJava1.dll
2016-02-11 21:29 . 2016-02-13 19:24818784----a-w-c:\windows\SysWow64\deployJava1.dll
2016-02-11 21:29 . 2016-02-11 21:2997888----a-w-c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-02-11 18:30 . 2016-03-08 22:2844032----a-w-c:\windows\apppatch\acwow64.dll
2016-02-09 08:39 . 2016-02-17 14:021924152----a-w-c:\windows\system32\nvdispco6436191.dll
2016-02-09 08:39 . 2016-02-17 14:021571776----a-w-c:\windows\system32\nvdispgenco6436191.dll
2016-02-04 21:01 . 2016-02-04 21:01875720----a-w-c:\windows\SysWow64\msvcr120_clr0400.dll
2016-02-04 21:01 . 2016-02-04 21:01536776----a-w-c:\windows\SysWow64\msvcp120_clr0400.dll
2016-02-04 20:29 . 2016-02-04 20:29869576----a-w-c:\windows\system32\msvcr120_clr0400.dll
2016-02-04 20:29 . 2016-02-04 20:29678592----a-w-c:\windows\system32\msvcp120_clr0400.dll
2016-01-23 03:42 . 2016-02-13 16:311924152----a-w-c:\windows\system32\nvdispco6436175.dll
2016-01-23 03:42 . 2016-02-13 16:311573432----a-w-c:\windows\system32\nvdispgenco6436175.dll
2016-01-22 06:19 . 2016-02-13 20:5414179840----a-w-c:\windows\system32\shell32.dll
2016-01-22 06:18 . 2016-02-13 20:55961024----a-w-c:\windows\system32\CPFilters.dll
2016-01-22 06:18 . 2016-02-13 20:55723968----a-w-c:\windows\system32\EncDec.dll
2016-01-22 06:17 . 2016-02-13 20:55159744----a-w-c:\windows\system32\mtxoci.dll
2016-01-22 06:15 . 2016-02-13 20:541866752----a-w-c:\windows\system32\ExplorerFrame.dll
2016-01-22 06:12 . 2016-02-13 20:541940992----a-w-c:\windows\system32\authui.dll
2016-01-22 06:04 . 2016-02-13 20:55642048----a-w-c:\windows\SysWow64\CPFilters.dll
2016-01-22 06:04 . 2016-02-13 20:55535040----a-w-c:\windows\SysWow64\EncDec.dll
2016-01-22 06:02 . 2016-02-13 20:55114176----a-w-c:\windows\SysWow64\mtxoci.dll
2016-01-22 06:02 . 2016-02-13 20:55176128----a-w-c:\windows\SysWow64\msorcl32.dll
2016-01-22 06:00 . 2016-02-13 20:541498624----a-w-c:\windows\SysWow64\ExplorerFrame.dll
2016-01-22 05:59 . 2016-02-13 20:541805824----a-w-c:\windows\SysWow64\authui.dll
2016-01-22 05:19 . 2016-02-13 20:543231232----a-w-c:\windows\explorer.exe
2016-01-22 05:12 . 2016-02-13 20:542973184----a-w-c:\windows\SysWow64\explorer.exe
2016-01-19 00:52 . 2016-01-19 00:521011456----a-w-c:\windows\system32\WinUSBCoInstaller2.dll
2016-01-19 00:51 . 2016-01-19 00:511730312----a-w-c:\windows\system32\WdfCoInstaller01009.dll
2016-01-16 19:01 . 2016-02-13 20:562085888----a-w-c:\windows\system32\ole32.dll
2016-01-16 18:36 . 2016-02-13 20:561413632----a-w-c:\windows\SysWow64\ole32.dll
2016-01-07 17:42 . 2016-02-13 21:05141312----a-w-c:\windows\system32\drivers\mrxdav.sys
2016-01-06 19:02 . 2016-02-13 21:2024576----a-w-c:\windows\system32\jnwmon.dll
2016-01-06 19:02 . 2016-02-13 21:20275456----a-w-c:\windows\system32\InkEd.dll
2016-01-06 18:41 . 2016-02-13 21:20216064----a-w-c:\windows\SysWow64\InkEd.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_FCA810C0E252261B949A7B9F364CE16A"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2016-03-08 1003160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 00000000
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R3 AWEAlloc;AWE Memory Allocation Driver;c:\windows\system32\DRIVERS\awealloc.sys;c:\windows\SYSNATIVE\DRIVERS\awealloc.sys [x]
R3 CM_VENDER_CMD;CM_VENDER_CMD;c:\program files\Common Files\Logitech\G430Install\CMVC64.sys;c:\program files\Common Files\Logitech\G430Install\CMVC64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 mfeavfk01;McAfee Inc.;Device\mfeavfk01.sys;Device\mfeavfk01.sys [x]
R3 OverwolfUpdater;Overwolf Updater Windows SCM;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Etkinleştirme Teknolojileri Hizmeti;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 FNETHYRAMAS;FNETHYRAMAS;c:\windows\System32\drivers\FNETHYRAMAS.SYS;c:\windows\SYSNATIVE\drivers\FNETHYRAMAS.SYS [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S1 NFC_Driver;NFC_Driver;c:\windows\system32\drivers\NFC_Driver.sys;c:\windows\SYSNATIVE\drivers\NFC_Driver.sys [x]
S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [x]
S2 AsRamDisk;ASUS Ram Disk Driver;c:\windows\system32\DRIVERS\asramdisk.sys;c:\windows\SYSNATIVE\DRIVERS\asramdisk.sys [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe [x]
S2 AsusGameFirstService;AsusGameFirstService;c:\program files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe;c:\program files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 AiChargerPlus;AiChargerPlus;SysWow64\drivers\AiChargerPlus.sys;SysWow64\drivers\AiChargerPlus.sys [x]
S3 AndroidAFD;AndroidAFD;SysWow64\drivers\AndroidAFDx64.sys;SysWow64\drivers\AndroidAFDx64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 Disc Soft Pro Bus Service;Disc Soft Pro Bus Service;c:\program files\DAEMON Tools Pro\DiscSoftBusService.exe;c:\program files\DAEMON Tools Pro\DiscSoftBusService.exe [x]
S3 dtproscsibus;DAEMON Tools Pro Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtproscsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtproscsibus.sys [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys;c:\windows\SYSNATIVE\drivers\IOMap64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Sürücüsü;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 Genişletilebilir Ana Bilgisayar Denetleyici Sürücüsü;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 XSplit_Dummy;XSplit Stream Audio Renderer;c:\windows\system32\drivers\xspltspk.sys;c:\windows\SYSNATIVE\drivers\xspltspk.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2016-03-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-11 23:19]
.
2016-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-02-16 23:44]
.
2016-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-02-16 23:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2016-01-22 11:55553136----a-w-c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2016-01-22 11:55553136----a-w-c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2016-01-22 11:55553136----a-w-c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7191}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7191}]
2015-04-22 13:591489920----a-w-c:\program files (x86)\Common Files\AWS\2.2.6.547\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D809}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D809}]
2015-04-22 13:591489920----a-w-c:\program files (x86)\Common Files\AWS\2.2.6.547\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E}]
2015-04-22 13:591489920----a-w-c:\program files (x86)\Common Files\AWS\2.2.6.547\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2014-07-28 10801944]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.yandex.com.tr/?win=220&clid=2255506-213
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Microsoft Excel'e &Ver - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: OneNote'a G&önder - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\
FF - prefs.js: browser.startup.homepage - www.google.com
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-Audio IDT Service - c:\users\Asus\AppData\Roaming\Microsoft\Crypto\RSA\IDTAudio.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_197_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_197_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_197_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_197_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_197.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.21"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_197.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_197.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_197.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\ASUS\KeyBot II\KeyBotII.exe
c:\program files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe
c:\program files (x86)\ASUS\AI Suite III\AISuite3.exe
c:\program files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
c:\program files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
c:\program files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
c:\program files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
c:\program files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
c:\program files (x86)\ASUS\APRP\aprp.exe
c:\program files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
c:\users\Asus\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
.
**************************************************************************
.
Completion time: 2016-03-26 05:56:14 - machine was rebooted
ComboFix-quarantined-files.txt 2016-03-26 03:56
.
Pre-Run: 134.370.885.632 bayt boş
Post-Run: 134.287.933.440 bayt boş
.
- - End Of File - - DEACC236F5805EBEE62CC215ABC10732
A36C5E4F47E84449FF07ED3517B43A31
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Asus\123.txt
c:\users\Asus\AppData\Local\assembly\tmp
c:\users\Asus\AppData\Roaming\Microsoft\Crypto\RSA\IDTAudio.exe
c:\users\Asus\AppData\Roaming\Microsoft\Crypto\RSA\MSAudio.exe
c:\users\Asus\Internet Explorer.lnk
c:\windows\Asus
c:\windows\security\Database\tmp.edb
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeUpdateService
.
.
((((((((((((((((((((((((( Files Created from 2016-02-26 to 2016-03-26 )))))))))))))))))))))))))))))))
.
.
2016-03-26 03:54 . 2016-03-26 03:54--------d-----w-c:\users\Default\AppData\Local\temp
2016-03-24 15:01 . 2016-03-24 15:01--------d-----w-c:\program files (x86)\BandiMPEG1
2016-03-23 21:55 . 2016-03-23 21:55--------d-----w-c:\program files\Common Files\Logitech
2016-03-23 21:51 . 2016-03-23 21:51--------d-----w-c:\programdata\LogiShrd
2016-03-23 21:50 . 2016-03-23 21:50--------d-----w-c:\users\Asus\AppData\Local\Logitech
2016-03-23 21:49 . 2016-03-23 21:50--------d-----w-c:\program files\Logitech Gaming Software
2016-03-23 21:49 . 2016-03-23 21:49--------d-----w-c:\users\Asus\AppData\Roaming\Logitech
2016-03-23 21:49 . 2016-03-23 21:49--------d-----w-c:\users\Asus\AppData\Roaming\Logishrd
2016-03-23 14:16 . 2016-03-23 14:17548947----a-w-C:\MCPR.exe
2016-03-23 08:34 . 2016-03-25 08:18--------d-----w-c:\program files (x86)\McAfee
2016-03-22 22:27 . 2016-03-22 22:27--------d-----w-c:\users\Asus\AppData\Roaming\Dev-Cpp
2016-03-22 22:26 . 2016-03-22 22:26--------d-----w-c:\program files (x86)\Dev-Cpp
2016-03-22 22:15 . 2016-03-22 22:15--------d-----w-c:\users\Asus\AppData\Roaming\TeamViewer
2016-03-22 22:15 . 2016-03-22 22:20--------d-----w-c:\program files (x86)\TeamViewer
2016-03-22 19:00 . 2016-03-22 19:01--------d-----w-c:\program files (x86)\Overwolf
2016-03-22 19:00 . 2016-03-22 19:00--------d-----w-c:\program files (x86)\Common Files\Overwolf
2016-03-22 19:00 . 2016-03-22 19:01--------d-----w-c:\programdata\Overwolf
2016-03-22 18:57 . 2016-03-23 07:58--------d-----w-c:\users\Asus\AppData\Local\Overwolf
2016-03-20 19:52 . 2016-03-26 03:47--------d-----w-c:\users\Asus\AppData\Roaming\TS3Client
2016-03-20 19:52 . 2016-03-20 19:52--------d-----w-c:\program files\TeamSpeak 3 Client
2016-03-20 18:36 . 2016-03-24 11:43--------d-----w-c:\users\Asus\AppData\Roaming\OBS
2016-03-20 18:36 . 2016-03-20 18:36--------d-----w-c:\program files\OBS
2016-03-20 18:36 . 2016-03-20 18:36--------d-----w-c:\program files (x86)\OBS
2016-03-18 13:02 . 2016-03-18 13:02--------d-----w-c:\users\Asus\AppData\Local\Nico Mak Computing
2016-03-18 13:02 . 2016-03-22 20:03--------d-----w-c:\users\Asus\AppData\Local\WinZip
2016-03-18 13:02 . 2016-03-18 13:02--------d-----w-c:\program files\WinZip
2016-03-18 12:58 . 2016-03-18 12:58--------d-----w-c:\programdata\UniqueId
2016-03-17 22:02 . 2016-03-17 22:02--------d-----w-c:\users\Asus\.cache
2016-03-16 19:00 . 2016-03-16 19:00--------d-----w-c:\users\Asus\AppData\Local\Macromedia
2016-03-16 18:51 . 2016-03-25 08:17--------d-----w-c:\program files (x86)\Mozilla Maintenance Service
2016-03-16 13:57 . 2016-03-16 14:06--------d-----w-c:\users\Asus\AppData\Local\Yandex
2016-03-16 13:56 . 2016-03-16 18:57--------d-----w-c:\users\Asus\AppData\Local\Mozilla
2016-03-16 13:56 . 2016-03-16 13:56--------d-----w-c:\users\Asus\AppData\Roaming\Yandex
2016-03-16 13:56 . 2016-03-16 13:56--------d-----w-c:\users\Asus\AppData\Local\Chromium
2016-03-16 13:54 . 2016-03-16 13:58--------d-----w-c:\users\Asus\AppData\Local\Media Get LLC
2016-03-16 13:48 . 2016-03-16 14:09--------d-----w-c:\windows\SysWow64\Spider-Man 3 Screensaver dir
2016-03-16 11:59 . 2016-03-16 11:59--------d-----w-c:\users\Asus\AppData\Local\http___www.julien-manici
2016-03-16 11:33 . 2016-03-08 06:15110016----a-w-c:\windows\SysWow64\nvStreaming.exe
2016-03-16 11:33 . 2016-02-14 01:47125720----a-w-c:\windows\SysWow64\vulkan-1.dll
2016-03-16 11:33 . 2016-02-14 01:46126232----a-w-c:\windows\system32\vulkan-1.dll
2016-03-16 11:33 . 2016-02-14 01:4542264----a-w-c:\windows\SysWow64\vulkaninfo.exe
2016-03-16 11:33 . 2016-02-14 01:4545848----a-w-c:\windows\system32\vulkaninfo.exe
2016-03-16 11:33 . 2016-03-16 11:33--------d-----w-c:\program files (x86)\VulkanRT
2016-03-16 02:57 . 2016-02-23 15:501571440----a-w-c:\windows\SysWow64\nvspcap.dll
2016-03-16 02:57 . 2016-02-23 15:501316000----a-w-c:\windows\SysWow64\nvspbridge.dll
2016-03-16 02:57 . 2016-02-23 15:491904392----a-w-c:\windows\system32\nvspcap64.dll
2016-03-16 02:57 . 2016-02-23 15:491756608----a-w-c:\windows\system32\nvspbridge64.dll
2016-03-16 02:57 . 2016-02-23 15:49112032----a-w-c:\windows\system32\NvRtmpStreamer64.dll
2016-03-16 02:57 . 2015-12-18 06:1147760----a-w-c:\windows\system32\drivers\nvvad64v.sys
2016-03-16 02:57 . 2015-12-18 06:1099472----a-w-c:\windows\system32\nvaudcap64v.dll
2016-03-16 02:57 . 2015-12-18 06:1090768----a-w-c:\windows\SysWow64\nvaudcap32v.dll
2016-03-14 21:18 . 2016-03-14 21:18--------d-----w-c:\program files (x86)\BlueStacks
2016-03-14 21:18 . 2016-03-14 21:18--------d-----w-c:\programdata\BlueStacks
2016-03-14 21:14 . 2016-03-14 21:14--------d-----w-c:\users\Asus\AppData\Local\Bluestacks
2016-03-13 18:23 . 2016-03-13 18:23--------d-----w-c:\windows\system32\drivers\etc\BACKUP
2016-03-13 15:24 . 2016-03-13 15:24--------d-----w-c:\program files (x86)\Unigine
2016-03-13 12:11 . 2016-03-13 20:19--------d-----w-c:\users\Asus\AppData\Roaming\Octoshape
2016-03-13 03:26 . 2016-03-13 03:26--------d-----w-c:\program files (x86)\Common Files\Intel
2016-03-08 22:33 . 2016-02-04 17:523211264----a-w-c:\windows\system32\win32k.sys
2016-03-08 22:28 . 2016-02-11 18:565572032----a-w-c:\windows\system32\ntoskrnl.exe
2016-03-08 22:27 . 2016-02-05 01:19381440----a-w-c:\windows\system32\mfds.dll
2016-03-08 09:54 . 2016-03-08 09:54--------d-----w-c:\users\Asus\AppData\Roaming\Opera Software
2016-03-08 09:54 . 2016-03-08 09:54--------d-----w-c:\users\Asus\AppData\Local\Opera Software
2016-03-08 09:51 . 2016-03-08 21:25--------d-----w-c:\program files (x86)\Opera
2016-03-07 15:03 . 2016-03-07 15:05--------d-----w-c:\users\Asus\AppData\Roaming\FLV Extract
2016-03-07 14:40 . 2016-03-24 16:51--------d-----w-c:\programdata\regid.1995-08.com.techsmith
2016-03-07 14:40 . 2016-03-07 14:40--------d-----w-c:\program files (x86)\QuickTime
2016-03-07 14:40 . 2016-03-07 14:40--------d-----w-c:\programdata\TechSmith
2016-03-07 14:40 . 2016-03-07 14:40--------d-----w-c:\program files (x86)\TechSmith
2016-03-07 12:54 . 2016-03-09 15:12--------d-----w-c:\users\Asus\AppData\Local\ElevatedDiagnostics
2016-03-07 10:45 . 2016-03-07 10:45--------d-----w-c:\program files (x86)\SAVITECH
2016-03-06 17:49 . 2016-03-06 17:49--------d-----w-c:\users\Asus\AppData\Roaming\MAGIX
2016-03-06 17:49 . 2016-03-06 17:49--------d-----w-c:\programdata\MAGIX
2016-03-05 21:49 . 2016-03-05 21:53--------d-----w-c:\users\Asus\AppData\Roaming\HD Tune Pro
2016-03-03 19:32 . 2016-03-03 19:32--------d-----w-C:\searchplugins
2016-03-03 18:52 . 2016-03-03 18:52--------d-----w-c:\users\Asus\AppData\Local\ManyCam
2016-03-03 17:42 . 2016-03-08 21:55--------d-----w-c:\program files (x86)\ManyCam
2016-03-03 17:42 . 2016-03-03 21:28--------d-----w-c:\users\Asus\AppData\Roaming\ManyCam
2016-02-29 22:45 . 2016-03-03 21:28--------d-----w-c:\program files\Speccy
2016-02-29 19:23 . 2016-03-03 21:28--------d-----w-c:\program files (x86)\LAV Filters
2016-02-29 00:59 . 2016-02-29 14:11--------d-----w-c:\program files (x86)\I-Doser Premium
2016-02-28 23:21 . 2016-02-28 23:21--------d-----w-c:\users\Asus\AppData\Local\Diagnostics
2016-02-27 01:45 . 2016-03-03 21:28--------d-----r-c:\users\Asus\Google Drive
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-25 16:39 . 2016-02-13 19:221048576----a-w-c:\windows\PE_Rom.dll
2016-03-23 23:19 . 2016-02-11 21:25797376----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
2016-03-23 23:19 . 2016-02-11 21:25142528----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-09 01:00 . 2014-05-19 15:12143659408----a-w-c:\windows\system32\mrt.exe
2016-03-08 10:07 . 2016-02-11 21:133711024----a-w-c:\windows\system32\nvapi64.dll
2016-03-08 10:07 . 2016-02-11 21:133283896----a-w-c:\windows\SysWow64\nvapi.dll
2016-03-08 10:07 . 2016-02-11 21:1318990976----a-w-c:\windows\system32\nvwgf2umx.dll
2016-03-08 10:07 . 2016-02-11 21:1314128496----a-w-c:\windows\SysWow64\nvd3dum.dll
2016-03-08 06:27 . 2016-02-11 21:132994232----a-w-c:\windows\system32\nvsvc64.dll
2016-03-08 06:27 . 2016-02-11 21:136369728----a-w-c:\windows\system32\nvcpl.dll
2016-03-08 06:27 . 2016-02-11 21:132561472----a-w-c:\windows\system32\nvsvcr.dll
2016-03-08 06:27 . 2016-02-11 21:131264064----a-w-c:\windows\system32\nvvsvc.exe
2016-03-08 06:27 . 2016-02-11 21:1383512----a-w-c:\windows\system32\nv3dappshextr.dll
2016-03-08 06:27 . 2016-02-11 21:1369568----a-w-c:\windows\system32\nvshext.dll
2016-03-08 06:27 . 2016-02-11 21:13532536----a-w-c:\windows\system32\nv3dappshext.dll
2016-03-08 06:27 . 2016-02-11 21:13392128----a-w-c:\windows\system32\nvmctray.dll
2016-03-07 04:23 . 2016-02-11 21:136203411----a-w-c:\windows\system32\nvcoproc.bin
2016-02-14 01:47 . 2016-02-14 01:47125720----a-w-c:\windows\SysWow64\vulkan-1-1-0-3-0.dll
2016-02-14 01:46 . 2016-02-14 01:46126232----a-w-c:\windows\system32\vulkan-1-1-0-3-0.dll
2016-02-14 01:45 . 2016-02-14 01:4542264----a-w-c:\windows\SysWow64\vulkaninfo-1-1-0-3-0.exe
2016-02-14 01:45 . 2016-02-14 01:4545848----a-w-c:\windows\system32\vulkaninfo-1-1-0-3-0.exe
2016-02-13 19:35 . 2016-02-13 19:3530352----a-w-c:\windows\system32\drivers\dtproscsibus.sys
2016-02-13 19:30 . 2016-02-13 19:3045688----a-w-c:\windows\system32\drivers\FNETHYRAMAS.SYS
2016-02-13 19:30 . 2016-02-13 19:3016648----a-w-c:\windows\system32\drivers\FNETURPX.SYS
2016-02-11 21:29 . 2016-02-13 19:24898144----a-w-c:\windows\SysWow64\npDeployJava1.dll
2016-02-11 21:29 . 2016-02-13 19:24818784----a-w-c:\windows\SysWow64\deployJava1.dll
2016-02-11 21:29 . 2016-02-11 21:2997888----a-w-c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-02-11 18:30 . 2016-03-08 22:2844032----a-w-c:\windows\apppatch\acwow64.dll
2016-02-09 08:39 . 2016-02-17 14:021924152----a-w-c:\windows\system32\nvdispco6436191.dll
2016-02-09 08:39 . 2016-02-17 14:021571776----a-w-c:\windows\system32\nvdispgenco6436191.dll
2016-02-04 21:01 . 2016-02-04 21:01875720----a-w-c:\windows\SysWow64\msvcr120_clr0400.dll
2016-02-04 21:01 . 2016-02-04 21:01536776----a-w-c:\windows\SysWow64\msvcp120_clr0400.dll
2016-02-04 20:29 . 2016-02-04 20:29869576----a-w-c:\windows\system32\msvcr120_clr0400.dll
2016-02-04 20:29 . 2016-02-04 20:29678592----a-w-c:\windows\system32\msvcp120_clr0400.dll
2016-01-23 03:42 . 2016-02-13 16:311924152----a-w-c:\windows\system32\nvdispco6436175.dll
2016-01-23 03:42 . 2016-02-13 16:311573432----a-w-c:\windows\system32\nvdispgenco6436175.dll
2016-01-22 06:19 . 2016-02-13 20:5414179840----a-w-c:\windows\system32\shell32.dll
2016-01-22 06:18 . 2016-02-13 20:55961024----a-w-c:\windows\system32\CPFilters.dll
2016-01-22 06:18 . 2016-02-13 20:55723968----a-w-c:\windows\system32\EncDec.dll
2016-01-22 06:17 . 2016-02-13 20:55159744----a-w-c:\windows\system32\mtxoci.dll
2016-01-22 06:15 . 2016-02-13 20:541866752----a-w-c:\windows\system32\ExplorerFrame.dll
2016-01-22 06:12 . 2016-02-13 20:541940992----a-w-c:\windows\system32\authui.dll
2016-01-22 06:04 . 2016-02-13 20:55642048----a-w-c:\windows\SysWow64\CPFilters.dll
2016-01-22 06:04 . 2016-02-13 20:55535040----a-w-c:\windows\SysWow64\EncDec.dll
2016-01-22 06:02 . 2016-02-13 20:55114176----a-w-c:\windows\SysWow64\mtxoci.dll
2016-01-22 06:02 . 2016-02-13 20:55176128----a-w-c:\windows\SysWow64\msorcl32.dll
2016-01-22 06:00 . 2016-02-13 20:541498624----a-w-c:\windows\SysWow64\ExplorerFrame.dll
2016-01-22 05:59 . 2016-02-13 20:541805824----a-w-c:\windows\SysWow64\authui.dll
2016-01-22 05:19 . 2016-02-13 20:543231232----a-w-c:\windows\explorer.exe
2016-01-22 05:12 . 2016-02-13 20:542973184----a-w-c:\windows\SysWow64\explorer.exe
2016-01-19 00:52 . 2016-01-19 00:521011456----a-w-c:\windows\system32\WinUSBCoInstaller2.dll
2016-01-19 00:51 . 2016-01-19 00:511730312----a-w-c:\windows\system32\WdfCoInstaller01009.dll
2016-01-16 19:01 . 2016-02-13 20:562085888----a-w-c:\windows\system32\ole32.dll
2016-01-16 18:36 . 2016-02-13 20:561413632----a-w-c:\windows\SysWow64\ole32.dll
2016-01-07 17:42 . 2016-02-13 21:05141312----a-w-c:\windows\system32\drivers\mrxdav.sys
2016-01-06 19:02 . 2016-02-13 21:2024576----a-w-c:\windows\system32\jnwmon.dll
2016-01-06 19:02 . 2016-02-13 21:20275456----a-w-c:\windows\system32\InkEd.dll
2016-01-06 18:41 . 2016-02-13 21:20216064----a-w-c:\windows\SysWow64\InkEd.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_FCA810C0E252261B949A7B9F364CE16A"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2016-03-08 1003160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 00000000
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R3 AWEAlloc;AWE Memory Allocation Driver;c:\windows\system32\DRIVERS\awealloc.sys;c:\windows\SYSNATIVE\DRIVERS\awealloc.sys [x]
R3 CM_VENDER_CMD;CM_VENDER_CMD;c:\program files\Common Files\Logitech\G430Install\CMVC64.sys;c:\program files\Common Files\Logitech\G430Install\CMVC64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 mfeavfk01;McAfee Inc.;Device\mfeavfk01.sys;Device\mfeavfk01.sys [x]
R3 OverwolfUpdater;Overwolf Updater Windows SCM;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Etkinleştirme Teknolojileri Hizmeti;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 FNETHYRAMAS;FNETHYRAMAS;c:\windows\System32\drivers\FNETHYRAMAS.SYS;c:\windows\SYSNATIVE\drivers\FNETHYRAMAS.SYS [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S1 NFC_Driver;NFC_Driver;c:\windows\system32\drivers\NFC_Driver.sys;c:\windows\SYSNATIVE\drivers\NFC_Driver.sys [x]
S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [x]
S2 AsRamDisk;ASUS Ram Disk Driver;c:\windows\system32\DRIVERS\asramdisk.sys;c:\windows\SYSNATIVE\DRIVERS\asramdisk.sys [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.06.26\AsusFanControlService.exe [x]
S2 AsusGameFirstService;AsusGameFirstService;c:\program files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe;c:\program files (x86)\ASUS\ROG Game First III\AsusGameFirstService.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 AiChargerPlus;AiChargerPlus;SysWow64\drivers\AiChargerPlus.sys;SysWow64\drivers\AiChargerPlus.sys [x]
S3 AndroidAFD;AndroidAFD;SysWow64\drivers\AndroidAFDx64.sys;SysWow64\drivers\AndroidAFDx64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 Disc Soft Pro Bus Service;Disc Soft Pro Bus Service;c:\program files\DAEMON Tools Pro\DiscSoftBusService.exe;c:\program files\DAEMON Tools Pro\DiscSoftBusService.exe [x]
S3 dtproscsibus;DAEMON Tools Pro Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtproscsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtproscsibus.sys [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys;c:\windows\SYSNATIVE\drivers\IOMap64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Sürücüsü;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 Genişletilebilir Ana Bilgisayar Denetleyici Sürücüsü;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 XSplit_Dummy;XSplit Stream Audio Renderer;c:\windows\system32\drivers\xspltspk.sys;c:\windows\SYSNATIVE\drivers\xspltspk.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2016-03-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-11 23:19]
.
2016-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-02-16 23:44]
.
2016-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-02-16 23:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2016-01-22 11:55553136----a-w-c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2016-01-22 11:55553136----a-w-c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2016-01-22 11:55553136----a-w-c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7191}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7191}]
2015-04-22 13:591489920----a-w-c:\program files (x86)\Common Files\AWS\2.2.6.547\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D809}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D809}]
2015-04-22 13:591489920----a-w-c:\program files (x86)\Common Files\AWS\2.2.6.547\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E}]
2015-04-22 13:591489920----a-w-c:\program files (x86)\Common Files\AWS\2.2.6.547\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2014-07-28 10801944]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.yandex.com.tr/?win=220&clid=2255506-213
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Microsoft Excel'e &Ver - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: OneNote'a G&önder - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\
FF - prefs.js: browser.startup.homepage - www.google.com
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-Audio IDT Service - c:\users\Asus\AppData\Roaming\Microsoft\Crypto\RSA\IDTAudio.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_197_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_197_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_197_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_197_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_197.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.21"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_197.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_197.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_197.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\ASUS\KeyBot II\KeyBotII.exe
c:\program files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe
c:\program files (x86)\ASUS\AI Suite III\AISuite3.exe
c:\program files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
c:\program files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
c:\program files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
c:\program files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
c:\program files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
c:\program files (x86)\ASUS\APRP\aprp.exe
c:\program files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
c:\users\Asus\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
.
**************************************************************************
.
Completion time: 2016-03-26 05:56:14 - machine was rebooted
ComboFix-quarantined-files.txt 2016-03-26 03:56
.
Pre-Run: 134.370.885.632 bayt boş
Post-Run: 134.287.933.440 bayt boş
.
- - End Of File - - DEACC236F5805EBEE62CC215ABC10732
A36C5E4F47E84449FF07ED3517B43A31
Son düzenleyen: Moderatör:
