Sistemimde sürekli bir başlangıç ögesi açılıyor 2 dakikada bir. Virüs programım(Eset) virüs olarak algılamıyor ama sürekli açılması beni rahatsız ediyor. Combofix ile bilgisayarımı tarattım o da dosyayı silmeye çalıştı fakat silemedi hala açmaya devam ediyor. Combo Fix kayıtlarını bırakacağım buraya. Yardımcı olursanız sevinirim.
Güncel
Kod:
ComboFix 18-03-14.01 - Kuzeyy 15.04.2018 11:39:35.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1254.90.1055.18.8135.4990 [GMT 3:00]
Running from: c:\users\Kuzeyy\Downloads\ComboFix.exe
AV: ESET Internet Security *Disabled/Updated* {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
FW: ESET Güvenlik Duvarı *Disabled* {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
SP: ESET Internet Security *Disabled/Updated* {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Kuzeyy\AppData\Roaming\Intel.exe
c:\users\Kuzeyy\AppData\Roaming\Interop.Shell32.dll
c:\users\Kuzeyy\AppData\Roaming\Microsoft\Asetup.exe
c:\users\Kuzeyy\AppData\Roaming\Microsoft\dwmDesktop.exe
c:\users\Kuzeyy\AppData\Roaming\Microsoft\Intel.exe
c:\users\Kuzeyy\AppData\Roaming\Microsoft\Interop.Shell32.dll
c:\users\Kuzeyy\AppData\Roaming\Microsoft\KFC32.exe
c:\users\Kuzeyy\AppData\Roaming\Microsoft\Windows\Intel.exe
c:\users\Kuzeyy\AppData\Roaming\Microsoft\WindowsDmedias.exe
c:\users\Kuzeyy\AppData\Roaming\Microsoft\Windowsmediab.exe
c:\users\Kuzeyy\AppData\Roaming\windows
c:\users\Kuzeyy\AppData\Roaming\windows\AccessibleMarshal.dll
c:\users\Kuzeyy\AppData\Roaming\windows\breakpadinjector.dll
c:\users\Kuzeyy\AppData\Roaming\windows\D3DCompiler_43.dll
c:\users\Kuzeyy\AppData\Roaming\windows\d3dcompiler_47.dll
c:\users\Kuzeyy\AppData\Roaming\windows\dht
c:\users\Kuzeyy\AppData\Roaming\windows\down
c:\users\Kuzeyy\AppData\Roaming\windows\explors.exe
c:\users\Kuzeyy\AppData\Roaming\windows\explors.zip
c:\users\Kuzeyy\AppData\Roaming\windows\Fias.exe
c:\users\Kuzeyy\AppData\Roaming\windows\Fias.zip
c:\users\Kuzeyy\AppData\Roaming\windows\freebl3.dll
c:\users\Kuzeyy\AppData\Roaming\windows\Geckofx-Core.dll
c:\users\Kuzeyy\AppData\Roaming\windows\Geckofx-Winforms.dll
c:\users\Kuzeyy\AppData\Roaming\windows\icudt56.dll
c:\users\Kuzeyy\AppData\Roaming\windows\icuin56.dll
c:\users\Kuzeyy\AppData\Roaming\windows\icuuc56.dll
c:\users\Kuzeyy\AppData\Roaming\windows\lgpllibs.dll
c:\users\Kuzeyy\AppData\Roaming\windows\libEGL.dll
c:\users\Kuzeyy\AppData\Roaming\windows\libGLESv2.dll
c:\users\Kuzeyy\AppData\Roaming\windows\mozglue.dll
c:\users\Kuzeyy\AppData\Roaming\windows\msvcp120.dll
c:\users\Kuzeyy\AppData\Roaming\windows\msvcr120.dll
c:\users\Kuzeyy\AppData\Roaming\windows\nss3.dll
c:\users\Kuzeyy\AppData\Roaming\windows\nssckbi.dll
c:\users\Kuzeyy\AppData\Roaming\windows\nssdbm3.dll
c:\users\Kuzeyy\AppData\Roaming\windows\Offib.exe
c:\users\Kuzeyy\AppData\Roaming\windows\Offib.zip
c:\users\Kuzeyy\AppData\Roaming\windows\Offix.exe
c:\users\Kuzeyy\AppData\Roaming\windows\Offix.zip
c:\users\Kuzeyy\AppData\Roaming\windows\Offiz.exe
c:\users\Kuzeyy\AppData\Roaming\windows\Offiz.zip
c:\users\Kuzeyy\AppData\Roaming\windows\omni.ja
c:\users\Kuzeyy\AppData\Roaming\windows\plugin-container.exe
c:\users\Kuzeyy\AppData\Roaming\windows\plugin-hang-ui.exe
c:\users\Kuzeyy\AppData\Roaming\windows\RAVBGs.exe
c:\users\Kuzeyy\AppData\Roaming\windows\RAVBGs.zip
c:\users\Kuzeyy\AppData\Roaming\windows\sandboxbroker.dll
c:\users\Kuzeyy\AppData\Roaming\windows\Sians.exe
c:\users\Kuzeyy\AppData\Roaming\windows\Sians.zip
c:\users\Kuzeyy\AppData\Roaming\windows\softokn3.dll
c:\users\Kuzeyy\AppData\Roaming\windows\Tasksoo.exe
c:\users\Kuzeyy\AppData\Roaming\windows\Tasksoo.zip
c:\users\Kuzeyy\AppData\Roaming\windows\Tiva.exe
c:\users\Kuzeyy\AppData\Roaming\windows\Tiva.zip
c:\users\Kuzeyy\AppData\Roaming\windows\xul.dll
c:\windows\SysWow64\Packet.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
.
.
((((((((((((((((((((((((( Files Created from 2018-03-15 to 2018-04-15 )))))))))))))))))))))))))))))))
.
.
2018-04-15 08:21 . 2018-04-15 08:21 -------- d-----w- c:\program files\Plumbytes Software
2018-04-14 17:47 . 2018-04-14 17:47 -------- d-----w- C:\82ace7d6-0197-474d-bf4b-a2043e72329b
2018-04-14 17:41 . 2018-04-14 21:27 -------- d-----w- c:\program files (x86)\Common Files\BattlEye
2018-04-14 17:41 . 2018-04-14 17:41 -------- d-----w- c:\program files (x86)\EasyAntiCheat
2018-04-14 12:28 . 2018-04-14 12:28 -------- d-----w- c:\program files\ESET
2018-04-14 11:38 . 2018-04-15 07:56 -------- d-----w- c:\program files\Common Files\AV
2018-04-14 11:37 . 2018-04-14 12:05 -------- d-----w- c:\programdata\Kaspersky Lab
2018-04-14 11:36 . 2018-04-14 11:36 149304 ------w- c:\windows\system32\klhkum.dll
2018-04-14 11:29 . 2018-04-14 11:29 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2018-04-14 09:48 . 2018-04-14 09:48 -------- d-----w- c:\programdata\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2018-04-14 09:36 . 2018-04-14 09:36 -------- d-----w- c:\program files (x86)\GhostMouse
2018-04-14 07:27 . 2018-04-14 07:27 -------- d-----w- c:\program files\Epic Games
2018-04-14 07:19 . 2018-04-14 07:25 -------- d-----w- c:\programdata\Epic
2018-04-14 07:19 . 2018-04-14 07:19 -------- d-----w- c:\program files (x86)\Epic Games
2018-04-14 06:50 . 2018-04-14 06:50 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0A220CB-B23C-495B-9DBB-6B35551E8211}\offreg.7108.dll
2018-04-13 21:58 . 2018-04-14 08:00 -------- d-----w- c:\program files (x86)\McAfee
2018-04-13 21:58 . 2018-04-14 08:00 -------- d-----w- c:\programdata\McAfee
2018-04-13 21:47 . 2018-04-14 08:00 -------- dc----w- c:\windows\system32\DRVSTORE
2018-04-13 21:46 . 2018-04-14 08:00 -------- d-----w- c:\programdata\VMware
2018-04-13 20:28 . 2018-04-13 20:29 -------- d---a-w- c:\program files (x86)\BlueStacks
2018-04-13 20:28 . 2018-04-13 20:29 -------- d-----w- c:\programdata\BlueStacks
2018-04-13 20:18 . 2018-04-13 20:18 -------- d-----w- c:\program files (x86)\Maxthon5
2018-04-13 14:09 . 2018-04-13 14:09 -------- d-----w- c:\program files\VideoLAN
2018-04-13 13:57 . 2006-09-21 10:59 389120 ----a-w- c:\windows\SysWow64\actskn43.ocx
2018-04-13 13:49 . 2018-04-14 08:00 -------- d-----w- c:\program files (x86)\netcut
2018-04-13 13:27 . 2018-04-13 13:27 -------- d-----w- c:\program files (x86)\obs-studio
2018-04-13 12:55 . 2018-03-24 01:13 2480064 ----a-w- c:\windows\system32\nvspcap64.dll
2018-04-13 12:55 . 2018-03-24 01:13 2137024 ----a-w- c:\windows\SysWow64\nvspcap.dll
2018-04-13 12:55 . 2018-03-24 01:13 1310144 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2018-04-13 12:55 . 2018-03-24 01:13 189784 ----a-w- c:\windows\system32\nvaudcap64v.dll
2018-04-13 12:55 . 2018-03-24 01:13 152408 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2018-04-13 12:55 . 2018-03-24 01:13 1951 ----a-w- c:\windows\NvTelemetryContainerRecovery.bat
2018-04-13 12:52 . 2018-03-24 01:13 58816 ----a-w- c:\windows\system32\drivers\nvvhci.sys
2018-04-13 12:47 . 2018-04-13 12:47 -------- d-----w- C:\NVIDIA
2018-04-13 12:21 . 2018-04-13 12:21 -------- d-----w- c:\program files (x86)\Common Files\Java
2018-04-13 12:21 . 2018-04-13 12:21 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2018-04-13 12:20 . 2018-04-13 12:20 -------- d-----w- c:\programdata\Oracle
2018-04-13 12:20 . 2018-04-13 12:20 -------- d-----w- c:\program files\Java
2018-04-13 11:40 . 2018-03-29 21:11 14558320 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0A220CB-B23C-495B-9DBB-6B35551E8211}\mpengine.dll
2018-04-12 06:02 . 2018-04-12 06:02 -------- d-----w- c:\program files (x86)\Bilgisayar Kapatıcı V2
2018-04-09 12:24 . 2018-04-09 12:24 -------- d-----w- c:\program files (x86)\Microsoft
2018-04-08 20:18 . 2008-10-15 03:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2018-04-08 20:18 . 2008-10-15 03:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2018-04-08 20:18 . 2008-10-15 03:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2018-04-08 20:18 . 2008-10-15 03:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2018-04-08 20:18 . 2008-10-15 03:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2018-04-08 20:18 . 2008-10-15 03:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2018-04-07 18:28 . 2018-04-07 18:28 -------- d-----w- c:\program files (x86)\1jsxkitklxm
2018-04-07 15:22 . 2014-10-16 07:27 27424 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2018-04-07 15:00 . 2018-04-07 15:00 -------- d-----w- c:\windows\system32\disko
2018-04-07 15:00 . 2018-04-07 15:00 -------- d-----w- c:\windows\SysWow64\disko
2018-04-07 14:58 . 2018-04-07 14:58 -------- d-----w- c:\programdata\LogiShrd
2018-04-07 14:58 . 2018-04-15 08:01 -------- d-----w- c:\users\Public\Logi
2018-04-07 14:54 . 2018-04-08 02:43 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2018-04-07 14:08 . 2018-04-07 14:08 -------- d-----w- c:\programdata\Yandex
2018-04-07 14:02 . 2018-04-07 14:04 -------- d-----w- c:\program files (x86)\Movavi Video Suite 17
2018-04-07 14:02 . 2018-04-07 14:02 -------- d-----w- c:\programdata\Movavi
2018-04-07 14:01 . 2018-04-07 14:01 -------- d-----w- c:\programdata\Movavi Video Suite 17
2018-04-07 07:44 . 2018-04-07 07:44 -------- d-----w- c:\programdata\Passmark
2018-04-05 17:10 . 2018-04-07 14:55 -------- d-----w- c:\program files\Logitech Gaming Software
2018-04-05 16:18 . 2018-04-05 16:18 -------- d-----w- c:\program files\Common Files\INCA Shared
2018-04-05 14:24 . 2018-02-22 03:28 217600 ----a-w- c:\windows\system32\WinSCard.dll
2018-04-05 14:24 . 2018-02-22 03:06 134656 ----a-w- c:\windows\SysWow64\WinSCard.dll
2018-04-05 14:21 . 2018-02-18 21:34 634272 ----a-w- c:\windows\system32\winload.exe
2018-04-05 14:21 . 2018-03-14 17:14 135360 ----a-w- c:\windows\system32\CompatTelRunner.exe
2018-04-05 14:21 . 2018-03-14 17:09 656384 ----a-w- c:\windows\system32\aeinv.dll
2018-04-05 14:21 . 2018-03-14 13:05 739840 ----a-w- c:\windows\system32\generaltel.dll
2018-04-05 14:21 . 2018-03-14 13:05 599552 ----a-w- c:\windows\system32\devinv.dll
2018-04-05 14:21 . 2018-03-14 13:05 450048 ----a-w- c:\windows\system32\centel.dll
2018-04-05 14:21 . 2018-03-14 13:05 414720 ----a-w- c:\windows\system32\invagent.dll
2018-04-05 14:21 . 2018-03-14 13:05 1559552 ----a-w- c:\windows\system32\appraiser.dll
2018-04-05 14:21 . 2018-03-14 13:05 291840 ----a-w- c:\windows\system32\acmigration.dll
2018-04-05 14:21 . 2018-03-14 13:05 237056 ----a-w- c:\windows\system32\aepic.dll
2018-04-05 14:21 . 2018-03-14 13:05 1993728 ----a-w- c:\windows\system32\aitstatic.exe
2018-04-05 13:44 . 2018-04-14 12:03 -------- d-----w- c:\program files (x86)\Common Files\IObit
2018-04-05 13:27 . 2018-04-05 13:27 407040 ----a-w- c:\windows\system32\scesrv.dll
2018-04-05 13:27 . 2018-04-05 13:27 308224 ----a-w- c:\windows\SysWow64\scesrv.dll
2018-04-05 13:27 . 2018-04-05 13:27 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2018-04-05 13:27 . 2018-04-05 13:27 2048 ----a-w- c:\windows\system32\tzres.dll
2018-04-05 12:34 . 2018-04-05 12:34 -------- d-----w- c:\programdata\{13CFD044-61E4-4EAC-AD61-02536D961216}
2018-04-05 12:29 . 2018-04-05 12:29 -------- d-----w- c:\windows\system32\appmgmt
2018-04-05 05:37 . 2017-10-16 12:15 7677008 ----a-w- c:\windows\SysWow64\GameMon.des
2018-04-05 05:24 . 2018-04-14 07:58 -------- d-----w- c:\programdata\Package Cache
2018-04-05 05:24 . 2018-04-05 05:24 -------- d-----w- c:\program files\TeamSpeak 3 Client
2018-04-05 05:23 . 2018-04-08 20:40 -------- d-----w- c:\program files (x86)\Common Files\Steam
2018-04-05 05:23 . 2018-04-14 22:57 -------- d-----w- c:\program files (x86)\Steam
2018-04-05 05:16 . 2018-04-05 05:16 -------- d-----w- c:\programdata\Apple Computer
2018-04-05 05:16 . 2018-04-05 05:16 -------- d-----w- c:\programdata\Apple
2018-04-05 05:11 . 2018-04-13 19:57 -------- d-----w- c:\program files (x86)\Metin2
2018-04-05 05:02 . 2018-04-05 05:02 45600 ----a-w- c:\windows\system32\nvhdap64.dll
2018-04-05 05:02 . 2018-04-05 05:02 226760 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2018-04-05 05:02 . 2018-04-05 05:02 1682288 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2018-04-05 05:01 . 2018-04-05 05:01 -------- d-----w- c:\windows\system32\DAX3
2018-04-05 05:01 . 2018-04-05 05:01 -------- d-----w- c:\windows\system32\DAX2
2018-04-05 05:01 . 2018-04-05 05:01 -------- d-----w- c:\windows\SysWow64\RTCOM
2018-04-05 05:01 . 2018-04-05 05:01 -------- d-----w- c:\program files\Realtek
2018-04-04 20:28 . 2018-04-13 12:55 -------- d-----w- c:\program files\NVIDIA Corporation
2018-04-04 20:28 . 2018-04-13 12:55 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2018-04-04 20:28 . 2018-04-04 20:28 -------- d-----w- c:\windows\system32\drivers\NVIDIA Corporation
2018-04-04 20:27 . 2018-04-04 20:27 1985384 ----a-w- c:\windows\system32\nvdispco6439101.dll
2018-04-04 20:27 . 2018-04-04 20:27 1684000 ----a-w- c:\windows\system32\nvdispgenco6439101.dll
2018-04-04 20:27 . 2018-03-25 16:12 15558928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2018-04-04 20:27 . 2018-03-25 16:11 3919352 ----a-w- c:\windows\SysWow64\nvapi.dll
2018-04-04 20:09 . 2018-04-04 20:09 237416 ----a-w- c:\windows\system32\drivers\amdxhc.sys
2018-04-04 20:08 . 2018-04-04 20:08 85704 ----a-w- c:\windows\system32\drivers\amd_sata.sys
2018-04-04 20:08 . 2018-04-04 20:08 43720 ----a-w- c:\windows\system32\drivers\amd_xata.sys
2018-04-04 18:18 . 2018-04-04 18:18 -------- d-----w- c:\program files\WinRAR
2018-04-04 18:05 . 2018-04-04 18:05 60928 ----a-w- c:\windows\system32\drivers\GeneStor.sys
2018-04-04 18:05 . 2018-04-04 18:05 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2018-04-04 18:03 . 2018-04-14 07:57 -------- d-----w- c:\programdata\ProductData
2018-04-04 18:03 . 2018-04-04 18:03 -------- d-----w- c:\windows\IObit
2018-04-04 18:03 . 2018-04-04 18:03 27552 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2018-04-04 18:03 . 2018-04-14 12:04 -------- d-----w- c:\program files (x86)\IObit
2018-04-04 18:03 . 2018-04-14 12:03 -------- d-----w- c:\programdata\IObit
2018-04-04 17:59 . 2018-04-05 13:44 -------- d-----w- c:\program files (x86)\Google
2018-04-04 17:57 . 2018-03-20 00:02 118784 ----a-w- c:\windows\system32\RTNUninst64.dll
2018-04-04 17:57 . 2018-03-20 00:02 122816 ----a-w- c:\windows\system32\RtNicProp64.dll
2018-04-04 17:57 . 2018-03-20 00:02 981952 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2018-04-04 17:57 . 2018-04-04 17:57 -------- d-----w- c:\program files (x86)\Realtek
2018-04-04 17:57 . 2018-04-04 17:57 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2018-04-04 17:50 . 2018-04-13 21:48 -------- d-----w- c:\users\Kuzeyy
2018-04-04 17:50 . 2018-04-04 17:50 -------- d-----w- C:\Recovery
2018-04-04 17:50 . 2018-04-04 17:50 -------- d-sh--we c:\users\Default\Belgelerim
2018-04-04 17:50 . 2018-04-04 17:50 -------- d-sh--we c:\programdata\Sık Kullanılanlar
2018-04-04 17:50 . 2018-04-04 17:50 -------- d-sh--we c:\programdata\Belgeler
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2018-04-05 13:23 . 2018-04-05 13:23 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2018-03-31 01:09 . 2018-04-13 11:42 44544 ----a-w- c:\windows\apppatch\acwow64.dll
2018-03-14 16:01 . 2018-03-12 19:02 130364688 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2018-03-14 16:01 . 2018-03-12 19:02 130364688 -c--a-w- c:\windows\system32\MRT.exe
2018-03-12 18:26 . 2018-03-12 18:26 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2018-03-12 18:25 . 2018-03-12 18:25 942592 ----a-w- c:\windows\system32\jsIntl.dll
2018-03-12 18:25 . 2018-03-12 18:25 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2018-03-12 18:25 . 2018-03-12 18:25 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2018-03-12 18:25 . 2018-03-12 18:25 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2018-03-12 18:25 . 2018-03-12 18:25 81408 ----a-w- c:\windows\system32\icardie.dll
2018-03-12 18:25 . 2018-03-12 18:25 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2018-03-12 18:25 . 2018-03-12 18:25 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2018-03-12 18:25 . 2018-03-12 18:25 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2018-03-12 18:25 . 2018-03-12 18:25 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2018-03-12 18:25 . 2018-03-12 18:25 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2018-03-12 18:25 . 2018-03-12 18:25 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2018-03-12 18:25 . 2018-03-12 18:25 48640 ----a-w- c:\windows\system32\mshtmler.dll
2018-03-12 18:25 . 2018-03-12 18:25 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2018-03-12 18:25 . 2018-03-12 18:25 30208 ----a-w- c:\windows\system32\licmgr10.dll
2018-03-12 18:25 . 2018-03-12 18:25 247808 ----a-w- c:\windows\system32\msls31.dll
2018-03-12 18:25 . 2018-03-12 18:25 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2018-03-12 18:25 . 2018-03-12 18:25 235520 ----a-w- c:\windows\system32\url.dll
2018-03-12 18:25 . 2018-03-12 18:25 235008 ----a-w- c:\windows\system32\elshyph.dll
2018-03-12 18:25 . 2018-03-12 18:25 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2018-03-12 18:25 . 2018-03-12 18:25 167424 ----a-w- c:\windows\system32\iexpress.exe
2018-03-12 18:25 . 2018-03-12 18:25 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2018-03-12 18:25 . 2018-03-12 18:25 143872 ----a-w- c:\windows\system32\wextract.exe
2018-03-12 18:25 . 2018-03-12 18:25 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2018-03-12 18:25 . 2018-03-12 18:25 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2018-03-12 18:25 . 2018-03-12 18:25 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2018-03-12 18:25 . 2018-03-12 18:25 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2018-03-12 18:25 . 2018-03-12 18:25 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2018-03-12 18:25 . 2018-03-12 18:25 105984 ----a-w- c:\windows\system32\iesysprep.dll
2018-03-12 18:25 . 2018-03-12 18:25 62464 ----a-w- c:\windows\system32\pngfilt.dll
2018-03-12 18:25 . 2018-03-12 18:25 48128 ----a-w- c:\windows\system32\imgutil.dll
2018-03-12 18:25 . 2018-03-12 18:25 13824 ----a-w- c:\windows\system32\mshta.exe
2018-03-12 18:25 . 2018-03-12 18:25 135680 ----a-w- c:\windows\system32\iepeers.dll
2018-01-19 12:32 . 2018-01-19 12:32 134368 ----a-w- c:\windows\system32\drivers\eamonm.sys
2018-01-19 12:32 . 2018-01-19 12:32 106304 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2018-01-19 12:31 . 2018-01-19 12:31 81880 ----a-w- c:\windows\system32\drivers\epfw.sys
2018-01-19 12:31 . 2018-01-19 12:31 61040 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2018-01-19 12:31 . 2018-01-19 12:31 180088 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2018-01-19 12:31 . 2018-01-19 12:31 107328 ----a-w- c:\windows\system32\drivers\edevmon.sys
2018-01-19 12:31 . 2018-01-19 12:31 50744 ----a-w- c:\windows\system32\drivers\ekbdflt.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 11"="c:\program files (x86)\IObit\Advanced SystemCare\ASCTray.exe" [2018-03-20 3581200]
"1752"="c:\users\Kuzeyy\AppData\Roaming\Microsoft\Windows\Intel.exe" [2017-11-05 8704]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2017-12-19 587800]
.
c:\users\Kuzeyy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Asetup.exe [2017-11-4 6144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\persistentroutes]
"198.54.116.221,255.255.255.255,192.168.1.103,1"=""
"185.111.232.37,255.255.255.255,192.168.1.103,1"=""
"185.111.232.37,255.255.255.255,192.168.1.100,1"=""
"198.54.116.221,255.255.255.255,192.168.1.100,1"=""
"185.111.232.37,255.255.255.255,192.168.1.102,1"=""
"198.54.116.221,255.255.255.255,192.168.1.102,1"=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IObitUnSvr;IObit Uninstaller Service;c:\program files (x86)\IObit\IObit Uninstaller\IUService.exe;c:\program files (x86)\IObit\IObit Uninstaller\IUService.exe [x]
R2 MxService;MxService;c:\program files (x86)\Maxthon5\Bin\MxService.exe;c:\program files (x86)\Maxthon5\Bin\MxService.exe [x]
R2 pbamw_service;AMW Service;c:\program files\Plumbytes Software\Plumbytes Anti-Malware\AmwService.exe run;c:\program files\Plumbytes Software\Plumbytes Anti-Malware\AmwService.exe run [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 BstkDrv;BlueStacks Plus Hypervisor;c:\program files (x86)\BlueStacks\BstkDrv.sys;c:\program files (x86)\BlueStacks\BstkDrv.sys [x]
R3 cpuz143;cpuz143;c:\windows\temp\cpuz143\cpuz143_x64.sys;c:\windows\temp\cpuz143\cpuz143_x64.sys [x]
R3 DIRECTIO;DIRECTIO;c:\program files\PerformanceTest\DirectIo64.sys;c:\program files\PerformanceTest\DirectIo64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\program files (x86)\EasyAntiCheat\EasyAntiCheat.exe;c:\program files (x86)\EasyAntiCheat\EasyAntiCheat.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 iobit_monitor_server;iobit_monitor_server;c:\program files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win7_x64.sys;c:\program files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win7_x64.sys [x]
R3 LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
R3 LGJoyXlCore;Logitech Translation Layer Driver (LGS);c:\windows\system32\drivers\LGJoyXlCore.sys;c:\windows\SYSNATIVE\drivers\LGJoyXlCore.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 WatAdminSvc;Windows Etkinleştirme Teknolojileri Hizmeti;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinFsp;WinFsp;c:\windows\system32\disko\winfsp-x64.sys;c:\windows\SYSNATIVE\disko\winfsp-x64.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 edevmon;edevmon;c:\windows\system32\DRIVERS\edevmon.sys;c:\windows\SYSNATIVE\DRIVERS\edevmon.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;ESET Firewall;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 AdvancedSystemCareService11;Advanced SystemCare Service 11;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Security\ekrn.exe;c:\program files\ESET\ESET Security\ekrn.exe [x]
S2 LGCoreTemp;Logitech CPU Core Tempurature;c:\program files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys;c:\program files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [x]
S2 LogiRegistryService;Logitech Gaming Registry Service;c:\program files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe;c:\program files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [x]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
S2 NvTelemetryContainer;NVIDIA Telemetry Container;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [x]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x]
S3 GeneStor;Genesys Logic Storage Driver;c:\windows\system32\DRIVERS\GeneStor.sys;c:\windows\SYSNATIVE\DRIVERS\GeneStor.sys [x]
S3 IUFileFilter;IUFileFilter;c:\program files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys;c:\program files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [x]
S3 IURegProcessFilter;IURegProcessFilter;c:\program files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys;c:\program files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 nvvhci;NVVHCI Enumerator Service;c:\windows\system32\DRIVERS\nvvhci.sys;c:\windows\SYSNATIVE\DRIVERS\nvvhci.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2018-01-25 14:01 2478864 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2018-03-19 18591352]
"egui"="c:\program files\ESET\ESET Security\ecmds.exe" [2017-12-18 324352]
"Plumbytes Anti-Malware"="c:\program files\Plumbytes Software\Plumbytes Anti-Malware\Plumbytes.exe" [2017-12-29 1961200]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\persistentroutes]
"198.54.116.221,255.255.255.255,192.168.1.103,1"=""
"185.111.232.37,255.255.255.255,192.168.1.103,1"=""
"185.111.232.37,255.255.255.255,192.168.1.100,1"=""
"198.54.116.221,255.255.255.255,192.168.1.100,1"=""
"185.111.232.37,255.255.255.255,192.168.1.102,1"=""
"198.54.116.221,255.255.255.255,192.168.1.102,1"=""
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 192.168.1.1
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\program files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\program files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
c:\program files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
c:\program files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
.
**************************************************************************
.
Completion time: 2018-04-15 12:09:47 - machine was rebooted
ComboFix-quarantined-files.txt 2018-04-15 09:09
.
Pre-Run: 58.668.478.464 bayt boş
Post-Run: 58.203.488.256 bayt boş
.
- - End Of File - - E5BA11F04EE6CC3BAD298BF51EB5A5D3
A36C5E4F47E84449FF07ED3517B43A31
Son düzenleme: