Combofix tarama sonucu

(konu yanlış yerde olabilir kusura bakmayın) arkadaşlar virüs var mı ? bi bilgi verirmisiniz sonuç:

ComboFix 14-06-12.01 - Kerim 12.06.2014 10:14:20.2.8 - x64
Microsoft Windows 8 Single Language 6.2.9200.0.1254.90.1055.18.8147.6060 [GMT 3:00]
Running from: c:\users\Kerim\Downloads\ComboFix-tamindir.exe
AV: Norton Internet Security *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
SP: Norton Internet Security *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2014-05-12 to 2014-06-12 )))))))))))))))))))))))))))))))
.
.
2014-06-12 07:17 . 2014-06-12 07:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-12 01:00 . 2014-05-29 23:00 1291232 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-06-12 01:00 . 2014-05-29 22:59 1715176 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-06-12 00:59 . 2014-06-12 00:59 -------- d-----w- c:\windows\LastGood
2014-06-12 00:59 . 2014-03-31 16:42 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-06-12 00:59 . 2014-03-31 16:42 34760 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-06-11 08:45 . 2014-06-11 08:45 283312 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10242.bin
2014-06-11 06:45 . 2014-06-11 06:45 -------- d-----w- c:\programdata\Oracle
2014-06-11 06:45 . 2014-06-11 06:45 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-06-11 06:45 . 2014-06-11 06:45 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-06-11 06:45 . 2014-06-11 06:45 -------- d-----w- c:\program files (x86)\Java
2014-06-10 10:40 . 2014-06-10 10:40 -------- d-----w- c:\programdata\LogMeIn
2014-06-06 11:18 . 2014-06-06 11:18 -------- d-----w- c:\programdata\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-06-05 23:02 . 2014-06-05 23:02 -------- d-----w- c:\program files (x86)\VideoLAN
2014-06-04 04:24 . 2014-06-04 04:24 -------- d-----w- c:\program files (x86)\QuickTime
2014-06-04 04:24 . 2014-06-04 04:24 -------- d-----w- c:\program files (x86)\Common Files\TechSmith Shared
2014-06-04 04:24 . 2014-06-04 04:24 -------- d-----w- c:\programdata\TechSmith
2014-06-04 04:24 . 2014-06-04 04:24 -------- d-----w- c:\program files (x86)\TechSmith
2014-06-03 13:56 . 2014-06-03 13:56 -------- d-----w- c:\program files\Magic Bullet Looks Vegas
2014-06-03 13:56 . 2014-06-03 13:56 -------- d-----w- c:\program files (x86)\LooksBuilder
2014-06-03 13:56 . 2014-06-03 13:56 -------- d-----w- c:\program files (x86)\Red Giant Link
2014-06-03 13:56 . 2014-06-03 13:56 -------- d-----w- c:\programdata\RedGiant
2014-06-03 13:54 . 2014-06-03 13:54 -------- d-----w- c:\programdata\Sony
2014-06-03 13:54 . 2014-06-03 13:54 -------- d-----w- c:\program files\Sony
2014-06-03 13:54 . 2014-06-03 13:54 -------- d-----w- c:\program files (x86)\Sony
2014-06-02 01:56 . 2014-06-02 01:58 -------- d-----w- c:\programdata\Stardock
2014-06-02 01:56 . 2014-06-02 01:56 -------- d-----w- c:\program files (x86)\Stardock
2014-05-29 18:45 . 2000-01-01 00:00 801864 ----a-w- c:\windows\system32\drivers\Rt630x64.sys
2014-05-29 18:45 . 2000-01-01 00:00 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-05-29 18:23 . 2014-05-29 18:23 -------- d-----w- c:\windows\system32\drivers\NISx64\1405000.01C
2014-05-29 18:15 . 2013-08-21 12:16 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2014-05-29 18:14 . 2014-05-29 18:14 -------- d-----w- C:\Intel
2014-05-29 17:50 . 2010-05-26 08:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-05-29 17:50 . 2010-05-26 08:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2014-05-29 17:50 . 2010-05-26 08:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-05-29 17:50 . 2010-05-26 08:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-05-29 17:50 . 2014-05-29 23:00 1122312 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-05-29 17:50 . 2014-05-29 22:59 1279480 ----a-w- c:\windows\system32\nvspcap64.dll
2014-05-29 17:49 . 2014-05-29 17:49 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-05-29 17:48 . 2014-03-04 11:32 599840 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-05-29 17:45 . 2014-05-29 17:45 -------- d-----w- C:\NVIDIA
2014-05-29 17:29 . 2014-06-12 07:09 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2014-05-29 17:29 . 2014-05-29 17:29 -------- d-----w- c:\program files (x86)\SlimDrivers
2014-05-29 17:00 . 2013-06-16 22:41 997632 ----a-w- c:\windows\system32\drivers\ndis.sys
2014-05-29 16:53 . 2014-01-27 03:42 2232664 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-05-29 16:53 . 2014-01-27 03:39 1939288 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-05-29 16:53 . 2014-02-03 23:56 332632 ----a-w- c:\windows\system32\drivers\storport.sys
2014-05-29 16:53 . 2014-02-03 23:56 278872 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-05-29 16:53 . 2014-01-31 00:48 485888 ----a-w- c:\windows\SysWow64\WSDApi.dll
2014-05-29 16:53 . 2014-01-31 00:06 599040 ----a-w- c:\windows\system32\WSDApi.dll
2014-05-29 16:53 . 2014-01-15 23:42 118784 ----a-w- c:\windows\system32\drivers\dfsc.sys
2014-05-29 16:53 . 2014-01-11 06:48 5979648 ----a-w- c:\windows\system32\mstscax.dll
2014-05-29 16:53 . 2014-01-11 05:06 5092352 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-05-29 16:53 . 2014-01-02 23:35 365568 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-05-29 16:53 . 2014-01-02 23:32 523264 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-05-29 16:52 . 2012-10-17 04:32 1172992 ----a-w- c:\windows\system32\mfnetsrc.dll
2014-05-29 16:52 . 2012-10-17 04:32 677888 ----a-w- c:\windows\system32\mfnetcore.dll
2014-05-29 16:52 . 2012-10-17 04:32 673280 ----a-w- c:\windows\system32\mfmpeg2srcsnk.dll
2014-05-29 16:52 . 2012-10-17 03:57 929792 ----a-w- c:\windows\SysWow64\mfnetsrc.dll
2014-05-29 16:52 . 2012-10-17 03:57 568832 ----a-w- c:\windows\SysWow64\mfnetcore.dll
2014-05-29 16:52 . 2012-10-17 03:57 513024 ----a-w- c:\windows\SysWow64\mfmpeg2srcsnk.dll
2014-05-29 16:52 . 2012-10-12 06:13 109568 ----a-w- c:\windows\system32\dskquota.dll
2014-05-29 16:52 . 2012-10-12 05:39 82944 ----a-w- c:\windows\SysWow64\dskquota.dll
2014-05-29 16:52 . 2012-10-24 04:54 396008 ----a-w- c:\windows\system32\hal.dll
2014-05-29 16:50 . 2012-11-06 04:18 11459584 ----a-w- c:\windows\system32\glcndFilter.dll
2014-05-29 16:49 . 2012-11-27 04:20 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
2014-05-29 16:49 . 2012-11-27 04:20 179200 ----a-w- c:\windows\SysWow64\wpnapps.dll
2014-05-29 16:49 . 2012-11-27 04:20 560128 ----a-w- c:\windows\SysWow64\UserLanguagesCpl.dll
2014-05-29 16:49 . 2012-11-27 04:20 1217536 ----a-w- c:\windows\SysWow64\storagewmi.dll
2014-05-29 16:49 . 2012-11-27 04:20 1123840 ----a-w- c:\windows\system32\mstsc.exe
2014-05-29 16:49 . 2012-10-12 08:08 27880 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2014-05-29 16:49 . 2012-10-12 06:14 36352 ----a-w- c:\windows\system32\rfxvmt.dll
2014-05-29 16:49 . 2012-11-27 04:20 46592 ----a-w- c:\windows\SysWow64\vds_ps.dll
2014-05-29 16:49 . 2012-10-12 05:50 235520 ----a-w- c:\windows\system32\rdpudd.dll
2014-05-29 16:28 . 2014-05-29 19:26 -------- d-----w- c:\program files (x86)\Common Files\Steam
2014-05-29 16:28 . 2014-06-12 07:09 -------- d-----w- c:\program files (x86)\Steam
2014-05-29 16:24 . 2014-05-29 16:27 -------- d-----w- c:\program files (x86)\Origin Games
2014-05-29 16:19 . 2014-06-12 07:10 -------- d-----w- c:\programdata\Origin
2014-05-29 16:19 . 2014-05-29 16:19 -------- d-----w- c:\programdata\Electronic Arts
2014-05-29 16:19 . 2014-06-12 07:09 -------- d-----w- c:\program files (x86)\Origin
2014-05-29 14:14 . 2014-05-29 14:14 -------- d-----w- c:\users\Public\CyberLink
2014-05-29 11:47 . 2014-05-01 20:37 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-29 11:47 . 2014-05-01 20:37 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-29 11:44 . 2014-05-29 11:44 -------- d-----w- c:\windows\SysWow64\drivers\en-GB
2014-05-29 11:44 . 2014-05-29 11:44 -------- d-----w- c:\windows\SysWow64\wbem\en-GB
2014-05-29 11:44 . 2014-05-29 11:44 -------- d-----w- c:\windows\system32\drivers\en-GB
2014-05-29 11:44 . 2014-05-29 11:44 -------- d-----w- c:\windows\system32\wbem\en-GB
2014-05-29 11:05 . 2014-04-19 09:39 628024 ----a-w- c:\windows\system32\NotificationUI.exe
2014-05-29 11:05 . 2014-04-19 08:45 693760 ----a-w- c:\windows\system32\WSShared.dll
2014-05-29 11:05 . 2014-04-19 08:45 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-29 11:05 . 2014-04-19 06:57 566784 ----a-w- c:\windows\SysWow64\WSShared.dll
2014-05-29 11:05 . 2014-04-19 06:57 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-29 11:05 . 2014-01-31 00:48 143872 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2014-05-29 11:05 . 2013-11-01 01:45 23350272 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-05-29 11:05 . 2013-11-01 01:16 22615040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-05-29 10:32 . 2014-06-12 03:57 -------- d-----w- c:\windows\system32\MRT
2014-05-28 20:32 . 2012-08-31 00:52 17888 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2014-05-28 20:31 . 2012-08-31 00:53 17888 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2014-05-28 20:28 . 2013-05-04 06:57 1131520 ----a-w- c:\windows\system32\AppXDeploymentServer.dll
2014-05-28 20:27 . 2014-03-07 00:08 3959808 ----a-w- c:\windows\system32\jscript9.dll
2014-05-28 20:25 . 2013-04-09 04:51 14267904 ----a-w- c:\windows\system32\wmp.dll
2014-05-28 20:17 . 2014-05-06 05:14 97280 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-28 20:17 . 2014-05-06 05:14 19274752 ----a-w- c:\windows\system32\mshtml.dll
2014-05-28 20:17 . 2014-05-06 03:37 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-28 20:17 . 2014-05-06 03:26 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-28 20:14 . 2013-10-19 05:45 62976 ----a-w- c:\windows\system32\imagehlp.dll
2014-05-28 20:14 . 2013-10-19 04:04 59392 ----a-w- c:\windows\SysWow64\imagehlp.dll
2014-05-28 20:14 . 2012-11-26 04:21 71168 ----a-w- c:\windows\SysWow64\ncryptsslp.dll
2014-05-28 20:14 . 2012-11-26 04:20 86016 ----a-w- c:\windows\system32\ncryptsslp.dll
2014-05-28 20:14 . 2013-07-06 00:15 652288 ----a-w- c:\windows\system32\comctl32.dll
2014-05-28 20:14 . 2013-07-04 02:13 541696 ----a-w- c:\windows\SysWow64\comctl32.dll
2014-05-28 20:14 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2014-05-28 20:14 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2014-05-28 20:14 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-05-28 20:14 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2014-05-28 20:14 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2014-05-28 20:14 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2014-05-28 20:14 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-05-28 20:12 . 2014-03-28 08:23 19759104 ----a-w- c:\windows\system32\shell32.dll
2014-05-28 20:10 . 2013-06-22 05:45 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2014-05-28 20:10 . 2013-06-22 05:45 54488 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2014-05-28 20:10 . 2013-07-05 22:02 99328 ----a-w- c:\windows\system32\drivers\usbcir.sys
2014-05-28 20:10 . 2013-07-01 22:14 25600 ----a-w- c:\windows\system32\drivers\usbprint.sys
2014-05-28 20:10 . 2013-06-29 03:08 32768 ----a-w- c:\windows\system32\drivers\hidparse.sys
2014-05-28 20:09 . 2013-10-01 23:37 1569280 ----a-w- c:\windows\SysWow64\crypt32.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-29 09:55 . 2013-05-22 18:05 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2014-05-27 19:10 . 2012-07-26 08:13 23264 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-05-29 3588952]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-05-29 1754816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
.
c:\users\Kerim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Curse.lnk - c:\users\Kerim\AppData\Roaming\Curse Client\Bin\Curse.exe /startup [2014-5-23 8529176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
R0 SymELAM;Symantec ELAM Driver;c:\windows\system32\drivers\NISx64\1405000.01C\SymELAM.sys;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\SymELAM.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPConnectedRemote;HP Connected Remote Service;c:\program files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe;c:\program files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140606.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [x]
S3 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1405000.01C\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\ccSetx64.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140611.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140611.001\IDSvia64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1405000.01C\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\SYMDS64.SYS [x]
S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1405000.01C\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\SYMEFA64.SYS [x]
S3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1405000.01C\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\Ironx64.SYS [x]
S3 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1405000.01C\SYMNETS.SYS [x]
S3 tilfilter;TI xHCI Lower Filter Driver Service;c:\windows\System32\drivers\TIxHCIlfilter.sys;c:\windows\SYSNATIVE\drivers\TIxHCIlfilter.sys [x]
S3 tiufilter;TI xHCI Upper Filter Driver Service;c:\windows\System32\drivers\TIxHCIufilter.sys;c:\windows\SYSNATIVE\drivers\TIxHCIufilter.sys [x]
S3 wolfjy;wolfjy;c:\joygame\WolfTeamTS\avital\wolfj64.sys;c:\joygame\WolfTeamTS\avital\wolfj64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost REG_MULTI_SZ apphostsvc
iissvcs REG_MULTI_SZ w3svc was
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-12 00:20 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-27 19:15]
.
2014-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-27 19:15]
.
2014-06-10 c:\windows\Tasks\HPCeeScheduleForKerim.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 01:43]
.
2014-06-12 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24 09:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-10-25 41664]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-10-25 1664000]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2350880]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{1A65EB00-79AF-4F36-A4E0-2F5A8E67A24F}: NameServer = 195.175.39.39,195.175.39.40
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
HKLM-Run-Fences - c:\program files (x86)\Stardock\Fences\Fences.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\20.5.0.28\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3201096045-1368752465-156994979-1001CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC]
@Denied: (C D) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Completion time: 2014-06-12 10:19:03
ComboFix-quarantined-files.txt 2014-06-12 07:19
ComboFix2.txt 2014-06-11 07:04
.
Pre-Run: 824.740.630.528 bytes free
Post-Run: 824.521.834.496 bytes free
.
- - End Of File - - 0FB241ED516ADE6799CC2FC97D5EC1F7
5FB38429D5D77768867C76DCBDB35194

Benzer içerikler