Garip bi hata

[khazadum]

Merhaba arkadaşlar,

İşten eve geldim, bilgisayarımı açtım. Ama login ekranı gelene kadar baya bi bekledi. (3-4 dakika) Sonra kullanıcı ve şifremi girdim, hoşgeldiniz yazısından sonra biraz bekledi. (1-2 dakika)

Sonra windows klasik temada açıldı, ve aşağıda bir uyarı çıktı;



biraz araştırdım ve internette olan;

cmd -> netsh -> winsock reset
cmd -> sfc /scannow

yöntemleri işe yaramadı. Combofix ile de tarattım makinayı onun logunu da aşağıda vereyim;

ComboFix 14-01-21.02 - Onur 21.01.2014 18:37:32.1.6 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1254.90.1055.18.8099.6052 [GMT 2:00]
Running from: c:usersOnurDesktopComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:programdata1384613256.bdinstall.bin
c:programdata1385823194.bdinstall.bin
c:programdata1385823195.bdinstall.bin
c:windowsSysWow64frapsvid.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-12-21 to 2014-01-21 )))))))))))))))))))))))))))))))
.
.
2014-01-21 16:40 . 2014-01-21 16:40 -------- d-----w- c:usersDefaultAppDataLocaltemp
2014-01-14 16:43 . 2013-12-04 03:28 10315576 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{78C5BD8B-3C1C-4C0B-B452-AE09D0D30581}mpengine.dll
2014-01-13 23:26 . 2014-01-13 23:26 -------- d-----w- c:usersOnur.eclipse
2014-01-11 21:58 . 2014-01-11 21:58 -------- d-----w- c:program filesCore Temp
2014-01-11 21:57 . 2014-01-11 21:57 -------- d-----w- c:programdataAPN
2014-01-11 21:56 . 2014-01-11 21:56 -------- d-----w- c:windowssystem32wbemFramework
2014-01-11 21:44 . 2013-09-04 12:12 343040 ----a-w- c:windowssystem32driversusbhub.sys
2014-01-11 21:44 . 2013-09-04 12:11 325120 ----a-w- c:windowssystem32driversusbport.sys
2014-01-11 21:44 . 2013-09-04 12:11 99840 ----a-w- c:windowssystem32driversusbccgp.sys
2014-01-11 21:44 . 2013-09-04 12:11 52736 ----a-w- c:windowssystem32driversusbehci.sys
2014-01-11 21:44 . 2013-09-04 12:11 30720 ----a-w- c:windowssystem32driversusbuhci.sys
2014-01-11 21:44 . 2013-09-04 12:11 25600 ----a-w- c:windowssystem32driversusbohci.sys
2014-01-11 21:44 . 2013-09-04 12:11 7808 ----a-w- c:windowssystem32driversusbd.sys
2014-01-04 22:06 . 2014-01-04 22:06 -------- d-----w- c:usersOnurAppDataLocalSkinSoft
2014-01-02 23:59 . 2014-01-03 13:51 -------- d-----w- c:usersOnurAppDataLocalMicrosoft Games
2014-01-02 23:58 . 2014-01-02 23:58 -------- d-----w- c:program filesMicrosoft Games
2014-01-01 13:43 . 2014-01-01 13:43 -------- d-----w- c:usersOnurAppDataLocalDiagnostics
2013-12-26 17:53 . 2014-01-19 22:09 -------- d-----w- c:usersOnurAppDataLocalDayZ
2013-12-22 20:50 . 2013-12-22 20:50 -------- d-----w- c:program files (x86)valve
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-04 21:15 . 2013-11-16 14:57 214392 ----a-w- c:windowsSysWow64PnkBstrB.exe
2013-12-18 17:46 . 2013-12-18 17:46 178800 ----a-w- c:windowsSysWow64CmdLineExt_x64.dll
2013-12-15 18:37 . 2013-11-16 14:57 214392 ----a-w- c:windowsSysWow64PnkBstrB.ex0
2013-12-14 12:12 . 2013-11-16 15:00 90708896 ----a-w- c:windowssystem32MRT.exe
2013-12-11 17:56 . 2013-11-21 11:01 71048 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl
2013-12-11 17:56 . 2013-11-21 11:01 692616 ----a-w- c:windowsSysWow64FlashPlayerApp.exe
2013-11-26 11:54 . 2013-12-12 14:39 23183360 ----a-w- c:windowssystem32mshtml.dll
2013-11-26 10:19 . 2013-12-12 14:39 2724864 ----a-w- c:windowssystem32mshtml.tlb
2013-11-26 10:18 . 2013-12-12 14:39 4096 ----a-w- c:windowssystem32ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 14:39 66048 ----a-w- c:windowssystem32iesetup.dll
2013-11-26 09:46 . 2013-12-12 14:39 48640 ----a-w- c:windowssystem32ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 14:39 2764288 ----a-w- c:windowssystem32iertutil.dll
2013-11-26 09:29 . 2013-12-12 14:39 53760 ----a-w- c:windowssystem32jsproxy.dll
2013-11-26 09:27 . 2013-12-12 14:39 33792 ----a-w- c:windowssystem32iernonce.dll
2013-11-26 09:23 . 2013-12-12 14:39 2724864 ----a-w- c:windowsSysWow64mshtml.tlb
2013-11-26 09:21 . 2013-12-12 14:39 574976 ----a-w- c:windowssystem32ieui.dll
2013-11-26 09:18 . 2013-12-12 14:39 139264 ----a-w- c:windowssystem32ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 14:39 111616 ----a-w- c:windowssystem32ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 14:39 708608 ----a-w- c:windowssystem32jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 14:39 218624 ----a-w- c:windowssystem32ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 14:39 5769216 ----a-w- c:windowssystem32jscript9.dll
2013-11-26 08:28 . 2013-12-12 14:39 553472 ----a-w- c:windowsSysWow64jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 14:39 4243968 ----a-w- c:windowsSysWow64jscript9.dll
2013-11-26 08:02 . 2013-12-12 14:39 1995264 ----a-w- c:windowssystem32inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 14:39 12996608 ----a-w- c:windowssystem32ieframe.dll
2013-11-26 07:32 . 2013-12-12 14:39 1928192 ----a-w- c:windowsSysWow64inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 14:39 2334208 ----a-w- c:windowssystem32wininet.dll
2013-11-26 06:40 . 2013-12-12 14:39 1395200 ----a-w- c:windowssystem32urlmon.dll
2013-11-26 06:34 . 2013-12-12 14:39 817664 ----a-w- c:windowssystem32ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 14:39 1820160 ----a-w- c:windowsSysWow64wininet.dll
2013-11-24 20:12 . 2010-11-21 03:24 14848 ----a-w- c:windowssystem32slwga.dll
2013-11-24 20:12 . 2010-11-21 03:24 1008640 ----a-w- c:windowssystem32user32.dll
2013-11-24 20:12 . 2010-11-21 03:24 419840 ----a-w- c:windowssystem32systemcpl.dll
2013-11-24 20:12 . 2010-11-21 03:23 13824 ----a-w- c:windowsSysWow64slwga.dll
2013-11-24 20:12 . 2010-11-21 03:24 833024 ----a-w- c:windowsSysWow64user32.dll
2013-11-19 01:33 . 2010-11-21 03:27 267936 ------w- c:windowssystem32MpSigStub.exe
2013-11-16 15:09 . 2013-11-16 15:09 96168 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll
2013-11-16 14:57 . 2013-11-16 14:57 76888 ----a-w- c:windowsSysWow64PnkBstrA.exe
2013-11-16 14:33 . 2013-11-16 14:33 940032 ----a-w- c:windowssystem32MsSpellCheckingFacility.exe
2013-11-16 14:33 . 2013-11-16 14:33 194048 ----a-w- c:windowsSysWow64elshyph.dll
2013-11-16 14:33 . 2013-11-16 14:33 71680 ----a-w- c:windowsSysWow64RegisterIEPKEYs.exe
2013-11-16 14:33 . 2013-11-16 14:33 645120 ----a-w- c:windowsSysWow64jsIntl.dll
2013-11-16 14:33 . 2013-11-16 14:33 62464 ----a-w- c:windowsSysWow64tdc.ocx
2013-11-16 14:33 . 2013-11-16 14:33 61952 ----a-w- c:windowsSysWow64iesetup.dll
2013-11-16 14:33 . 2013-11-16 14:33 34816 ----a-w- c:windowsSysWow64JavaScriptCollectionAgent.dll
2013-11-16 14:33 . 2013-11-16 14:33 337408 ----a-w- c:windowsSysWow64html.iec
2013-11-16 14:33 . 2013-11-16 14:33 24576 ----a-w- c:windowsSysWow64licmgr10.dll
2013-11-16 14:33 . 2013-11-16 14:33 235008 ----a-w- c:windowssystem32elshyph.dll
2013-11-16 14:33 . 2013-11-16 14:33 182272 ----a-w- c:windowsSysWow64msls31.dll
2013-11-16 14:33 . 2013-11-16 14:33 1051136 ----a-w- c:windowsSysWow64mshtmlmedia.dll
2013-11-16 14:33 . 2013-11-16 14:33 942592 ----a-w- c:windowssystem32jsIntl.dll
2013-11-16 14:33 . 2013-11-16 14:33 90112 ----a-w- c:windowssystem32SetIEInstalledDate.exe
2013-11-16 14:33 . 2013-11-16 14:33 86016 ----a-w- c:windowsSysWow64iesysprep.dll
2013-11-16 14:33 . 2013-11-16 14:33 86016 ----a-w- c:windowssystem32RegisterIEPKEYs.exe
2013-11-16 14:33 . 2013-11-16 14:33 84992 ----a-w- c:windowssystem32mshtmled.dll
2013-11-16 14:33 . 2013-11-16 14:33 83968 ----a-w- c:windowssystem32MshtmlDac.dll
2013-11-16 14:33 . 2013-11-16 14:33 81408 ----a-w- c:windowssystem32icardie.dll
2013-11-16 14:33 . 2013-11-16 14:33 774144 ----a-w- c:windowssystem32jscript.dll
2013-11-16 14:33 . 2013-11-16 14:33 77312 ----a-w- c:windowssystem32tdc.ocx
2013-11-16 14:33 . 2013-11-16 14:33 74240 ----a-w- c:windowsSysWow64SetIEInstalledDate.exe
2013-11-16 14:33 . 2013-11-16 14:33 626176 ----a-w- c:windowssystem32msfeeds.dll
2013-11-16 14:33 . 2013-11-16 14:33 62464 ----a-w- c:windowssystem32pngfilt.dll
2013-11-16 14:33 . 2013-11-16 14:33 61952 ----a-w- c:windowsSysWow64MshtmlDac.dll
2013-11-16 14:33 . 2013-11-16 14:33 616104 ----a-w- c:windowssystem32ieapfltr.dat
2013-11-16 14:33 . 2013-11-16 14:33 548352 ----a-w- c:windowssystem32vbscript.dll
2013-11-16 14:33 . 2013-11-16 14:33 52224 ----a-w- c:windowssystem32msfeedsbs.dll
2013-11-16 14:33 . 2013-11-16 14:33 51200 ----a-w- c:windowsSysWow64ieetwproxystub.dll
2013-11-16 14:33 . 2013-11-16 14:33 48640 ----a-w- c:windowsSysWow64mshtmler.dll
2013-11-16 14:33 . 2013-11-16 14:33 48640 ----a-w- c:windowssystem32mshtmler.dll
2013-11-16 14:33 . 2013-11-16 14:33 48128 ----a-w- c:windowssystem32imgutil.dll
2013-11-16 14:33 . 2013-11-16 14:33 454656 ----a-w- c:windowsSysWow64vbscript.dll
2013-11-16 14:33 . 2013-11-16 14:33 453120 ----a-w- c:windowssystem32dxtmsft.dll
2013-11-16 14:33 . 2013-11-16 14:33 413696 ----a-w- c:windowssystem32html.iec
2013-11-16 14:33 . 2013-11-16 14:33 40448 ----a-w- c:windowssystem32JavaScriptCollectionAgent.dll
2013-11-16 14:33 . 2013-11-16 14:33 36352 ----a-w- c:windowsSysWow64imgutil.dll
2013-11-16 14:33 . 2013-11-16 14:33 30208 ----a-w- c:windowssystem32licmgr10.dll
2013-11-16 14:33 . 2013-11-16 14:33 296960 ----a-w- c:windowssystem32dxtrans.dll
2013-11-16 14:33 . 2013-11-16 14:33 263376 ----a-w- c:windowssystem32iedkcs32.dll
2013-11-16 14:33 . 2013-11-16 14:33 247808 ----a-w- c:windowssystem32msls31.dll
2013-11-16 14:33 . 2013-11-16 14:33 243200 ----a-w- c:windowssystem32webcheck.dll
2013-11-16 14:33 . 2013-11-16 14:33 235520 ----a-w- c:windowssystem32url.dll
2013-11-16 14:33 . 2013-11-16 14:33 195584 ----a-w- c:windowssystem32msrating.dll
2013-11-16 14:33 . 2013-11-16 14:33 167424 ----a-w- c:windowssystem32iexpress.exe
2013-11-16 14:33 . 2013-11-16 14:33 151552 ----a-w- c:windowsSysWow64iexpress.exe
2013-11-16 14:33 . 2013-11-16 14:33 147968 ----a-w- c:windowssystem32occache.dll
2013-11-16 14:33 . 2013-11-16 14:33 143872 ----a-w- c:windowssystem32wextract.exe
2013-11-16 14:33 . 2013-11-16 14:33 139264 ----a-w- c:windowsSysWow64wextract.exe
2013-11-16 14:33 . 2013-11-16 14:33 13824 ----a-w- c:windowssystem32mshta.exe
2013-11-16 14:33 . 2013-11-16 14:33 135680 ----a-w- c:windowssystem32iepeers.dll
2013-11-16 14:33 . 2013-11-16 14:33 13312 ----a-w- c:windowsSysWow64mshta.exe
2013-11-16 14:33 . 2013-11-16 14:33 13312 ----a-w- c:windowssystem32msfeedssync.exe
2013-11-16 14:33 . 2013-11-16 14:33 131072 ----a-w- c:windowssystem32IEAdvpack.dll
2013-11-16 14:33 . 2013-11-16 14:33 1228800 ----a-w- c:windowssystem32mshtmlmedia.dll
2013-11-16 14:33 . 2013-11-16 14:33 112128 ----a-w- c:windowsSysWow64ieUnatt.exe
2013-11-16 14:33 . 2013-11-16 14:33 111616 ----a-w- c:windowsSysWow64IEAdvpack.dll
2013-11-16 14:33 . 2013-11-16 14:33 105984 ----a-w- c:windowssystem32iesysprep.dll
2013-11-16 14:33 . 2013-11-16 14:33 101376 ----a-w- c:windowssystem32inseng.dll
2013-11-16 14:33 . 2013-11-16 14:33 878080 ----a-w- c:windowssystem32advapi32.dll
2013-11-16 14:33 . 2013-11-16 14:33 859648 ----a-w- c:windowssystem32tdh.dll
2013-11-16 14:33 . 2013-11-16 14:33 7680 ----a-w- c:windowsSysWow64instnm.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:windowswinsxsamd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973user32.dll
[-] 2013-11-24 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:windowssystem32user32.dll
.
[-] 2013-11-24 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:windowsSysWOW64user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:windowswinsxswow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6euser32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
"Spotify Web Helper"="c:usersOnurAppDataRoamingSpotifyDataSpotifyWebHelper.exe" [2014-01-18 1171968]
"GoogleChromeAutoLaunch_EB200027A5917E6C819C43F944E14D9D"="c:program files (x86)GoogleChromeApplicationchrome.exe" [2014-01-11 866584]
.
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun]
"Razer Synapse"="c:program files (x86)RazerSynapseRzSynapse.exe" [2013-11-17 442712]
"StartCCC"="c:program files (x86)ATI TechnologiesATI.ACECore-Staticamd64CLIStart.exe" [2013-10-08 766208]
"AdobeCS5ServiceManager"="c:program files (x86)Common FilesAdobeCS5ServiceManagerCS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:program files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe" [2010-02-19 517096]
"amd_dc_opt"="c:program files (x86)AMDDual-Core Optimizeramd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32]
"aux1"=wdmaud.drv
.
R2 AODDriver4.2.0;AODDriver4.2.0;c:program filesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys;c:program filesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys [x]
R2 ASGT;ASGT;c:windowsSysWOW64ASGT.exe;c:windowsSysWOW64ASGT.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:program files (x86)SkypeUpdaterUpdater.exe;c:program files (x86)SkypeUpdaterUpdater.exe [x]
R3 ALSysIO;ALSysIO;c:usersOnurAppDataLocalTempALSysIO64.sys;c:usersOnurAppDataLocalTempALSysIO64.sys [x]
R3 dmvsc;dmvsc;c:windowssystem32driversdmvsc.sys;c:windowsSYSNATIVEdriversdmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:windowssystem32IEEtwCollector.exe;c:windowsSYSNATIVEIEEtwCollector.exe [x]
R3 rzp1endpt;Razer platform 1 end point;c:windowssystem32DRIVERSrzp1endpt.sys;c:windowsSYSNATIVEDRIVERSrzp1endpt.sys [x]
R3 rzvmouse;Razer Virtual Mouse;c:windowssystem32DRIVERSrzvmouse.sys;c:windowsSYSNATIVEDRIVERSrzvmouse.sys [x]
R3 SwitchBoard;SwitchBoard;c:program files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe;c:program files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys;c:windowsSYSNATIVEdriverstsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:windowssystem32driversTsUsbGD.sys;c:windowsSYSNATIVEdriversTsUsbGD.sys [x]
R3 WatAdminSvc;Windows Etkinleştirme Teknolojileri Hizmeti;c:windowssystem32WatWatAdminSvc.exe;c:windowsSYSNATIVEWatWatAdminSvc.exe [x]
S0 amd_sata;amd_sata;c:windowssystem32DRIVERSamd_sata.sys;c:windowsSYSNATIVEDRIVERSamd_sata.sys [x]
S0 amd_xata;amd_xata;c:windowssystem32DRIVERSamd_xata.sys;c:windowsSYSNATIVEDRIVERSamd_xata.sys [x]
S0 asahci64;asahci64;c:windowssystem32DRIVERSasahci64.sys;c:windowsSYSNATIVEDRIVERSasahci64.sys [x]
S0 PxHlpa64;PxHlpa64;c:windowsSystem32DriversPxHlpa64.sys;c:windowsSYSNATIVEDriversPxHlpa64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:windowssystem32atiesrxx.exe;c:windowsSYSNATIVEatiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:program filesATI TechnologiesATI.ACEFuelFuel.Service.exe;c:program filesATI TechnologiesATI.ACEFuelFuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:program filesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys;c:program filesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys [x]
S2 DTSAudioService;DTSAudioService;c:program filesRealtekAudioHDADTSAudioService64.exe;c:program filesRealtekAudioHDADTSAudioService64.exe [x]
S2 RzKLService;RzKLService;c:program files (x86)RazerRazer Game BoosterRzKLService.exe;c:program files (x86)RazerRazer Game BoosterRzKLService.exe [x]
S2 SkyFontsService;SkyFontsService;c:program filesMonotypeSkyFontsMonotype.SkyFonts.Service.exe;c:program filesMonotypeSkyFontsMonotype.SkyFonts.Service.exe [x]
S2 TeamViewer8;TeamViewer 8;a:programFilesTeamViewer_Service.exe;a:programFilesTeamViewer_Service.exe [x]
S2 TeamViewer9;TeamViewer 9;a:programFilesTeamviewerTeamViewer_Service.exe;a:programFilesTeamviewerTeamViewer_Service.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:windowssystem32DRIVERSasmthub3.sys;c:windowsSYSNATIVEDRIVERSasmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:windowssystem32DRIVERSasmtxhci.sys;c:windowsSYSNATIVEDRIVERSasmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:windowssystem32driversAtihdW76.sys;c:windowsSYSNATIVEdriversAtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys;c:windowsSYSNATIVEDRIVERSRt64win7.sys [x]
S3 rzendpt;rzendpt;c:windowssystem32DRIVERSrzendpt.sys;c:windowsSYSNATIVEDRIVERSrzendpt.sys [x]
S3 rzudd;Razer Mouse Driver;c:windowssystem32DRIVERSrzudd.sys;c:windowsSYSNATIVEDRIVERSrzudd.sys [x]
S4 IOMap;IOMap;c:windowssystem32driversIOMap64.sys;c:windowsSYSNATIVEdriversIOMap64.sys [x]
.
.
[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftactive setupinstalled components{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-16 21:49 1211672 ----a-w- c:program files (x86)GoogleChromeApplication32.0.1700.76Installerchrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-20 c:windowsTasksAdobe Flash Player Updater.job
- c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2013-11-21 17:56]
.
2014-01-21 c:windowsTasksGoogleUpdateTaskMachineCore.job
- c:program files (x86)GoogleUpdateGoogleUpdate.exe [2013-11-16 14:26]
.
2014-01-20 c:windowsTasksGoogleUpdateTaskMachineUA.job
- c:program files (x86)GoogleUpdateGoogleUpdate.exe [2013-11-16 14:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"RTHDVCPL"="c:program filesRealtekAudioHDARtkNGUI64.exe" [2012-08-07 6827664]
"AdobeAAMUpdater-1.0"="c:program files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Supplementary Scan -------
.
uLocal Page = c:windowssystem32blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:windowsSysWOW64blank.htm
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces{078BC723-9219-4D44-8B03-1405B1B44FC8}: NameServer = 8.8.4.4,8.8.8.8
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run- - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERSS-1-5-21-879169897-1793250882-2708061204-1000SoftwareMonotype Inc.S*k*y*F*o*n*t*s*"!AutoUpdate]
"CheckForUpdate"="True"
"LastCheckTime"="26.11.2013 22:54"
"SkipThisVersion"=""
"DidRunOnce"="False"
"LastProfileUpdate"="01.01.0001 00:00"
.
[HKEY_USERSS-1-5-21-879169897-1793250882-2708061204-1000SoftwareSecuROMLicense information*]
"datasecu"=hex:28,cd,f7,9c,52,26,25,f2,cd,f0,84,5b,99,46,2f,36,da,8b,ef,ed,a0,
e6,aa,85,4e,43,a4,68,a0,2c,1e,8a,04,35,69,7e,b0,a3,67,ba,52,b4,fb,c0,ea,bf,
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32]
@="c:Windowssystem32MacromedFlashFlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32]
@="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32]
@="c:WindowsSysWOW64MacromedFlashFlash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]
@="c:WindowsSysWOW64MacromedFlashFlash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version]
@="1.0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32]
@="c:WindowsSysWOW64MacromedFlashFlash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]
@="c:WindowsSysWOW64MacromedFlashFlash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version]
@="1.0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-21 18:42:13
ComboFix-quarantined-files.txt 2014-01-21 16:42
.
Pre-Run: 48.779.776.000 bayt boş
Post-Run: 49.599.057.920 bayt boş
.
- - End Of File - - 01B586542759B5F29683BE63D4444F7C
5FB38429D5D77768867C76DCBDB35194

İlk başta 128 GB SSD aldığım için sistem geri yükleme noktasını kapatmıştım yer kaplamasın diye. Sonradan 1 TB disk aldım ama açmayı unutmuşum. Yani anlayacağınız sistem geri yükleme de yapamıyorum.

Konu hakkında yardımlarınızı bekliyorum.

(Windows 7 Pro 64bit kullanıyorum.)

[Editor]

windows 8 kullan

[khazadum]

Önerin için teşekkürler Editor, notlarımın arasına yazdım.

Sorunu çözdüm. Yaptığım tek şey, yeni bir kullanıcı hesabı açtım. Sonra bilgisayara reset atıp eski kullanıcı hesabıma geri döndüm. Açtığım kullanıcı hesabını sildim ve düzeldi. İlginç haggeten.

[stormeagle]

sabun büyüsü bu

[Somon]

bembombom meyvesi gerekiyor buna ama mavi olmaları gerçeğinin dışında

[Editor]

khazadum said:

Önerin için teşekkürler Editor, notlarımın arasına yazdım.

Sorunu çözdüm. Yaptığım tek şey, yeni bir kullanıcı hesabı açtım. Sonra bilgisayara reset atıp eski kullanıcı hesabıma geri döndüm. Açtığım kullanıcı hesabını sildim ve düzeldi. İlginç haggeten.

Benim önerim administrator ile kullanman win7 sorunlu o konularda normal user kullanıcıları hep sorunlu default administrator en sorunsuzu.