Jump to content

Monrealaa

Members
 View Profile  See their activity

  • Posts

    4

  • Joined

  • Last visited

Reputation

0 Neutral
  1. Monrealaa
    Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 0 Cached Online Validation Code: N/A, hr = 0xc004f012 Windows Product Key: *****-*****-Q6MMK-KYK6X-VKM6G Windows Product Key Hash: 289NoAWl2ZoVfuieux/315WkDIc= Windows Product ID: 00426-OEM-8992662-00173 Windows Product ID Type: 2 Windows License Type: OEM SLP Windows OS version: 6.1.7601.2.00010100.1.0.001 ID: {3527C273-A6D7-4412-A4D7-6E3C1AAEC020}(1) Is Admin: Yes TestCab: 0x0 LegitcheckControl ActiveX: N/A, hr = 0x80070002 Signed By: N/A, hr = 0x80070002 Product Name: Windows 7 Ultimate Architecture: 0x00000009 Build lab: 7601.win7sp1_gdr.110622-1506 TTS Error: Validation Diagnostic: Resolution Status: N/A Vista WgaER Data--> ThreatID(s): N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 Windows XP Notifications Data--> Cached Result: N/A, hr = 0x80070002 File Exists: No Version: N/A, hr = 0x80070002 WgaTray.exe Signed By: N/A, hr = 0x80070002 WgaLogon.dll Signed By: N/A, hr = 0x80070002 OGA Notifications Data--> Cached Result: N/A, hr = 0x80070002 Version: N/A, hr = 0x80070002 OGAExec.exe Signed By: N/A, hr = 0x80070002 OGAAddin.dll Signed By: N/A, hr = 0x80070002 OGA Data--> Office Status: 100 Genuine Microsoft Office Enterprise 2007 - 100 Genuine OGA Version: N/A, 0x80070002 Signed By: N/A, hr = 0x80070002 Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-8009_E2AD56EA-766-2efd_E2AD56EA-148-80004005_16E0B333-89-80004005_B4D0AA8B-1029-80004005 Browser Data--> Proxy settings: N/A User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32) Default Browser: C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe Download signed ActiveX controls: Prompt Download unsigned ActiveX controls: Disabled Run ActiveX controls and plug-ins: Allowed Initialize and script ActiveX controls not marked as safe: Disabled Allow scripting of Internet Explorer Webbrowser control: Disabled Active scripting: Allowed Script ActiveX controls marked as safe for scripting: Allowed File Scan Data--> Other data--> Office Details: <GenuineResults><MachineData><UGUID>{3527C273-A6D7-4412-A4D7-6E3C1AAEC020}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-VKM6G</PKey><PID>00426-OEM-8992662-00173</PID><PIDType>2</PIDType><SID>S-1-5-21-2063291869-1648730404-153019403</SID><SYSTEM><Manufacturer>Gigabyte Technology Co., Ltd.</Manufacturer><Model>EP45-DS3R</Model></SYSTEM><BIOS><Manufacturer>Award Software International, Inc.</Manufacturer><Version>F4</Version><SMBIOSVersion major="2" minor="4"/><Date>20080528000000.000000+000</Date></BIOS><HWID>20123A07018400F8</HWID><UserLCID>041F</UserLCID><SystemLCID>041F</SystemLCID><TimeZone>GTB Standart Saati(GMT+02:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>GBT </OEMID><OEMTableID>GBTUACPI</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>64BC76978749586</Val><Hash>GW6PzcEVEDTVKeO5Ym5UUm41dBk=</Hash><Pid>89388-707-0441865-65798</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> Spsys.log Content: 0x80070002 Licensing Data--> Yazılım lisans hizmeti sürümü: 6.1.7601.17514 Ad: Windows® 7, Ultimate edition Açıklama: Windows Operating System - Windows® 7, OEM_SLP channel Etkinleştirme Kimliği: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8 Uygulama Kimliği: 55c92734-d682-4d71-983e-d6ec3f16059f Uzatılmış PID: 00426-00178-926-600173-02-1055-7601.0000-0542013 Yükleme Kimliği: 022065218625713716538870677375324325724216557541416636 İşlemci Sertifikası URL'si: http://go.microsoft.com/fwlink/?LinkID=88338 Makine Sertifikası URL'si: http://go.microsoft.com/fwlink/?LinkID=88339 Kullanım Lisansı URL'si: http://go.microsoft.com/fwlink/?LinkID=88341 Ürün Anahtarı Sertifikası URL'si: http://go.microsoft.com/fwlink/?LinkID=88340 Kısmi Ürün Anahtarı: VKM6G Lisans Durumu: Lisanslı Kalan Windows yeniden etkinleştirme sayısı: 3 Güvenilen saat: 15.01.2015 13:50:12 Windows Activation Technologies--> HrOffline: 0x00000000 HrOnline: N/A HealthStatus: 0x0000000000000000 Event Time Stamp: N/A ActiveX: Registered, Version: 7.1.7600.16395 Admin Service: Not Registered - 0x80070005 HealthStatus Bitmask Output: HWID Data--> HWID Hash Current: OAAAAAIABgABAAEAAAABAAAAAgABAAEA6GGcJTI3EFsMNUa85L+ENOJfmLJaXTRuKs9AuxYmRso= OEM Activation 1.0 Data--> N/A OEM Activation 2.0 Data--> BIOS valid for OA 2.0: yes Windows marker version: 0x20001 OEMID and OEMTableID Consistent: yes BIOS Information: ACPI Table Name OEMID Value OEMTableID Value APIC GBT GBTUACPI FACP GBT GBTUACPI HPET GBT GBTUACPI MCFG GBT GBTUACPI SSDT PmRef CpuPm SLIC GBT GBTUACPI
  2. Monrealaa
    FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 Ran by Sinan (administrator) on SINAN-EV on 15-01-2015 10:44:49 Running from C:\Users\Sinan\Desktop Loaded Profiles: Sinan (Available profiles: Sinan) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Türkçe (Türkiye) Internet Explorer Version 8 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Polar Electro Oy) C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE (SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation) HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [665424 2008-12-04] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.) HKU\S-1-5-21-2063291869-1648730404-153019403-1001\...\Run: [EPSON SX110 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-27] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-2063291869-1648730404-153019403-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.) HKU\S-1-5-21-2063291869-1648730404-153019403-1001\...\Run: [Polar FlowSync] => C:\Program Files (x86)\Polar\Polar FlowSync\FlowSync.exe [1125376 2014-11-11] (Polar Electro Oy) HKU\S-1-5-21-2063291869-1648730404-153019403-1001\...\MountPoints2: {f41caccd-83b4-11df-9f64-001fd0221968} - G:\autoplay.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2063291869-1648730404-153019403-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://tr.msn.com/?ocid=iehp HKU\S-1-5-21-2063291869-1648730404-153019403-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.tr/ StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2063291869-1648730404-153019403-1001 -> DefaultScope {95ECE56B-7C23-4DE0-911E-03AC5A524E68} URL = http://www.google.com/search?hl=en&q={searchTerms} SearchScopes: HKU\S-1-5-21-2063291869-1648730404-153019403-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2063291869-1648730404-153019403-1001 -> {95ECE56B-7C23-4DE0-911E-03AC5A524E68} URL = http://www.google.com/search?hl=en&q={searchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default FF DefaultSearchEngine: Yandex FF SelectedSearchEngine: Yandex FF Homepage: hxxp://www.yandex.com.tr/?win=134&clid=1979776 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2063291869-1648730404-153019403-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\gorsel.yandex.com.tr-155042.xml FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\haber.yandex.com.tr-155042.xml FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\video.yandex.com.tr-155042.xml FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\yandex.com.tr-155042.xml FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://search.conduit.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MAA629C64-5FF2-42F3-A73A-A34A2B4E1E22&SearchSource=55&CUI=&UM=5&UP=SPFC16A586-2FCC-4E06-8F50-C9F846559866&SSPV=", "hxxp://websearch.a-searchpage.info/?pid=658&r=2013/05/29&hid=4156316971&lg=EN&cc=AT&unqvl=18", "hxxp://www.google.com/" CHR Profile: C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Hide Fedora) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\acjgabfifnnmmlckmnijdbijgbfpedde [2015-01-04] CHR Extension: (Football Champions) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eehpibjfkijipalplliffcgkhhmecjgi [2014-07-04] CHR Extension: (AdBlock) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-04] CHR Extension: (Dropbox) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-07-04] CHR Extension: (Reddit Enhancement Suite) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-07-04] CHR Extension: (Little Alchemy) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2014-07-04] CHR Extension: (Google Mail Checker) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-07-04] CHR Extension: (Google Cüzdan) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-04] CHR Extension: (Gmail) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-04] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2011-12-25] () [File not signed] S1 SSHDRV65; C:\Windows\SysWOW64\drivers\SSHDRV65.sys [120320 2010-09-23] () [File not signed] S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2013-12-02] (Spotflux, Inc.) S2 eamonm; system32\DRIVERS\eamonm.sys [X] S1 HssDRV6; system32\DRIVERS\hssdrv6.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-15 10:44 - 2015-01-15 10:45 - 00012950 _____ () C:\Users\Sinan\Desktop\FRST.txt 2015-01-15 10:44 - 2015-01-15 10:44 - 00000000 ____D () C:\FRST 2015-01-15 10:44 - 2000-01-01 10:53 - 02125312 _____ (Farbar) C:\Users\Sinan\Desktop\FRST64.exe 2015-01-15 01:22 - 2015-01-15 01:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-01-15 01:22 - 2015-01-15 01:22 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-01-15 01:08 - 2015-01-15 00:56 - 00024064 _____ () C:\Windows\zoek-delete.exe 2015-01-15 00:57 - 2015-01-15 01:10 - 00009319 _____ () C:\zoek-results.log 2015-01-15 00:56 - 2015-01-15 01:05 - 00000000 ____D () C:\zoek_backup 2015-01-15 00:18 - 2014-11-25 13:28 - 00000000 ____D () C:\Users\Sinan\Desktop\Install_Win7_7090_11252014 2015-01-15 00:02 - 2015-01-15 00:02 - 00000000 ____D () C:\SWTOOLS 2015-01-14 23:26 - 2015-01-14 23:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf 2015-01-14 22:59 - 2015-01-15 00:27 - 00000000 ____D () C:\AdwCleaner 2015-01-14 22:59 - 2015-01-14 22:59 - 02191360 _____ () C:\Users\Sinan\Downloads\AdwCleaner.exe 2015-01-14 22:58 - 2015-01-14 22:58 - 00852504 _____ () C:\Users\Sinan\Downloads\SecurityCheck.exe 2015-01-14 21:03 - 2015-01-14 21:03 - 00000000 ____D () C:\SUPERDelete 2015-01-14 21:02 - 2015-01-14 21:02 - 21001040 _____ (SUPERAntiSpyware) C:\Users\Sinan\Downloads\SUPERAntiSpyware.exe 2015-01-14 20:34 - 2015-01-14 20:34 - 00001155 _____ () C:\Users\Public\Desktop\Polar FlowSync.lnk 2015-01-14 20:34 - 2015-01-14 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polar 2015-01-14 20:34 - 2015-01-14 20:34 - 00000000 ____D () C:\Program Files (x86)\Polar 2015-01-14 20:33 - 2015-01-14 20:33 - 21743168 _____ (Polar Electro Oy ) C:\Users\Sinan\Downloads\FlowSync_2.3.8.exe 2014-12-28 16:11 - 2014-12-28 16:11 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-15 10:41 - 2014-07-04 20:24 - 00001020 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-15 10:35 - 2011-08-26 19:10 - 00263893 _____ () C:\Windows\setupact.log 2015-01-15 10:31 - 2011-07-13 13:54 - 00000000 ____D () C:\Users\Sinan\AppData\Roaming\Skype 2015-01-15 10:30 - 2010-07-28 20:04 - 00000000 ____D () C:\ProgramData\TEMP 2015-01-15 10:28 - 2009-07-14 14:45 - 00659594 _____ () C:\Windows\system32\perfh01F.dat 2015-01-15 10:28 - 2009-07-14 14:45 - 00140962 _____ () C:\Windows\system32\perfc01F.dat 2015-01-15 10:28 - 2009-07-14 07:13 - 01578798 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-15 10:25 - 2010-06-15 19:14 - 01984134 _____ () C:\Windows\WindowsUpdate.log 2015-01-15 10:22 - 2014-07-04 20:24 - 00001016 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-15 10:22 - 2010-06-15 20:05 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-15 10:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-15 02:17 - 2012-08-17 20:15 - 00000814 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-15 02:13 - 2009-07-14 06:45 - 00030112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-15 02:13 - 2009-07-14 06:45 - 00030112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-15 02:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-01-15 02:02 - 2011-08-27 14:39 - 00178216 _____ () C:\Windows\PFRO.log 2015-01-15 01:29 - 2011-08-02 23:57 - 00000000 ____D () C:\Users\Sinan\AppData\Roaming\LolClient 2015-01-15 01:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat 2015-01-15 01:14 - 2010-06-15 20:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-01-15 01:14 - 2010-06-15 20:06 - 00000000 ____D () C:\Program Files (x86)\Realtek 2015-01-15 00:06 - 2009-07-14 07:08 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-01-14 23:31 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-14 22:17 - 2012-08-17 20:15 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-14 22:17 - 2012-08-17 20:15 - 00003752 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-01-14 22:17 - 2012-01-14 16:41 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-16 12:16 ==================== End Of Log ============================ Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015 Ran by Sinan at 2015-01-15 10:45:18 Running from C:\Users\Sinan\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Turkish (HKLM-x32\...\{AC76BA86-7AD7-1055-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 - Michael Tippach) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CoolGram (HKLM-x32\...\{C73D8BC8-78AB-4e41-BA19-6CC2C7EED37A}) (Version: - ) eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH) Epson Easy Photo Print 2 (HKLM-x32\...\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}) (Version: 2.1.0.0 - SEIKO EPSON CORPORATION) Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.20.00 - SEIKO EPSON Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - ) Epson Stylus SX110_TX110 Manual (HKLM-x32\...\Epson Stylus SX110_TX110 User’s Guide) (Version: - ) EPSON SX110 Series Printer Uninstall (HKLM\...\EPSON SX110 Series) (Version: - SEIKO EPSON Corporation) FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Java 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.300 - Sun Microsystems, Inc.) JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) K-Lite Codec Pack 6.0.4 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - ) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Microsoft .NET Framework 4 Genişletilmiş TRK Dil Paketi (HKLM\...\Microsoft .NET Framework 4 Extended TRK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 İstemci Profili TRK Dil Paketi (HKLM\...\Microsoft .NET Framework 4 Client Profile TRK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation) Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden NVIDIA 3D Vision Denetleyici Sürücüsü 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA 3D Vision Sürücüsü 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation) NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation) NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation) NVIDIA Grafik Sürücüsü 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) NVIDIA PhysX Sistem Yazılımı 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia) Polar FlowSync version 2.3.8 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 2.3.8 - Polar Electro Oy) PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - CyberLink Corporation) QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5618 - Realtek Semiconductor Corp.) RTPatch Update (HKLM-x32\...\RTPatch_is1) (Version: - PocketSoft) SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.) The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - ) Update for 2007 Microsoft Office System (KB2284654) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}) (Version: - Microsoft) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows Live Karşıya Yükleme Aracı (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Windows Sürücü Paketi - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia) WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - ) Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2013.2 - URSoft, Inc.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2011-07-13 13:15 - 00000923 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 genuine.microsoft.com 127.0.0.1 mpa.one.microsoft.com 127.0.0.1 sls.microsoft.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {1DCB03D2-BB2E-4468-B028-017CA608A09B} - System32\Tasks\{0CF3B207-24CE-4EC6-B38C-EC86B24C0A14} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27] (Skype Technologies S.A.) Task: {269717CB-21FF-4348-902A-668EC9CA7D7C} - System32\Tasks\{A732F780-BAAE-4079-9C22-0F770CBDF9ED} => Firefox.exe http://ui.skype.com/ui/0/5.1.0.112/en/abandoninstall?source=lightinstaller&page=tsDownload&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered Task: {2C88A821-9E04-4E5A-816F-4061C3914F40} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-04] (Google Inc.) Task: {464C90B9-F6DD-4F98-932F-0898BAFCC938} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-04] (Google Inc.) Task: {A651B795-B4AF-4337-8BE3-2E2D4BC2A46A} - System32\Tasks\{17FFF01E-39D5-4E1C-B979-8D48B6B86249} => pcalua.exe -a "C:\Users\Sinan\Downloads\ASIO4ALL_2_11_English (1).exe" -d C:\Users\Sinan\Downloads Task: {B62330AC-2E21-4E3C-BF00-DFA6A290C00D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated) Task: {B844EB64-92EE-40D1-9B3E-0386AF6DF815} - System32\Tasks\{DEE5CA21-2245-4608-84D6-7BCBF631DFD7} => pcalua.exe -a E:\Audio\Realtek\Setup.exe -d E:\Audio\Realtek Task: {F0D230D2-8849-449E-BA17-1F0BFA3631D6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {F9A471AC-2546-427F-9B6C-B3DE8E1F3D80} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-12-27 01:27 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2010-06-15 23:07 - 2010-03-15 10:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll 2014-07-03 12:20 - 2014-07-03 12:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-07-03 12:19 - 2014-07-03 12:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-01-14 20:34 - 2014-11-11 10:19 - 01703424 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\polar20.dll 2015-01-14 20:34 - 2013-08-25 20:52 - 00728576 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\libGLESv2.dll 2015-01-14 20:34 - 2013-08-25 20:52 - 00048128 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\libEGL.dll 2015-01-14 20:34 - 2013-08-25 20:59 - 00833024 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\platforms\qwindows.dll 2011-08-04 17:05 - 2008-12-03 13:05 - 00135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll 2011-08-04 17:05 - 2008-11-26 09:56 - 00057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\Microsoft:AU3PuhSNbOjUAgBcayNIkofp3 AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 AlternateDataStreams: C:\ProgramData\TEMP:B3D74A13 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: ServiceLayer => 3 MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: CoolStartUp => C:\Program Files (x86)\OSTEC\CoolGram\CoolGramS.exe MSCONFIG\startupreg: GoogleChromeAutoLaunch_9C7CDF81D0FD4F05CDF318C65B0BDEE2 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: RemoteControl => "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe" MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun ========================= Accounts: ========================== Administrator (S-1-5-21-2063291869-1648730404-153019403-500 - Administrator - Disabled) Guest (S-1-5-21-2063291869-1648730404-153019403-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2063291869-1648730404-153019403-1002 - Limited - Enabled) Sinan (S-1-5-21-2063291869-1648730404-153019403-1001 - Administrator - Enabled) => C:\Users\Sinan ==================== Faulty Device Manager Devices ============= Name: Hotspot Shield Routing Driver 6 Description: Hotspot Shield Routing Driver 6 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: HssDRV6 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: WD SES Device USB Device Description: WD SES Device USB Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/15/2015 02:22:12 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (01/15/2015 02:13:49 AM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoId={C9C988EF-9BEC-4C38-A90F-3BF6D7F83798}: Sinan-Ev\Sinan kullanıcısı Geniş Bant Bağlantısı adlı bağlantıyı çevirdi ve başarısız oldu. Başarısızlık için döndürülen neden kodu: 651. Error: (01/15/2015 02:13:31 AM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoId={58C8FA84-D110-40B4-9FB5-D287623DAA09}: Sinan-Ev\Sinan kullanıcısı Geniş Bant Bağlantısı adlı bağlantıyı çevirdi ve başarısız oldu. Başarısızlık için döndürülen neden kodu: 651. Error: (01/15/2015 02:09:56 AM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoId={D61DDCEF-97F0-46BC-901B-AEF31BBDD3E7}: Sinan-Ev\Sinan kullanıcısı Geniş Bant Bağlantısı adlı bağlantıyı çevirdi ve başarısız oldu. Başarısızlık için döndürülen neden kodu: 651. Error: (01/14/2015 11:43:08 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (01/14/2015 11:42:26 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: "37.0.2062.103,language="*",type="win32",version="37.0.2062.103"1" için etkinleştirme içeriği oluşturulamadı. 37.0.2062.103,language="*",type="win32",version="37.0.2062.103" Bağımlı Derlemesi bulunamadı. Lütfen ayrıntılı tanılama için sxstrace.exe programını kullanın. Error: (01/14/2015 08:34:07 PM) (Source: MsiInstaller) (EventID: 10005) (User: Sinan-Ev) Description: Product: Bonjour -- A later version of Bonjour is already installed on this computer. Error: (01/13/2015 11:37:44 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (01/13/2015 10:20:04 AM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: H:\ yedekleme konumuna yazılırken oluşan bir hata nedeniyle yedekleme başarıyla tamamlanmadı. Hata: Yedekleme konumu bulunamıyor veya geçerli değil. Yedekleme ayarlarınızı gözden geçirin ve yedekleme konumunu denetleyin. (0x81000006). Error: (01/05/2015 00:03:24 AM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: H:\ yedekleme konumuna yazılırken oluşan bir hata nedeniyle yedekleme başarıyla tamamlanmadı. Hata: Yedekleme konumu bulunamıyor veya geçerli değil. Yedekleme ayarlarınızı gözden geçirin ve yedekleme konumunu denetleyin. (0x81000006). System errors: ============= Error: (01/15/2015 10:22:55 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Aşağıdaki önyükleme başlatma veya sistem başlatma sürücüsü (sürücüleri) yüklenemedi: HssDRV6 Error: (01/15/2015 10:22:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: eamonm hizmeti şu hata nedeniyle başlatılamadı: %%2 Error: (01/15/2015 10:22:34 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Bu sistemle uyumlu olmadığından \??\C:\Windows\SysWow64\drivers\SSHDRV65.sys sürücüsünün yüklenmesi engellendi. Sürücünün uyumlu sürümü için lütfen yazılım satıcınıza başvurun. Error: (01/15/2015 02:23:28 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Aşağıdaki önyükleme başlatma veya sistem başlatma sürücüsü (sürücüleri) yüklenemedi: HssDRV6 Error: (01/15/2015 02:23:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: eamonm hizmeti şu hata nedeniyle başlatılamadı: %%2 Error: (01/15/2015 02:23:00 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Bu sistemle uyumlu olmadığından \??\C:\Windows\SysWow64\drivers\SSHDRV65.sys sürücüsünün yüklenmesi engellendi. Sürücünün uyumlu sürümü için lütfen yazılım satıcınıza başvurun. Error: (01/15/2015 02:02:38 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Aşağıdaki önyükleme başlatma veya sistem başlatma sürücüsü (sürücüleri) yüklenemedi: HssDRV6 Error: (01/15/2015 02:02:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: eamonm hizmeti şu hata nedeniyle başlatılamadı: %%2 Error: (01/15/2015 02:02:16 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Bu sistemle uyumlu olmadığından \??\C:\Windows\SysWow64\drivers\SSHDRV65.sys sürücüsünün yüklenmesi engellendi. Sürücünün uyumlu sürümü için lütfen yazılım satıcınıza başvurun. Error: (01/15/2015 01:30:47 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Aşağıdaki önyükleme başlatma veya sistem başlatma sürücüsü (sürücüleri) yüklenemedi: HssDRV6 Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2011-11-03 11:12:13.131 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2011-11-02 20:46:09.629 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2011-11-02 17:44:43.572 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2011-11-02 17:35:01.151 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2011-11-02 17:17:01.072 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2011-11-02 16:48:17.427 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2011-11-01 23:11:59.204 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2011-11-01 19:33:22.179 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2011-11-01 19:20:35.161 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2011-11-01 18:12:38.851 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel® Core2 Duo CPU E8400 @ 3.00GHz Percentage of memory in use: 28% Total physical RAM: 4094.3 MB Available physical RAM: 2939.68 MB Total Pagefile: 8186.8 MB Available Pagefile: 6990.57 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:244.14 GB) (Free:154.88 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:221.61 GB) (Free:220.25 GB) NTFS Drive h: () (Fixed) (Total:297.4 GB) (Free:239.17 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CEE9CEE9) Partition 1: (Active) - (Size=244.1 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=221.6 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 297.4 GB) (Disk ID: 73696D20) No partition Table on disk 1. ==================== End Of Log ============================
  3. Monrealaa
    I hated to reply my own post but I forgot to mention that it's 02:43 am where I live and I'm exhausted. So don't be mad if I can't answer you fast.
  4. Monrealaa
    I'm using Win7 64bit and this happened right after I've used adwcleaner. I've read couple of the topics here, ran bunch of programs and deleted all the malwares. Also I've used the command prompt but still no luck. I'd be grateful for any kind if help.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.