Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

virus I *th*ink *it's *a *trojan, c*an't t*ype *properly com*p


  • Please log in to reply

#1
yasemin78

yasemin78

    New Member

  • Member
  • Pip
  • 1 posts
Hi Please* he*lp
m*y c*om*puter has a virus ?I don't kow the namemaybe it*'s a trojan
?I can?'*t ty*pe properly as you can see *and the asterix button doesn't work or t
the ques*iton mark a*bov*e *o*n t*he k*yeboard* b*ut t*h*e
c*om*p*u*te*r is *a*ddi*ng *a*ste*ri****xes e*v*erywehr*e* a*n*d *stran*g*e
sym*bols wh*en I *t*ype
H*ere is the log.
OTL logfile created on: 10.10.2011 15:20:09 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\SERVET\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000041F | Country: Türkiye | Language: TRK | Date Format: dd.MM.yyyy

3,97 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 46,39% Memory free
7,93 Gb Paging File | 5,91 Gb Available in Paging File | 74,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 224,49 Gb Free Space | 75,34% Space Free | Partition Type: NTFS

Computer Name: YASEMIN | User Name: SERVET | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.10.10 15:20:04 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\SERVET\Desktop\OTL.exe
PRC - [2011.09.28 17:58:16 | 000,181,712 | R--- | M] (iS3, Inc.) -- C:\Program Files (x86)\STOPzilla!\STOPzilla.exe
PRC - [2011.09.28 17:58:10 | 000,067,024 | R--- | M] (iS3, Inc.) -- C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe
PRC - [2011.08.06 17:42:45 | 000,243,360 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.exe
PRC - [2011.08.03 00:40:27 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.04.21 07:53:48 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.21 07:53:33 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.10.16 12:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2005.07.16 00:48:33 | 000,479,232 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe


========== Modules (No Company Name) ==========

MOD - [2011.05.26 13:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009.02.14 06:04:38 | 000,756,040 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009.07.14 04:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 04:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.09.28 17:58:10 | 000,067,024 | R--- | M] (iS3, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe -- (szserver)
SRV - [2011.08.03 00:40:27 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.21 07:53:48 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.10.16 12:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.11 00:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.08.03 00:40:28 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.08.03 00:40:28 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.05.10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.05.06 18:17:54 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.03.11 09:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 09:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.21 07:36:02 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.20 16:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 14:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 14:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.09.23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.09.07 23:08:55 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.05.27 23:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.01.13 17:37:18 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Windows 7 64 Bit için Intel®
DRV:64bit: - [2009.07.14 04:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 04:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 04:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.11 00:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 23:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Windows Vista 64 Bit için Intel®
DRV:64bit: - [2009.06.10 23:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 23:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 23:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 23:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2011.06.02 12:58:28 | 000,074,768 | R--- | M] (iS3 Inc.) [Kernel | Boot | Running] -- C:\Windows\SySWOW64\DRIVERS\szkg64.sys -- (szkg5)
DRV - [2011.06.02 12:58:28 | 000,074,768 | R--- | M] (iS3 Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SySWOW64\drivers\is3srv64.sys -- (is3srv)
DRV - [2009.07.14 04:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://tr.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = tr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 06 6B D2 67 52 AF CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {c67b0dbb-1f2c-4c11-b73b-5e56a5dc4dd5} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://search.babylo...00000df0798b82"
FF - prefs.js..keyword.URL: "http://search.babylo...affID=19950&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.08.15 16:30:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.08.15 16:30:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\SERVET\AppData\Roaming\IDM\idmmzcc5

[2011.03.25 12:34:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SERVET\AppData\Roaming\mozilla\Extensions
[2011.08.24 20:02:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SERVET\AppData\Roaming\mozilla\Firefox\Profiles\cytaq2zv.default\extensions
[2011.08.02 13:42:48 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\SERVET\AppData\Roaming\mozilla\Firefox\Profiles\cytaq2zv.default\extensions\[email protected]
[2011.05.06 18:18:33 | 000,002,055 | ---- | M] () -- C:\Users\SERVET\AppData\Roaming\Mozilla\Firefox\Profiles\cytaq2zv.default\searchplugins\daemon-search.xml
[2011.08.02 12:48:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\SERVET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYTAQ2ZV.DEFAULT\EXTENSIONS\{66E978CD-981F-47DF-AC42-E3CF417C1467}.XPI
() (No name found) -- C:\USERS\SERVET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYTAQ2ZV.DEFAULT\EXTENSIONS\[email protected]
[2011.08.03 20:20:47 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.08.03 20:27:01 | 000,002,287 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2010.01.01 11:00:00 | 000,001,182 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-tr.xml
[2010.01.01 11:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-tr.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Chrome NaCl (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2011.10.10 12:59:33 | 000,000,860 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C67B0DBB-1F2C-4C11-B73B-5E56A5DC4DD5} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Microsoft Excel'e &Ver - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: OneNote'a Gönder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote'a G&önder - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.hurriyete...geUploader5.cab (Image Uploader Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D5D17C21-1719-4640-B0B2-4F3262419920} https://www.isbank.c...Edit4ISBv29.CAB (GuvenlikCemberi3-ISBANK)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{628B6761-54B1-4438-99E8-B9AD6ABF1361}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\syswow64\userinit.exe) -c:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011.10.10 15:20:03 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\SERVET\Desktop\OTL.exe
[2011.10.10 13:04:09 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{4FE2A12B-C1AA-40A7-A85B-4C76CB7F0BBA}
[2011.10.10 12:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOPzilla
[2011.10.10 12:50:54 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2011.10.10 12:50:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\STOPzilla!
[2011.10.10 12:50:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\iS3
[2011.10.10 12:24:36 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{64119D46-705F-413A-8FAE-2A0190660498}
[2011.10.10 12:09:59 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{AB592CC4-701D-4C2C-82D4-AC8916575F3E}
[2011.10.10 11:39:22 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{842B4114-434E-494F-8433-100BE21A9997}
[2011.10.10 10:44:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011.10.10 09:29:00 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Roaming\Avira
[2011.10.10 09:20:56 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{E093770D-BF05-440A-BF81-911FB599C039}
[2011.10.10 09:12:07 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{C26BB18E-ADA2-4962-B6C5-0488771F5FE1}
[2011.10.09 23:25:45 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{44D63CF6-20BC-4AD0-86F7-66E864BA8BC2}
[2011.10.09 14:51:35 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{28E3F03D-A2D0-4D63-8879-3940883545C0}
[2011.10.08 22:15:47 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{4F2EF4C9-50AB-4B87-9351-9DE480DBC806}
[2011.10.08 14:58:26 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{8DD24EB5-3508-4E29-A184-F6A2EBC69466}
[2011.10.07 08:41:33 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{53268C75-3595-423D-AE3D-BB56BEB1E9D2}
[2011.10.06 20:10:55 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{23076E28-CEC1-4BD8-865F-720F1BDFED6E}
[2011.10.06 09:31:46 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{9919E980-A4DA-4BE0-8D0D-949E8C6FF8CD}
[2011.10.05 21:02:57 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{25E01194-77FF-417D-ACB2-F7F4607B0422}
[2011.10.05 09:12:09 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{1EDFB82D-EDBC-4808-B5EC-09E6BFFCCADE}
[2011.10.05 00:51:34 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{E72DC0B9-5DA8-487B-8ECB-C6365097405C}
[2011.10.04 20:40:57 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{8F0DD428-7400-4D2E-B544-095515A39975}
[2011.10.04 09:09:34 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{86144FD8-3821-4C69-A437-37320120979B}
[2011.10.03 08:41:50 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{262382B8-7DCC-4892-9AE6-4F28EBA04D75}
[2011.10.02 14:57:55 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{6E361A37-6FDE-4067-A302-31B4499EEDEB}
[2011.10.01 09:12:13 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{3098B948-CDE1-446A-8ACC-A24A78E76348}
[2011.09.30 09:00:31 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{119E2A5D-8B42-4C01-A6B8-8169450FA29E}
[2011.09.30 02:31:16 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{9B6D0976-0342-4C42-A8D7-468F2BCE0CC2}
[2011.09.29 11:01:55 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{9390FF95-D1ED-485E-9291-68E7B75DBBF0}
[2011.09.28 17:58:02 | 000,132,560 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3HTUI5.dll
[2011.09.28 17:58:02 | 000,022,992 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZIO5.dll
[2011.09.28 17:58:00 | 000,546,256 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZComp5.dll
[2011.09.28 17:58:00 | 000,480,720 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZBase5.dll
[2011.09.28 17:58:00 | 000,398,800 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3DBA5.dll
[2011.09.28 17:58:00 | 000,028,624 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3XDat5.dll
[2011.09.28 17:57:58 | 000,390,608 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3UI5.dll
[2011.09.28 17:57:58 | 000,099,792 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Svc5.dll
[2011.09.28 17:57:58 | 000,099,792 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Inet5.dll
[2011.09.28 17:57:58 | 000,067,024 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Hks5.dll
[2011.09.28 17:57:56 | 000,738,768 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Base5.dll
[2011.09.28 17:57:56 | 000,230,864 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Win325.dll
[2011.09.28 09:03:58 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{A8322FEC-7CC2-48F3-8DEE-806C7C3EF46D}
[2011.09.28 09:03:46 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{AB49359D-FAA1-4C30-A2D2-9C2D29A48EF5}
[2011.09.27 21:03:18 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{FA50C48A-1BC3-4B23-B496-54067E04AC89}
[2011.09.27 21:03:06 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{1E8C266B-AF3D-48D2-B59D-41F86BB404D4}
[2011.09.27 09:02:35 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{4AC221D7-EFE9-42EA-A663-8AB3954B2480}
[2011.09.27 09:02:23 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{06498834-8D1E-4716-8B24-DAB993CDFB07}
[2011.09.26 22:42:18 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{79E132DD-AE58-422A-9486-7F8F1B826C59}
[2011.09.26 21:35:17 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{CBE932DD-F734-461E-B338-E641FD428724}
[2011.09.26 21:35:04 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{3C895DA1-EA8E-4E93-B5F4-3EEB1E8AFFE8}
[2011.09.26 09:34:37 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{1DF8402D-7686-4B3F-842B-4E8BE6EACAD4}
[2011.09.26 09:34:23 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{EB5AD320-140E-4918-A9F9-E50E21C5627A}
[2011.09.25 16:16:58 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{AD2208CF-2CE5-4D1C-80EA-CFB42F6FD6A9}
[2011.09.25 06:55:56 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{EABE7C9D-8C7B-45AB-810A-3D19274D6A86}
[2011.09.25 04:00:57 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{F214DC5F-02E0-4E91-A902-19D4DE7CEACD}
[2011.09.24 12:13:42 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{44FE1058-03CF-40BC-A5E7-6153998E2015}
[2011.09.24 12:13:30 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{C0C08FC8-BC99-4058-8E98-E6F9ABFD87AA}
[2011.09.23 21:52:56 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{4EB3D2DB-934E-42FE-B430-CC18713C877E}
[2011.09.23 21:52:44 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{993DE5E7-F1C0-470C-836D-E8E338CA94FA}
[2011.09.23 09:52:17 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{EAD6432D-AC54-4365-96F9-630AFD4D9CDF}
[2011.09.23 09:52:05 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{4DE02A18-5A28-4112-ADCC-7DFE854EFB0F}
[2011.09.22 21:23:54 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{D5B6C05C-3CE7-4CED-9F2C-19DD953D4F53}
[2011.09.22 21:23:42 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{91FAF914-E70F-4C87-B870-67B664418867}
[2011.09.22 09:23:15 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{D2ABF0F3-E58A-413E-94D9-2CD2E821CBB5}
[2011.09.22 09:23:02 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{0B170197-0A53-4F0E-8EEC-6EFCEE1174F7}
[2011.09.21 21:22:36 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{22E4C70F-D462-4944-88E3-E40C8DB6BE77}
[2011.09.21 21:22:24 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{461C3525-EEEF-4CA8-A890-3FCCF6ABADCC}
[2011.09.21 09:22:08 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{EF9E3006-FFB3-42F8-B067-5F6B74FC2F4B}
[2011.09.21 09:21:56 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{8DED57EE-7F28-4F98-AC53-68574A5C9214}
[2011.09.20 21:14:18 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{286353A8-E2A1-49BA-9ABB-4954E5D1A871}
[2011.09.20 21:14:06 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{7137B2F4-CE9B-4B2E-80F3-87E2B6BB76EA}
[2011.09.20 09:13:39 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{3CFB4BCC-A0B9-4924-8411-610BC494E7B4}
[2011.09.20 09:13:27 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{CE4EAD48-DD76-4EBB-B22A-47C7CBFC2ACC}
[2011.09.19 21:13:00 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{95B92B65-F3A6-4E8C-9049-2862C32D74FA}
[2011.09.19 21:12:47 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{EA63E783-F2E3-420C-B9F0-139B23C6134C}
[2011.09.19 09:12:16 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{FCE46250-0532-463C-AAC5-ED1500A147F1}
[2011.09.19 09:12:04 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{14391F2E-8DF8-4210-8FA5-3391FE91D425}
[2011.09.18 16:31:16 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{B4859C85-3AF7-48E8-8F13-E3292DFC2D4F}
[2011.09.18 16:31:04 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{65B04F3A-E326-4F14-84E0-EC5F00CEB009}
[2011.09.17 11:25:18 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{C7441502-0E52-458F-A2B0-E130F059B037}
[2011.09.17 11:25:06 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{F49233BC-DCE5-493A-964B-8636DCB341A0}
[2011.09.16 10:52:32 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{A229F5B8-3961-48CB-B5FB-91CADD19902E}
[2011.09.16 10:52:20 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{F3582415-D35A-4B64-9946-037410FC2D1B}
[2011.09.15 21:45:57 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{849CB7D2-BDD5-4176-9EF8-C3DC3C467EFF}
[2011.09.15 21:45:44 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{29378303-659D-48B0-BC17-0C063C2B495C}
[2011.09.15 09:45:30 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{0087466E-4DA9-4537-A294-BD8B832B6583}
[2011.09.15 09:45:18 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{EC5768E0-6882-4811-9CC0-40D09803EBEE}
[2011.09.14 21:44:52 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{F50733A7-D492-4044-A1A4-1EE64B4079C0}
[2011.09.14 21:44:40 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{04794D71-3C8C-4769-AEC8-B40B9DB4EEC8}
[2011.09.14 09:44:23 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{1E3E5621-69C0-4DF4-B6CE-3CF10B6AFBBB}
[2011.09.14 09:44:10 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{4BC0D74D-F2C2-4C64-AAC8-7E9F8369D9A9}
[2011.09.13 21:13:39 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{67646164-7F3D-443E-A160-0A923B5B4555}
[2011.09.13 21:13:27 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{9CFA99B3-870A-45E9-9C60-4A974639C5AA}
[2011.09.13 09:13:10 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{AA597E39-0DDC-4119-A7E3-B7B702F8BE2D}
[2011.09.13 09:12:57 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{505AB5DD-1DF8-42E9-9189-55787039F05E}
[2011.09.12 21:12:30 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{2A00436F-F68E-435C-9872-771FFD152B39}
[2011.09.12 21:12:18 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{8D6077CC-D48A-44C3-8DCE-C2D3AA7E1A15}
[2011.09.12 09:11:48 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{EBFBB5C4-4E96-4137-B241-A8DC7F37E5B5}
[2011.09.12 09:11:36 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{9E34001A-B0F5-486B-9923-C0776C0A9515}
[2011.09.11 11:04:15 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{D96BA824-587B-4D2B-BA62-187B5D05CB53}
[2011.09.11 11:04:03 | 000,000,000 | ---D | C] -- C:\Users\SERVET\AppData\Local\{621F62E8-2C0F-4BDC-A526-9C4945790995}

========== Files - Modified Within 30 Days ==========

[2011.10.10 15:20:04 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\SERVET\Desktop\OTL.exe
[2011.10.10 14:58:09 | 000,005,808 | ---- | M] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2011.10.10 14:25:06 | 000,001,020 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.10 13:07:29 | 000,014,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.10 13:07:29 | 000,014,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.10 13:02:03 | 000,001,016 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.10 13:01:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.10 13:01:31 | 3195,420,672 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.06 02:25:56 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.09.28 17:58:02 | 000,132,560 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3HTUI5.dll
[2011.09.28 17:58:02 | 000,022,992 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZIO5.dll
[2011.09.28 17:58:00 | 000,546,256 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZComp5.dll
[2011.09.28 17:58:00 | 000,480,720 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZBase5.dll
[2011.09.28 17:58:00 | 000,398,800 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3DBA5.dll
[2011.09.28 17:58:00 | 000,028,624 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3XDat5.dll
[2011.09.28 17:57:58 | 000,390,608 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3UI5.dll
[2011.09.28 17:57:58 | 000,099,792 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Svc5.dll
[2011.09.28 17:57:58 | 000,099,792 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Inet5.dll
[2011.09.28 17:57:58 | 000,067,024 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Hks5.dll
[2011.09.28 17:57:56 | 000,738,768 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Base5.dll
[2011.09.28 17:57:56 | 000,230,864 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Win325.dll
[2011.09.25 08:08:03 | 000,059,220 | ---- | M] () -- C:\Users\SERVET\Desktop\kermit-jim-henson.jpg
[2011.09.18 17:08:24 | 001,476,604 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.09.18 17:08:24 | 000,618,332 | ---- | M] () -- C:\Windows\SysNative\perfh01F.dat
[2011.09.18 17:08:24 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.09.18 17:08:24 | 000,121,670 | ---- | M] () -- C:\Windows\SysNative\perfc01F.dat
[2011.09.18 17:08:24 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

========== Files Created - No Company Name ==========

[2011.10.10 13:03:01 | 000,005,808 | ---- | C] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2011.09.25 08:09:12 | 000,059,220 | ---- | C] () -- C:\Users\SERVET\Desktop\kermit-jim-henson.jpg
[2011.03.27 16:39:07 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.13 13:33:32 | 000,004,096 | -H-- | C] () -- C:\Users\SERVET\AppData\Local\keyfile3.drm
[2011.01.12 18:51:02 | 000,007,605 | ---- | C] () -- C:\Users\SERVET\AppData\Local\Resmon.ResmonCfg
[2011.01.10 01:20:24 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.01.10 01:20:24 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.01.10 01:20:22 | 000,810,496 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.01.10 01:20:22 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.01.10 01:20:22 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.01.09 16:18:35 | 000,000,034 | ---- | C] () -- C:\Users\SERVET\AppData\Local\Images.fl
[2011.01.08 19:39:19 | 000,327,168 | ---- | C] () -- C:\Windows\SysWow64\cutil32.dll
[2009.07.14 08:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 05:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 03:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 02:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.14 00:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.11 00:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011.01.15 13:33:28 | 000,000,000 | ---D | M] -- C:\Users\SERVET\AppData\Roaming\Abilon
[2011.08.02 13:42:42 | 000,000,000 | ---D | M] -- C:\Users\SERVET\AppData\Roaming\Babylon
[2011.10.10 12:06:32 | 000,000,000 | ---D | M] -- C:\Users\SERVET\AppData\Roaming\BitTorrent
[2011.05.06 18:59:12 | 000,000,000 | ---D | M] -- C:\Users\SERVET\AppData\Roaming\DAEMON Tools Lite
[2011.03.09 19:09:39 | 000,000,000 | ---D | M] -- C:\Users\SERVET\AppData\Roaming\DMCache
[2011.08.03 20:34:13 | 000,000,000 | ---D | M] -- C:\Users\SERVET\AppData\Roaming\IDM
[2011.03.11 20:46:24 | 000,000,000 | ---D | M] -- C:\Users\SERVET\AppData\Roaming\TeamViewer
[2011.01.12 00:04:59 | 000,000,000 | ---D | M] -- C:\Users\SERVET\AppData\Roaming\Uniblue
[2011.02.27 19:41:48 | 000,000,000 | ---D | M] -- C:\Users\SERVET\AppData\Roaming\VSO
[2011.03.22 01:19:17 | 000,000,000 | ---D | M] -- C:\Users\SERVET\AppData\Roaming\Windows Live Writer
[2011.09.15 08:27:04 | 000,032,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP