Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

delta search is a pain and i cannot get rid? [Solved]


  • This topic is locked This topic is locked

#46
Teima

Teima

    Member

  • Member
  • PipPipPip
  • 833 posts
Ok. That has returned without any issues. Thanks for sticking with me. We'll try something different here. :)

Step One

Download and run:-

Microsoft Security Essentials Removal Tool

Then delete the tool and download a new installer for MSE from here >> install it and go from there and see what occurs this time. :thumbsup:
  • 0

Advertisements


#47
aliboy66

aliboy66

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi Teima when I use MSE removal tool I get this message when I look on control panel its gone so I tried to install MSE I get this error








Capture.PNG

is this a problem I get messages telling me my computers is at risk? because I have got no protection?

Attached Thumbnails

  • Capture.PNG

Edited by aliboy66, 01 December 2013 - 12:35 PM.

  • 0

#48
Teima

Teima

    Member

  • Member
  • PipPipPip
  • 833 posts
Hello aliboy66,

Hi Teima when I use MSE removal tool I get this message when I look on control panel its gone so I tried to install MSE I get this error

Does this same error persist after your computer has been restarted mate?

is this a problem I get messages telling me my computers is at risk? because I have got no protection?

For the moment. Yes indeed. But once we have Microsoft Security Essentials back on the machine it shouldn't be an issue. :thumbsup:
  • 0

#49
aliboy66

aliboy66

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi Teima I have managed to download MSE.The way I did it was I used MSE cleaning tool in safe mode and then went back to mormal mode and installed MSE its seams ok and has updated its self.My computer seams fine when I am using the internet no sign of a virus? but I think it has things wrong with it now I am having trouble turning my computer on and off once we get it on its fine.
  • 0

#50
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi and my apologies for the delay. :)

Teima is currently unavailable and I will be assisting you from this time forward...

Next:

I have managed to download MSE.The way I did it was I used MSE cleaning tool in safe mode and then went back to mormal mode and installed MSE its seams ok and has updated its self.My computer seams fine when I am using the internet no sign of a virus?

A good outcome then regarding finally getting the MSE issue resolved.

but I think it has things wrong with it now I am having trouble turning my computer on and off once we get it on its fine

OK fair play, lets run a few quick checks to see if we can pinpoint this particular issue as follows...

Check Hard Disk For Errors:

Download the attached hddcheck.bat below and save to your Desktop:-



Now right-click on hddcheck.bat and select Run as Administrator to run the batch file. A blank command window will open on your desktop, then close in a few minutes. This is normal and the batch file itself will self-delete when completed.

A file icon named checkhd.txt should appear on your Desktop. Please post the contents of this file in your next reply.

Scan with Farbar Recovery Scan Tool:

Please download and save Farbar Recovery Scan Tool 64-Bit to to your Desktop.

  • Right-click on FRST.exe and select Run as Administrator to start FRST >> >> follow the prompt/click on Yes
  • Under Optional Scan ensure both Drivers MD5 and Addition.txt are selected.
  • Now click on the Scan button/radio tab >> at the Scan completed prompt click on OK
  • At the next prompt denoting Addition.txt is saved in the same location FRST tool is run >> click on OK
  • There will now be two logs on your desktop, Addition.txt and FRST.txt. Post the contents of both in your next reply.
Next:

When completed the above, please post back the following in the order asked for:

  • How is your computer performing now, any further symptoms and or problems encountered ?
  • Check Hard Disk For Errors Log
  • Both FRST logs. <-- Post them individually please, IE: one Log per post/reply.

  • 0

#51
aliboy66

aliboy66

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi thanks for your time and help,done the first one hope this helps


The type of the file system is NTFS.
Volume label is WINDOWS.

WARNING! F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
File verification completed.
746 large file records processed.

0 bad file records processed.

0 EA records processed.

108 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 3)...
Index verification completed.
0 unindexed files recovered.

CHKDSK is verifying security descriptors (stage 3 of 3)...
Security descriptor verification completed.
43825 data files processed.

CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
The Volume Bitmap is incorrect.
Windows found problems with the file system.
Run CHKDSK with the /F (fix) option to correct these.

156671999 KB total disk space.
105336304 KB in 253662 files.
139012 KB in 43826 indexes.
0 KB in bad sectors.
422931 KB in use by the system.
65536 KB occupied by the log file.
50773752 KB available on disk.

4096 bytes in each allocation unit.
39167999 total allocation units on disk.
12693438 allocation units available on disk.
  • 0

#52
aliboy66

aliboy66

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi step 2

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2013 2
Ran by Niyazi Mustafa (administrator) on NIYAZIMUSTAFA on 07-12-2013 17:49:40
Running from C:\Users\Niyazi Mustafa\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(webmakerplus LTD) C:\Program Files (x86)\webmakerplus\webmakerplus.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [SmoothView] - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [136136 2010-02-12] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [505696 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe [520760 2010-03-10] (Conexant Systems, Inc.)
HKLM\...\Run: [TosNC] - C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe [595816 2010-03-19] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [0BA092B23CAFD91D018ACD56427A4A9F432C2129._service_run] - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe [863184 2013-11-14] (Google Inc.)
HKCU\...\Run: [GarminExpressTrayApp] - C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1098072 2013-03-27] (Garmin Ltd or its subsidiaries)
HKCU\...\Run: [Itibiti.exe] - C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
HKCU\...\Run: [Google Update] - C:\Users\Niyazi Mustafa\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-05-29] (Google Inc.)
HKCU\...\Run: [Steam] - "C:\Program Files (x86)\Steam\Steam.exe" -silent
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192 2011-02-18] (Research In Motion Limited)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NBAgent] - C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760 2010-03-09] (Nero AG)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [ToshibaServiceStation] - C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [EKStatusMonitor] - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKU\Ayse\...\Run: [Google Update] - C:\Users\Ayse\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-05-29] (Google Inc.)
HKU\Default\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\Toshiba\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)
HKU\Default User\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\Toshiba\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)
HKU\Emine\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\Toshiba\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)
HKU\Emine\...\Run: [Google Update] - C:\Users\Emine\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-05-30] (Google Inc.)
HKU\Emine\...\Run: [Facebook Update] - "C:\Users\Emine\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\Ozay\...\Run: [Google Update] - C:\Users\Ozay\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-05-30] (Google Inc.)
AppInit_DLLs-x32: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll [ ] ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Niyazi Mustafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Niyazi Mustafa\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7F911CB89BE0CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {1E462554-E56E-4740-A4E8-77E29C9E195B} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Winsock: Catalog9 01 C:\Windows\SysWOW64\webmakerplus.dll [364544] (Sweesh LTD)
Winsock: Catalog9 02 C:\Windows\SysWOW64\webmakerplus.dll [364544] (Sweesh LTD)
Winsock: Catalog9 03 C:\Windows\SysWOW64\webmakerplus.dll [364544] (Sweesh LTD)
Winsock: Catalog9 04 C:\Windows\SysWOW64\webmakerplus.dll [364544] (Sweesh LTD)
Winsock: Catalog9 15 C:\Windows\SysWOW64\webmakerplus.dll [364544] (Sweesh LTD)
Winsock: Catalog9-x64 01 C:\Windows\system32\webmakerplus64.dll [430080] (Sweesh LTD)
Winsock: Catalog9-x64 02 C:\Windows\system32\webmakerplus64.dll [430080] (Sweesh LTD)
Winsock: Catalog9-x64 03 C:\Windows\system32\webmakerplus64.dll [430080] (Sweesh LTD)
Winsock: Catalog9-x64 04 C:\Windows\system32\webmakerplus64.dll [430080] (Sweesh LTD)
Winsock: Catalog9-x64 15 C:\Windows\system32\webmakerplus64.dll [430080] (Sweesh LTD)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

Chrome:
=======
CHR HomePage: hxxp://www.searchqu.com/406
CHR Plugin: (Shockwave Flash) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll No File
CHR Plugin: (Mixesoft Click&Clean Plug-In) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\plugin/npccch32.dll No File
CHR Plugin: (Bitdefender QuickScan) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\plugin/npqscan.dll No File
CHR Plugin: (Chrome IE Tab) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.6.30.1_0\plugin/blackfishietab.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\plugins\npatgpc.dll (Cisco WebEx LLC)
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Java™ Platform SE 7 U5) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Extension: (Angry Birds) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (YouTube) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0
CHR Extension: (Apture) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppaadhnncohnjgallikmjdonfliciek\2.3.0_0
CHR Extension: (Read Later Fast) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji\1.6.0_0
CHR Extension: (Google News) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc\3.0_0
CHR Extension: (Chelsea FC) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eanaknlfmaafbcpmaoencjmlmfaflkck\1.4_0
CHR Extension: (Google Finance) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnnehhocbfp\1.1_0
CHR Extension: (Mailinator Extension) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnhpddclhmnpbfdeibjpbkhcofgmoain\1.5_0
CHR Extension: (Click&Clean) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0
CHR Extension: (AT_Porsche) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_0
CHR Extension: (365Scores) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gocaejggjgdmkhmbinicknpbhagkblop\0.65_0
CHR Extension: (Credit Card Nanny) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmmjpapolbaaddobpnlcjkgchmhhoog\0.2.11_0
CHR Extension: (FastestFox for Chrome) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\8.0.4_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Hover Zoom) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\4.21_1
CHR Extension: (Todo.ly) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhefmbclkekanpjjpkbciloojcmpkap\2_0
CHR Extension: (ChromeAdvisor) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcakbgpomchcbeddcdpbccmhlmmhgcej\1.2_0
CHR Extension: (iCloud) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjfjiepcafjlmaopmmdfcmdjldjfhlki\1.0.0_0
CHR Extension: (Google Reader) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0
CHR StartMenuInternet: Google Chrome - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R3 webmakerplus; C:\Program Files (x86)\webmakerplus\webmakerplus.exe [4153344 2013-09-17] (webmakerplus LTD)
S2 RoxLiveShare9; "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [x]
S3 SolutoRemoteService; "C:\Program Files\Soluto\SolutoRemoteService.exe" -service [x]

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74240 2011-02-16] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys D6CAD7E5B05055BB8226BDCB1644DA27
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 9AC4F97C2D3E93367E2148EA940CD2CD
C:\Windows\System32\drivers\CHDRT64.sys 7247A4D0875F5F28919E0787E11B7B57
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\FwLnk.sys 60ACB128E64C35C2B4E4AAB1B0A5C293
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\drivers\grmnusb.sys B9893A68032A6D9ADDB5B98287C630F7
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys BBB3B6DF1ABB0FE35802EDE85CC1C011
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 898AB5BFED7040D7AB07AF01885EB944
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 26C43A7C2862447EC59DEDA188D1DA07
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys 655A5D8E80869781CCE23760ADA7E695
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys C6B88D62F20AC646C6BD5C032EC2FAF9
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys ACE8C64C57E4A711473C8BC10ADF692B
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pgeffect.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RimUsb_AMD64.sys 71B48DDAF5E9C2B40E64DE5C405F5AAC
C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys C903D49655B4AAE46673F0AAA6BE0F58
C:\Windows\System32\Drivers\RootMdm.sys 388D3DD1A6457280F3BADBA9F3ACD6B1
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys 907C4464381B5EBDFDC60F6C7D0DEDFC
C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 3289766038DB2CB14D07DC84392138D5
C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 58A38E75F3316A83C23DF6173D41F2B5
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SynTP.sys 470C47DABA9CA3966F0AB3F835D7D135
C:\Windows\System32\drivers\tcpip.sys DB74544B75566C974815E79A62433F29
C:\Windows\System32\DRIVERS\tcpip.sys DB74544B75566C974815E79A62433F29
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\DRIVERS\tdcmdpst.sys FD542B661BD22FA69CA789AD0AC58C29
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TVALZ_O.SYS ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240
C:\Windows\System32\drivers\usbaudio.sys 82E8F44688E6FAC57B5B7C6FC7ADBC2A
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\system32\drivers\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-07 17:49 - 2013-12-07 17:50 - 00038628 _____ C:\Users\Niyazi Mustafa\Desktop\FRST.txt
2013-12-07 17:45 - 2013-12-07 17:45 - 00000000 ____D C:\FRST
2013-12-07 17:44 - 2013-12-07 17:44 - 01927514 _____ (Farbar) C:\Users\Niyazi Mustafa\Desktop\FRST64.exe
2013-12-07 17:31 - 2013-12-07 17:33 - 00001420 _____ C:\Users\Niyazi Mustafa\Desktop\checkhd.txt
2013-12-04 12:30 - 2013-12-06 17:09 - 00000336 _____ C:\Windows\setupact.log
2013-12-04 12:30 - 2013-12-04 12:30 - 00000000 _____ C:\Windows\setuperr.log
2013-12-03 14:28 - 2013-12-03 14:28 - 00001750 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-03 14:26 - 2013-12-03 14:27 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-03 14:26 - 2013-12-03 14:27 - 00000000 ____D C:\Program Files\iTunes
2013-12-03 14:26 - 2013-12-03 14:27 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-03 14:26 - 2013-12-03 14:26 - 00000000 ____D C:\Program Files\iPod
2013-12-01 05:13 - 2013-12-01 05:13 - 00347304 _____ (Microsoft Corporation) C:\Users\Niyazi Mustafa\Desktop\MicrosoftFixit.wu.RNP.33309434628288462.2.1.Run.exe
2013-12-01 04:22 - 2013-12-01 04:22 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-12-01 04:22 - 2013-12-01 04:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-12-01 04:01 - 2013-12-01 04:03 - 00000000 ____D C:\WINSSLog
2013-12-01 03:59 - 2013-10-11 16:37 - 00000098 _____ C:\Windows\system32\Drivers\etc\hosts.20131201-035916.backup
2013-11-29 23:18 - 2013-11-29 23:18 - 00756776 _____ (Microsoft Corporation) C:\Users\Ayse\Desktop\OneCareCleanUp.exe
2013-11-29 22:13 - 2013-11-29 22:13 - 00017448 _____ C:\FixitRegBackup.reg
2013-11-26 18:16 - 2013-11-26 18:16 - 00001902 _____ C:\Users\Niyazi Mustafa\Desktop\FSS.txt
2013-11-21 16:42 - 2013-11-21 16:42 - 00000092 _____ C:\Users\Ayse\Downloads\listen (1).asx
2013-11-21 16:38 - 2013-11-21 16:39 - 00000092 _____ C:\Users\Ayse\Downloads\listen.asx
2013-11-15 23:14 - 2013-11-15 23:13 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-11-15 23:13 - 2013-11-15 23:13 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-11-15 23:13 - 2013-11-15 23:13 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-11-15 23:13 - 2013-11-15 23:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

==================== One Month Modified Files and Folders =======

2013-12-07 17:50 - 2013-12-07 17:49 - 00038628 _____ C:\Users\Niyazi Mustafa\Desktop\FRST.txt
2013-12-07 17:45 - 2013-12-07 17:45 - 00000000 ____D C:\FRST
2013-12-07 17:44 - 2013-12-07 17:44 - 01927514 _____ (Farbar) C:\Users\Niyazi Mustafa\Desktop\FRST64.exe
2013-12-07 17:39 - 2011-05-30 07:27 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005UA.job
2013-12-07 17:33 - 2013-12-07 17:31 - 00001420 _____ C:\Users\Niyazi Mustafa\Desktop\checkhd.txt
2013-12-07 17:28 - 2011-05-29 20:23 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1003UA.job
2013-12-07 17:27 - 2012-06-03 15:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-07 17:27 - 2011-06-03 20:59 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-07 17:24 - 2013-10-10 05:59 - 00002422 _____ C:\Users\Niyazi Mustafa\Desktop\Google Chrome.lnk
2013-12-07 17:22 - 2011-05-29 20:01 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1000UA.job
2013-12-07 08:30 - 2011-06-03 20:59 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-07 08:17 - 2013-08-10 10:37 - 01228678 _____ C:\Windows\WindowsUpdate.log
2013-12-07 08:13 - 2011-05-30 18:19 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1004UA.job
2013-12-06 17:24 - 2009-07-14 04:45 - 00016304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-06 17:24 - 2009-07-14 04:45 - 00016304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-06 17:10 - 2013-10-07 10:53 - 00000000 ____D C:\Program Files (x86)\webmakerplus
2013-12-06 17:09 - 2013-12-04 12:30 - 00000336 _____ C:\Windows\setupact.log
2013-12-06 17:09 - 2012-07-05 16:41 - 00000000 ____D C:\ProgramData\Kodak
2013-12-06 17:09 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-06 12:34 - 2013-10-16 11:17 - 00002372 _____ C:\Users\Ayse\Desktop\Google Chrome.lnk
2013-12-04 21:11 - 2011-09-09 19:15 - 00000926 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005UA.job
2013-12-04 20:22 - 2011-06-03 20:59 - 00003910 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-04 20:22 - 2011-06-03 20:59 - 00003658 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-04 19:13 - 2011-05-30 18:19 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1004Core.job
2013-12-04 18:33 - 2013-09-25 21:45 - 00000829 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-04 18:33 - 2013-09-25 21:45 - 00000000 ____D C:\Program Files\CCleaner
2013-12-04 13:28 - 2011-05-29 20:23 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1003Core.job
2013-12-04 13:23 - 2011-05-29 20:23 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1003UA
2013-12-04 13:23 - 2011-05-29 20:23 - 00003476 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1003Core
2013-12-04 12:30 - 2013-12-04 12:30 - 00000000 _____ C:\Windows\setuperr.log
2013-12-04 06:57 - 2013-04-28 21:22 - 00000000 ____D C:\Windows\Minidump
2013-12-03 14:28 - 2013-12-03 14:28 - 00001750 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-03 14:27 - 2013-12-03 14:26 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-03 14:27 - 2013-12-03 14:26 - 00000000 ____D C:\Program Files\iTunes
2013-12-03 14:27 - 2013-12-03 14:26 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-03 14:26 - 2013-12-03 14:26 - 00000000 ____D C:\Program Files\iPod
2013-12-03 00:50 - 2009-07-14 05:13 - 00732638 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-01 05:19 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-01 05:13 - 2013-12-01 05:13 - 00347304 _____ (Microsoft Corporation) C:\Users\Niyazi Mustafa\Desktop\MicrosoftFixit.wu.RNP.33309434628288462.2.1.Run.exe
2013-12-01 04:22 - 2013-12-01 04:22 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-12-01 04:22 - 2013-12-01 04:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-12-01 04:22 - 2013-09-13 14:08 - 00001945 _____ C:\Windows\epplauncher.mif
2013-12-01 04:03 - 2013-12-01 04:01 - 00000000 ____D C:\WINSSLog
2013-11-29 23:18 - 2013-11-29 23:18 - 00756776 _____ (Microsoft Corporation) C:\Users\Ayse\Desktop\OneCareCleanUp.exe
2013-11-29 22:13 - 2013-11-29 22:13 - 00017448 _____ C:\FixitRegBackup.reg
2013-11-27 23:39 - 2011-05-30 07:27 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005Core.job
2013-11-27 06:11 - 2011-09-09 19:15 - 00000904 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005Core.job
2013-11-26 18:16 - 2013-11-26 18:16 - 00001902 _____ C:\Users\Niyazi Mustafa\Desktop\FSS.txt
2013-11-22 03:04 - 2011-07-07 16:04 - 00000000 ____D C:\Users\Ayse\AppData\Local\CrashDumps
2013-11-21 16:42 - 2013-11-21 16:42 - 00000092 _____ C:\Users\Ayse\Downloads\listen (1).asx
2013-11-21 16:39 - 2013-11-21 16:38 - 00000092 _____ C:\Users\Ayse\Downloads\listen.asx
2013-11-15 23:14 - 2013-10-18 17:12 - 00000000 ____D C:\ProgramData\Oracle
2013-11-15 23:13 - 2013-11-15 23:14 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-11-15 23:13 - 2013-11-15 23:13 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-11-15 23:13 - 2013-11-15 23:13 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-11-15 23:13 - 2013-11-15 23:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-14 16:06 - 2012-06-03 15:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-14 16:06 - 2012-06-03 15:29 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-14 16:06 - 2011-05-29 19:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-14 16:05 - 2011-05-30 07:18 - 00000000 ____D C:\Users\Niyazi Mustafa\AppData\Local\Adobe
2013-11-13 18:03 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\registration

Some content of TEMP:
====================
C:\Users\Emine\AppData\Local\Temp\i4jdel0.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-07 08:19

==================== End Of Log ============================
  • 0

#53
aliboy66

aliboy66

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Here we go


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2013 2
Ran by Niyazi Mustafa at 2013-12-07 17:51:31
Running from C:\Users\Niyazi Mustafa\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (x32)
Adobe AIR (x32 Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.152)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader X (10.1.8) (x32 Version: 10.1.8)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.0.626)
Advertising Center (x32 Version: 0.0.0.2)
aioscnnr (x32 Version: 7.6.13.10)
Amazon.co.uk (x32)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.27)
Atheros Driver Installation Program (x32 Version: 5.2)
BlackBerry Desktop Software 6.1 (x32 Version: 6.1.0.35)
Bonjour (Version: 3.0.0.10)
C4USelfUpdater (x32 Version: 1.00.0000)
CCleaner (Version: 4.08)
center (x32 Version: 7.7.2.0)
Conexant HD Audio (Version: 4.111.0.64)
D3DX10 (x32 Version: 15.4.2368.0902)
eBay (x32 Version: 1.1.9)
Elevated Installer (x32 Version: 2.1.13)
essentials (x32 Version: 7.7.2.0)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Football Manager 2006 (x32 Version: 6.0.0)
Football Manager 2011 (x32 Version: 11.0.0.0)
Garmin Communicator Plugin (x32 Version: 4.0.4)
Garmin Communicator Plugin x64 (Version: 4.0.4)
Garmin Express (x32 Version: 2.1.13)
Garmin Express Tray (x32 Version: 2.1.13)
Garmin Update Service (x32 Version: 2.1.13)
Google Chrome (HKCU Version: 31.0.1650.63)
Google Earth (x32 Version: 7.1.1.1580)
Google Update Helper (x32 Version: 1.3.22.3)
iCloud (Version: 3.0.2.163)
ImagXpress (x32 Version: 7.0.74.0)
Intel® Graphics Media Accelerator Driver (x32 Version: 8.15.10.2086)
Intel® Matrix Storage Manager
Internet Explorer (Enable DEP)
Itibiti RTC (x32 Version: 0.0.1)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Kodak AIO Printer (Version: 7.7.2.0)
KODAK AiO Software (x32 Version: 7.7.6.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Nero 9 Essentials (x32)
Nero BackItUp (x32 Version: 5.2.21001)
Nero BackItUp and Burn (x32 Version: 1.2.0030)
Nero BurnRights (x32 Version: 3.4.13.100)
Nero BurnRights (x32 Version: 3.6.26001)
Nero BurnRights Help (x32 Version: 3.4.4.100)
Nero ControlCenter (x32 Version: 9.0.0.1)
Nero DiscSpeed (x32 Version: 5.4.13.100)
Nero DiscSpeed Help (x32 Version: 5.4.4.100)
Nero DriveSpeed (x32 Version: 4.4.12.100)
Nero DriveSpeed Help (x32 Version: 4.4.4.100)
Nero Express (x32 Version: 9.6.16000)
Nero Express Help (x32 Version: 9.4.34.100)
Nero InfoTool (x32 Version: 6.4.12.100)
Nero InfoTool Help (x32 Version: 6.4.4.100)
Nero Installer (x32 Version: 4.4.9.0)
Nero Online Upgrade (x32 Version: 1.3.0.0)
Nero RescueAgent (x32 Version: 2.6.25002)
Nero StartSmart (x32 Version: 9.4.37.100)
Nero StartSmart Help (x32 Version: 9.4.37.100)
NeroExpress (x32 Version: 9.4.34.100)
neroxml (x32 Version: 1.0.0)
ocr (x32 Version: 6.2.3.50)
Photo Service - powered by myphotobook (x32 Version: 1.0.7)
Photo Service - powered by myphotobook (x32 Version: 1.0.7-279)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PreReq (x32 Version: 6.2.4.0)
PrintProjects (x32 Version: 1.0.0.9282)
QuickShare (x32 Version: 1.135.60.12323)
QuickTime (x32 Version: 7.71.80.42)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30111)
Sky Go Desktop (HKCU)
Spybot - Search & Destroy (x32 Version: 2.1.21)
SUPERAntiSpyware (Version: 5.6.1040)
Synaptics Pointing Device Driver (Version: 15.0.8.1)
Toshiba Assist (x32 Version: 3.00.11)
TOSHIBA Bulletin Board (Version: 1.6.07.64)
TOSHIBA Bulletin Board (x32 Version: 1.6.07.64)
TOSHIBA ConfigFree (x32 Version: 8.0.28)
TOSHIBA Disc Creator (Version: 2.1.0.2 for x64)
TOSHIBA Face Recognition (Version: 3.1.3.64)
TOSHIBA Face Recognition (x32 Version: 3.1.3.64)
TOSHIBA Hardware Setup (x32 Version: 2.00.06)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6)
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6)
Toshiba Manuals (x32 Version: 10.01)
TOSHIBA Media Controller (x32 Version: 1.0.80.3.64)
TOSHIBA Media Controller Plug-in (x32 Version: 1.0.4.9)
TOSHIBA Online Product Information (x32 Version: 2.09.0001)
TOSHIBA Recovery Media Creator (Version: 2.1.0.4 x64)
TOSHIBA Recovery Media Creator Reminder (x32 Version: 1.00.0019)
TOSHIBA ReelTime (Version: 1.6.06.64)
TOSHIBA ReelTime (x32 Version: 1.6.06.64)
TOSHIBA Service Station (x32 Version: 2.2.9)
TOSHIBA Supervisor Password (x32 Version: 2.00.03)
TOSHIBA TEMPRO (x32 Version: 3.35)
TOSHIBA Value Added Package (Version: 1.3.3.64)
TOSHIBA Value Added Package (x32 Version: 1.3.3.64)
TOSHIBA Web Camera Application (x32 Version: 1.1.1.15)
TRORMCLauncher (Version: 1.0.0.9)
TRORMCLauncher (x32 Version: )
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update for Microsoft Office Script Editor Help (KB963671) (x32)
Update for Microsoft Office Word 2007 Help (KB963665) (x32)
WebEx (HKCU)
WebMakerPlus (x32 Version: 1.2)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)

==================== Restore Points =========================

29-11-2013 07:33:01 Scheduled Checkpoint
29-11-2013 22:12:37 Installed Microsoft Fix it 50535
01-12-2013 05:06:56 Installed Microsoft Fix it 50123

==================== Hosts content: ==========================

2009-07-14 02:34 - 2013-12-01 03:59 - 00899704 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {0710E037-A1C1-4EBE-803F-154E27705627} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005Core => C:\Users\Emine\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-30] (Google Inc.)
Task: {1042F114-98FD-4836-9965-7A0AB859639C} - System32\Tasks\{44EAC276-4FB8-45EC-8494-6528797BDC48} => C:\Program Files (x86)\Sports Interactive\Football Manager 2011\tools\editor\editor.exe [2012-08-13] (Sports Interactive)
Task: {2FAAB342-E332-474D-B303-CDB861F6D0E3} - System32\Tasks\{0D0260DF-3E03-4638-BDBE-D248E72B265A} => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-05-13] (Microsoft Corporation)
Task: {37E5FD6F-84B4-4653-9EB7-84168E391492} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005UA => C:\Users\Emine\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {3E22BCE1-CF21-49DF-8906-8A3ECD721A81} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-14] (Adobe Systems Incorporated)
Task: {443494FF-3D74-461B-A804-E592EA2C4CE2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005UA => C:\Users\Emine\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-30] (Google Inc.)
Task: {5708E9A3-EC45-4388-A368-3D7FB507E8D4} - System32\Tasks\{B57A362F-E5DF-474D-B096-251B09803941} => Iexplore.exe http://ui.skype.com/...tall?page=tsWLM
Task: {58CA758B-1AAD-4AE3-BEC6-559BBB02CB59} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {64AC1026-8FE8-4470-9B89-810345600779} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1004Core => C:\Users\Ozay\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-30] (Google Inc.)
Task: {6B1A0EF8-397F-4E7A-AD68-870CD91B1FBB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {751E20DC-E8B6-4CF3-BB65-8FD72AB2AA52} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {87456DEB-C821-4E60-8237-3B41006D7B64} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-03] (Google Inc.)
Task: {8B5783DF-1269-4555-87D4-A9AA3F19F208} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1000Core => C:\Users\Niyazi Mustafa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-29] (Google Inc.)
Task: {8FBDC638-3319-43EE-94EA-E42A3AA5718A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {941E5287-06BB-4D87-8AF1-9D62684B9C0C} - \BitGuard No Task File
Task: {95BD8D7B-9196-477B-9B40-7969DE140E5C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-03] (Google Inc.)
Task: {AA8B2A11-345F-4A8D-B7A5-A7C8E914831C} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe [2010-02-22] (TOSHIBA CORPORATION)
Task: {B55DFF38-941D-4E8C-A949-DC7D535F4C1E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1003Core => C:\Users\Ayse\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-29] (Google Inc.)
Task: {B621C3ED-6E7B-42FE-88F0-26E03CDC8593} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1004UA => C:\Users\Ozay\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-30] (Google Inc.)
Task: {C541698D-4238-44B6-8C15-5606C8834295} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1000UA => C:\Users\Niyazi Mustafa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-29] (Google Inc.)
Task: {EA7133EE-380F-446E-81F1-C4ED8541ADF4} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005Core => C:\Users\Emine\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {F7C2037B-462E-40F8-B4CF-23256F4176D8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {FA959F47-852A-4635-9951-A8F7D5234F6C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1003UA => C:\Users\Ayse\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-29] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005Core.job => C:\Users\Emine\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005UA.job => C:\Users\Emine\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1000Core.job => C:\Users\Niyazi Mustafa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1000UA.job => C:\Users\Niyazi Mustafa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1003Core.job => C:\Users\Ayse\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1003UA.job => C:\Users\Ayse\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1004Core.job => C:\Users\Ozay\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1004UA.job => C:\Users\Ozay\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005Core.job => C:\Users\Emine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005UA.job => C:\Users\Emine\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-03-03 13:15 - 2010-03-03 13:15 - 08762680 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 12:26 - 2009-11-03 12:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 13:15 - 2010-03-03 13:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 13:15 - 2010-03-03 13:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2010-04-08 08:16 - 2009-06-22 13:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll
2009-03-12 18:08 - 2009-03-12 18:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 15:38 - 2009-07-25 15:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2010-02-05 16:44 - 2010-02-05 16:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2011-09-27 06:23 - 2011-09-27 06:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 06:22 - 2011-09-27 06:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-26 07:11 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-09-26 07:11 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-09-26 07:11 - 2013-05-16 09:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-09-26 07:11 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-09-26 07:11 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-09-22 13:25 - 2013-10-15 00:28 - 00065536 _____ () C:\Program Files (x86)\webmakerplus\wmpl.dll
2013-08-30 11:11 - 2013-08-30 11:11 - 00455168 _____ () C:\Program Files (x86)\webmakerplus\sqlite3.dll
2013-11-18 09:16 - 2013-11-14 11:28 - 00702416 _____ () C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
2013-11-18 09:16 - 2013-11-14 11:28 - 00099792 _____ () C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\31.0.1650.57\libegl.dll
2013-11-18 09:16 - 2013-11-14 11:29 - 04055504 _____ () C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-18 09:16 - 2013-11-14 11:29 - 00399312 _____ () C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-18 09:16 - 2013-11-14 11:28 - 01619408 _____ () C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\webmakerplus => ""="service"

==================== Faulty Device Manager Devices =============

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/07/2013 07:31:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (12/06/2013 05:10:00 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 21 5.1.168.192.in-addr.arpa. PTR NiyaziMustafa.local.

Error: (12/06/2013 05:10:00 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.5:5353 23 5.1.168.192.in-addr.arpa. PTR NiyaziMustafa-2.local.

Error: (12/04/2013 08:18:00 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 21 5.1.168.192.in-addr.arpa. PTR NiyaziMustafa.local.

Error: (12/04/2013 08:18:00 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.5:5353 23 5.1.168.192.in-addr.arpa. PTR NiyaziMustafa-2.local.

Error: (12/04/2013 08:16:24 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 21 5.1.168.192.in-addr.arpa. PTR NiyaziMustafa.local.

Error: (12/04/2013 08:16:24 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.5:5353 23 5.1.168.192.in-addr.arpa. PTR NiyaziMustafa-2.local.

Error: (12/04/2013 07:47:37 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 21 5.1.168.192.in-addr.arpa. PTR NiyaziMustafa.local.

Error: (12/04/2013 07:47:37 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.5:5353 23 5.1.168.192.in-addr.arpa. PTR NiyaziMustafa-2.local.

Error: (12/04/2013 03:37:49 PM) (Source: ESENT) (User: )
Description: taskhost (8148) WebCacheLocal: Error -1811 occurred while opening logfile C:\Users\Niyazi Mustafa\AppData\Local\Microsoft\Windows\WebCache\V01000B1.log.


System errors:
=============
Error: (12/07/2013 08:17:26 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.163.1057.0

Update Source: %NT AUTHORITY59

Update Stage: 4.4.0304.00

Source Path: 4.4.0304.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (12/07/2013 07:40:39 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.163.1057.0

Update Source: %NT AUTHORITY59

Update Stage: 4.4.0304.00

Source Path: 4.4.0304.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (12/06/2013 05:19:57 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.163.1057.0

Update Source: %NT AUTHORITY59

Update Stage: 4.4.0304.00

Source Path: 4.4.0304.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (12/06/2013 05:09:29 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 17:19:08 on ‎06/‎12/‎2013 was unexpected.

Error: (12/06/2013 00:23:02 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.163.1057.0

Update Source: %NT AUTHORITY59

Update Stage: 4.4.0304.00

Source Path: 4.4.0304.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (12/04/2013 08:27:32 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.163.1057.0

Update Source: %NT AUTHORITY59

Update Stage: 4.4.0304.00

Source Path: 4.4.0304.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (12/04/2013 08:19:54 PM) (Source: Service Control Manager) (User: )
Description: The webmakerplus service terminated unexpectedly. It has done this 1 time(s).

Error: (12/04/2013 08:18:58 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Updating Service service failed to start due to the following error:
%%1053

Error: (12/04/2013 08:18:58 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.

Error: (12/04/2013 08:18:24 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 55%
Total physical RAM: 2939.97 MB
Available physical RAM: 1300.05 MB
Total Pagefile: 5878.12 MB
Available Pagefile: 3422.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:149.41 GB) (Free:48.51 GB) NTFS
Drive d: (Data) (Fixed) (Total:148.28 GB) (Free:141.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: FD7CFF43)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#54
aliboy66

aliboy66

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi as for my computer it seams to be working fine when using the internet no virus seams quite fast but MSE has gone back to not updating its self again? so something not right thinking about it windows has not updated for a while, as for turning on and off its getting harder
  • 0

#55
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

as for turning on and off its getting harder

There are rather a lot of unnecessary system start ups and the hard drive itself could definitely do with some in-depth system maintenance. Which we will address in due course.

MSE has gone back to not updating its self again? so something not right thinking about it windows has not updated for a while

Check your machines update setting for myself please as follows...

Click on Start(Windows 7 Orb) Control Panel >> Windows Update >> Change settings

Make a note of the current setting and post back these in your next reply please and or take a screen-shot and post that. Either will suffice.

Download/run Rkill:

Please download Rkill from one of the following links and save to your Desktop(If one fails to work delete it and download/try another):

One, Two,Three, Four or Five

Note: If your security software warns about Rkill, please ignore and allow the download to continue.

  • Double click on Rkill.
  • A command window will open then disappear upon completion, this is normal.
  • Post the log created, found on the desktop rkill.txt. in your next reply.

  • 0

Advertisements


#56
aliboy66

aliboy66

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi MSE has updated its self,it did that last time,been working late will be in touch soon thanks

Edited by aliboy66, 11 December 2013 - 12:54 AM.

  • 0

#57
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Acknowledged, do let myself know if any further issues remaining please. :)
  • 0

#58
aliboy66

aliboy66

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi does this help?

Attached Thumbnails

  • windows.png
  • windows2.png

Edited by aliboy66, 11 December 2013 - 01:13 PM.

  • 0

#59
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

does this help?

The actual Update Settings appear fine. We can address the Update issue in due course if still the need after completing the below...

Next:

Do please download and run Rkill per my intructions in post #55 and in turn post the log created in your next reply.

Cusrtom FRST Script:

Please download the attached fixlist.txt(see below) and save to the desktop.



  • Now right-click on FRST.exe and select Run as Administrator to start FRST.
  • Then click on the Fix button/radio tab >> at the Fix completed prompt click on OK
  • A log will now open named Fixlog and it will also be on the desktop >> close FRST.
  • Reboot your machine(ensure you do this) and post the contents of the aforementioned Fixlog in your next reply.
Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.

Malwarebytes Anti-Malware:

Note: Remember to right click MBAM and select Run As Administrator.

  • Launch the application, Check for Updates >> Perform quick scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Next:

When completed the above, please post back the following in the order asked for:

  • How is your computer performing now, any further symptoms and or problems encountered ?
  • Rkill Log.
  • Fixlog Log from the Custom FRST Script.
  • Malwarebytes Anti-Malware Log.

  • 0

#60
aliboy66

aliboy66

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi forgot this one sorry

Rkill 2.6.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingc...opic308364.html

Program started at: 12/12/2013 09:16:14 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Niyazi Mustafa\Desktop\rkill\rkill-12-12-2013-09-16-23.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

˙ž1 2 7 . 0 . 0 . 1 l o c a l h o s t

: : 1 l o c a l h o s t

# S t a r t o f e n t r i e s i n s e r t e d b y S p y b o t - S e a r c h & D e s t r o y

1 2 7 . 0 . 0 . 1 w w w . 0 0 7 g u a r d . c o m

1 2 7 . 0 . 0 . 1 0 0 7 g u a r d . c o m

1 2 7 . 0 . 0 . 1 0 0 8 i . c o m

1 2 7 . 0 . 0 . 1 w w w . 0 0 8 k . c o m

1 2 7 . 0 . 0 . 1 0 0 8 k . c o m

1 2 7 . 0 . 0 . 1 w w w . 0 0 h q . c o m

1 2 7 . 0 . 0 . 1 0 0 h q . c o m

1 2 7 . 0 . 0 . 1 0 1 0 4 0 2 . c o m

1 2 7 . 0 . 0 . 1 w w w . 0 3 2 4 3 9 . c o m

1 2 7 . 0 . 0 . 1 0 3 2 4 3 9 . c o m

1 2 7 . 0 . 0 . 1 w w w . 0 s c a n . c o m

1 2 7 . 0 . 0 . 1 0 s c a n . c o m

1 2 7 . 0 . 0 . 1 1 0 0 0 g r a t i s p r o b e n . c o m

1 2 7 . 0 . 0 . 1 w w w . 1 0 0 0 g r a t i s p r o b e n . c o m

1 2 7 . 0 . 0 . 1 1 0 0 1 n a m e n . c o m

1 2 7 . 0 . 0 . 1 w w w . 1 0 0 1 n a m e n . c o m

1 2 7 . 0 . 0 . 1 1 0 0 8 8 8 2 9 0 c s . c o m


20 out of 15496 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 12/12/2013 09:20:15 PM
Execution time: 0 hours(s), 4 minute(s), and 1 seconds(s)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP