Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

delta search is a pain and i cannot get rid? [Solved]


  • This topic is locked This topic is locked

#61
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Not a problem, continue with the rest of my prior instructions/post the requested logs etc when ready. :)
  • 0

Advertisements


#62
aliboy66

aliboy66

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi am stuck on this bit


Attached File fixlist.txt (164bytes)
Number of downloads: 5

Now right-click on FRST.exe and select Run as Administrator to start FRST.
Then click on the Fix button/radio tab >> at the Fix completed prompt click on OK
A log will now open named Fixlog and it will also be on the desktop >> close FRST.
Reboot your machine(ensure you do this) and post the contents of the aforementioned Fixlog in your next reply.


I cannot find frst.exe link, have downloaded fixlist txt have got frst64 is this the same one not sure? sorry
  • 0

#63
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

I cannot find frst.exe link, have downloaded fixlist txt have got frst64 is this the same one not sure? sorry

Is FRST64.exe not on the desktop ? According to the scan it was prior:-

Running from C:\Users\Niyazi Mustafa\Desktop

Though the application has been recently updated and it may have prompted to download the new version and self deleted...

So re-download Farbar Recovery Scan Tool 64-Bit and save it to your desktop.

Then run the custom fix again as outlined in post #59.
  • 0

#64
aliboy66

aliboy66

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi my mistake

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-12-2013 01
Ran by Niyazi Mustafa at 2013-12-13 06:38:32 Run:1
Running from C:\Users\Niyazi Mustafa\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
AppInit_DLLs-x32: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll [ ] ()
C:\ProgramData\BitGuard
C:\Users\Emine\AppData\Local\Temp\i4jdel0.exe
End
*****************

HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
"C:\ProgramData\BitGuard" => File/Directory not found.
C:\Users\Emine\AppData\Local\Temp\i4jdel0.exe => Moved successfully.

==== End of Fixlog ====





Malwarebytes foun alot of stuff



Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.13.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Niyazi Mustafa :: NIYAZIMUSTAFA [administrator]

13/12/2013 09:12:12
mbam-log-2013-12-13 (09-12-12).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 291848
Time elapsed: 11 minute(s), 58 second(s)

Memory Processes Detected: 1
C:\Program Files (x86)\webmakerplus\webmakerplus.exe (PUP.Optional.WebMakerPlus.A) -> 3168 -> Delete on reboot.

Memory Modules Detected: 10
C:\Program Files (x86)\webmakerplus\libnspr4.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\libplc4.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\libplds4.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\nss3.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\nssutil3.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\smime3.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\sqlite3.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\webmakerpluscert.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\wmpl.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Windows\System32\webmakerplus.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.

Registry Keys Detected: 5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebMakerPlus (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774} (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
HKCR\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2} (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\webmakerplus (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
HKCR\AppID\webmakerplus.exe (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Program Files (x86)\webmakerplus (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.

Files Detected: 32
C:\Windows\Installer\22ca36.msi (PUP.Optional.SmartBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\uid.dat (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\freebl3.dll (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\inst.exe (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\install.bat (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\install64.bat (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\libnspr4.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\libplc4.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\libplds4.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\nss3.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\nssckbi.dll (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\nssdbm3.dll (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\nssutil3.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\setup.exe (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\smime3.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\softokn3.dll (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\sqlite3.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\ssl3.dll (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\variables.db (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\variables.old.db (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\webmakerplus.dll (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\webmakerplus.exe (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\webmakerplus64.dll (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\webmakerpluscert.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\webmakerplusinst.dll (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\webmakerplusinst64.dll (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\webmakerplusreg.exe (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\webmakerplusreg64.exe (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\webmakerplus\wmpl.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Program Files (x86)\webmakerplus\wmpl.old.dll (PUP.Optional.WebMakerPlus.A) -> Quarantined and deleted successfully.
C:\Windows\System32\webmakerplus.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.
C:\Windows\SysWOW64\webmakerplus.dll (PUP.Optional.WebMakerPlus.A) -> Delete on reboot.

(end)
Hi my computer seams ok when using the net and no ones complain that the computer is to slow,as for turn it on and shutting it down is still taking its time?

Edited by aliboy66, 13 December 2013 - 04:10 PM.

  • 0

#65
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

as for turn it on and shutting it down is still taking its time?

Lets address some of the unnecessary system start-ups, as when they are actively running they can actually slow down a shut-down/reboot time etc.

Cusrtom FRST Script:

Please download the attached fixlist.txt(see below) and save to the desktop.



  • Now right-click on FRST.exe and select Run as Administrator to start FRST.
  • Then click on the Fix button/radio tab >> at the Fix completed prompt click on OK
  • A log will now open named Fixlog and it will also be on the desktop >> close FRST.
  • Reboot your machine(ensure you do this) and post the contents of the aforementioned Fixlog in your next reply.
Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.

TFC(Temp File Cleaner):

  • Please download TFC to the desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Right-click on TFC.exe and select Run as Administrator to run the program.
  • Click the Start button in the bottom left of the GUI(graphical user interface)'
  • If prompted, click "Yes" to reboot.
Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.

I advise you keep TFC on the desktop after I give the all clear and run it say at least once per week as it is a very effective piece of software for cleaning out temp' files etc.

Next:

Reboot(restart) your computer if TFC did not prompt you to do so, post the new custom FRST log and let myself know if any improvement please.
  • 0

#66
aliboy66

aliboy66

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi done what you said but I get this?

Attached Thumbnails

  • Untitled22.png

Edited by aliboy66, 14 December 2013 - 04:29 PM.

  • 0

#67
aliboy66

aliboy66

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi did what you said it worked this time when I rebooted the computer windows updated it had 43 updates but I cannot find the log all I found was this


Start
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [SmoothView] - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [136136 2010-02-12] (Toshiba Europe GmbH)
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe [520760 2010-03-10] (Conexant Systems, Inc.)
HKLM\...\Run: [TosNC] - C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe [595816 2010-03-19] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKCU\...\Run: [0BA092B23CAFD91D018ACD56427A4A9F432C2129._service_run] - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe [863184 2013-11-14] (Google Inc.)
HKCU\...\Run: [GarminExpressTrayApp] - C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1098072 2013-03-27] (Garmin Ltd or its subsidiaries)
HKCU\...\Run: [Itibiti.exe] - C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
HKCU\...\Run: [Google Update] - C:\Users\Niyazi Mustafa\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-05-29] (Google Inc.)
HKCU\...\Run: [Steam] - "C:\Program Files (x86)\Steam\Steam.exe" -silent
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192 2011-02-18] (Research In Motion Limited)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NBAgent] - C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760 2010-03-09] (Nero AG)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [ToshibaServiceStation] - C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [EKStatusMonitor] - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKU\Ayse\...\Run: [Google Update] - C:\Users\Ayse\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-05-29] (Google Inc.)
HKU\Default\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\Toshiba\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)
HKU\Default User\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\Toshiba\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)
HKU\Emine\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\Toshiba\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)
HKU\Emine\...\Run: [Google Update] - C:\Users\Emine\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-05-30] (Google Inc.)
HKU\Emine\...\Run: [Facebook Update] - "C:\Users\Emine\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\Ozay\...\Run: [Google Update] - C:\Users\Ozay\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-05-30] (Google Inc.)
End

don't known what happened
  • 0

#68
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi and my apologies for the delay as I am not always available at the weekends. :)

Delete the following if still present from the desktop:-

FRST.64.exe

FRST-OlderVersion

fixlog.txt

fixlist.txt

fixlist2.txt

FRST.txt

Addition.txt

Then empty the Recycle Bin.

Re-scan with Farbar Recovery Scan Tool:

Please download and save Farbar Recovery Scan Tool 64-Bit to to your Desktop.

  • Right-click on FRST.exe and select Run as Administrator to start FRST >> >> follow the prompt/click on Yes
  • Under Optional Scan ensure both Drivers MD5 and Addition.txt are selected.
  • Now click on the Scan button/radio tab >> at the Scan completed prompt click on OK
  • At the next prompt denoting Addition.txt is saved in the same location FRST tool is run >> click on OK
  • There will now be two logs on your desktop, Addition.txt and FRST.txt. Post the contents of both in your next reply.

  • 0

#69
aliboy66

aliboy66

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi Dakeyras no worries about the weekends we all got stuff we have to do.I did the scan but half way through it stop then started again?is that ok.



Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-12-2013 02
Ran by Niyazi Mustafa (administrator) on NIYAZIMUSTAFA on 16-12-2013 17:55:11
Running from C:\Users\Niyazi Mustafa\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SmartFaceVWatcher] - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [505696 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Niyazi Mustafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Niyazi Mustafa\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7F911CB89BE0CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {1E462554-E56E-4740-A4E8-77E29C9E195B} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Winsock: Catalog9-x64 01 C:\Windows\system32\webmakerplus64.dll [430080] (Sweesh LTD)
Winsock: Catalog9-x64 02 C:\Windows\system32\webmakerplus64.dll [430080] (Sweesh LTD)
Winsock: Catalog9-x64 03 C:\Windows\system32\webmakerplus64.dll [430080] (Sweesh LTD)
Winsock: Catalog9-x64 04 C:\Windows\system32\webmakerplus64.dll [430080] (Sweesh LTD)
Winsock: Catalog9-x64 15 C:\Windows\system32\webmakerplus64.dll [430080] (Sweesh LTD)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

Chrome:
=======
CHR HomePage: hxxp://www.searchqu.com/406
CHR DefaultSearchKeyword: google.co.uk
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR Plugin: (Shockwave Flash) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll No File
CHR Plugin: (Mixesoft Click&Clean Plug-In) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\plugin/npccch32.dll No File
CHR Plugin: (Bitdefender QuickScan) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\plugin/npqscan.dll No File
CHR Plugin: (Chrome IE Tab) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.6.30.1_0\plugin/blackfishietab.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\plugins\npatgpc.dll (Cisco WebEx LLC)
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Java™ Platform SE 7 U5) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Extension: (Angry Birds) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (YouTube) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0
CHR Extension: (Apture) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppaadhnncohnjgallikmjdonfliciek\2.3.0_0
CHR Extension: (Read Later Fast) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji\1.6.0_0
CHR Extension: (Google News) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc\3.0_0
CHR Extension: (Chelsea FC) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eanaknlfmaafbcpmaoencjmlmfaflkck\1.4_0
CHR Extension: (Google Finance) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnnehhocbfp\1.1_0
CHR Extension: (Mailinator Extension) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnhpddclhmnpbfdeibjpbkhcofgmoain\1.5_0
CHR Extension: (Click&Clean) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0
CHR Extension: (AT_Porsche) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_0
CHR Extension: (365Scores) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gocaejggjgdmkhmbinicknpbhagkblop\0.65_0
CHR Extension: (Credit Card Nanny) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmmjpapolbaaddobpnlcjkgchmhhoog\0.2.11_0
CHR Extension: (FastestFox for Chrome) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\8.0.4_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Hover Zoom) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\4.21_1
CHR Extension: (Todo.ly) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhefmbclkekanpjjpkbciloojcmpkap\2_0
CHR Extension: (ChromeAdvisor) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcakbgpomchcbeddcdpbccmhlmmhgcej\1.2_0
CHR Extension: (iCloud) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjfjiepcafjlmaopmmdfcmdjldjfhlki\1.0.0_0
CHR Extension: (Google Reader) - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0
CHR StartMenuInternet: Google Chrome - C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
S2 RoxLiveShare9; "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [x]
S3 SolutoRemoteService; "C:\Program Files\Soluto\SolutoRemoteService.exe" -service [x]

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74240 2011-02-16] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys D6CAD7E5B05055BB8226BDCB1644DA27
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\drivers\CHDRT64.sys 7247A4D0875F5F28919E0787E11B7B57
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\FwLnk.sys 60ACB128E64C35C2B4E4AAB1B0A5C293
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\drivers\grmnusb.sys B9893A68032A6D9ADDB5B98287C630F7
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys BBB3B6DF1ABB0FE35802EDE85CC1C011
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 898AB5BFED7040D7AB07AF01885EB944
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys 655A5D8E80869781CCE23760ADA7E695
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys C6B88D62F20AC646C6BD5C032EC2FAF9
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys ACE8C64C57E4A711473C8BC10ADF692B
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pgeffect.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RimUsb_AMD64.sys 71B48DDAF5E9C2B40E64DE5C405F5AAC
C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys C903D49655B4AAE46673F0AAA6BE0F58
C:\Windows\System32\Drivers\RootMdm.sys 388D3DD1A6457280F3BADBA9F3ACD6B1
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys 907C4464381B5EBDFDC60F6C7D0DEDFC
C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 3289766038DB2CB14D07DC84392138D5
C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 58A38E75F3316A83C23DF6173D41F2B5
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SynTP.sys 470C47DABA9CA3966F0AB3F835D7D135
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\DRIVERS\tdcmdpst.sys FD542B661BD22FA69CA789AD0AC58C29
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TVALZ_O.SYS ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240
C:\Windows\system32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\system32\drivers\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-16 17:55 - 2013-12-16 17:56 - 00032675 _____ C:\Users\Niyazi Mustafa\Desktop\FRST.txt
2013-12-16 17:52 - 2013-12-16 17:53 - 01927940 _____ (Farbar) C:\Users\Niyazi Mustafa\Desktop\FRST64.exe
2013-12-16 17:50 - 2013-12-16 17:50 - 00000000 ____D C:\Users\Niyazi Mustafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sports Interactive
2013-12-15 09:53 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-15 09:49 - 2013-12-15 09:49 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-15 09:49 - 2013-12-15 09:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-15 09:49 - 2013-12-15 09:49 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-15 09:49 - 2013-12-15 09:49 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-15 09:49 - 2013-12-15 09:49 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-15 09:49 - 2013-12-15 09:49 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-15 09:49 - 2013-12-15 09:49 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-15 09:49 - 2013-12-15 09:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-15 09:49 - 2013-12-15 09:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-15 09:49 - 2013-12-15 09:49 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-15 09:49 - 2013-12-15 09:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-15 00:04 - 2013-05-10 05:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-15 00:04 - 2013-05-10 05:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-15 00:04 - 2013-05-10 04:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-15 00:04 - 2013-05-10 04:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-15 00:02 - 2013-12-15 09:53 - 00019289 _____ C:\Windows\IE11_main.log
2013-12-14 23:54 - 2013-12-14 23:54 - 00448512 _____ (OldTimer Tools) C:\Users\Niyazi Mustafa\Desktop\TFC.exe
2013-12-14 16:43 - 2013-11-23 18:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-14 16:43 - 2013-11-23 17:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-14 16:43 - 2013-11-12 02:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-14 16:43 - 2013-11-12 02:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-14 16:43 - 2013-10-30 02:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-14 16:43 - 2013-10-30 02:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-14 16:43 - 2013-10-30 01:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-14 16:43 - 2013-10-19 02:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-14 16:43 - 2013-10-19 01:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-14 16:43 - 2013-10-05 20:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-12-14 16:43 - 2013-10-05 19:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-12-14 16:43 - 2013-10-04 02:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-14 16:43 - 2013-10-04 02:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-12-14 16:43 - 2013-10-04 02:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-14 16:43 - 2013-10-04 02:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-14 16:43 - 2013-10-04 01:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-12-14 16:43 - 2013-10-04 01:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-12-14 16:43 - 2013-10-04 01:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-12-14 16:43 - 2013-10-04 01:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-14 16:43 - 2013-09-28 01:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-12-14 16:43 - 2013-09-25 02:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-12-14 16:43 - 2013-09-25 02:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-12-14 16:43 - 2013-09-25 02:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-12-14 16:43 - 2013-09-25 02:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-12-14 16:43 - 2013-09-25 02:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-12-14 16:43 - 2013-09-25 02:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-12-14 16:43 - 2013-09-25 01:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-12-14 16:43 - 2013-09-25 01:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-12-14 16:43 - 2013-09-25 01:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-12-14 16:43 - 2013-09-25 01:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-12-14 16:43 - 2013-07-04 12:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-12-14 16:43 - 2013-07-04 12:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-12-14 16:43 - 2013-07-04 11:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-12-14 16:43 - 2013-06-06 05:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-12-14 16:43 - 2013-06-06 05:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-12-14 16:43 - 2013-06-06 05:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-12-14 16:43 - 2013-06-06 05:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-12-14 16:43 - 2013-06-06 04:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-12-14 16:43 - 2013-06-06 04:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-12-14 16:43 - 2013-06-06 04:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-12-14 16:43 - 2013-06-06 03:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-12-14 16:43 - 2013-06-06 03:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-12-14 16:43 - 2013-06-06 03:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-12-14 16:42 - 2013-10-12 02:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-14 16:42 - 2013-10-12 02:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-14 16:42 - 2013-10-12 02:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-12-14 16:42 - 2013-10-12 02:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-14 16:42 - 2013-10-12 02:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-12-14 16:42 - 2013-10-12 02:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-14 16:42 - 2013-10-12 02:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-12-14 16:42 - 2013-10-12 02:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-14 16:42 - 2013-10-12 02:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-12-14 16:42 - 2013-10-12 01:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-14 16:42 - 2013-10-12 01:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-14 16:42 - 2013-10-12 01:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-14 16:42 - 2013-10-12 01:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-14 16:42 - 2013-10-03 02:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-12-14 16:42 - 2013-10-03 02:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-12-14 16:42 - 2013-09-25 02:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-12-14 16:42 - 2013-09-25 02:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-12-14 16:42 - 2013-09-25 01:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-12-14 16:42 - 2013-09-08 02:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-12-14 16:42 - 2013-09-08 02:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-12-14 16:42 - 2013-09-08 02:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-12-14 16:42 - 2013-08-29 02:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-12-14 16:42 - 2013-08-29 02:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-12-14 16:42 - 2013-08-29 02:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-12-14 16:42 - 2013-08-29 02:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-12-14 16:42 - 2013-08-29 02:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-12-14 16:42 - 2013-08-29 01:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-12-14 16:42 - 2013-08-29 01:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-12-14 16:42 - 2013-08-29 01:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-12-14 16:42 - 2013-08-29 01:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-12-14 16:42 - 2013-08-29 01:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-12-14 16:42 - 2013-08-29 01:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-12-14 16:42 - 2013-08-29 00:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-12-14 16:42 - 2013-08-29 00:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-12-14 16:42 - 2013-08-29 00:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-12-14 16:42 - 2013-08-29 00:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-12-14 16:42 - 2013-08-28 01:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-12-14 16:42 - 2013-08-01 12:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-12-14 16:42 - 2013-07-20 10:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-14 16:42 - 2013-07-20 10:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-14 16:42 - 2013-07-12 10:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-12-14 16:42 - 2013-07-12 10:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-12-14 16:42 - 2013-07-12 10:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-12-14 16:42 - 2013-07-04 12:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-12-14 16:42 - 2013-07-04 12:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-12-14 16:42 - 2013-07-04 11:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-12-14 16:42 - 2013-07-04 11:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-12-14 16:42 - 2013-07-04 10:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-12-14 16:42 - 2013-07-03 04:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-12-14 16:42 - 2013-07-03 04:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-12-14 16:42 - 2013-06-25 22:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-12-13 09:04 - 2013-12-13 09:04 - 00005062 _____ C:\Windows\PFRO.log
2013-12-12 21:21 - 2013-12-12 21:21 - 00000000 __SHD C:\found.000
2013-12-07 17:45 - 2013-12-14 22:47 - 00000000 ____D C:\FRST
2013-12-04 12:30 - 2013-12-16 17:00 - 00001232 _____ C:\Windows\setupact.log
2013-12-04 12:30 - 2013-12-04 12:30 - 00000000 _____ C:\Windows\setuperr.log
2013-12-03 14:28 - 2013-12-03 14:28 - 00001750 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-03 14:26 - 2013-12-03 14:27 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-03 14:26 - 2013-12-03 14:27 - 00000000 ____D C:\Program Files\iTunes
2013-12-03 14:26 - 2013-12-03 14:27 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-03 14:26 - 2013-12-03 14:26 - 00000000 ____D C:\Program Files\iPod
2013-12-01 05:13 - 2013-12-01 05:13 - 00347304 _____ (Microsoft Corporation) C:\Users\Niyazi Mustafa\Desktop\MicrosoftFixit.wu.RNP.33309434628288462.2.1.Run.exe
2013-12-01 04:22 - 2013-12-01 04:22 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-12-01 04:22 - 2013-12-01 04:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-12-01 04:01 - 2013-12-01 04:03 - 00000000 ____D C:\WINSSLog
2013-12-01 03:59 - 2013-10-11 16:37 - 00000098 _____ C:\Windows\system32\Drivers\etc\hosts.20131201-035916.backup
2013-11-29 23:18 - 2013-11-29 23:18 - 00756776 _____ (Microsoft Corporation) C:\Users\Ayse\Desktop\OneCareCleanUp.exe
2013-11-29 22:13 - 2013-11-29 22:13 - 00017448 _____ C:\FixitRegBackup.reg
2013-11-21 16:42 - 2013-11-21 16:42 - 00000092 _____ C:\Users\Ayse\Downloads\listen (1).asx
2013-11-21 16:38 - 2013-11-21 16:39 - 00000092 _____ C:\Users\Ayse\Downloads\listen.asx

==================== One Month Modified Files and Folders =======

2013-12-16 17:56 - 2013-12-16 17:55 - 00032675 _____ C:\Users\Niyazi Mustafa\Desktop\FRST.txt
2013-12-16 17:53 - 2013-12-16 17:52 - 01927940 _____ (Farbar) C:\Users\Niyazi Mustafa\Desktop\FRST64.exe
2013-12-16 17:50 - 2013-12-16 17:50 - 00000000 ____D C:\Users\Niyazi Mustafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sports Interactive
2013-12-16 17:45 - 2011-05-30 07:27 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005UA.job
2013-12-16 17:39 - 2013-08-10 10:37 - 01706505 _____ C:\Windows\WindowsUpdate.log
2013-12-16 17:35 - 2011-05-29 20:01 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1000UA.job
2013-12-16 17:28 - 2011-05-29 20:23 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1003UA.job
2013-12-16 17:27 - 2012-06-03 15:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-16 17:27 - 2011-06-03 20:59 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-16 17:13 - 2011-05-30 18:19 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1004UA.job
2013-12-16 17:08 - 2011-05-29 16:30 - 00001420 _____ C:\Users\Niyazi Mustafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-16 17:08 - 2009-07-14 04:45 - 00016304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-16 17:08 - 2009-07-14 04:45 - 00016304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-16 17:07 - 2011-06-03 20:59 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-16 17:07 - 2011-05-30 07:20 - 00001420 _____ C:\Users\Emine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-16 17:00 - 2013-12-04 12:30 - 00001232 _____ C:\Windows\setupact.log
2013-12-16 17:00 - 2012-07-05 16:41 - 00000000 ____D C:\ProgramData\Kodak
2013-12-16 17:00 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-15 10:07 - 2013-07-31 00:01 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 10:07 - 2009-07-14 05:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-15 10:06 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-15 09:53 - 2013-12-15 00:02 - 00019289 _____ C:\Windows\IE11_main.log
2013-12-15 09:50 - 2011-05-29 20:05 - 00001420 _____ C:\Users\Ayse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-15 09:49 - 2013-12-15 09:49 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-15 09:49 - 2013-12-15 09:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-15 09:49 - 2013-12-15 09:49 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-15 09:49 - 2013-12-15 09:49 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-15 09:49 - 2013-12-15 09:49 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-15 09:49 - 2013-12-15 09:49 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-15 09:49 - 2013-12-15 09:49 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-15 09:49 - 2013-12-15 09:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-15 09:49 - 2013-12-15 09:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-15 09:49 - 2013-12-15 09:49 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-15 09:49 - 2013-12-15 09:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-15 09:49 - 2013-12-15 09:49 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-15 09:49 - 2013-12-15 09:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-15 00:11 - 2011-09-09 19:15 - 00000926 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005UA.job
2013-12-15 00:03 - 2011-05-29 16:39 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-14 23:54 - 2013-12-14 23:54 - 00448512 _____ (OldTimer Tools) C:\Users\Niyazi Mustafa\Desktop\TFC.exe
2013-12-14 23:47 - 2010-04-08 06:28 - 00000000 ____D C:\Windows\Panther
2013-12-14 23:46 - 2009-07-14 04:45 - 00310952 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-14 23:43 - 2009-07-14 05:13 - 00732638 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-14 22:47 - 2013-12-07 17:45 - 00000000 ____D C:\FRST
2013-12-14 22:27 - 2012-05-23 22:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-14 22:27 - 2012-05-23 22:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-14 16:35 - 2011-05-29 20:01 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1000Core.job
2013-12-13 09:04 - 2013-12-13 09:04 - 00005062 _____ C:\Windows\PFRO.log
2013-12-13 06:45 - 2011-05-30 07:27 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005Core.job
2013-12-12 21:21 - 2013-12-12 21:21 - 00000000 __SHD C:\found.000
2013-12-12 16:30 - 2011-05-29 20:01 - 00003932 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1000UA
2013-12-12 16:30 - 2011-05-29 20:01 - 00003536 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1000Core
2013-12-12 06:27 - 2013-10-08 20:27 - 09293192 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-12 06:27 - 2012-06-03 15:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-12 06:27 - 2012-06-03 15:29 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-12 06:27 - 2011-05-29 19:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-12 06:11 - 2011-09-09 19:15 - 00000904 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005Core.job
2013-12-10 19:13 - 2011-05-30 18:19 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1004Core.job
2013-12-09 06:40 - 2011-05-30 07:27 - 00003878 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005UA
2013-12-09 06:40 - 2011-05-30 07:27 - 00003482 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005Core
2013-12-07 17:24 - 2013-10-10 05:59 - 00002422 _____ C:\Users\Niyazi Mustafa\Desktop\Google Chrome.lnk
2013-12-06 12:34 - 2013-10-16 11:17 - 00002372 _____ C:\Users\Ayse\Desktop\Google Chrome.lnk
2013-12-04 20:22 - 2011-06-03 20:59 - 00003910 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-04 20:22 - 2011-06-03 20:59 - 00003658 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-04 18:33 - 2013-09-25 21:45 - 00000829 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-04 18:33 - 2013-09-25 21:45 - 00000000 ____D C:\Program Files\CCleaner
2013-12-04 13:28 - 2011-05-29 20:23 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1003Core.job
2013-12-04 13:23 - 2011-05-29 20:23 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1003UA
2013-12-04 13:23 - 2011-05-29 20:23 - 00003476 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1003Core
2013-12-04 12:30 - 2013-12-04 12:30 - 00000000 _____ C:\Windows\setuperr.log
2013-12-04 06:57 - 2013-04-28 21:22 - 00000000 ____D C:\Windows\Minidump
2013-12-03 14:28 - 2013-12-03 14:28 - 00001750 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-03 14:27 - 2013-12-03 14:26 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-03 14:27 - 2013-12-03 14:26 - 00000000 ____D C:\Program Files\iTunes
2013-12-03 14:27 - 2013-12-03 14:26 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-03 14:26 - 2013-12-03 14:26 - 00000000 ____D C:\Program Files\iPod
2013-12-01 14:42 - 2011-05-29 17:57 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-01 05:19 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-01 05:13 - 2013-12-01 05:13 - 00347304 _____ (Microsoft Corporation) C:\Users\Niyazi Mustafa\Desktop\MicrosoftFixit.wu.RNP.33309434628288462.2.1.Run.exe
2013-12-01 04:22 - 2013-12-01 04:22 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-12-01 04:22 - 2013-12-01 04:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-12-01 04:22 - 2013-09-13 14:08 - 00001945 _____ C:\Windows\epplauncher.mif
2013-12-01 04:03 - 2013-12-01 04:01 - 00000000 ____D C:\WINSSLog
2013-11-29 23:18 - 2013-11-29 23:18 - 00756776 _____ (Microsoft Corporation) C:\Users\Ayse\Desktop\OneCareCleanUp.exe
2013-11-29 22:13 - 2013-11-29 22:13 - 00017448 _____ C:\FixitRegBackup.reg
2013-11-23 18:26 - 2013-12-14 16:43 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-23 17:47 - 2013-12-14 16:43 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-22 03:04 - 2011-07-07 16:04 - 00000000 ____D C:\Users\Ayse\AppData\Local\CrashDumps
2013-11-21 16:42 - 2013-11-21 16:42 - 00000092 _____ C:\Users\Ayse\Downloads\listen (1).asx
2013-11-21 16:39 - 2013-11-21 16:38 - 00000092 _____ C:\Users\Ayse\Downloads\listen.asx
2013-11-19 10:21 - 2011-05-29 17:46 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-13 10:59




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-12-2013 02
Ran by Niyazi Mustafa at 2013-12-16 17:57:45
Running from C:\Users\Niyazi Mustafa\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (x32)
Adobe AIR (x32 Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Adobe Reader X (10.1.8) (x32 Version: 10.1.8)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.0.626)
Advertising Center (x32 Version: 0.0.0.2)
aioscnnr (x32 Version: 7.6.13.10)
Amazon.co.uk (x32)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.27)
Atheros Driver Installation Program (x32 Version: 5.2)
BlackBerry Desktop Software 6.1 (x32 Version: 6.1.0.35)
Bonjour (Version: 3.0.0.10)
C4USelfUpdater (x32 Version: 1.00.0000)
CCleaner (Version: 4.08)
center (x32 Version: 7.7.2.0)
Conexant HD Audio (Version: 4.111.0.64)
D3DX10 (x32 Version: 15.4.2368.0902)
eBay (x32 Version: 1.1.9)
Elevated Installer (x32 Version: 2.1.13)
essentials (x32 Version: 7.7.2.0)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Football Manager 2006 (x32 Version: 6.0.0)
Football Manager 2011 (x32 Version: 11.0.0.0)
Garmin Communicator Plugin (x32 Version: 4.0.4)
Garmin Communicator Plugin x64 (Version: 4.0.4)
Garmin Express (x32 Version: 2.1.13)
Garmin Express Tray (x32 Version: 2.1.13)
Garmin Update Service (x32 Version: 2.1.13)
Google Chrome (HKCU Version: 31.0.1650.63)
Google Earth (x32 Version: 7.1.1.1580)
Google Update Helper (x32 Version: 1.3.22.3)
iCloud (Version: 3.0.2.163)
ImagXpress (x32 Version: 7.0.74.0)
Intel® Graphics Media Accelerator Driver (x32 Version: 8.15.10.2086)
Intel® Matrix Storage Manager
Internet Explorer (Enable DEP)
Itibiti RTC (x32 Version: 0.0.1)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Kodak AIO Printer (Version: 7.7.2.0)
KODAK AiO Software (x32 Version: 7.7.6.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Nero 9 Essentials (x32)
Nero BackItUp (x32 Version: 5.2.21001)
Nero BackItUp and Burn (x32 Version: 1.2.0030)
Nero BurnRights (x32 Version: 3.4.13.100)
Nero BurnRights (x32 Version: 3.6.26001)
Nero BurnRights Help (x32 Version: 3.4.4.100)
Nero ControlCenter (x32 Version: 9.0.0.1)
Nero DiscSpeed (x32 Version: 5.4.13.100)
Nero DiscSpeed Help (x32 Version: 5.4.4.100)
Nero DriveSpeed (x32 Version: 4.4.12.100)
Nero DriveSpeed Help (x32 Version: 4.4.4.100)
Nero Express (x32 Version: 9.6.16000)
Nero Express Help (x32 Version: 9.4.34.100)
Nero InfoTool (x32 Version: 6.4.12.100)
Nero InfoTool Help (x32 Version: 6.4.4.100)
Nero Installer (x32 Version: 4.4.9.0)
Nero Online Upgrade (x32 Version: 1.3.0.0)
Nero RescueAgent (x32 Version: 2.6.25002)
Nero StartSmart (x32 Version: 9.4.37.100)
Nero StartSmart Help (x32 Version: 9.4.37.100)
NeroExpress (x32 Version: 9.4.34.100)
neroxml (x32 Version: 1.0.0)
ocr (x32 Version: 6.2.3.50)
Photo Service - powered by myphotobook (x32 Version: 1.0.7)
Photo Service - powered by myphotobook (x32 Version: 1.0.7-279)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PreReq (x32 Version: 6.2.4.0)
PrintProjects (x32 Version: 1.0.0.9282)
QuickShare (x32 Version: 1.135.60.12323)
QuickTime (x32 Version: 7.71.80.42)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30111)
Sky Go Desktop (HKCU)
Spybot - Search & Destroy (x32 Version: 2.1.21)
SUPERAntiSpyware (Version: 5.6.1040)
Synaptics Pointing Device Driver (Version: 15.0.8.1)
Toshiba Assist (x32 Version: 3.00.11)
TOSHIBA Bulletin Board (Version: 1.6.07.64)
TOSHIBA Bulletin Board (x32 Version: 1.6.07.64)
TOSHIBA ConfigFree (x32 Version: 8.0.28)
TOSHIBA Disc Creator (Version: 2.1.0.2 for x64)
TOSHIBA Face Recognition (Version: 3.1.3.64)
TOSHIBA Face Recognition (x32 Version: 3.1.3.64)
TOSHIBA Hardware Setup (x32 Version: 2.00.06)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6)
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6)
Toshiba Manuals (x32 Version: 10.01)
TOSHIBA Media Controller (x32 Version: 1.0.80.3.64)
TOSHIBA Media Controller Plug-in (x32 Version: 1.0.4.9)
TOSHIBA Online Product Information (x32 Version: 2.09.0001)
TOSHIBA Recovery Media Creator (Version: 2.1.0.4 x64)
TOSHIBA Recovery Media Creator Reminder (x32 Version: 1.00.0019)
TOSHIBA ReelTime (Version: 1.6.06.64)
TOSHIBA ReelTime (x32 Version: 1.6.06.64)
TOSHIBA Service Station (x32 Version: 2.2.9)
TOSHIBA Supervisor Password (x32 Version: 2.00.03)
TOSHIBA TEMPRO (x32 Version: 3.35)
TOSHIBA Value Added Package (Version: 1.3.3.64)
TOSHIBA Value Added Package (x32 Version: 1.3.3.64)
TOSHIBA Web Camera Application (x32 Version: 1.1.1.15)
TRORMCLauncher (Version: 1.0.0.9)
TRORMCLauncher (x32 Version: )
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update for Microsoft Office Script Editor Help (KB963671) (x32)
Update for Microsoft Office Word 2007 Help (KB963665) (x32)
WebEx (HKCU)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)

==================== Restore Points =========================

08-12-2013 09:23:26 Scheduled Checkpoint
13-12-2013 10:03:42 Windows Update
14-12-2013 22:51:28 Windows Update
14-12-2013 23:59:04 Windows Update
15-12-2013 10:02:27 Windows Update
15-12-2013 10:44:13 Windows Update
15-12-2013 10:46:42 Windows Update
16-12-2013 17:46:12 Removed Football Manager 2006

==================== Hosts content: ==========================

2009-07-14 02:34 - 2013-12-01 03:59 - 00899704 ___RA C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {0710E037-A1C1-4EBE-803F-154E27705627} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005Core => C:\Users\Emine\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-30] (Google Inc.)
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => Rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => Rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
Task: {1042F114-98FD-4836-9965-7A0AB859639C} - System32\Tasks\{44EAC276-4FB8-45EC-8494-6528797BDC48} => C:\Program Files (x86)\Sports Interactive\Football Manager 2011\tools\editor\editor.exe [2012-08-13] (Sports Interactive)
Task: {2FAAB342-E332-474D-B303-CDB861F6D0E3} - System32\Tasks\{0D0260DF-3E03-4638-BDBE-D248E72B265A} => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-09-13] (Microsoft Corporation)
Task: {37E5FD6F-84B4-4653-9EB7-84168E391492} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005UA => C:\Users\Emine\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {3E22BCE1-CF21-49DF-8906-8A3ECD721A81} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-12] (Adobe Systems Incorporated)
Task: {443494FF-3D74-461B-A804-E592EA2C4CE2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005UA => C:\Users\Emine\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-30] (Google Inc.)
Task: {5708E9A3-EC45-4388-A368-3D7FB507E8D4} - System32\Tasks\{B57A362F-E5DF-474D-B096-251B09803941} => Iexplore.exe http://ui.skype.com/...tall?page=tsWLM
Task: {584215C8-7E49-49E9-B90A-E0477D4F4797} - System32\Tasks\WPD\SqmUpload_S-1-5-21-353934349-3502004749-830363461-1004 => Rundll32.exe portabledeviceapi.dll,#1
Task: {58CA758B-1AAD-4AE3-BEC6-559BBB02CB59} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {64AC1026-8FE8-4470-9B89-810345600779} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1004Core => C:\Users\Ozay\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-30] (Google Inc.)
Task: {6B1A0EF8-397F-4E7A-AD68-870CD91B1FBB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {751E20DC-E8B6-4CF3-BB65-8FD72AB2AA52} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {87456DEB-C821-4E60-8237-3B41006D7B64} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-03] (Google Inc.)
Task: {8B5783DF-1269-4555-87D4-A9AA3F19F208} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1000Core => C:\Users\Niyazi Mustafa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-29] (Google Inc.)
Task: {8FBDC638-3319-43EE-94EA-E42A3AA5718A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {941E5287-06BB-4D87-8AF1-9D62684B9C0C} - \BitGuard No Task File
Task: {95BD8D7B-9196-477B-9B40-7969DE140E5C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-03] (Google Inc.)
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => Rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe aepdu.dll,AePduRunUpdate
Task: {AA8B2A11-345F-4A8D-B7A5-A7C8E914831C} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe [2010-02-22] (TOSHIBA CORPORATION)
Task: {B55DFF38-941D-4E8C-A949-DC7D535F4C1E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1003Core => C:\Users\Ayse\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-29] (Google Inc.)
Task: {B621C3ED-6E7B-42FE-88F0-26E03CDC8593} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1004UA => C:\Users\Ozay\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-30] (Google Inc.)
Task: {C541698D-4238-44B6-8C15-5606C8834295} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1000UA => C:\Users\Niyazi Mustafa\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-29] (Google Inc.)
Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => Rundll32.exe /d acproxy.dll,PerformAutochkOperations
Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => Rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
Task: {EA7133EE-380F-446E-81F1-C4ED8541ADF4} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005Core => C:\Users\Emine\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {EC2DD95D-DEB5-4710-9098-D57FF5C143B3} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => Rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
Task: {F7C2037B-462E-40F8-B4CF-23256F4176D8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {FA959F47-852A-4635-9951-A8F7D5234F6C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1003UA => C:\Users\Ayse\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-29] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005Core.job => C:\Users\Emine\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005UA.job => C:\Users\Emine\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1000Core.job => C:\Users\Niyazi Mustafa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1000UA.job => C:\Users\Niyazi Mustafa\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1003Core.job => C:\Users\Ayse\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1003UA.job => C:\Users\Ayse\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1004Core.job => C:\Users\Ozay\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1004UA.job => C:\Users\Ozay\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005Core.job => C:\Users\Emine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353934349-3502004749-830363461-1005UA.job => C:\Users\Emine\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-02-05 16:44 - 2010-02-05 16:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2011-09-27 06:23 - 2011-09-27 06:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 06:22 - 2011-09-27 06:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-26 07:11 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-09-26 07:11 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-09-26 07:11 - 2013-05-16 09:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-09-26 07:11 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-09-26 07:11 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-12-07 17:24 - 2013-12-04 02:47 - 00702416 _____ () C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-07 17:24 - 2013-12-04 02:47 - 00099792 _____ () C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-07 17:24 - 2013-12-04 02:48 - 04055504 _____ () C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-07 17:24 - 2013-12-04 02:48 - 00399312 _____ () C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-07 17:24 - 2013-12-04 02:47 - 01619408 _____ () C:\Users\Niyazi Mustafa\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\webmakerplus => ""="service"

==================== Faulty Device Manager Devices =============

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/14/2013 10:29:11 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 21 5.1.168.192.in-addr.arpa. PTR NiyaziMustafa.local.

Error: (12/14/2013 10:29:11 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.5:5353 23 5.1.168.192.in-addr.arpa. PTR NiyaziMustafa-2.local.

Error: (12/14/2013 10:27:49 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 21 5.1.168.192.in-addr.arpa. PTR NiyaziMustafa.local.

Error: (12/14/2013 10:27:49 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.5:5353 23 5.1.168.192.in-addr.arpa. PTR NiyaziMustafa-2.local.

Error: (12/14/2013 05:04:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (12/13/2013 10:02:04 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (12/13/2013 10:00:01 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 21 5.1.168.192.in-addr.arpa. PTR NiyaziMustafa.local.

Error: (12/13/2013 10:00:01 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.5:5353 23 5.1.168.192.in-addr.arpa. PTR NiyaziMustafa-2.local.

Error: (12/13/2013 09:54:25 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 21 5.1.168.192.in-addr.arpa. PTR NiyaziMustafa.local.

Error: (12/13/2013 09:54:25 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.5:5353 23 5.1.168.192.in-addr.arpa. PTR NiyaziMustafa-2.local.


System errors:
=============
Error: (12/16/2013 05:00:19 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 17:27:21 on ‎16/‎12/‎2013 was unexpected.

Error: (12/15/2013 10:46:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.

Error: (12/15/2013 10:09:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.

Error: (12/15/2013 00:03:16 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.

Error: (12/14/2013 11:55:45 PM) (Source: Service Control Manager) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).

Error: (12/14/2013 10:28:54 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

Error: (12/13/2013 10:01:04 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Updating Service service failed to start due to the following error:
%%1053

Error: (12/13/2013 10:01:04 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.

Error: (12/13/2013 10:00:29 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053

Error: (12/13/2013 10:00:29 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 51%
Total physical RAM: 2939.97 MB
Available physical RAM: 1412.33 MB
Total Pagefile: 5878.12 MB
Available Pagefile: 3737.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:149.41 GB) (Free:42.82 GB) NTFS
Drive d: (Data) (Fixed) (Total:148.28 GB) (Free:141.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: FD7CFF43)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148 GB) - (Type=07 NTFS)

==================== End Of Log ============================








==================== End Of Log ============================
  • 0

#70
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

no worries about the weekends we all got stuff we have to do.

Thank you!

I did the scan but half way through it stop then started again?is that ok.

Aye that appears to not be a problem.

Check Proxy Settings:

Launch Internet Options...

  • Click on Start(Windows 7 Orb) >> Control Panel >> Network and Internet >> Internet Options
  • Or via Start(Windows 7 Orb) >> Control Panel >> >> Internet Options
  • Once the Internet Properties window appears >> click on Connections >> LAN settings
  • Ensure Automatically detect settings is selected and the following are not:
Use automatic configuration script

Use a proxy server for your LAN

  • Click on OK >> OK to close the Internet Properties window.

Change Google Chrome HomePage:

Follow the instructions here to change it to one you wish as the one in use is adware related. You could say change it to:-

https://www.google.co.uk/

For example.

Next:

Any further issues remaining ?
  • 0

Advertisements


#71
aliboy66

aliboy66

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi Dakeyras my computer seams fine when I'm using the internet no sign of a virus?,but I think something is wrong with turning my computer on and off it can take a while to get the computer on once on it boots up OK and runs fine and now if we leave the laptop on with the internet on without using it you get the black screen when left we just have to touch the mouse and the screen would come back on now the only way we get the laptop on we have to unplug it from the mains then plug it back on or if we leave the radio on the internet it won't go off any suggestions? or do I need a trip to a computer shop? thanks
  • 0

#72
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

my computer seams fine when I'm using the internet no sign of a virus

Good.

I think something is wrong with turning my computer on and off it can take a while to get the computer on once on it boots up OK and runs fine and now if we leave the laptop on with the internet on without using it you get the black screen when left we just have to touch the mouse and the screen would come back on now the only way we get the laptop on we have to unplug it from the mains then plug it back on or if we leave the radio on the internet it won't go off any suggestions?

Hmm OK we will see what can be done about that.

or do I need a trip to a computer shop? thanks

Hopefully not and if the need I can always refer you to a specific IT Support part of the forum.

Next:

I think we will try a Start-Up Repair first, actually perform the procedure three times in a row and then afterwards let myself know the outcome and if any improvement at all please.

How to do so can be read via clicking on the below link:-

How to Run a Startup Repair in Windows 7
  • 0

#73
aliboy66

aliboy66

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi Dakeyrus tried startup repair but I cannot rember my password I have addminsttrgter right but the password must be different. I can't rember it's was over two years ok
Am really sorry what next...?
  • 0

#74
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Hi. :)

Not a problem and no need to apologise I assure you.

OK, try leaving the Administrator password blank, as in do not enter anything. If still no luck you will have to create a Start-Up Repair Disk and use that.

How to do can be read via clicking on the below link:-

How to create a Windows 7 Startup Repair Disk

Then once you have created it, run Start-Up Repair three times consecutively like I advised last time.

Run Windows 7 SRD:

  • Actually boot up your computer with the Windows 7 SRD disk.
  • If not sure how to, a very good tutorial can be read here.
  • You will have to answer a few basic questions then select the option Repair your computer
  • At the the System Recovery Options screen click Windows 7 to highlight then Next>
  • Now click on/select Startup Repair
  • If prompted to use System Restore, select Cancel.
  • The same if prompted to Send information about this problem (recommended), select Don't send.
  • Click Finish when Startup Repair has completed,run it again a further two times.
  • Once the final run has completed, remove the SRD disc and then click on Restart

  • 0

#75
aliboy66

aliboy66

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi Dakeyras been working late be with you soon.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP