Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Adware/ Malware in Steam

Adware/Malware

  • Please log in to reply

#1
JohnSheen

JohnSheen

    Member

  • Member
  • PipPip
  • 62 posts

Hello dear warriors of Geekstogo,

 

My name is John,

 

To be specific after my Steam client downloaded an update yesterday, ad pop-ups began showing up whenever I click on sth on steam. 

It was supposed to be a minor adware issue, however, Malwarebytes, Adwcleaner, Rootkill and Spybot S&D couldn't find the malware/adware responsible for it. They removed some adware and malware from my system, but not the cause of the problem. I ran countless times of full system scans but to no avail. I am not a very experienced user in malware removal, (I once got help from you guys and saved my PC) so I cannot dare to use advanced programs like OTL or Combofix, so I am in your hands again :D

 

(btw, I used my trial for HitmanPro a couple of years ago while getting help here, so I cannot use it now :(

 

 

Here are my FRST logs;

 

FRST.txt 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01

Ran by Ahmet (administrator) on AHMET-CASPER on 22-06-2015 12:38:40
Running from C:\Users\Ahmet\Desktop\malware fight
Loaded Profiles: Ahmet (Available Profiles: Ahmet)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Türkçe (Türkiye)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.7.0.11\n360.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Inca\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Inca\Common\RaRegistry64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.7.0.11\n360.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Inca Technology, Corp.) C:\Program Files (x86)\Inca\Common\RaUI.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(M-Audio) C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\nacl64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.7.0.11\conathst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1052788771-3966947176-2622355626-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [439360 2013-08-13] (BillP Studios)
HKU\S-1-5-21-1052788771-3966947176-2622355626-1000\...\Policies\Explorer: [] 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Inca Wireless Utility.lnk [2015-03-23]
ShortcutTarget: Inca Wireless Utility.lnk -> C:\Program Files (x86)\Inca\Common\RaUI.exe (Inca Technology, Corp.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1052788771-3966947176-2622355626-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-1052788771-3966947176-2622355626-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-1052788771-3966947176-2622355626-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.tr/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll [2011-11-08] (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-08-27] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-08-27] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\..\Interfaces\{3FED66E6-594B-49ED-8A91-CBFAE1CCF4E4}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{C5868A4A-5AB4-4A1F-B99D-9F23584CD0E6}: [NameServer] 8.8.8.8,8.8.4.4
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-10] ()
FF Plugin: @java.com/DTPlugin,version=10.2.1 -> C:\Windows\system32\npDeployJava1.dll [2011-11-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.2.1 -> C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\new_plugin\npjp2.dll [2011-11-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-08-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-08-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1052788771-3966947176-2622355626-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ahmet\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-11] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1052788771-3966947176-2622355626-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-10-08] ()
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\coFFPlgn [2015-06-22]
 
Chrome: 
=======
CHR Profile: C:\Users\Ahmet\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Ahmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-30]
CHR Extension: (Google Search) - C:\Users\Ahmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-30]
CHR Extension: (AdBlock) - C:\Users\Ahmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-30]
CHR Extension: (Norton Identity Safe) - C:\Users\Ahmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-11]
CHR Extension: (Norton Security Toolbar) - C:\Users\Ahmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-06-21]
CHR Extension: (Google Wallet) - C:\Users\Ahmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Hover Zoom) - C:\Users\Ahmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-07-09]
CHR Extension: (Gmail) - C:\Users\Ahmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-30]
CHR Extension: (Canvas Rider) - C:\Users\Ahmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2014-06-30]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-19]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-19]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 N360; C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.7.0.11\N360.exe [265000 2015-03-07] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4673992 2013-11-05] (INCA Internet Co., Ltd.)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [1931632 2015-05-02] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-10-28] ()
R2 RalinkRegistryWriter; C:\Program Files (x86)\Inca\Common\RaRegistry.exe [375872 2011-03-31] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Inca\Common\RaRegistry64.exe [454208 2011-03-31] (Ralink Technology, Corp.)
S2 RaMediaServer; C:\Program Files (x86)\Inca\Common\RaMediaServer.exe [625728 2011-08-18] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 USBMIDIAudioDevMon; C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe [1636872 2010-04-13] (M-Audio)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AmdTools64; C:\Windows\System32\DRIVERS\AmdTools64.sys [47160 2008-04-28] (AMD, Inc.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-08-14] (AVG Technologies)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.3.0.12\Definitions\BASHDefs\20150602.001\BHDrvx64.sys [1640152 2015-05-21] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-07] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [489776 2015-05-29] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145200 2015-05-29] (Symantec Corporation)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-09-10] (Sony Mobile Communications)
R1 IDSVia64; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.3.0.12\Definitions\IPSDefs\20150619.001_90d\IDSvia64.sys [692984 2015-06-21] (Symantec Corporation)
S3 MAUSBMIDI; C:\Windows\System32\DRIVERS\MAudioUSBMIDI.sys [200200 2010-04-13] (M-Audio)
R3 mlkumidi; C:\Windows\System32\drivers\mlkumidi.sys [57408 2012-08-29] (MusicLab, Inc.)
R3 NAVENG; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.3.0.12\Definitions\VirusDefs\20150621.023\ENG64.SYS [129752 2015-06-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.3.0.12\Definitions\VirusDefs\20150621.023\EX64.SYS [2137304 2015-06-20] (Symantec Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13480 2014-06-10] ()
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 atillk64; \??\C:\Program Files (x86)\AMD GPU Clock Tool\atillk64.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-22 12:38 - 2015-06-22 12:38 - 00000000 ____D C:\FRST
2015-06-22 00:17 - 2015-06-22 00:17 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-06-22 00:16 - 2015-06-22 09:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-06-22 00:16 - 2015-06-22 00:23 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-06-22 00:16 - 2015-06-22 00:16 - 00001395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-06-22 00:16 - 2015-06-22 00:16 - 00001383 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-06-22 00:16 - 2015-06-22 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-06-22 00:16 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-06-21 19:10 - 2015-06-22 11:45 - 00000120 _____ C:\Windows\mlkumidi.log
2015-06-21 19:10 - 2015-06-22 11:45 - 00000112 _____ C:\Windows\setupact.log
2015-06-21 19:10 - 2015-06-21 19:10 - 00000000 _____ C:\Windows\setuperr.log
2015-06-21 11:52 - 2015-06-21 18:35 - 00000000 ____D C:\Users\Ahmet\Desktop\EMSISoft
2015-06-21 11:44 - 2015-06-21 11:44 - 00000000 ____D C:\RegBackup
2015-06-21 11:29 - 2015-06-21 18:35 - 00000000 ____D C:\ProgramData\RogueKiller
2015-06-21 10:31 - 2015-06-21 10:31 - 00000000 ____D C:\Program Files\HitmanPro
2015-06-21 09:42 - 2015-06-21 10:10 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-21 09:40 - 2015-06-21 18:35 - 00000000 ____D C:\Users\Ahmet\Desktop\mbar
2015-06-21 09:22 - 2015-06-22 11:44 - 00000000 ____D C:\AdwCleaner
2015-06-06 01:10 - 2015-06-06 02:13 - 00000000 ____D C:\Users\Ahmet\AppData\Roaming\Tera_Awesomium
2015-05-25 23:45 - 2015-05-25 23:45 - 00000000 ____D C:\Users\Ahmet\Tracing
2015-05-24 12:39 - 2015-06-07 01:31 - 03864029 _____ C:\Users\Ahmet\Desktop\to be named.flp
2015-05-24 11:14 - 2015-06-05 22:27 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-05-24 11:14 - 2015-05-24 11:14 - 00000000 ____D C:\Users\Ahmet\AppData\Local\TERA
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-22 12:38 - 2013-08-25 22:04 - 00000000 ____D C:\Users\Ahmet\Desktop\malware fight
2015-06-22 12:17 - 2013-04-24 19:45 - 00001020 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-22 11:53 - 2009-07-14 07:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-22 11:53 - 2009-07-14 07:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-22 11:52 - 2011-04-12 17:56 - 00667554 _____ C:\Windows\system32\perfh01F.dat
2015-06-22 11:52 - 2011-04-12 17:56 - 00144774 _____ C:\Windows\system32\perfc01F.dat
2015-06-22 11:52 - 2009-07-14 08:13 - 01603310 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-22 11:49 - 2013-04-24 13:31 - 01097955 _____ C:\Windows\WindowsUpdate.log
2015-06-22 11:45 - 2013-04-24 19:45 - 00001016 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-22 11:45 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-22 10:28 - 2013-04-27 04:52 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-22 10:20 - 2014-11-06 23:44 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-22 00:10 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-21 23:44 - 2013-09-07 12:51 - 00000000 ____D C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2015-06-21 19:19 - 2014-11-17 20:32 - 00000000 ____D C:\Users\Ahmet\AppData\Local\NPE
2015-06-21 18:38 - 2013-04-24 13:31 - 00000000 ____D C:\Users\Ahmet
2015-06-21 18:37 - 2013-06-30 14:00 - 00061204 ____N C:\Windows\mlkumidi(18).log
2015-06-21 18:36 - 2013-09-15 10:06 - 00000000 ____D C:\ProgramData\Norton
2015-06-21 18:36 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\AppCompat
2015-06-21 18:35 - 2013-05-14 17:47 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-06-21 18:35 - 2013-04-29 13:43 - 00000000 ____D C:\Users\Ahmet\AppData\Roaming\Skype
2015-06-21 18:35 - 2013-04-26 18:34 - 00000000 ____D C:\Program Files (x86)\Guild Wars 2
2015-06-21 18:35 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\registration
2015-06-21 09:38 - 2014-08-11 00:13 - 00000000 ____D C:\Users\Ahmet\AppData\Roaming\TS3Client
2015-06-13 03:37 - 2015-05-20 00:04 - 00003030 _____ C:\Windows\System32\Tasks\MSIAfterburner
2015-05-31 16:34 - 2009-07-14 08:08 - 00032590 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-31 11:39 - 2013-09-18 17:01 - 00000000 ____D C:\Users\Ahmet\AppData\Local\CrashDumps
2015-05-26 22:51 - 2015-04-16 14:25 - 00000000 ____D C:\Users\Ahmet\Desktop\yazılar
2015-05-25 23:44 - 2014-09-15 22:44 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-25 23:43 - 2013-04-29 13:42 - 00000000 ____D C:\ProgramData\Skype
 
==================== Files in the root of some directories =======
 
2013-05-06 21:53 - 2013-05-06 21:53 - 0000604 ____H () C:\Program Files (x86)\_Z2
2013-05-06 21:59 - 2013-05-06 21:59 - 0000624 ____H () C:\Program Files (x86)\Common Files\_Z3
2013-05-14 18:15 - 2013-09-02 20:29 - 1065984 _____ () C:\Users\Ahmet\AppData\Local\file__0.localstorage
2013-11-15 00:38 - 2013-11-17 18:43 - 0007602 _____ () C:\Users\Ahmet\AppData\Local\Resmon.ResmonCfg
 
Some files in TEMP:
====================
C:\Users\Ahmet\AppData\Local\Temp\Quarantine.exe
C:\Users\Ahmet\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-13 13:20
 
==================== End of log ============================
 
 
 
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01
Ran by Ahmet at 2015-06-22 12:39:14
Running from C:\Users\Ahmet\Desktop\malware fight
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1052788771-3966947176-2622355626-500 - Administrator - Disabled)
Ahmet (S-1-5-21-1052788771-3966947176-2622355626-1000 - Administrator - Enabled) => C:\Users\Ahmet
ASPNET (S-1-5-21-1052788771-3966947176-2622355626-1004 - Limited - Enabled)
Guest (S-1-5-21-1052788771-3966947176-2622355626-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1052788771-3966947176-2622355626-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton 360 (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Norton 360 (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-1052788771-3966947176-2622355626-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI - Turkish (HKLM-x32\...\{AC76BA86-7AD7-1055-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Mythology Gold Edition 1.00 (HKLM-x32\...\Age of Mythology Gold Edition 1.00) (Version:  - )
AIDA64 Extreme Edition v2.60 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.60 - FinalWire Ltd.)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AutoCAD Architecture 2014 - English (Version: 7.5.17.0 - Autodesk) Hidden
AutoCAD Architecture 2014 Language Pack - English (Version: 7.5.17.0 - Autodesk) Hidden
Autodesk AutoCAD Architecture 2014 - English (HKLM\...\AutoCAD Architecture 2014 - English) (Version: 7.5.17.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dawn of War - Soulstorm (HKLM-x32\...\{20533183-D42D-4261-A125-956736FBEA8C}) (Version: 1.00.0000 - THQ)
Dawn of War - Soulstorm (x32 Version: 1.00.0000 - THQ) Hidden
Dead Space™ (HKLM-x32\...\{6E6F22D7-8AD6-4A87-9A47-733E6E996F50}) (Version: 1.0.0.222 - Electronic Arts)
Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)
Desura: Brytenwalda (HKLM-x32\...\Desura_70703751626768) (Version: Full - Brytenwalda-DevTeam)
Desura: Europe 1200 (Warband) (HKLM-x32\...\Desura_71137543323664) (Version: Beta - Europe 1200 Dev Team)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.7 - Electronic Arts)
Driver Fusion (HKLM-x32\...\Steam App 233570) (Version:  - )
Dropbox (HKU\S-1-5-21-1052788771-3966947176-2622355626-1000\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Dungeon Siege (HKLM-x32\...\Steam App 39190) (Version:  - Gas Powered Games)
Dungeon Siege Legends of Aranna (HKLM-x32\...\Dungeon Siege Legends of Aranna 1.0) (Version:  - Microsoft)
East West EWQLSO Gold Edition (HKLM-x32\...\East West EWQLSO Gold Edition) (Version:  - )
East West Symphonic Choirs (HKLM-x32\...\East West Symphonic Choirs) (Version:  - )
E-License Manager (HKLM-x32\...\E-License Manager) (Version: 1.3.0.0 - Best Service)
E-License Manager (Version: 1.3.0.0 - Magix) Hidden
Engine 2 (HKLM-x32\...\Engine 2) (Version: 2.1.0.151 - Best Service)
Engine 2 (Version: 2.1.0.151 - Best Service) Hidden
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
Everlasting Summer (HKLM-x32\...\Steam App 331470) (Version:  - Soviet Games)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Fotoğraf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Gameforge Live 2.0.6 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
GameRanger (HKU\S-1-5-21-1052788771-3966947176-2622355626-1000\...\GameRanger) (Version:  - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grand Theft Auto: Vice City (HKLM-x32\...\Steam App 12110) (Version:  - Rockstar Games)
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version:  - Arobas Music)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Icecream Ebook Reader version 1.51 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 1.51 - Icecream Apps)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Inca RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.14.0 - Inca)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java™ 7 Update 2 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417002FF}) (Version: 7.0.20 - Oracle)
Java™ SE Development Kit 7 Update 2 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170020}) (Version: 1.7.0.20 - Oracle)
JavaFX 2.0.2 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-202648764D10}) (Version: 2.0.2 - Oracle Corporation)
JavaFX 2.0.2 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-202648764D10}) (Version: 2.0.2 - Oracle Corporation)
K-Lite Codec Pack 6.4.2 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 6.4.2 - )
K-Lite Mega Codec Pack 8.1.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.1.0 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Live 8.2.2 (HKLM-x32\...\Live 8.2.2) (Version:  - )
Lucius (HKLM-x32\...\Steam App 218640) (Version:  - Shiver Games)
MAGIX Movie Edit Pro 2014 Premium (HKLM-x32\...\MX.{72510287-CB56-494C-A719-683B051F76EC}) (Version: 13.0.0.30 - MAGIX AG)
MAGIX Movie Edit Pro 2014 Premium (Version: 13.0.0.30 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{056913A2-B256-4C31-8884-8AB78AF764F4}) (Version: 7.0.1.27 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.1.27 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium Update (Version: 13.0.2.8 - MAGIX AG) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
M-Audio USB MIDI Series Driver 5.0.1 (x64) (HKLM\...\{32ED2629-C9B1-4C29-A32A-F3E04A5EE303}) (Version: 5.0.1 - M-Audio)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office 2013 Yazım Denetleme Araçları - Türkçe (HKLM\...\{90150000-001F-041F-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft1.7.9 (HKLM-x32\...\Minecraft1.7.9) (Version:  - )
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - Taleworlds Entertainment)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MusicLab RealGuitar (HKLM\...\{1864B4F0-8888-5A57-9930-C2B307597966}) (Version: 3.0 - MusicLab, Inc.)
MusicLab Virtual MIDI Driver (HKLM\...\{A30B7FD7-04A1-46e1-ABDF-FD592C113253}) (Version: 2.0.1.0 - MusicLab, Inc.)
Native Instruments Action Strings (HKLM-x32\...\Native Instruments Action Strings) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.3.1.37 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Rise and Hit (HKLM-x32\...\Native Instruments Rise and Hit) (Version: 1.0.0.8 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments)
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.1.0.418 - Native Instruments)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.44.11 - Black Tree Gaming)
Norton 360 (HKLM-x32\...\N360) (Version: 21.7.0.11 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.1 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
Project SAM Symphobia 1.0 (HKLM-x32\...\Project SAM Symphobia_is1) (Version:  - )
ProjectSAM Symphobia 2 (HKLM-x32\...\ProjectSAM Symphobia 2) (Version:  - ProjectSAM)
ProjectSAM Symphobia 2 (Version: 1.0.0.001 - ProjectSAM) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Reason 5.0 (HKLM-x32\...\Reason5_is1) (Version: 5.0 - Propellerhead Software AB)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Sibelius 7 OpenType Fonts (HKLM-x32\...\{FBE64702-E893-4D55-BA5C-514AAF11CCC4}) (Version: 7.0.0 - Avid)
Sibelius 7.0.0.23 (HKLM\...\Sibelius 7.0.0.23_is1) (Version: 7.0.0.23 - Avid)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.12.201408250841 - Sony Mobile Communications AB)
Sony PC Companion 2.10.221 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.221 - Sony)
Splash PRO EX (HKLM-x32\...\Mirillis Splash PRO EX) (Version: 1.13.2 - Mirillis)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Standard Mouse Driver (HKLM-x32\...\{6C4453CD-123A-40FB-8227-E23AF8748C5A}) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Amazing Wagon Adventure (HKLM-x32\...\Steam App 250500) (Version:  - sparsevector)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\Steam App 323370) (Version:  - En Masse Entertainment)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
TP-LINK Kablosuz İstemci Hizmet Programı (HKLM-x32\...\{7A2A107B-9695-423F-9462-8F17C178BD35}) (Version: 7.0 - TP-LINK)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unity Web Player (HKU\S-1-5-21-1052788771-3966947176-2622355626-1000\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version:  - Relic)
Warhammer Mark of Chaos (HKLM-x32\...\{5F374D5D-DB43-4263-9C29-BAB2C93FEFE6}) (Version: 1.006.000 - NAMCO BANDAI Games)
Warhammer Mark of Chaos Manual Patch (HKLM-x32\...\{442D5880-05B4-4DC8-A038-2EDA79FAE601}) (Version: 1.72 - Deep Silver)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic Entertainment)
Windows Live Temel Parçalar (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Yet Another Zombie Defense (HKLM-x32\...\Steam App 270550) (Version:  - Awesome Games Studio)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1052788771-3966947176-2622355626-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ahmet\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1052788771-3966947176-2622355626-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> D:\Autocad\Autocad 2014\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1052788771-3966947176-2622355626-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> D:\Autocad\Autocad 2014\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1052788771-3966947176-2622355626-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> D:\Autocad\Autocad 2014\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1052788771-3966947176-2622355626-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Autocad\Autocad 2014\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1052788771-3966947176-2622355626-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ahmet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1052788771-3966947176-2622355626-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ahmet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1052788771-3966947176-2622355626-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ahmet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1052788771-3966947176-2622355626-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ahmet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1052788771-3966947176-2622355626-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ahmet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1052788771-3966947176-2622355626-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ahmet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1052788771-3966947176-2622355626-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ahmet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1052788771-3966947176-2622355626-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ahmet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
13-06-2015 13:27:26 Zamanlanan Denetim Noktası
21-06-2015 01:57:33 Zamanlanan Denetim Noktası
21-06-2015 11:25:55 HitmanPro Kontrol Noktası
21-06-2015 11:26:13 HitmanPro Kontrol Noktası
21-06-2015 18:30:56 Geri Yükleme İşlemi
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 05:34 - 2013-08-26 19:00 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0068C66E-31B9-490B-AFF3-A5FE321E7765} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {081C11C3-B46D-4E39-A5BB-E88699587073} - System32\Tasks\{6AA0AE4C-0E3E-4CEF-AA02-5CDD99B5EB18} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
Task: {089C71FE-C592-410A-BF39-3C58D4205129} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {0ED2852C-26D0-495F-8104-65DB5A830947} - System32\Tasks\{49D15471-BE2C-4C5D-85C3-7F4FAFA022C0} => D:\Rappelz\Rappelz\Launcher.exe
Task: {107D94B2-89FD-437C-98E1-5A7E7D3924C8} - System32\Tasks\{83031C80-DC8D-45A1-B8F8-7A9F2599ABDB} => pcalua.exe -a C:\Users\Ahmet\Downloads\aom10to110.exe -d C:\Users\Ahmet\Downloads
Task: {10A7AAFB-271D-4DEF-9CB2-00C80E8A8458} - System32\Tasks\{4ED66549-9603-4A11-B8B9-2EA721885482} => Chrome.exe http://ui.skype.com/...all?page=tsMain
Task: {185AE724-C5DB-4530-8920-81BF1AEA0F8F} - System32\Tasks\{01ED88BF-39FE-4208-B6A5-04BEE119700B} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" -c /AppMode=SETUP /Uninstall
Task: {20B5FC7E-5BF2-4442-B755-D8047DB9048E} - System32\Tasks\{92E86EB1-2F04-4CE7-AE60-EE1F0445E7A9} => C:\Program Files (x86)\Microsoft Games\Dungeon Siege\DSLOA.exe [2013-05-05] (Gas Powered Games)
Task: {234DCCCA-13D6-4A63-9325-30DA2885F5A0} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {23C78FB2-CF68-4F5B-ADA3-FF5B4803D9A2} - System32\Tasks\{D99315BF-9D4B-4757-A924-D3B69ABD2DE2} => C:\Program Files (x86)\Microsoft Games\Dungeon Siege\DSLOA.exe [2013-05-05] (Gas Powered Games)
Task: {265BB5B6-8102-478D-9D42-677BFC6E3324} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-24] (Google Inc.)
Task: {3803B27A-BE98-4A77-AEF1-87E0F1BB39BF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {46188398-430D-43FB-B731-5912A6F9CF9F} - System32\Tasks\{9ECBE305-6FC2-4787-855D-4537A027EECE} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {48378042-A027-47B4-900A-4BABD18FE5A4} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {5AB7A2AF-4A9A-4BBC-A0CC-CE57D6F06065} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {5C69028D-C045-4CF1-8AE5-85E6BC20911F} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {60583F1E-8BF7-499D-9E9B-777160FFE31C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-24] (Google Inc.)
Task: {7138CCEF-C137-48C1-832E-6FA02F7F1C8D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8C31A29B-0A59-4D6B-B174-D9FEE5C8683F} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-06-10] ()
Task: {945C8B27-8EA1-4263-924E-CB8174258C8D} - System32\Tasks\{31DE04DF-AA4F-4465-B00A-9602DF829D25} => C:\Users\Ahmet\Downloads\gPotato+Generator+2014.exe
Task: {A95D3B77-AB62-4E23-9F75-781E6BB3260B} - System32\Tasks\{A3A18669-C1FE-4322-A797-1F106126464C} => C:\Users\Ahmet\Downloads\gPotato+Generator+2014.exe
Task: {C1F740AA-0963-4FBC-B06B-F18F302FED4D} - System32\Tasks\{7081D7C8-D710-438E-8420-7DCD7109EA5D} => C:\Program Files (x86)\Microsoft Games\Dungeon Siege\DSLOA.exe [2013-05-05] (Gas Powered Games)
Task: {C4D0CB7C-B96A-431E-AB11-8D0A412CD11A} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {C8C0D8EB-E782-4A92-87E4-84BC0D3BEEBF} - System32\Tasks\{EC933E45-70E3-4F59-97CC-43D2A061A3D1} => C:\Program Files (x86)\Microsoft Games\Dungeon Siege\DSLOA.exe [2013-05-05] (Gas Powered Games)
Task: {D40E5700-E568-4F17-B37B-AF0F1CC1F345} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {D8B5E022-83B9-4786-91FB-4072DB62A1B8} - System32\Tasks\{A534891C-0A16-4A84-8B3C-F282BC845EE9} => pcalua.exe -a "D:\Daemon Tools\DAEMON Tools Lite\InstallGadget.exe" -d "D:\Daemon Tools\DAEMON Tools Lite"
Task: {E9F978EA-F8AE-4F1F-AF39-8A5CFA4EFD92} - System32\Tasks\{BDB50D60-4D24-4F8F-96D3-D62ACFC2BC0B} => D:\Hitman\Hitman Contracts\hitman3\HitmanContracts.exe
Task: {ED05FB49-1E3F-48B8-B28F-862510C38DA8} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {ED0E9E57-A4FB-4FCA-8180-4E7F01EA241E} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-01] (Microsoft Corporation)
Task: {F2AB428A-5CE7-4029-8A95-D659C8873F2B} - System32\Tasks\{9A299EF7-C49D-4F21-93AF-7F172E7253F4} => pcalua.exe -a C:\Games\AOM\Gamedrive\GameDrive10.08.04.06.exe -d C:\Games\AOM\Gamedrive
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-06-10 09:04 - 2014-06-10 09:04 - 00465064 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-10-08 16:46 - 2013-10-28 11:06 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-05 08:36 - 2014-06-05 08:36 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2014-06-05 08:36 - 2014-06-05 08:36 - 00056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2014-06-05 08:37 - 2014-06-05 08:37 - 00216064 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2014-06-05 08:36 - 2014-06-05 08:36 - 00127488 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2014-06-05 08:37 - 2014-06-05 08:37 - 00638976 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2013-08-29 13:21 - 2013-07-15 20:29 - 00620718 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2013-12-28 13:28 - 2012-02-20 13:59 - 01087336 _____ () C:\Program Files (x86)\Inca\Common\RaWLAPI.dll
2015-06-22 00:16 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-06-22 00:16 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-06-22 00:16 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-06-22 00:16 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-06-22 00:16 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-04-24 16:17 - 2012-02-21 12:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-06-09 19:18 - 2015-06-05 21:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-09 19:18 - 2015-06-05 21:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:n3YP8Awzbn88p2o6I7K8m
AlternateDataStreams: C:\Program Files\Common Files\System:QFr8jREmhLFTKzl9mMJeKPUh
AlternateDataStreams: C:\Program Files\Common Files\System:sjBYpA0MSyPmv2Q1tVov6i3
AlternateDataStreams: C:\Users\Ahmet\AppData\Local\NHg2PaGq4kK:QD11BCa8hLKHB7e49nl
AlternateDataStreams: C:\ProgramData\Microsoft:FUN3b4B0DWxJcf3PQIjhO
AlternateDataStreams: C:\ProgramData\Microsoft:oDKFXh8NCLxbchTHHxq1
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1052788771-3966947176-2622355626-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ahmet\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: uTorrent => "C:\Users\Ahmet\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{F622496B-3267-40FA-974E-5664B32DF30A}] => (Allow) C:\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{AD56D0AC-C1CB-43A8-A9E6-2BABDEC8EAAD}] => (Allow) C:\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{758F59A3-6BE1-4C95-BF89-337DC224FDBF}] => (Block) %ProgramFiles% (x86)\Mirillis\Splash PRO EX\SplashProEx.exe
FirewallRules: [{F21D3456-5F3A-4F95-B805-95DD39DA954F}] => (Block) %ProgramFiles% (x86)\Mirillis\Splash PRO EX\SplashProEx.exe
FirewallRules: [{33FA93FC-3FFB-4997-9047-ED2F655E41FF}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgdiagex.exe
FirewallRules: [{DAE7A108-9DB8-4FF1-B54D-BDEAB1A9DE0E}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgdiagex.exe
FirewallRules: [{A8329C48-CFBF-4B61-B4ED-7D557B8F70F7}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
FirewallRules: [{9E8703C1-9768-4B7A-A472-EABF9F3AE2F9}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
FirewallRules: [{FB2A600F-BE12-4F8A-9488-AD5814C5653F}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe
FirewallRules: [{91432846-C860-408C-B23A-3AF22011E31F}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe
FirewallRules: [{0B827746-7486-457B-BA60-C0847F3C8310}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgam.exe
FirewallRules: [{7B57EE39-A5B2-46EF-957B-631F76C468BD}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgam.exe
FirewallRules: [{012ECD42-2FEC-4356-B7D3-BCCDE0A7652B}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgemca.exe
FirewallRules: [{7BD063DF-953A-4ADA-86AA-B86BF28DE94E}] => (Allow) C:\Program Files (x86)\AVG\AVG10\avgemca.exe
FirewallRules: [{12743D24-FD1A-4A60-B0B1-DA88CF5EF5ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6A919324-CF84-452D-A59E-EC6186F8D541}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{69453278-9DF5-43D9-852A-BEA8062F97BE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3C1731DF-95C1-4F5D-A579-C230A14E08D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{19C9F2FE-40AF-4BA3-9F2F-856839F74894}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{21241FD8-BA27-4B57-B72A-3737DFF31621}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{0FC57C9E-C6F2-4E38-9642-B43C137DC3DF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{8573EF14-ADA9-4A66-A3BC-AEF68F759CA3}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{2A6D7ABB-7FF5-46B1-B0AE-48BAFFE76CEF}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{DEFC7D0D-D072-403B-8384-B6BB2668BB18}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{027FD409-3665-4260-96D0-36DD1F5A272E}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{D309D2EB-94E3-4F83-B1F6-EBAD47417F5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Driver Fusion\DriverFusion.exe
FirewallRules: [{FD849E2A-49F9-40B1-B996-E92CFA786801}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Driver Fusion\DriverFusion.exe
FirewallRules: [{CF77E6DA-B13F-462A-B446-CF510899C607}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{BCFB9B9E-49D8-4E62-B7BB-610BDB46D375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{093DDC40-FF03-4816-BF80-FBE269C42F27}] => (Allow) C:\Users\Ahmet\Downloads\utorrent.exe
FirewallRules: [{8F8DAA9D-0148-49A4-931D-B26C7E2E867B}] => (Allow) C:\Users\Ahmet\Downloads\utorrent.exe
FirewallRules: [{BDA42983-459E-4571-896E-E46D2A4F70DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Siege 1\DungeonSiege.exe
FirewallRules: [{5B4C8AA9-9D1B-47B2-BC9F-BC0895E92E29}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Siege 1\DungeonSiege.exe
FirewallRules: [{3FE41B47-C52B-44FF-8987-766A86A06AF4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{2796A82B-58FE-4D08-8BC4-E1CAAF1D1AD3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{EA2C027E-319E-4A2B-B12D-7BA81ECB7E44}] => (Allow) D:\Crysis 3\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{E27CD7E9-F15F-48AC-B78C-85925A2324A7}] => (Allow) D:\Crysis 3\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{8EEDBFB8-F671-4369-8C26-5B8D45501061}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{2880E67F-5B14-4233-873B-5CEAAA9FA13D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E38FC153-67C7-4E57-8897-14C2948D6417}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2F7710D5-3AD9-433C-AFA8-15AA6C642B0D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8E712969-72FA-4603-A4DE-BF460443C0EE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{17F0F469-A9FF-45F7-AEF2-F554C229C2A4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{6531D6AA-FE93-44D6-990A-4C00A91FCF12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{2FB489E3-338E-4A77-9E65-193F1A5EA56E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{BA442A1C-8730-4C14-A975-01D76C93E529}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{BCA03945-49F1-4718-B74B-243EC81B88D1}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{1B06C7BE-A2FF-4315-89F0-498404678AF5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{AA6071E1-8BB5-40F8-BCDB-67FD13396B7A}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{AE47AA4E-F861-45B8-8FA0-1BB5A2642313}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{82BCDE4D-21BF-4252-A6C7-D684C4B1B3FC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{008B1231-479C-46CB-83AD-1F431BDCB782}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{EA6BD4DA-973C-4703-8CBA-76419F49969B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{79335EDB-5269-4D9C-9AB1-0EEA67694994}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{904C2851-51FD-4585-ABFA-8B09C1CA1FAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [{1013065B-978B-4B57-91DB-49A306C3D87C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [{511F538E-9919-498E-9CE9-B60574572A06}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [{43E80227-3235-4A3C-A415-C639903DF308}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nmrih\sdk\bin\Hammer.bat
FirewallRules: [{87516370-0F73-495A-90AB-B08788A39D5F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Driver Fusion\DriverFusion.exe
FirewallRules: [{58C135A6-02EB-426E-A6D7-33D4A431A5FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Driver Fusion\DriverFusion.exe
FirewallRules: [{8F21A415-3F96-4CB3-B702-D9C9E2707A4F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{1D2BC534-D932-4F79-92E6-0299AE30E815}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{8DD0439E-D788-4841-9D40-8F94D11B8EA3}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{B4FFE508-3C19-4266-AE84-EA8E3AE31A24}] => (Allow) C:\Program Files (x86)\Inca\Common\RaMediaServer.exe
FirewallRules: [{6C19466A-8F76-486A-A079-3BD67DE18331}] => (Allow) C:\Program Files (x86)\Inca\Common\RaMediaServer.exe
FirewallRules: [{07B40C02-DFEB-48F6-9713-E0019F729CA0}] => (Allow) C:\Program Files (x86)\Inca\Common\RaUI.exe
FirewallRules: [{C90FAB0F-3282-45FF-862B-471987570BED}] => (Allow) C:\Program Files (x86)\Inca\Common\RaUI.exe
FirewallRules: [{83047D39-2DF2-4B62-BAD1-55B9AD6BA1AE}] => (Allow) D:\markofchaos\Warhammer.exe
FirewallRules: [{F3526C2E-F519-41C3-B690-0EA8550ED554}] => (Allow) D:\markofchaos\Warhammer.exe
FirewallRules: [{B5E3EAF8-BF33-4D25-8D0F-5E05E92A76A9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C6522872-E635-42AA-9E4E-1F0F5AEE4AA2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{35A00350-36FB-4938-B3A2-7B5896673EE0}] => (Allow) C:\Users\Ahmet\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3287D174-BDE6-4FCA-84D9-CE5B29F507C5}] => (Allow) C:\Users\Ahmet\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{982DD9FC-DCE9-4953-BA22-1950F66D833C}] => (Allow) D:\Crysis 3\Dead Space\Dead Space.exe
FirewallRules: [{9B55CE57-8E41-4429-93E2-348CB539016B}] => (Allow) D:\Crysis 3\Dead Space\Dead Space.exe
FirewallRules: [{849F9679-8B4D-423A-B540-4289C5281468}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8489A7F0-6C80-43BD-8FEE-474364EA8F3D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FE6942AC-456F-40D3-8A3D-AD7A024F8818}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{DF82B423-B362-49F7-A5AF-8385A8350201}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{362BBD9F-A098-44BA-BA3F-9C507686920E}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{61F6C20D-ACC0-4427-87A9-0C36E86B213E}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{F34740F2-3537-4979-B680-84B917FDABDD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{E68C48AB-049E-4E7C-8B6D-333033E8E99F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{8E19524A-4AEF-4523-A1B8-5A7A4F2629FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{676381F0-23C2-4217-BDBF-4F3F1E84099E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{F9B65F6C-2EC7-469E-96E6-A2CAA9D617B6}] => (Allow) C:\Users\Ahmet\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C10EFE0E-8CE8-47CD-B3C5-ABD39F20C206}] => (Allow) C:\Users\Ahmet\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7EC882E4-2859-4461-B23C-F20C4E79A6C7}] => (Allow) C:\Users\Ahmet\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{407AB62D-1CAA-4B8A-AB7B-57063CCDC2BB}] => (Allow) C:\Users\Ahmet\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{353C26EE-6213-4107-A0EC-A5C073C556A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lucius\Lucius.exe
FirewallRules: [{5D938DEB-E3A9-47D6-B6D3-828DFC488761}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lucius\Lucius.exe
FirewallRules: [{0B2AC5C0-1BE8-4412-B016-F642A25208F9}] => (Allow) LPort=50248
FirewallRules: [{9A467B5B-C622-4E69-8B0A-8E05FFDD685A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{0F198AC4-B2A1-4E9F-8552-10F8D96122BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{5DE342C5-E5BD-4076-9A9B-01BFB43C5669}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [{552EF226-F00E-41DF-B189-088ED7EDBBDA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [{A7150FE6-C53A-44EA-92A1-2290E6774494}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Everlasting Summer\Everlasting Summer.exe
FirewallRules: [{D1971A90-CAD2-4A38-9484-47B1B49DC6D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Everlasting Summer\Everlasting Summer.exe
FirewallRules: [{89B3EFC0-6BCD-42B1-ABB2-6A25C3E35AA4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FAF3E761-CED4-42C2-9430-D859726B1CB5}] => (Allow) LPort=2869
FirewallRules: [{D0E9A773-7F84-42E9-B591-6C4D3F7F6F99}] => (Allow) LPort=1900
FirewallRules: [{ABD956D4-9C8A-4B59-A5A3-EFF2CC34679D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{0CFC7DF3-06E0-4E48-A95F-EFFE14C5A171}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{96AFA7F0-3129-47AA-B15B-D8B78A7D51FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{594C06D7-0143-44B6-BFAB-CF8DEC9BE6CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{475BB149-EF37-4445-9877-C7DD6423E7FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Yet Another Zombie Defense\YetAnotherZombieDefense.exe
FirewallRules: [{D49EC912-30F4-4E19-ABCA-20030B17F803}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Yet Another Zombie Defense\YetAnotherZombieDefense.exe
FirewallRules: [{74DEAF1C-0E67-4132-BC8A-9F3553F1E921}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Savage Lands\SavageLands.exe
FirewallRules: [{10A16487-521E-4719-B0A9-D7C7ED124F34}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Savage Lands\SavageLands.exe
FirewallRules: [{CDE9BF61-7E81-463A-B89D-9DB37E842273}] => (Allow) D:\TERA\GameforgeLive\gfl_client.exe
FirewallRules: [{7E916C3A-1BAB-47C0-86A8-47805AFB8347}] => (Allow) C:\Program Files (x86)\Inca\Common\ApUI.exe
FirewallRules: [{97AD6077-5189-497F-9F7B-7B220CC22FBB}] => (Allow) C:\Program Files (x86)\Inca\Common\ApUI.exe
FirewallRules: [{98E0612F-4A2C-430D-A1CD-57ABE6B6C71E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{32B8129D-0195-4EC4-93D8-C23A8B576ECD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{CB5F50EE-3905-4CB3-B5E8-ABE3BF0FEFB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{D412AA61-4B70-4D42-8CAD-72933F6B9377}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{18922731-95A3-4F7E-A495-0F05F558053A}] => (Allow) D:\Crysis 3\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{B2958E2A-58D4-4105-AB76-51FE3851E519}] => (Allow) D:\Crysis 3\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{DE950E49-EDD7-4EC4-A3F1-80B84888F0B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{0CF29297-6149-4FF3-A000-ED20F7F03987}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{4C1FAA4D-D241-4074-AFA7-1769324D23A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TERA\TERA-Launcher.exe
FirewallRules: [{0086C4D4-71EC-4408-BD38-0F9364D8E797}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TERA\TERA-Launcher.exe
FirewallRules: [{498B9989-79F1-4A35-9FCE-05064C55F378}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/22/2015 11:46:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/22/2015 11:45:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Atlanıyor: Eap method DLL path name doğrulaması başarısız. Hata: typeId=43, authorId=9, vendorId=0, vendorType=0
 
Error: (06/22/2015 11:45:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Atlanıyor: Eap method DLL path name doğrulaması başarısız. Hata: typeId=25, authorId=9, vendorId=0, vendorType=0
 
Error: (06/22/2015 11:45:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Atlanıyor: Eap method DLL path name doğrulaması başarısız. Hata: typeId=17, authorId=9, vendorId=0, vendorType=0
 
Error: (06/22/2015 10:34:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SDFiles.exe programının 2.4.40.135 sürümü, Windows ile birlikte çalışmayı durdurdu ve kapatıldı. Sorun hakkında daha fazla bilgi olup olmadığını görmek için Eylem Merkezi denetim masasında sorunun geçmişini denetleyin.
 
İşlem Kimlik No: 167c
 
Başlatma Saati: 01d0acbd57c3b2d4
 
Sona Erdirme Saati: 10
 
Uygulama Yolu: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe
 
Rapor Kimliği: 114f0277-18b1-11e5-8e6a-d02788a9829e
 
Error: (06/22/2015 10:30:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SDFiles.exe programının 2.4.40.135 sürümü, Windows ile birlikte çalışmayı durdurdu ve kapatıldı. Sorun hakkında daha fazla bilgi olup olmadığını görmek için Eylem Merkezi denetim masasında sorunun geçmişini denetleyin.
 
İşlem Kimlik No: c04
 
Başlatma Saati: 01d0acbcfc39d2e5
 
Sona Erdirme Saati: 0
 
Uygulama Yolu: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe
 
Rapor Kimliği: 8e7d9522-18b0-11e5-8e6a-d02788a9829e
 
Error: (06/21/2015 07:11:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/21/2015 07:10:21 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Atlanıyor: Eap method DLL path name doğrulaması başarısız. Hata: typeId=43, authorId=9, vendorId=0, vendorType=0
 
Error: (06/21/2015 07:10:21 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Atlanıyor: Eap method DLL path name doğrulaması başarısız. Hata: typeId=25, authorId=9, vendorId=0, vendorType=0
 
Error: (06/21/2015 07:10:21 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Atlanıyor: Eap method DLL path name doğrulaması başarısız. Hata: typeId=17, authorId=9, vendorId=0, vendorType=0
 
 
System errors:
=============
Error: (06/22/2015 11:46:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Ralink UPnP Media Server hizmetinin bağlanması beklenirken zaman aşımı (30000 milisaniye) oluştu.
 
Error: (06/22/2015 11:45:36 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Kablosuz Yerel Ağ Genişletilebilirlik Modülü başlatılamadı.
 
Modül Yolu: C:\Windows\system32\athExt.dll
Hata Kodu: 126
 
Error: (06/22/2015 11:44:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Live ID Sign-in Assistant hizmeti şu hata nedeniyle başlatılamadı: 
%%3
 
Error: (06/22/2015 11:44:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Autodesk Content Service hizmeti şu hata nedeniyle başlatılamadı: 
%%109
 
Error: (06/22/2015 11:44:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Intel® Capability Licensing Service Interface hizmeti beklenmedik şekilde sona erdi.  Bu durum 1 defa oluştu.  0 milisaniye içinde şu düzeltme eylemi uygulanacak: Hizmeti yeniden başlat.
 
Error: (06/22/2015 11:44:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search hizmeti beklenmedik şekilde sona erdi.  Bu durum 2 defa oluştu.  30000 milisaniye içinde şu düzeltme eylemi uygulanacak: Hizmeti yeniden başlat.
 
Error: (06/22/2015 11:44:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Spybot-S&D 2 Scanner Service hizmeti beklenmedik şekilde sona erdi.  Bu durum 1 defa oluştu.  60000 milisaniye içinde şu düzeltme eylemi uygulanacak: Hizmeti yeniden başlat.
 
Error: (06/22/2015 11:44:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Spybot-S&D 2 Updating Service hizmeti beklenmedik şekilde sona erdi.  Bu durum 1 defa oluştu.  60000 milisaniye içinde şu düzeltme eylemi uygulanacak: Hizmeti yeniden başlat.
 
Error: (06/22/2015 11:44:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Spybot-S&D 2 Security Center Service hizmeti beklenmedik şekilde sona erdi.  Bu durum 1 defa oluştu.  60000 milisaniye içinde şu düzeltme eylemi uygulanacak: Hizmeti yeniden başlat.
 
Error: (06/22/2015 11:44:18 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Intel® Management and Security Application User Notification Service hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu durum 1 defa oluştu.
 
 
Microsoft Office:
=========================
Error: (06/22/2015 11:46:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/22/2015 11:45:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path name43900
 
Error: (06/22/2015 11:45:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path name25900
 
Error: (06/22/2015 11:45:36 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path name17900
 
Error: (06/22/2015 10:34:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SDFiles.exe2.4.40.135167c01d0acbd57c3b2d410C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe114f0277-18b1-11e5-8e6a-d02788a9829e
 
Error: (06/22/2015 10:30:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SDFiles.exe2.4.40.135c0401d0acbcfc39d2e50C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe8e7d9522-18b0-11e5-8e6a-d02788a9829e
 
Error: (06/21/2015 07:11:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/21/2015 07:10:21 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path name43900
 
Error: (06/21/2015 07:10:21 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path name25900
 
Error: (06/21/2015 07:10:21 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Eap method DLL path name17900
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-08-26 18:59:43.625
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-26 18:59:43.594
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-13 17:57:25.808
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-13 17:57:25.801
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-13 17:57:24.660
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-13 17:57:24.652
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-13 17:57:23.642
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-13 17:57:23.635
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-13 17:57:22.625
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-13 17:57:22.617
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 18%
Total physical RAM: 16366.16 MB
Available physical RAM: 13376.57 MB
Total Pagefile: 32730.49 MB
Available Pagefile: 29199.1 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:961.93 GB) (Free:235.79 GB) NTFS
Drive d: () (Fixed) (Total:900.99 GB) (Free:312.42 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=961.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=901 GB) - (Type=07 NTFS)
 
==================== End of log ============================
 
 
thanks in advance for helping me :)
John

  • 0

Advertisements


#2
JohnSheen

JohnSheen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 62 posts

anyone there? 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP