squa4141 Posted June 21, 2014 ID:844405 Share Posted June 21, 2014 hi ı have a problem with my browsers, my homepage to the all browsers changed to netmahal.com and ı cannot change it to anything else it says smt like its protected by admin or smt else ı searched for a program or a extension to uninstall but ı cannot seem to find any can anyone help me about it thanks in advance Link to post Share on other sites More sharing options...
kevinf80 Posted June 21, 2014 ID:844412 Share Posted June 21, 2014 Hello and P2P/Piracy Warning: If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy. Download Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. Kevin.... Link to post Share on other sites More sharing options...
squa4141 Posted June 28, 2014 Author ID:847103 Share Posted June 28, 2014 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02Ran by msLm (administrator) on JELY on 28-06-2014 18:58:00Running from C:\Users\msLm\DownloadsPlatform: Windows 8 Pro (X64) OS Language: İngilizce (Amerikan)Internet Explorer Version 10Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe(Navigation Co., Ltd.) C:\Users\msLm\AppData\Roaming\ntsvc\ntsvc.exe(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe(Fuyu LIMITED) C:\ProgramData\WindowsProtectManger\wprotectmanager.exe(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe() C:\Windows\SysWOW64\nethtsrv.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe() C:\Program Files\PCDApp\dgen.exe() C:\Windows\SysWOW64\netupdsrv.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe(AMD) C:\Windows\System32\atieclxx.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM-x32\...\Run: [DApp] => C:\Program Files\PCDApp\start.vbs [178 2014-04-10] ()HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [RaidCall] => C:\Program Files (x86)\RaidCall\raidcall.exe [4136648 2014-06-11] (RAIDCALL.COM)HKU\S-1-5-21-3457312435-3205453873-764764607-1001\...\Run: [speedUpMyComputer] => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ssHKU\S-1-5-21-3457312435-3205453873-764764607-1001\...\Run: [FixMyRegistry] => C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe [1886840 2014-05-26] ()HKU\S-1-5-21-3457312435-3205453873-764764607-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.)AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not FoundAppInit_DLLs-x32: c:\progra~2\suptab\search~1.dll => c:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)IFEO\bitguard.exe: [Debugger] tasklist.exeIFEO\bprotect.exe: [Debugger] tasklist.exeIFEO\bpsvc.exe: [Debugger] tasklist.exeIFEO\browserdefender.exe: [Debugger] tasklist.exeIFEO\browserprotect.exe: [Debugger] tasklist.exeIFEO\browsersafeguard.exe: [Debugger] tasklist.exeIFEO\dprotectsvc.exe: [Debugger] tasklist.exeIFEO\jumpflip: [Debugger] tasklist.exeIFEO\protectedsearch.exe: [Debugger] tasklist.exeIFEO\searchinstaller.exe: [Debugger] tasklist.exeIFEO\searchprotection.exe: [Debugger] tasklist.exeIFEO\searchprotector.exe: [Debugger] tasklist.exeIFEO\searchsettings.exe: [Debugger] tasklist.exeIFEO\searchsettings64.exe: [Debugger] tasklist.exeIFEO\snapdo.exe: [Debugger] tasklist.exeIFEO\stinst32.exe: [Debugger] tasklist.exeIFEO\stinst64.exe: [Debugger] tasklist.exeIFEO\umbrella.exe: [Debugger] tasklist.exeIFEO\utiljumpflip.exe: [Debugger] tasklist.exeIFEO\volaro: [Debugger] tasklist.exeIFEO\vonteera: [Debugger] tasklist.exeIFEO\websteroids.exe: [Debugger] tasklist.exeIFEO\websteroidsservice.exe: [Debugger] tasklist.exeShellIconOverlayIdentifiers: ExplorerEx -> {E056AFDD-03E9-4D73-8D33-8FCCBCA73438} => C:\Users\msLm\AppData\Roaming\Macwebtoise\explorerEx64.dll ()GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.netmahal.com/?bd=hp&oem=seed&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&version=2.0.0.1124&pid=414031160&cs=079409f96fd6b59499dfef9efa2f522fHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.tr.msn.com/HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x352211CC2F79CF01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = tr-TRHKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.netmahal.com/?bd=hp&oem=seed&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&version=2.0.0.1124&pid=414031160&cs=079409f96fd6b59499dfef9efa2f522fHKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.netmahal.com/?bd=ds&oem=seed&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&version=2.0.0.1124&pid=414031160&cs=079409f96fd6b59499dfef9efa2f522f&q={searchTerms}HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.netmahal.com/?bd=hp&oem=seed&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&version=2.0.0.1124&pid=414031160&cs=079409f96fd6b59499dfef9efa2f522fHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.netmahal.com/?bd=hp&oem=seed&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&version=2.0.0.1124&pid=414031160&cs=079409f96fd6b59499dfef9efa2f522fHKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.netmahal.com/?bd=ds&oem=seed&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&version=2.0.0.1124&pid=414031160&cs=079409f96fd6b59499dfef9efa2f522f&q={searchTerms}HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.netmahal.com/?bd=ds&oem=seed&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&version=2.0.0.1124&pid=414031160&cs=079409f96fd6b59499dfef9efa2f522f&q={searchTerms}HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.netmahal.com/?bd=hp&oem=seed&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&version=2.0.0.1124&pid=414031160&cs=079409f96fd6b59499dfef9efa2f522fHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.netmahal.com/?bd=hp&oem=seed&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&version=2.0.0.1124&pid=414031160&cs=079409f96fd6b59499dfef9efa2f522fHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.netmahal.com/?bd=ds&oem=seed&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&version=2.0.0.1124&pid=414031160&cs=079409f96fd6b59499dfef9efa2f522f&q={searchTerms}StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1401142800&from=amt&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809SearchScopes: HKLM - DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = http://search.netmahal.com/?bd=ds&oem=seed&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&version=2.0.0.1124&pid=414031160&cs=079409f96fd6b59499dfef9efa2f522f&q={searchTerms}SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0613&utm_campaign=installer&utm_content=ds&from=wpm0613&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&ts=1402565404&type=default&q={searchTerms}SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=312&systemid=102&v=n12521-359&apn_uid=1585132332304741&apn_dtid=BND102&o=APN10646&apn_ptnrs=AG7&q={searchTerms}SearchScopes: HKLM - {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = http://search.netmahal.com/?bd=ds&oem=seed&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&version=2.0.0.1124&pid=414031160&cs=079409f96fd6b59499dfef9efa2f522f&q={searchTerms}SearchScopes: HKLM-x32 - DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = http://search.netmahal.com/?bd=ds&oem=seed&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&version=2.0.0.1124&pid=414031160&cs=079409f96fd6b59499dfef9efa2f522f&q={searchTerms}SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0613&utm_campaign=installer&utm_content=ds&from=wpm0613&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&ts=1402565404&type=default&q={searchTerms}SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=312&systemid=102&v=n12521-359&apn_uid=1585132332304741&apn_dtid=BND102&o=APN10646&apn_ptnrs=AG7&q={searchTerms}SearchScopes: HKLM-x32 - {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = http://search.netmahal.com/?bd=ds&oem=seed&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&version=2.0.0.1124&pid=414031160&cs=079409f96fd6b59499dfef9efa2f522f&q={searchTerms}SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0613&utm_campaign=installer&utm_content=ds&from=wpm0613&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&ts=1402565404&type=default&q={searchTerms}SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=312&systemid=102&v=n12521-359&apn_uid=1585132332304741&apn_dtid=BND102&o=APN10646&apn_ptnrs=AG7&q={searchTerms}SearchScopes: HKCU - {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = http://search.netmahal.com/?bd=ds&oem=seed&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUJX9880998809&version=2.0.0.1124&pid=414031160&cs=079409f96fd6b59499dfef9efa2f522f&q={searchTerms}BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)Tcpip\Parameters: [DhcpNameServer] 192.168.2.1Tcpip\..\Interfaces\{F2ABD3DA-07BE-49AF-A180-80DCAB6C8EE3}: [NameServer]8.8.8.8,8.8.4.4 FireFox:========FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\msLm\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)FF Plugin-x32: @speakychat.ch/SpeakyChatLB - C:\Users\msLm\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SpeakyChatLB\NPspeakychatlb.dll (SpeakyChat LB)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\msLm\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPspeakychatlb.dll (SpeakyChat LB)FF Plugin ProgramFiles/Appdata: C:\Users\msLm\AppData\Roaming\mozilla\plugins\npspeakychat.dll (avidoNET GmbH) Chrome: =======CHR HomePage: https://www.google.com/CHR StartupUrls: "https://www.google.com.tr/?gfe_rd=cr&ei=ZKSEU4-jGsHa8gemx4CYCA"CHR NewTab: "chrome-extension://jfolbfegmpgfdnmajkokmahigdibgbpa/index.html"CHR DefaultSearchKeyword: google.com.trCHR Extension: (AdBlock) - C:\Users\msLm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-27]CHR Extension: (Super Newtab) - C:\Users\msLm\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfolbfegmpgfdnmajkokmahigdibgbpa [2014-06-19]CHR Extension: (Totoro Rainy Day) - C:\Users\msLm\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmiagjknjjfockcklibjlfdojojaffff [2014-06-21]CHR Extension: (Google Cüzdan) - C:\Users\msLm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-27]CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)R2 NetHttpService; C:\Windows\SysWOW64\nethtsrv.exe [180224 2014-06-15] () [File not signed]S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [97232 2014-05-09] () [File not signed]R2 Sed; C:\Users\msLm\AppData\Roaming\ntsvc\ntsvc.exe [404336 2014-06-20] (Navigation Co., Ltd.)R2 ServiceUpdater; C:\Windows\SysWOW64\netupdsrv.exe [162304 2014-06-15] () [File not signed]R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)R2 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe [591776 2014-06-11] (Fuyu LIMITED) ==================== Drivers (Whitelisted) ==================== S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2013-12-19] (Advanced Micro Devices)R1 nethfdrv; C:\Windows\system32\drivers\nethfdrv.sys [46160 2014-06-15] (nethfdrv)S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-28 18:58 - 2014-06-28 18:58 - 00015374 _____ () C:\Users\msLm\Downloads\FRST.txt2014-06-28 18:57 - 2014-06-28 18:58 - 00000000 ____D () C:\FRST2014-06-28 18:57 - 2014-06-28 18:57 - 02083328 _____ (Farbar) C:\Users\msLm\Downloads\FRST64.exe2014-06-27 22:26 - 2014-06-27 22:26 - 00000687 _____ () C:\awh5E19.tmp2014-06-26 00:46 - 2014-06-26 00:46 - 00000687 _____ () C:\awhA6A8.tmp2014-06-25 12:15 - 2014-06-25 12:18 - 00000000 ____D () C:\Users\msLm\Desktop\yenı resımler2014-06-24 01:36 - 2014-06-28 04:08 - 00000384 _____ () C:\Users\msLm\Desktop\KORAY CHAR ID SIFRE.txt2014-06-21 15:20 - 2014-06-21 15:20 - 00000000 ____D () C:\Program Files (x86)\JoniCouuPon2014-06-21 15:20 - 2014-06-21 15:20 - 00000000 ____D () C:\Program Files (x86)\DDigISaivver2014-06-21 15:20 - 2014-06-21 15:20 - 00000000 ____D () C:\Program Files (x86)\ALlSaveer2014-06-20 14:53 - 2014-06-20 14:54 - 62122112 _____ (Logitech Inc.) C:\Users\msLm\Downloads\LGS_8.53.154_x64_Logitech.exe2014-06-20 14:43 - 2014-06-20 14:43 - 00000000 __SHD () C:\Users\msLm\AppData\Local\.#2014-06-20 14:41 - 2014-06-20 14:43 - 00000000 ____D () C:\Users\msLm\Desktop\Turk Empire2014-06-20 10:41 - 2014-06-20 10:41 - 00000687 _____ () C:\awhA4DF.tmp2014-06-19 20:54 - 2014-06-28 12:48 - 00002117 _____ () C:\Users\msLm\Desktop\Google Chrome.lnk2014-06-19 12:20 - 2014-06-19 12:20 - 00002632 __RSH () C:\ProgramData\ntuser.pol2014-06-19 12:20 - 2014-06-19 12:20 - 00000000 ____D () C:\Users\msLm\AppData\Roaming\Macwebtoise2014-06-16 16:32 - 2014-06-16 16:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation2014-06-16 16:31 - 2014-06-16 16:31 - 00000000 ____D () C:\Users\msLm\Documents\C92014-06-16 16:30 - 2014-06-16 16:30 - 00001134 _____ () C:\Users\msLm\Desktop\C9Launcher - Kısayol.lnk2014-06-16 15:47 - 2014-06-24 12:41 - 00000000 ____D () C:\Users\msLm\Desktop\WEBZEN2014-06-16 03:21 - 2014-06-26 02:01 - 00000000 ____D () C:\ProgramData\JoniCouuPon2014-06-15 22:36 - 2014-06-15 22:36 - 00046160 _____ (nethfdrv) C:\Windows\system32\Drivers\nethfdrv.sys2014-06-15 22:35 - 2014-06-15 22:35 - 00246784 _____ () C:\Windows\SysWOW64\hfpapi.dll2014-06-15 22:35 - 2014-06-15 22:35 - 00180224 _____ () C:\Windows\SysWOW64\nethtsrv.exe2014-06-15 22:35 - 2014-06-15 22:35 - 00162304 _____ () C:\Windows\SysWOW64\netupdsrv.exe2014-06-15 22:35 - 2014-06-15 22:35 - 00108544 _____ () C:\Windows\SysWOW64\installd.exe2014-06-15 22:35 - 2014-06-15 22:35 - 00108544 _____ () C:\Windows\SysWOW64\hfnapi.dll2014-06-14 18:52 - 2014-06-14 18:52 - 03249480 _____ (Unity Technologies ApS) C:\Users\msLm\Downloads\UnityWebPlayer.exe2014-06-14 18:52 - 2014-06-14 18:52 - 00000000 ____D () C:\Users\msLm\AppData\Local\Unity2014-06-14 01:01 - 2014-06-14 01:02 - 29498690 _____ () C:\Users\msLm\Downloads\TeamSpeak3-Client-win64-3.0.14.rar2014-06-12 12:30 - 2014-06-21 14:15 - 00000000 ____D () C:\Users\msLm\AppData\Roaming\337Games2014-06-10 17:08 - 2014-06-10 17:08 - 01203803 _____ () C:\Users\msLm\Desktop\mslmmmm.wma2014-06-09 11:46 - 2014-06-26 02:01 - 00000000 ____D () C:\ProgramData\DDigISaivver2014-06-09 02:36 - 2014-06-09 02:36 - 00588673 _____ () C:\Users\msLm\Desktop\PaCoz.wma2014-06-08 09:31 - 2014-06-08 09:31 - 334326936 _____ () C:\Windows\MEMORY.DMP2014-06-08 09:31 - 2014-06-08 09:31 - 00279192 _____ () C:\Windows\Minidump\060814-12386-01.dmp2014-06-08 09:31 - 2014-06-08 09:31 - 00000000 ____D () C:\Windows\Minidump2014-06-05 16:16 - 2014-06-07 03:25 - 00000000 _____ () C:\Windows\SysWOW64\filetrace.log2014-06-03 22:06 - 2014-06-03 22:06 - 00001031 _____ () C:\Users\msLm\AppData\Roaming\Microsoft\Windows\Start Menu\RaidCall.lnk2014-06-03 22:06 - 2014-06-03 22:06 - 00001007 _____ () C:\Users\msLm\Desktop\RaidCall.lnk2014-06-03 22:06 - 2014-06-03 22:06 - 00000000 ____D () C:\Users\msLm\AppData\Roaming\raidcall2014-06-03 22:06 - 2014-06-03 22:06 - 00000000 ____D () C:\Users\msLm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RaidCall2014-06-03 22:06 - 2014-06-03 22:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall2014-06-03 22:05 - 2014-06-13 21:39 - 00000000 ____D () C:\Program Files (x86)\RaidCall2014-06-03 22:05 - 2014-06-03 22:05 - 05526560 _____ () C:\Users\msLm\Downloads\raidcall_7.3.4.exe2014-06-03 02:49 - 2014-06-03 02:49 - 00579693 _____ () C:\Users\msLm\Desktop\surpriz.wma2014-06-02 10:07 - 2014-06-26 02:01 - 00000000 ____D () C:\ProgramData\ALlSaveer2014-06-01 19:08 - 2014-06-01 19:08 - 01483588 _____ () C:\Users\msLm\Downloads\speakychatinstall.zip2014-06-01 19:08 - 2014-06-01 19:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-05-31 17:37 - 2014-06-14 01:43 - 00000000 ____D () C:\Users\msLm\AppData\Roaming\TS3Client2014-05-31 17:37 - 2014-05-31 17:37 - 00000967 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk2014-05-31 17:37 - 2014-05-31 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client2014-05-31 17:37 - 2014-05-31 17:37 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client2014-05-31 17:36 - 2014-05-31 17:37 - 29498592 _____ (TeamSpeak Systems GmbH) C:\Users\msLm\Downloads\TeamSpeak3-Client-win64-3.0.14.exe2014-05-30 18:02 - 2014-06-25 12:22 - 00134656 ___SH () C:\Users\msLm\Desktop\Thumbs.db2014-05-29 00:51 - 2014-06-24 01:35 - 00000630 _____ () C:\Users\msLm\Desktop\koordınat.txt ==================== One Month Modified Files and Folders ======= 2014-06-28 18:58 - 2014-06-28 18:58 - 00015374 _____ () C:\Users\msLm\Downloads\FRST.txt2014-06-28 18:58 - 2014-06-28 18:57 - 00000000 ____D () C:\FRST2014-06-28 18:58 - 2014-05-27 02:53 - 00001026 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-06-28 18:57 - 2014-06-28 18:57 - 02083328 _____ (Farbar) C:\Users\msLm\Downloads\FRST64.exe2014-06-28 18:42 - 2014-05-27 02:53 - 00000000 ____D () C:\Users\msLm\AppData\Roaming\Skype2014-06-28 18:39 - 2014-05-27 00:58 - 01960691 _____ () C:\Windows\WindowsUpdate.log2014-06-28 18:37 - 2014-05-27 03:04 - 00000814 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-06-28 18:00 - 2012-07-26 11:12 - 00000000 ____D () C:\Windows\system32\sru2014-06-28 13:09 - 2014-05-27 11:10 - 00000617 _____ () C:\Users\msLm\Desktop\Legend Online.lnk2014-06-28 13:09 - 2014-05-27 03:06 - 00000659 _____ () C:\Users\msLm\AppData\Roaming\Microsoft\Windows\Start Menu\Legend Online.lnk2014-06-28 12:48 - 2014-06-19 20:54 - 00002117 _____ () C:\Users\msLm\Desktop\Google Chrome.lnk2014-06-28 10:50 - 2014-05-27 02:53 - 00001022 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-06-28 04:08 - 2014-06-24 01:36 - 00000384 _____ () C:\Users\msLm\Desktop\KORAY CHAR ID SIFRE.txt2014-06-27 22:26 - 2014-06-27 22:26 - 00000687 _____ () C:\awh5E19.tmp2014-06-26 02:02 - 2014-05-27 01:42 - 00000000 _____ () C:\Windows\SysWOW64\s.o2014-06-26 02:02 - 2012-07-26 10:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-06-26 02:01 - 2014-06-16 03:21 - 00000000 ____D () C:\ProgramData\JoniCouuPon2014-06-26 02:01 - 2014-06-09 11:46 - 00000000 ____D () C:\ProgramData\DDigISaivver2014-06-26 02:01 - 2014-06-02 10:07 - 00000000 ____D () C:\ProgramData\ALlSaveer2014-06-26 02:01 - 2014-05-27 01:28 - 00000000 ____D () C:\ProgramData\CostMin2014-06-26 02:01 - 2014-05-27 00:51 - 00012468 _____ () C:\Windows\PFRO.log2014-06-26 00:46 - 2014-06-26 00:46 - 00000687 _____ () C:\awhA6A8.tmp2014-06-25 12:22 - 2014-05-30 18:02 - 00134656 ___SH () C:\Users\msLm\Desktop\Thumbs.db2014-06-25 12:18 - 2014-06-25 12:15 - 00000000 ____D () C:\Users\msLm\Desktop\yenı resımler2014-06-24 12:41 - 2014-06-16 15:47 - 00000000 ____D () C:\Users\msLm\Desktop\WEBZEN2014-06-24 01:35 - 2014-05-29 00:51 - 00000630 _____ () C:\Users\msLm\Desktop\koordınat.txt2014-06-21 19:45 - 2014-05-27 01:17 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3457312435-3205453873-764764607-10012014-06-21 15:23 - 2014-05-27 02:54 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-06-21 15:23 - 2014-05-27 01:11 - 00001430 _____ () C:\Users\msLm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-06-21 15:22 - 2014-05-27 01:52 - 00000000 ____D () C:\Users\msLm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software2014-06-21 15:22 - 2014-05-27 01:52 - 00000000 ____D () C:\Program Files (x86)\SmartTweak2014-06-21 15:20 - 2014-06-21 15:20 - 00000000 ____D () C:\Program Files (x86)\JoniCouuPon2014-06-21 15:20 - 2014-06-21 15:20 - 00000000 ____D () C:\Program Files (x86)\DDigISaivver2014-06-21 15:20 - 2014-06-21 15:20 - 00000000 ____D () C:\Program Files (x86)\ALlSaveer2014-06-21 15:20 - 2014-05-27 01:28 - 00000000 ____D () C:\ProgramData\97c9634a055ee542014-06-21 15:20 - 2014-05-27 01:28 - 00000000 ____D () C:\Program Files (x86)\CostMin2014-06-21 14:15 - 2014-06-12 12:30 - 00000000 ____D () C:\Users\msLm\AppData\Roaming\337Games2014-06-20 14:54 - 2014-06-20 14:53 - 62122112 _____ (Logitech Inc.) C:\Users\msLm\Downloads\LGS_8.53.154_x64_Logitech.exe2014-06-20 14:43 - 2014-06-20 14:43 - 00000000 __SHD () C:\Users\msLm\AppData\Local\.#2014-06-20 14:43 - 2014-06-20 14:41 - 00000000 ____D () C:\Users\msLm\Desktop\Turk Empire2014-06-20 14:39 - 2014-05-27 01:40 - 00710378 _____ () C:\Windows\system32\perfh01F.dat2014-06-20 14:39 - 2014-05-27 01:40 - 00146508 _____ () C:\Windows\system32\perfc01F.dat2014-06-20 14:39 - 2012-07-26 10:28 - 01697282 _____ () C:\Windows\system32\PerfStringBackup.INI2014-06-20 14:36 - 2012-07-26 10:21 - 00018442 _____ () C:\Windows\setupact.log2014-06-20 11:20 - 2014-05-27 01:28 - 00000000 ____D () C:\Users\msLm\AppData\Roaming\ntsvc2014-06-20 10:41 - 2014-06-20 10:41 - 00000687 _____ () C:\awhA4DF.tmp2014-06-19 12:20 - 2014-06-19 12:20 - 00002632 __RSH () C:\ProgramData\ntuser.pol2014-06-19 12:20 - 2014-06-19 12:20 - 00000000 ____D () C:\Users\msLm\AppData\Roaming\Macwebtoise2014-06-19 12:20 - 2012-07-26 11:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy2014-06-19 12:17 - 2012-07-26 11:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy2014-06-18 13:30 - 2012-07-26 11:12 - 00000000 ____D () C:\Windows\AUInstallAgent2014-06-16 16:32 - 2014-06-16 16:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation2014-06-16 16:31 - 2014-06-16 16:31 - 00000000 ____D () C:\Users\msLm\Documents\C92014-06-16 16:30 - 2014-06-16 16:30 - 00001134 _____ () C:\Users\msLm\Desktop\C9Launcher - Kısayol.lnk2014-06-15 22:36 - 2014-06-15 22:36 - 00046160 _____ (nethfdrv) C:\Windows\system32\Drivers\nethfdrv.sys2014-06-15 22:35 - 2014-06-15 22:35 - 00246784 _____ () C:\Windows\SysWOW64\hfpapi.dll2014-06-15 22:35 - 2014-06-15 22:35 - 00180224 _____ () C:\Windows\SysWOW64\nethtsrv.exe2014-06-15 22:35 - 2014-06-15 22:35 - 00162304 _____ () C:\Windows\SysWOW64\netupdsrv.exe2014-06-15 22:35 - 2014-06-15 22:35 - 00108544 _____ () C:\Windows\SysWOW64\installd.exe2014-06-15 22:35 - 2014-06-15 22:35 - 00108544 _____ () C:\Windows\SysWOW64\hfnapi.dll2014-06-15 14:09 - 2012-07-26 11:12 - 00000000 ____D () C:\Windows\system32\NDF2014-06-14 18:52 - 2014-06-14 18:52 - 03249480 _____ (Unity Technologies ApS) C:\Users\msLm\Downloads\UnityWebPlayer.exe2014-06-14 18:52 - 2014-06-14 18:52 - 00000000 ____D () C:\Users\msLm\AppData\Local\Unity2014-06-14 01:43 - 2014-05-31 17:37 - 00000000 ____D () C:\Users\msLm\AppData\Roaming\TS3Client2014-06-14 01:02 - 2014-06-14 01:01 - 29498690 _____ () C:\Users\msLm\Downloads\TeamSpeak3-Client-win64-3.0.14.rar2014-06-13 21:39 - 2014-06-03 22:05 - 00000000 ____D () C:\Program Files (x86)\RaidCall2014-06-12 12:30 - 2014-05-27 01:20 - 00000000 ____D () C:\ProgramData\WindowsProtectManger2014-06-12 12:30 - 2014-05-27 01:20 - 00000000 ____D () C:\Program Files (x86)\SupTab2014-06-10 17:08 - 2014-06-10 17:08 - 01203803 _____ () C:\Users\msLm\Desktop\mslmmmm.wma2014-06-09 02:36 - 2014-06-09 02:36 - 00588673 _____ () C:\Users\msLm\Desktop\PaCoz.wma2014-06-08 09:31 - 2014-06-08 09:31 - 334326936 _____ () C:\Windows\MEMORY.DMP2014-06-08 09:31 - 2014-06-08 09:31 - 00279192 _____ () C:\Windows\Minidump\060814-12386-01.dmp2014-06-08 09:31 - 2014-06-08 09:31 - 00000000 ____D () C:\Windows\Minidump2014-06-07 03:25 - 2014-06-05 16:16 - 00000000 _____ () C:\Windows\SysWOW64\filetrace.log2014-06-03 22:06 - 2014-06-03 22:06 - 00001031 _____ () C:\Users\msLm\AppData\Roaming\Microsoft\Windows\Start Menu\RaidCall.lnk2014-06-03 22:06 - 2014-06-03 22:06 - 00001007 _____ () C:\Users\msLm\Desktop\RaidCall.lnk2014-06-03 22:06 - 2014-06-03 22:06 - 00000000 ____D () C:\Users\msLm\AppData\Roaming\raidcall2014-06-03 22:06 - 2014-06-03 22:06 - 00000000 ____D () C:\Users\msLm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RaidCall2014-06-03 22:06 - 2014-06-03 22:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall2014-06-03 22:05 - 2014-06-03 22:05 - 05526560 _____ () C:\Users\msLm\Downloads\raidcall_7.3.4.exe2014-06-03 02:49 - 2014-06-03 02:49 - 00579693 _____ () C:\Users\msLm\Desktop\surpriz.wma2014-06-01 19:08 - 2014-06-01 19:08 - 01483588 _____ () C:\Users\msLm\Downloads\speakychatinstall.zip2014-06-01 19:08 - 2014-06-01 19:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-05-31 17:37 - 2014-05-31 17:37 - 00000967 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk2014-05-31 17:37 - 2014-05-31 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client2014-05-31 17:37 - 2014-05-31 17:37 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client2014-05-31 17:37 - 2014-05-31 17:36 - 29498592 _____ (TeamSpeak Systems GmbH) C:\Users\msLm\Downloads\TeamSpeak3-Client-win64-3.0.14.exe2014-05-31 11:23 - 2012-07-26 11:12 - 00000000 ____D () C:\Windows\rescache2014-05-31 11:09 - 2014-05-27 01:10 - 00000000 ____D () C:\Users\msLm\AppData\Local\VirtualStore2014-05-30 23:07 - 2014-05-26 20:51 - 00000000 ____D () C:\OpaLa2014-05-30 22:51 - 2012-07-26 10:59 - 00000000 ____D () C:\Windows\CbsTemp Some content of TEMP:====================C:\Users\msLm\AppData\Local\Temp\49442e40_.exeC:\Users\msLm\AppData\Local\Temp\5d037a5a_.exeC:\Users\msLm\AppData\Local\Temp\8afbd29282dd226725c6b232430ec739.dllC:\Users\msLm\AppData\Local\Temp\drvinstal.exeC:\Users\msLm\AppData\Local\Temp\FixMyRegistry.exeC:\Users\msLm\AppData\Local\Temp\raptrpatch.exeC:\Users\msLm\AppData\Local\Temp\raptr_stub.exeC:\Users\msLm\AppData\Local\Temp\setup.exeC:\Users\msLm\AppData\Local\Temp\SpeedUpMyComputer.exeC:\Users\msLm\AppData\Local\Temp\UNT42E9.exeC:\Users\msLm\AppData\Local\Temp\UpdateCheckerSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-26 03:03 ==================== End Of Log ============================ Link to post Share on other sites More sharing options...
squa4141 Posted June 28, 2014 Author ID:847104 Share Posted June 28, 2014 Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 02Ran by msLm at 2014-06-28 18:59:38Running from C:\Users\msLm\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) HiddenAMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Şirketinizin Adı) HiddenAMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)AMD Fuel (Version: 2014.0417.2226.38446 - Şirketinizin Adı) HiddenAMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) HiddenCatalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) HiddenCCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hiddenccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) HiddenFixMyRegistry (HKLM-x32\...\FixMyRegistry) (Version: 38.1 - SmartTweak Software) <==== ATTENTIONGoogle Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) HiddenMicrosoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) HiddenNetwork System Driver (HKLM-x32\...\inethnfd) (Version: 1.0.0.3001 - ) <==== ATTENTIONNVIDIA PhysX (HKLM-x32\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)PC Data App (HKLM-x32\...\PCData App) (Version: - ) <==== ATTENTIONRaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.4-1.0.12889.86 - raidcall.com)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)SpeakyChat LB version 2,0,13,2 (HKLM-x32\...\{8F46BFB2-11A5-4878-806A-87E5CA3C267A}_is1) (Version: 2,0,13,2 - SpeakyChat LB)SpeakyChat-VoiceChat (HKLM-x32\...\SpeakyChat) (Version: - avidoNET GmbH)SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTIONTeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Restore Points ========================= 08-06-2014 06:43:31 Scheduled Checkpoint16-06-2014 00:30:14 Scheduled Checkpoint25-06-2014 00:07:08 Scheduled Checkpoint ==================== Hosts content: ========================== 2012-07-26 08:26 - 2012-07-26 08:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {152AADD8-E273-4231-BD65-FA9987D5F103} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-27] (Google Inc.)Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTaskTask: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsListTask: {53B7E9D5-DB44-4C83-9F0E-200BA25C2B7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-27] (Google Inc.)Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensingTask: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\system32\dism.exe [2012-07-26] (Microsoft Corporation)Task: {B28F0C10-56CD-4189-B345-6F958B2F2DDC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-27] (Adobe Systems Incorporated)Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryStateTask: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTaskTask: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-04-17 22:29 - 2014-04-17 22:29 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll2014-06-15 22:35 - 2014-06-15 22:35 - 00180224 _____ () C:\Windows\SysWOW64\nethtsrv.exe2014-05-01 21:14 - 2014-05-01 21:14 - 00399360 _____ () C:\Program Files\PCDApp\dgen.exe2014-03-13 23:22 - 2014-03-13 23:22 - 00590416 _____ () C:\Program Files\PCDApp\libcurl-4.dll2014-06-15 22:35 - 2014-06-15 22:35 - 00162304 _____ () C:\Windows\SysWOW64\netupdsrv.exe2014-06-19 12:20 - 2014-06-09 09:38 - 00454656 _____ () C:\Users\msLm\AppData\Roaming\Macwebtoise\explorerEx64.dll2014-04-17 22:29 - 2014-04-17 22:29 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll2014-05-27 02:54 - 2014-05-14 02:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll2014-05-27 02:54 - 2014-05-14 02:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll2014-05-27 02:54 - 2014-05-14 02:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll2014-05-27 02:54 - 2014-05-14 02:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll2014-05-27 02:54 - 2014-05-14 02:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= HKLM\...\StartupApproved\Run32: => "DApp"HKCU\...\StartupApproved\Run: => "FixMyRegistry"HKCU\...\StartupApproved\Run: => "SpeedUpMyComputer"HKCU\...\StartupApproved\Run: => "Raptr"HKCU\...\StartupApproved\Run: => "Skype" ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-InterfaceDescription: Microsoft Teredo Tünel BağdaştırıcısıClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors:==================Error: (06/24/2014 02:42:16 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)Description: Chrome has encountered a fatal error.ver=35.0.1916.114;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\bba4dbe6-6b6c-459b-8851-5009ed638ab9.dmp Error: (06/21/2014 03:24:48 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Hatalı uygulama adı: update_checker.exe, sürüm: 4.3.0.0, zaman damgası: 0x525d9c67Hatalı modül adı: ntdll.dll, sürüm: 6.2.9200.16420, zaman damgası: 0x505aaa82Özel durum kodu: 0xc0000005Hata uzaklığı 0x000502b9Hatalı işlem kimliği: 0xe20Uygulama başlangıç zamanı: 0xupdate_checker.exe0Hatalı uygulama yolu: update_checker.exe1Hatalı modül yolu: update_checker.exe2Rapor kimliği: update_checker.exe3Hatalı paket tam adı: update_checker.exe4Hatalı paketle ilgili uygulama kimliği: update_checker.exe5 Error: (06/20/2014 04:00:09 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Hatalı uygulama adı: KnightOnline.exe, sürüm: 1.1.13.1313, zaman damgası: 0x00000000Hatalı modül adı: KnightOnline.exe, sürüm: 1.1.13.1313, zaman damgası: 0x00000000Özel durum kodu: 0xc0000005Hata uzaklığı 0x001d6450Hatalı işlem kimliği: 0xaecUygulama başlangıç zamanı: 0xKnightOnline.exe0Hatalı uygulama yolu: KnightOnline.exe1Hatalı modül yolu: KnightOnline.exe2Rapor kimliği: KnightOnline.exe3Hatalı paket tam adı: KnightOnline.exe4Hatalı paketle ilgili uygulama kimliği: KnightOnline.exe5 Error: (06/20/2014 02:50:02 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Hatalı uygulama adı: update_checker.exe, sürüm: 4.3.0.0, zaman damgası: 0x525d9c67Hatalı modül adı: ntdll.dll, sürüm: 6.2.9200.16420, zaman damgası: 0x505aaa82Özel durum kodu: 0xc0000005Hata uzaklığı 0x000502b9Hatalı işlem kimliği: 0x2a8Uygulama başlangıç zamanı: 0xupdate_checker.exe0Hatalı uygulama yolu: update_checker.exe1Hatalı modül yolu: update_checker.exe2Rapor kimliği: update_checker.exe3Hatalı paket tam adı: update_checker.exe4Hatalı paketle ilgili uygulama kimliği: update_checker.exe5 Error: (06/18/2014 08:49:40 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Hatalı uygulama adı: update_checker.exe, sürüm: 4.3.0.0, zaman damgası: 0x525d9c67Hatalı modül adı: ntdll.dll, sürüm: 6.2.9200.16420, zaman damgası: 0x505aaa82Özel durum kodu: 0xc0000005Hata uzaklığı 0x0004f7d5Hatalı işlem kimliği: 0x328Uygulama başlangıç zamanı: 0xupdate_checker.exe0Hatalı uygulama yolu: update_checker.exe1Hatalı modül yolu: update_checker.exe2Rapor kimliği: update_checker.exe3Hatalı paket tam adı: update_checker.exe4Hatalı paketle ilgili uygulama kimliği: update_checker.exe5 Error: (06/16/2014 07:59:27 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Hatalı uygulama adı: update_checker.exe, sürüm: 4.3.0.0, zaman damgası: 0x525d9c67Hatalı modül adı: ntdll.dll, sürüm: 6.2.9200.16420, zaman damgası: 0x505aaa82Özel durum kodu: 0xc0000005Hata uzaklığı 0x0004f7d5Hatalı işlem kimliği: 0x11ccUygulama başlangıç zamanı: 0xupdate_checker.exe0Hatalı uygulama yolu: update_checker.exe1Hatalı modül yolu: update_checker.exe2Rapor kimliği: update_checker.exe3Hatalı paket tam adı: update_checker.exe4Hatalı paketle ilgili uygulama kimliği: update_checker.exe5 Error: (06/15/2014 08:26:55 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Hatalı uygulama adı: update_checker.exe, sürüm: 4.3.0.0, zaman damgası: 0x525d9c67Hatalı modül adı: ntdll.dll, sürüm: 6.2.9200.16420, zaman damgası: 0x505aaa82Özel durum kodu: 0xc0000005Hata uzaklığı 0x000502b3Hatalı işlem kimliği: 0x162cUygulama başlangıç zamanı: 0xupdate_checker.exe0Hatalı uygulama yolu: update_checker.exe1Hatalı modül yolu: update_checker.exe2Rapor kimliği: update_checker.exe3Hatalı paket tam adı: update_checker.exe4Hatalı paketle ilgili uygulama kimliği: update_checker.exe5 Error: (06/14/2014 01:56:29 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Hatalı uygulama adı: update_checker.exe, sürüm: 4.3.0.0, zaman damgası: 0x525d9c67Hatalı modül adı: ntdll.dll, sürüm: 6.2.9200.16420, zaman damgası: 0x505aaa82Özel durum kodu: 0xc0000005Hata uzaklığı 0x000502b3Hatalı işlem kimliği: 0xc94Uygulama başlangıç zamanı: 0xupdate_checker.exe0Hatalı uygulama yolu: update_checker.exe1Hatalı modül yolu: update_checker.exe2Rapor kimliği: update_checker.exe3Hatalı paket tam adı: update_checker.exe4Hatalı paketle ilgili uygulama kimliği: update_checker.exe5 Error: (06/13/2014 05:36:45 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Hatalı uygulama adı: update_checker.exe, sürüm: 4.3.0.0, zaman damgası: 0x525d9c67Hatalı modül adı: ntdll.dll, sürüm: 6.2.9200.16420, zaman damgası: 0x505aaa82Özel durum kodu: 0xc0000005Hata uzaklığı 0x0004f7d5Hatalı işlem kimliği: 0x7d4Uygulama başlangıç zamanı: 0xupdate_checker.exe0Hatalı uygulama yolu: update_checker.exe1Hatalı modül yolu: update_checker.exe2Rapor kimliği: update_checker.exe3Hatalı paket tam adı: update_checker.exe4Hatalı paketle ilgili uygulama kimliği: update_checker.exe5 Error: (06/12/2014 09:37:27 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Hatalı uygulama adı: update_checker.exe, sürüm: 4.3.0.0, zaman damgası: 0x525d9c67Hatalı modül adı: ntdll.dll, sürüm: 6.2.9200.16420, zaman damgası: 0x505aaa82Özel durum kodu: 0xc0000005Hata uzaklığı 0x0004f7d5Hatalı işlem kimliği: 0x1190Uygulama başlangıç zamanı: 0xupdate_checker.exe0Hatalı uygulama yolu: update_checker.exe1Hatalı modül yolu: update_checker.exe2Rapor kimliği: update_checker.exe3Hatalı paket tam adı: update_checker.exe4Hatalı paketle ilgili uygulama kimliği: update_checker.exe5 System errors:=============Error: (06/27/2014 04:58:05 PM) (Source: bowser) (EventID: 8003) (User: )Description: Ana tarayıcı kendisinin etki alanı için ana tarayıcı olduğunu sanan PC-EXPER bilgisayarındanNetBT_Tcpip_{F2ABD3DA-07BE-49AF-A180-80DCAB6C8EE3} ulaşım hizmeti üzerinden bir sunucu duyurusu aldı.Ana tarayıcı duruyor veya bir seçim yapılıyor. Error: (06/27/2014 03:04:58 PM) (Source: bowser) (EventID: 8003) (User: )Description: Ana tarayıcı kendisinin etki alanı için ana tarayıcı olduğunu sanan PC-EXPER bilgisayarındanNetBT_Tcpip_{F2ABD3DA-07BE-49AF-A180-80DCAB6C8EE3} ulaşım hizmeti üzerinden bir sunucu duyurusu aldı.Ana tarayıcı duruyor veya bir seçim yapılıyor. Error: (06/27/2014 11:22:29 AM) (Source: bowser) (EventID: 8003) (User: )Description: Ana tarayıcı kendisinin etki alanı için ana tarayıcı olduğunu sanan PC-EXPER bilgisayarındanNetBT_Tcpip_{F2ABD3DA-07BE-49AF-A180-80DCAB6C8EE3} ulaşım hizmeti üzerinden bir sunucu duyurusu aldı.Ana tarayıcı duruyor veya bir seçim yapılıyor. Error: (06/26/2014 02:02:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: Protect Monitor hizmeti şu hata nedeniyle başlatılamadı: %%1053 Error: (06/26/2014 02:02:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: Protect Monitor hizmetinin bağlanması beklenirken zaman aşımı (30000 milisaniye) oluştu. Error: (06/26/2014 02:02:37 AM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: Net Service Event Handler hizmeti başlatılırken askıya alındı. Error: (06/26/2014 02:01:43 AM) (Source: EventLog) (EventID: 6008) (User: )Description: 01:40:50, 26.6.2014 tarihinde gerçekleşen önceki sistem kapanışı beklenmiyordu. Error: (06/25/2014 08:14:59 PM) (Source: NetBT) (EventID: 4319) (User: )Description: TCP ağında aynı adın bir kopyası algılandı. İletiyi gönderenbilgisayarın IP adresi verinin içindedir. Bir komut penceresinde nbtstat -nkomutunu kullanarak hangi adın Çakışma durumunda olduğunu görebilirsiniz. Error: (06/25/2014 08:14:58 PM) (Source: NetBT) (EventID: 4319) (User: )Description: TCP ağında aynı adın bir kopyası algılandı. İletiyi gönderenbilgisayarın IP adresi verinin içindedir. Bir komut penceresinde nbtstat -nkomutunu kullanarak hangi adın Çakışma durumunda olduğunu görebilirsiniz. Error: (06/21/2014 10:18:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: Protect Monitor hizmeti şu hata nedeniyle başlatılamadı: %%1053 Microsoft Office Sessions:=========================Error: (06/24/2014 02:42:16 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)Description: Chrome has encountered a fatal error.ver=35.0.1916.114;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\bba4dbe6-6b6c-459b-8851-5009ed638ab9.dmp Error: (06/21/2014 03:24:48 PM) (Source: Application Error) (EventID: 1000) (User: )Description: update_checker.exe4.3.0.0525d9c67ntdll.dll6.2.9200.16420505aaa82c0000005000502b9e2001cf8d2106330b8dC:\Users\msLm\AppData\Local\FilesFrog Update Checker\update_checker.exeC:\Windows\SYSTEM32\ntdll.dll08736968-f93f-11e3-be76-d43d7e327b92 Error: (06/20/2014 04:00:09 PM) (Source: Application Error) (EventID: 1000) (User: )Description: KnightOnline.exe1.1.13.131300000000KnightOnline.exe1.1.13.131300000000c0000005001d6450aec01cf8c7ce28f4b42C:\Users\msLm\Desktop\Turk Empire\KnightOnline.exeC:\Users\msLm\Desktop\Turk Empire\KnightOnline.exece899f46-f87a-11e3-be75-d43d7e327b92 Error: (06/20/2014 02:50:02 PM) (Source: Application Error) (EventID: 1000) (User: )Description: update_checker.exe4.3.0.0525d9c67ntdll.dll6.2.9200.16420505aaa82c0000005000502b92a801cf8c5a430828fdC:\Users\msLm\AppData\Local\FilesFrog Update Checker\update_checker.exeC:\Windows\SYSTEM32\ntdll.dll02c0a411-f871-11e3-be75-d43d7e327b92 Error: (06/18/2014 08:49:40 PM) (Source: Application Error) (EventID: 1000) (User: )Description: update_checker.exe4.3.0.0525d9c67ntdll.dll6.2.9200.16420505aaa82c00000050004f7d532801cf8b0627893385C:\Users\msLm\AppData\Local\FilesFrog Update Checker\update_checker.exeC:\Windows\SYSTEM32\ntdll.dlleb61e4b3-f710-11e3-be74-d43d7e327b92 Error: (06/16/2014 07:59:27 PM) (Source: Application Error) (EventID: 1000) (User: )Description: update_checker.exe4.3.0.0525d9c67ntdll.dll6.2.9200.16420505aaa82c00000050004f7d511cc01cf895f78aeed87C:\Users\msLm\AppData\Local\FilesFrog Update Checker\update_checker.exeC:\Windows\SYSTEM32\ntdll.dll9299fcde-f577-11e3-be74-d43d7e327b92 Error: (06/15/2014 08:26:55 PM) (Source: Application Error) (EventID: 1000) (User: )Description: update_checker.exe4.3.0.0525d9c67ntdll.dll6.2.9200.16420505aaa82c0000005000502b3162c01cf886d32801669C:\Users\msLm\AppData\Local\FilesFrog Update Checker\update_checker.exeC:\Windows\SYSTEM32\ntdll.dll3efae320-f4b2-11e3-be74-d43d7e327b92 Error: (06/14/2014 01:56:29 PM) (Source: Application Error) (EventID: 1000) (User: )Description: update_checker.exe4.3.0.0525d9c67ntdll.dll6.2.9200.16420505aaa82c0000005000502b3c9401cf87bee43d09e9C:\Users\msLm\AppData\Local\FilesFrog Update Checker\update_checker.exeC:\Windows\SYSTEM32\ntdll.dll897c1190-f3b2-11e3-be74-d43d7e327b92 Error: (06/13/2014 05:36:45 PM) (Source: Application Error) (EventID: 1000) (User: )Description: update_checker.exe4.3.0.0525d9c67ntdll.dll6.2.9200.16420505aaa82c00000050004f7d57d401cf871442250e0fC:\Users\msLm\AppData\Local\FilesFrog Update Checker\update_checker.exeC:\Windows\SYSTEM32\ntdll.dll24706fbd-f308-11e3-be74-d43d7e327b92 Error: (06/12/2014 09:37:27 PM) (Source: Application Error) (EventID: 1000) (User: )Description: update_checker.exe4.3.0.0525d9c67ntdll.dll6.2.9200.16420505aaa82c00000050004f7d5119001cf8662734f4750C:\Users\msLm\AppData\Local\FilesFrog Update Checker\update_checker.exeC:\Windows\SYSTEM32\ntdll.dll9a275359-f260-11e3-be74-d43d7e327b92 ==================== Memory info =========================== Percentage of memory in use: 31%Total physical RAM: 4095.18 MBAvailable physical RAM: 2794.25 MBTotal Pagefile: 8191.18 MBAvailable Pagefile: 6662.07 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.78 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:194.97 GB) (Free:132.22 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: CEF88747)Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=270 GB) - (Type=06) ==================== End Of Log ======================= Link to post Share on other sites More sharing options...
kevinf80 Posted June 29, 2014 ID:847215 Share Posted June 29, 2014 Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work. Run FRST and press the Fix button just once and wait.The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply. Next, Download AdwCleaner by Xplode onto your Desktop. Double click on Adwcleaner.exe to run the tool. Click on Scan Once the scan is done, click on the Clean button. You will get a prompt asking to close all programs. Click OK. Click OK again to reboot your computer. A text file will open after the restart. Please post the content of that logfile in your reply. You can also find the logfile at C:\AdwCleaner[sn].txt. Where n in the scan reference number Next, Please download Junkware Removal Tool to your desktop.Shut down your protection software now to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".The tool will open and start scanning your system.Please be patient as this can take a while to complete depending on your system's specifications.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next message. Next, Download Malwarebytes Anti-Malware to your desktop.Double-click mbam-setup and follow the prompts to install the program.At the end, be sure a checkmark is placed next to the following: Launch Malwarebytes Anti-MalwareA 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.Click Finish.On the Dashboard, click the 'Update Now >>' linkAfter the update completes, click the 'Scan Now >>' button.Or, on the Dashboard, click the Scan Now >> button. If an update is available, click the Update Now button.A Threat Scan will begin.When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.In most cases, a restart will be required.Wait for the prompt to restart the computer to appear, then click on Yes. Post the log.... After the restart once you are back at your desktop, open MBAM once more.Click on the History tab > Application Logs.Double click on the scan log which shows the Date and time of the scan just performed.Click 'Copy to Clipboard'Paste the contents of the clipboard into your reply. Let me see those logs, also give an update on any remaining issues or concerns... Kevin fixlist.txt Link to post Share on other sites More sharing options...
squa4141 Posted July 1, 2014 Author ID:848166 Share Posted July 1, 2014 thank you so much, the first solution you give worked ı didnt used any other methods as it worked but if you insist ı can try other methdots too, here is the logFixlog.txt Link to post Share on other sites More sharing options...
kevinf80 Posted July 1, 2014 ID:848170 Share Posted July 1, 2014 Yes please run the rest of the steps...... Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 13, 2014 Root Admin ID:852448 Share Posted July 13, 2014 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts