Jump to content

After adwcleaner my internet stopped working


Recommended Posts

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015
Ran by Sinan (administrator) on SINAN-EV on 15-01-2015 10:44:49
Running from C:\Users\Sinan\Desktop
Loaded Profiles: Sinan (Available profiles: Sinan)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Türkçe (Türkiye)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Polar Electro Oy) C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [665424 2008-12-04] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKU\S-1-5-21-2063291869-1648730404-153019403-1001\...\Run: [EPSON SX110 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2063291869-1648730404-153019403-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-2063291869-1648730404-153019403-1001\...\Run: [Polar FlowSync] => C:\Program Files (x86)\Polar\Polar FlowSync\FlowSync.exe [1125376 2014-11-11] (Polar Electro Oy)
HKU\S-1-5-21-2063291869-1648730404-153019403-1001\...\MountPoints2: {f41caccd-83b4-11df-9f64-001fd0221968} - G:\autoplay.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2063291869-1648730404-153019403-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://tr.msn.com/?ocid=iehp
HKU\S-1-5-21-2063291869-1648730404-153019403-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.tr/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2063291869-1648730404-153019403-1001 -> DefaultScope {95ECE56B-7C23-4DE0-911E-03AC5A524E68} URL = http://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2063291869-1648730404-153019403-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2063291869-1648730404-153019403-1001 -> {95ECE56B-7C23-4DE0-911E-03AC5A524E68} URL = http://www.google.com/search?hl=en&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
FF DefaultSearchEngine: Yandex
FF SelectedSearchEngine: Yandex
FF Homepage: hxxp://www.yandex.com.tr/?win=134&clid=1979776
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2063291869-1648730404-153019403-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\gorsel.yandex.com.tr-155042.xml
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\haber.yandex.com.tr-155042.xml
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\video.yandex.com.tr-155042.xml
FF SearchPlugin: C:\Users\Sinan\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\yandex.com.tr-155042.xml
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MAA629C64-5FF2-42F3-A73A-A34A2B4E1E22&SearchSource=55&CUI=&UM=5&UP=SPFC16A586-2FCC-4E06-8F50-C9F846559866&SSPV=", "hxxp://websearch.a-searchpage.info/?pid=658&r=2013/05/29&hid=4156316971&lg=EN&cc=AT&unqvl=18", "hxxp://www.google.com/"
CHR Profile: C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Hide Fedora) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\acjgabfifnnmmlckmnijdbijgbfpedde [2015-01-04]
CHR Extension: (Football Champions) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eehpibjfkijipalplliffcgkhhmecjgi [2014-07-04]
CHR Extension: (AdBlock) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-04]
CHR Extension: (Dropbox) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-07-04]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-07-04]
CHR Extension: (Little Alchemy) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2014-07-04]
CHR Extension: (Google Mail Checker) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-07-04]
CHR Extension: (Google Cüzdan) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-04]
CHR Extension: (Gmail) - C:\Users\Sinan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-04]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2011-12-25] () [File not signed]
S1 SSHDRV65; C:\Windows\SysWOW64\drivers\SSHDRV65.sys [120320 2010-09-23] () [File not signed]
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2013-12-02] (Spotflux, Inc.)
S2 eamonm; system32\DRIVERS\eamonm.sys [X]
S1 HssDRV6; system32\DRIVERS\hssdrv6.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 10:44 - 2015-01-15 10:45 - 00012950 _____ () C:\Users\Sinan\Desktop\FRST.txt
2015-01-15 10:44 - 2015-01-15 10:44 - 00000000 ____D () C:\FRST
2015-01-15 10:44 - 2000-01-01 10:53 - 02125312 _____ (Farbar) C:\Users\Sinan\Desktop\FRST64.exe
2015-01-15 01:22 - 2015-01-15 01:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-15 01:22 - 2015-01-15 01:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-15 01:08 - 2015-01-15 00:56 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-01-15 00:57 - 2015-01-15 01:10 - 00009319 _____ () C:\zoek-results.log
2015-01-15 00:56 - 2015-01-15 01:05 - 00000000 ____D () C:\zoek_backup
2015-01-15 00:18 - 2014-11-25 13:28 - 00000000 ____D () C:\Users\Sinan\Desktop\Install_Win7_7090_11252014
2015-01-15 00:02 - 2015-01-15 00:02 - 00000000 ____D () C:\SWTOOLS
2015-01-14 23:26 - 2015-01-14 23:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2015-01-14 22:59 - 2015-01-15 00:27 - 00000000 ____D () C:\AdwCleaner
2015-01-14 22:59 - 2015-01-14 22:59 - 02191360 _____ () C:\Users\Sinan\Downloads\AdwCleaner.exe
2015-01-14 22:58 - 2015-01-14 22:58 - 00852504 _____ () C:\Users\Sinan\Downloads\SecurityCheck.exe
2015-01-14 21:03 - 2015-01-14 21:03 - 00000000 ____D () C:\SUPERDelete
2015-01-14 21:02 - 2015-01-14 21:02 - 21001040 _____ (SUPERAntiSpyware) C:\Users\Sinan\Downloads\SUPERAntiSpyware.exe
2015-01-14 20:34 - 2015-01-14 20:34 - 00001155 _____ () C:\Users\Public\Desktop\Polar FlowSync.lnk
2015-01-14 20:34 - 2015-01-14 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polar
2015-01-14 20:34 - 2015-01-14 20:34 - 00000000 ____D () C:\Program Files (x86)\Polar
2015-01-14 20:33 - 2015-01-14 20:33 - 21743168 _____ (Polar Electro Oy ) C:\Users\Sinan\Downloads\FlowSync_2.3.8.exe
2014-12-28 16:11 - 2014-12-28 16:11 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 10:41 - 2014-07-04 20:24 - 00001020 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-15 10:35 - 2011-08-26 19:10 - 00263893 _____ () C:\Windows\setupact.log
2015-01-15 10:31 - 2011-07-13 13:54 - 00000000 ____D () C:\Users\Sinan\AppData\Roaming\Skype
2015-01-15 10:30 - 2010-07-28 20:04 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-15 10:28 - 2009-07-14 14:45 - 00659594 _____ () C:\Windows\system32\perfh01F.dat
2015-01-15 10:28 - 2009-07-14 14:45 - 00140962 _____ () C:\Windows\system32\perfc01F.dat
2015-01-15 10:28 - 2009-07-14 07:13 - 01578798 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-15 10:25 - 2010-06-15 19:14 - 01984134 _____ () C:\Windows\WindowsUpdate.log
2015-01-15 10:22 - 2014-07-04 20:24 - 00001016 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-15 10:22 - 2010-06-15 20:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-15 10:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 02:17 - 2012-08-17 20:15 - 00000814 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-15 02:13 - 2009-07-14 06:45 - 00030112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 02:13 - 2009-07-14 06:45 - 00030112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 02:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-15 02:02 - 2011-08-27 14:39 - 00178216 _____ () C:\Windows\PFRO.log
2015-01-15 01:29 - 2011-08-02 23:57 - 00000000 ____D () C:\Users\Sinan\AppData\Roaming\LolClient
2015-01-15 01:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-15 01:14 - 2010-06-15 20:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-15 01:14 - 2010-06-15 20:06 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-15 00:06 - 2009-07-14 07:08 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-14 23:31 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-14 22:17 - 2012-08-17 20:15 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-14 22:17 - 2012-08-17 20:15 - 00003752 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-14 22:17 - 2012-01-14 16:41 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-16 12:16

==================== End Of Log ============================

 

 

Addition.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015
Ran by Sinan at 2015-01-15 10:45:18
Running from C:\Users\Sinan\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Turkish (HKLM-x32\...\{AC76BA86-7AD7-1055-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 - Michael Tippach)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CoolGram (HKLM-x32\...\{C73D8BC8-78AB-4e41-BA19-6CC2C7EED37A}) (Version:  - )
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version:  - Steinberg Media Technologies GmbH)
Epson Easy Photo Print 2 (HKLM-x32\...\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}) (Version: 2.1.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.20.00 - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
Epson Stylus SX110_TX110 Manual (HKLM-x32\...\Epson Stylus SX110_TX110 User’s Guide) (Version:  - )
EPSON SX110 Series Printer Uninstall (HKLM\...\EPSON SX110 Series) (Version:  - SEIKO EPSON Corporation)
FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.300 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
K-Lite Codec Pack 6.0.4 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Microsoft .NET Framework 4 Genişletilmiş TRK Dil Paketi (HKLM\...\Microsoft .NET Framework 4 Extended TRK Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 İstemci Profili TRK Dil Paketi (HKLM\...\Microsoft .NET Framework 4 Client Profile TRK Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
NVIDIA 3D Vision Denetleyici Sürücüsü 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Sürücüsü 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafik Sürücüsü 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX Sistem Yazılımı 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Polar FlowSync version 2.3.8 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 2.3.8 - Polar Electro Oy)
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - CyberLink Corporation)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5618 - Realtek Semiconductor Corp.)
RTPatch Update (HKLM-x32\...\RTPatch_is1) (Version:  - PocketSoft)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version:  - )
Update for 2007 Microsoft Office System (KB2284654) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Karşıya Yükleme Aracı (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Sürücü Paketi - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2013.2 - URSoft, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2011-07-13 13:15 - 00000923 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1DCB03D2-BB2E-4468-B028-017CA608A09B} - System32\Tasks\{0CF3B207-24CE-4EC6-B38C-EC86B24C0A14} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27] (Skype Technologies S.A.)
Task: {269717CB-21FF-4348-902A-668EC9CA7D7C} - System32\Tasks\{A732F780-BAAE-4079-9C22-0F770CBDF9ED} => Firefox.exe http://ui.skype.com/ui/0/5.1.0.112/en/abandoninstall?source=lightinstaller&page=tsDownload&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;alreadyoffered
Task: {2C88A821-9E04-4E5A-816F-4061C3914F40} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-04] (Google Inc.)
Task: {464C90B9-F6DD-4F98-932F-0898BAFCC938} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-04] (Google Inc.)
Task: {A651B795-B4AF-4337-8BE3-2E2D4BC2A46A} - System32\Tasks\{17FFF01E-39D5-4E1C-B979-8D48B6B86249} => pcalua.exe -a "C:\Users\Sinan\Downloads\ASIO4ALL_2_11_English (1).exe" -d C:\Users\Sinan\Downloads
Task: {B62330AC-2E21-4E3C-BF00-DFA6A290C00D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {B844EB64-92EE-40D1-9B3E-0386AF6DF815} - System32\Tasks\{DEE5CA21-2245-4608-84D6-7BCBF631DFD7} => pcalua.exe -a E:\Audio\Realtek\Setup.exe -d E:\Audio\Realtek
Task: {F0D230D2-8849-449E-BA17-1F0BFA3631D6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {F9A471AC-2546-427F-9B6C-B3DE8E1F3D80} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-12-27 01:27 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-06-15 23:07 - 2010-03-15 10:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2014-07-03 12:20 - 2014-07-03 12:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 12:19 - 2014-07-03 12:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-14 20:34 - 2014-11-11 10:19 - 01703424 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\polar20.dll
2015-01-14 20:34 - 2013-08-25 20:52 - 00728576 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\libGLESv2.dll
2015-01-14 20:34 - 2013-08-25 20:52 - 00048128 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\libEGL.dll
2015-01-14 20:34 - 2013-08-25 20:59 - 00833024 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\platforms\qwindows.dll
2011-08-04 17:05 - 2008-12-03 13:05 - 00135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2011-08-04 17:05 - 2008-11-26 09:56 - 00057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft:AU3PuhSNbOjUAgBcayNIkofp3
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\ProgramData\TEMP:B3D74A13

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CoolStartUp => C:\Program Files (x86)\OSTEC\CoolGram\CoolGramS.exe
MSCONFIG\startupreg: GoogleChromeAutoLaunch_9C7CDF81D0FD4F05CDF318C65B0BDEE2 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

========================= Accounts: ==========================

Administrator (S-1-5-21-2063291869-1648730404-153019403-500 - Administrator - Disabled)
Guest (S-1-5-21-2063291869-1648730404-153019403-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2063291869-1648730404-153019403-1002 - Limited - Enabled)
Sinan (S-1-5-21-2063291869-1648730404-153019403-1001 - Administrator - Enabled) => C:\Users\Sinan

==================== Faulty Device Manager Devices =============

Name: Hotspot Shield Routing Driver 6
Description: Hotspot Shield Routing Driver 6
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HssDRV6
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/15/2015 02:22:12 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/15/2015 02:13:49 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={C9C988EF-9BEC-4C38-A90F-3BF6D7F83798}: Sinan-Ev\Sinan kullanıcısı Geniş Bant Bağlantısı adlı bağlantıyı çevirdi ve başarısız oldu. Başarısızlık için döndürülen neden kodu: 651.

Error: (01/15/2015 02:13:31 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={58C8FA84-D110-40B4-9FB5-D287623DAA09}: Sinan-Ev\Sinan kullanıcısı Geniş Bant Bağlantısı adlı bağlantıyı çevirdi ve başarısız oldu. Başarısızlık için döndürülen neden kodu: 651.

Error: (01/15/2015 02:09:56 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={D61DDCEF-97F0-46BC-901B-AEF31BBDD3E7}: Sinan-Ev\Sinan kullanıcısı Geniş Bant Bağlantısı adlı bağlantıyı çevirdi ve başarısız oldu. Başarısızlık için döndürülen neden kodu: 651.

Error: (01/14/2015 11:43:08 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/14/2015 11:42:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: "37.0.2062.103,language="*",type="win32",version="37.0.2062.103"1" için etkinleştirme içeriği oluşturulamadı.
37.0.2062.103,language="*",type="win32",version="37.0.2062.103" Bağımlı Derlemesi bulunamadı.
Lütfen ayrıntılı tanılama için sxstrace.exe programını kullanın.

Error: (01/14/2015 08:34:07 PM) (Source: MsiInstaller) (EventID: 10005) (User: Sinan-Ev)
Description: Product: Bonjour -- A later version of Bonjour is already installed on this computer.

Error: (01/13/2015 11:37:44 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/13/2015 10:20:04 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: H:\ yedekleme konumuna yazılırken oluşan bir hata nedeniyle yedekleme başarıyla tamamlanmadı. Hata: Yedekleme konumu bulunamıyor veya geçerli değil. Yedekleme ayarlarınızı gözden geçirin ve yedekleme konumunu denetleyin. (0x81000006).

Error: (01/05/2015 00:03:24 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: H:\ yedekleme konumuna yazılırken oluşan bir hata nedeniyle yedekleme başarıyla tamamlanmadı. Hata: Yedekleme konumu bulunamıyor veya geçerli değil. Yedekleme ayarlarınızı gözden geçirin ve yedekleme konumunu denetleyin. (0x81000006).

System errors:
=============
Error: (01/15/2015 10:22:55 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Aşağıdaki önyükleme başlatma veya sistem başlatma sürücüsü (sürücüleri) yüklenemedi:
HssDRV6

Error: (01/15/2015 10:22:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: eamonm hizmeti şu hata nedeniyle başlatılamadı:
%%2

Error: (01/15/2015 10:22:34 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Bu sistemle uyumlu olmadığından \??\C:\Windows\SysWow64\drivers\SSHDRV65.sys sürücüsünün yüklenmesi engellendi. Sürücünün uyumlu sürümü için lütfen yazılım satıcınıza başvurun.

Error: (01/15/2015 02:23:28 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Aşağıdaki önyükleme başlatma veya sistem başlatma sürücüsü (sürücüleri) yüklenemedi:
HssDRV6

Error: (01/15/2015 02:23:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: eamonm hizmeti şu hata nedeniyle başlatılamadı:
%%2

Error: (01/15/2015 02:23:00 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Bu sistemle uyumlu olmadığından \??\C:\Windows\SysWow64\drivers\SSHDRV65.sys sürücüsünün yüklenmesi engellendi. Sürücünün uyumlu sürümü için lütfen yazılım satıcınıza başvurun.

Error: (01/15/2015 02:02:38 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Aşağıdaki önyükleme başlatma veya sistem başlatma sürücüsü (sürücüleri) yüklenemedi:
HssDRV6

Error: (01/15/2015 02:02:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: eamonm hizmeti şu hata nedeniyle başlatılamadı:
%%2

Error: (01/15/2015 02:02:16 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Bu sistemle uyumlu olmadığından \??\C:\Windows\SysWow64\drivers\SSHDRV65.sys sürücüsünün yüklenmesi engellendi. Sürücünün uyumlu sürümü için lütfen yazılım satıcınıza başvurun.

Error: (01/15/2015 01:30:47 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Aşağıdaki önyükleme başlatma veya sistem başlatma sürücüsü (sürücüleri) yüklenemedi:
HssDRV6

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2011-11-03 11:12:13.131
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-11-02 20:46:09.629
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-11-02 17:44:43.572
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-11-02 17:35:01.151
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-11-02 17:17:01.072
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-11-02 16:48:17.427
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-11-01 23:11:59.204
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-11-01 19:33:22.179
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-11-01 19:20:35.161
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2011-11-01 18:12:38.851
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 28%
Total physical RAM: 4094.3 MB
Available physical RAM: 2939.68 MB
Total Pagefile: 8186.8 MB
Available Pagefile: 6990.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:244.14 GB) (Free:154.88 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:221.61 GB) (Free:220.25 GB) NTFS
Drive h: () (Fixed) (Total:297.4 GB) (Free:239.17 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CEE9CEE9)
Partition 1: (Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=221.6 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 297.4 GB) (Disk ID: 73696D20)
No partition Table on disk 1.

==================== End Of Log ============================

 

Link to post
Share on other sites

Before we start please read and note the following:

  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

:excl: I can't foresee everything, so if anything unexpected happens, please stop and inform me!
:excl: There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
  warning.gif Rules and policies
 
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
 
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
 
 
 
 
MGADiag.png Scan with MGADiag

Need to check one more thing.

  • Please download MGADiag by Microsoft and save it to your desktop.
  • Double-click on MGADiag.png icon to start the tool.
  • Press Continue when prompted.
  • When it has finished, press Copy.
  • Press the WindowsKey.png + R on your keyboard at the same time. Type Notepad and click OK.
  • Paste (Ctrl+V) this into notepad and save to your desktop.

Include that report in your reply.

Link to post
Share on other sites

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-Q6MMK-KYK6X-VKM6G
Windows Product Key Hash: 289NoAWl2ZoVfuieux/315WkDIc=
Windows Product ID: 00426-OEM-8992662-00173
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.001
ID: {3527C273-A6D7-4412-A4D7-6E3C1AAEC020}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Ultimate
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.110622-1506
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Enterprise 2007 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-8009_E2AD56EA-766-2efd_E2AD56EA-148-80004005_16E0B333-89-80004005_B4D0AA8B-1029-80004005

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{3527C273-A6D7-4412-A4D7-6E3C1AAEC020}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-VKM6G</PKey><PID>00426-OEM-8992662-00173</PID><PIDType>2</PIDType><SID>S-1-5-21-2063291869-1648730404-153019403</SID><SYSTEM><Manufacturer>Gigabyte Technology Co., Ltd.</Manufacturer><Model>EP45-DS3R</Model></SYSTEM><BIOS><Manufacturer>Award Software International, Inc.</Manufacturer><Version>F4</Version><SMBIOSVersion major="2" minor="4"/><Date>20080528000000.000000+000</Date></BIOS><HWID>20123A07018400F8</HWID><UserLCID>041F</UserLCID><SystemLCID>041F</SystemLCID><TimeZone>GTB Standart Saati(GMT+02:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>GBT   </OEMID><OEMTableID>GBTUACPI</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>64BC76978749586</Val><Hash>GW6PzcEVEDTVKeO5Ym5UUm41dBk=</Hash><Pid>89388-707-0441865-65798</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> 

Spsys.log Content: 0x80070002

Licensing Data-->
Yazılım lisans hizmeti sürümü: 6.1.7601.17514

Ad: Windows® 7, Ultimate edition
Açıklama: Windows Operating System - Windows® 7, OEM_SLP channel
Etkinleştirme Kimliği: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
Uygulama Kimliği: 55c92734-d682-4d71-983e-d6ec3f16059f
Uzatılmış PID: 00426-00178-926-600173-02-1055-7601.0000-0542013
Yükleme Kimliği: 022065218625713716538870677375324325724216557541416636
İşlemci Sertifikası URL'si: http://go.microsoft.com/fwlink/?LinkID=88338
Makine Sertifikası URL'si: http://go.microsoft.com/fwlink/?LinkID=88339
Kullanım Lisansı URL'si: http://go.microsoft.com/fwlink/?LinkID=88341
Ürün Anahtarı Sertifikası URL'si: http://go.microsoft.com/fwlink/?LinkID=88340
Kısmi Ürün Anahtarı: VKM6G
Lisans Durumu: Lisanslı
Kalan Windows yeniden etkinleştirme sayısı: 3
Güvenilen saat: 15.01.2015 13:50:12

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: N/A
HealthStatus: 0x0000000000000000
Event Time Stamp: N/A
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Not Registered - 0x80070005
HealthStatus Bitmask Output:

HWID Data-->
HWID Hash Current: OAAAAAIABgABAAEAAAABAAAAAgABAAEA6GGcJTI3EFsMNUa85L+ENOJfmLJaXTRuKs9AuxYmRso=

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
  ACPI Table Name OEMID Value OEMTableID Value
  APIC   GBT     GBTUACPI
  FACP   GBT     GBTUACPI
  HPET   GBT     GBTUACPI
  MCFG   GBT     GBTUACPI
  SSDT   PmRef  CpuPm
  SLIC   GBT     GBTUACPI

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.