Jump to content

PUM.Dns and Pum.searchpage found on rogue killer


Recommended Posts

I found 4 Pum.dns and 2 Pum.searchpage in registry.When I rebooted and ran RK again it found 4 Pum.Dns and 2 Pum.searchpage entries, again in the registry. How can I tell if my system is clean and fully removed of pum.dns and pum.searchpage ?
 
MBAM:SCAN LOG
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Tarama Tarihi: 8.6.2015
Tarama Zamanı: 12:52:20
Kütük dosyası: Scan Log.txt
Yönetici: Evet
 
Sürüm: 2.01.6.1022
Zararlı Veritabanı: v2015.05.10.02
Rootkit Veritabanı: v2015.06.02.01
Lisans: Ücretsiz
Zararlı koruması: Devre dışı
Zararlı internet sitesi koruması: Devre dışı
Kendini koruma: Devre dışı
 
İşletim Sistemi: Windows 8.1
İşlemci: x64
Dosya Sistemi: NTFS
Kullanıcı: Oyuncu
 
Tarama Türü: Tehdit Taraması
Sonuç: Tamamlandı
Taranmış Öğeler: 384036
Geçen Süre: 6 dk, 23 sn
 
Hafıza: Etkin
Başlangıç: Etkin
Dosya sistemi: Etkin
Arşivler: Etkin
Rootkit: Etkin
Buluşsal yöntemler: Etkin
PUP: Etkin
PUM: Etkin
 
İşlemler: 0
(Zararlı maddeleri tespit)
 
Modüller: 0
(Zararlı maddeleri tespit)
 
Kayıt Anahtarları: 0
(Zararlı maddeleri tespit)
 
Kayıt Girdileri: 0
(Zararlı maddeleri tespit)
 
Kayıt Verileri: 0
(Zararlı maddeleri tespit)
 
Klasörler: 0
(Zararlı maddeleri tespit)
 
Dosyalar: 0
(Zararlı maddeleri tespit)
 
Fiziksel Sektörler: 0
(Zararlı maddeleri tespit)
 
 
(end)
 
 
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2015
Ran by Oyuncu (administrator) on GORKEMPC on 08-06-2015 13:02:26
Running from C:\Users\gorkemeren\Desktop
Loaded Profiles: Oyuncu (Available Profiles: Oyuncu)
Platform: Windows 8.1 Pro (X64) OS Language: Türkçe (Türkiye)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Mr. John aka japamd) D:\RadeonPro\RadeonProSupport.exe
(Razer Inc.) D:\Razer Cortex\RzKLService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2014-08-28] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10801944 2014-07-28] (Logitech Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-05-26] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-966167090-4290164784-3041656091-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-966167090-4290164784-3041656091-1001\...\Run: [EADM] => D:\Origin\Origin.exe [3619160 2015-01-27] (Electronic Arts)
HKU\S-1-5-21-966167090-4290164784-3041656091-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-966167090-4290164784-3041656091-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bit
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-966167090-4290164784-3041656091-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.tr.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-09-18] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-16] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-09-18] (Kaspersky Lab ZAO)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-09-18] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-09-18] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-16] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-09-18] (Kaspersky Lab ZAO)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-09-18] (Kaspersky Lab ZAO)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-30] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-966167090-4290164784-3041656091-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\gorkemeren\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-09-18]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-18]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-09-18]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-09-18]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-09-18]
 
Chrome: 
=======
CHR Profile: C:\Users\gorkemeren\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (WOT) - C:\Users\gorkemeren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-04-12]
CHR Extension: (Kaspersky Protection) - C:\Users\gorkemeren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2015-05-27]
CHR Extension: (AdBlock) - C:\Users\gorkemeren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-21]
CHR Extension: (Bookmark Manager) - C:\Users\gorkemeren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (Skype Click to Call) - C:\Users\gorkemeren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-02-21]
CHR Extension: (Google Wallet) - C:\Users\gorkemeren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-21]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-29]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-29] (Kaspersky Lab ZAO)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S2 MBAMService; D:\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [1910128 2015-01-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-09-28] ()
R2 RadeonPro Support Service; D:\RadeonPro\RadeonProSupport.exe [20608 2013-11-04] (Mr. John aka japamd) [File not signed]
R2 RzKLService; D:\Razer Cortex\RzKLService.exe [105448 2014-08-28] (Razer Inc.)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-12-21] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-28] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-04-01] (REALiX)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-09-18] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-09-18] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-09-18] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-09-18] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-29] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-09-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-29] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-09-18] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-09-18] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-25] ()
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-06-08] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-16] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [101680 2015-04-05] (Zemana Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-08 13:02 - 2015-06-08 13:02 - 00017757 _____ C:\Users\gorkemeren\Desktop\FRST.txt
2015-06-08 13:01 - 2015-06-08 13:02 - 00000000 ____D C:\FRST
2015-06-08 12:51 - 2015-06-08 12:51 - 02108928 _____ (Farbar) C:\Users\gorkemeren\Desktop\FRST64.exe
2015-06-08 12:49 - 2015-06-08 12:50 - 00000401 _____ C:\Users\gorkemeren\Desktop\Yeni Metin Belgesi (10).txt
2015-06-06 18:25 - 2015-06-06 18:25 - 11230592 _____ (Enigma Software Group USA, LLC.) C:\Users\gorkemeren\Downloads\RegHunter-Installer (1).exe
2015-06-06 18:07 - 2015-06-06 18:07 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\gorkemeren\Downloads\SpyHunter-Installer.exe
2015-06-06 12:51 - 2015-06-06 12:51 - 00023205 _____ C:\Users\gorkemeren\Downloads\Torrent-Oyun_The.Witcher.3.Wild.Hunt.Update.v1.05-BAT.torrent
2015-06-06 12:43 - 2015-06-06 12:43 - 00000000 ____D C:\ProgramData\Licenses
2015-06-06 12:42 - 2015-06-06 12:42 - 38982112 _____ (Simply Super Software ) C:\Users\gorkemeren\Downloads\trjsetup692.exe
2015-06-05 13:22 - 2015-06-05 13:22 - 11230592 _____ (Enigma Software Group USA, LLC.) C:\Users\gorkemeren\Downloads\RegHunter-Installer.exe
2015-06-05 12:05 - 2015-06-05 12:05 - 40735937 _____ ( ) C:\Users\gorkemeren\Downloads\K-Lite_Codec_Pack_1120_Mega.exe
2015-06-05 12:05 - 2015-06-05 12:05 - 01384576 _____ (Skype Technologies S.A.) C:\Users\gorkemeren\Downloads\SkypeSetup (3).exe
2015-06-05 12:03 - 2015-06-08 11:34 - 00001160 _____ C:\Windows\setupact.log
2015-06-05 12:03 - 2015-06-05 12:03 - 00482608 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-05 12:03 - 2015-06-05 12:03 - 00000000 _____ C:\Windows\setuperr.log
2015-06-04 16:47 - 2015-06-04 16:47 - 05956126 _____ C:\Users\gorkemeren\Downloads\AMD-1036-104-1-0.rar
2015-06-04 16:43 - 2015-06-04 16:43 - 00004229 _____ C:\Users\gorkemeren\Downloads\The.Witcher.3.Wild.Hunt.DLC.Pack.2-BAT-[Torrent-Oyun.com].torrent
2015-06-03 16:07 - 2015-05-25 16:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-03 16:07 - 2015-05-25 16:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-03 16:07 - 2015-05-22 16:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-03 16:07 - 2015-05-21 16:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-03 16:07 - 2015-05-21 16:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-03 16:07 - 2015-05-21 16:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-03 16:07 - 2015-05-21 16:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-03 16:07 - 2015-05-21 16:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-03 16:07 - 2015-05-21 16:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-03 16:07 - 2015-05-16 01:01 - 00133288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-03 16:07 - 2015-05-16 00:05 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-03 16:07 - 2015-05-15 23:47 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-03 16:07 - 2015-05-15 23:23 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-03 16:07 - 2015-05-15 22:42 - 03682304 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-03 16:07 - 2015-05-15 22:32 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-03 16:07 - 2015-05-15 22:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-03 16:07 - 2015-05-15 22:28 - 02223104 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-03 16:07 - 2015-05-15 22:28 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-06-03 16:07 - 2015-05-15 22:28 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-03 16:07 - 2015-05-15 22:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-03 16:07 - 2015-05-15 22:21 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-03 16:07 - 2015-05-15 22:21 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-03 16:07 - 2015-05-15 22:19 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-03 16:07 - 2015-05-15 22:19 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-03 16:07 - 2015-04-17 01:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-01 17:54 - 2015-06-01 17:54 - 00000000 ____D C:\Users\gorkemeren\AppData\Local\GWX
2015-05-30 12:16 - 2015-05-30 12:16 - 00000000 ____D C:\Users\gorkemeren\AppData\Roaming\ATI
2015-05-30 12:16 - 2015-05-30 12:16 - 00000000 ____D C:\Users\gorkemeren\AppData\Local\ATI
2015-05-30 12:16 - 2015-05-30 12:16 - 00000000 ____D C:\ProgramData\ATI
2015-05-30 12:13 - 2015-05-30 12:13 - 00054252 _____ C:\Windows\SysWOW64\CCCInstall_201505301213568734.log
2015-05-30 12:13 - 2015-05-30 12:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-05-30 12:13 - 2015-05-30 12:13 - 00000000 ____D C:\ProgramData\AMD
2015-05-30 12:13 - 2015-05-30 12:13 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-05-30 12:13 - 2015-05-30 12:13 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2015-05-30 12:13 - 2015-05-30 12:13 - 00000000 _____ C:\Windows\ativpsrm.bin
2015-05-30 12:08 - 2015-05-30 12:08 - 00207872 _____ (Power Admin LLC) C:\Windows\PAExec.exe
2015-05-30 12:04 - 2015-05-30 12:06 - 305009736 _____ (AMD Inc.) C:\Users\gorkemeren\Downloads\amd-catalyst-15.5beta-64bit-win8.1-may27.exe
2015-05-27 18:48 - 2015-05-27 18:48 - 00000000 ____D C:\Users\gorkemeren\Downloads\vicir3.delece.paketi.Mysterion.TO
2015-05-27 14:25 - 2015-05-27 14:25 - 00001098 _____ C:\Users\gorkemeren\Desktop\MSI Afterburner.lnk
2015-05-27 14:25 - 2015-05-27 14:25 - 00000000 ____D C:\Users\gorkemeren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-05-27 14:24 - 2015-05-25 12:46 - 36485824 _____ C:\Users\gorkemeren\Downloads\MSIAfterburnerSetup411.exe
2015-05-27 12:36 - 2015-05-27 12:36 - 06549184 _____ (Piriform Ltd) C:\Users\gorkemeren\Downloads\ccsetup506.exe
2015-05-27 12:36 - 2015-05-27 12:36 - 01384064 _____ (Skype Technologies S.A.) C:\Users\gorkemeren\Downloads\SkypeSetup (2).exe
2015-05-27 12:19 - 2015-05-27 12:19 - 00022462 _____ C:\Users\gorkemeren\Downloads\The.Witcher.3.Wild.Hunt.Update.v1.04-BAT-[Torrent-Oyun.com].torrent
2015-05-27 01:41 - 2015-05-27 01:41 - 01359752 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-05-27 01:41 - 2015-05-27 01:41 - 00450744 _____ C:\Windows\system32\amdmiracast.dll
2015-05-27 01:41 - 2015-05-27 01:41 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-05-27 01:41 - 2015-05-27 01:41 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-05-27 01:41 - 2015-05-27 01:41 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-05-27 01:41 - 2015-05-27 01:41 - 00118096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-05-27 01:41 - 2015-05-27 01:41 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-05-27 01:41 - 2015-05-27 01:41 - 00102128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-05-27 01:41 - 2015-05-27 01:41 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-05-27 01:41 - 2015-05-27 01:41 - 00096448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-05-27 01:41 - 2015-05-27 01:41 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-05-27 01:41 - 2015-05-27 01:41 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-05-27 01:41 - 2015-05-27 01:41 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-05-27 01:41 - 2015-05-27 01:41 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-05-27 01:40 - 2015-05-27 01:40 - 11089120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-05-27 01:40 - 2015-05-27 01:40 - 09411256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-05-27 01:40 - 2015-05-27 01:40 - 08381280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-05-27 01:40 - 2015-05-27 01:40 - 08368872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-05-27 01:40 - 2015-05-27 01:40 - 07559840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-05-27 01:40 - 2015-05-27 01:40 - 07077264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-05-27 01:40 - 2015-05-27 01:40 - 01136736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-05-27 01:38 - 2015-05-27 01:38 - 00294600 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-05-27 01:35 - 2015-05-27 01:35 - 19339264 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-05-27 01:28 - 2015-05-27 01:28 - 47902208 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-05-27 01:28 - 2015-05-27 01:28 - 01187342 _____ C:\Windows\system32\amdocl_as64.exe
2015-05-27 01:28 - 2015-05-27 01:28 - 01061902 _____ C:\Windows\system32\amdocl_ld64.exe
2015-05-27 01:28 - 2015-05-27 01:28 - 00995342 _____ C:\Windows\SysWOW64\amdocl_as32.exe
2015-05-27 01:28 - 2015-05-27 01:28 - 00798734 _____ C:\Windows\SysWOW64\amdocl_ld32.exe
2015-05-27 01:28 - 2015-05-27 01:28 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-05-27 01:28 - 2015-05-27 01:28 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2015-05-27 01:28 - 2015-05-27 01:28 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2015-05-27 01:28 - 2015-05-27 01:28 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2015-05-27 01:28 - 2015-05-27 01:28 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2015-05-27 01:27 - 2015-05-27 01:27 - 40989696 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-05-27 01:26 - 2015-05-27 01:26 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-27 01:26 - 2015-05-27 01:26 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-27 01:21 - 2015-05-27 01:21 - 00134656 _____ C:\Windows\system32\amdhdl64.dll
2015-05-27 01:21 - 2015-05-27 01:21 - 00123392 _____ C:\Windows\SysWOW64\amdhdl32.dll
2015-05-27 01:20 - 2015-05-27 01:20 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-05-27 01:15 - 2015-05-27 01:15 - 23626752 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-05-27 01:14 - 2015-05-27 01:14 - 05837824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-05-27 01:14 - 2015-05-27 01:14 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-05-27 01:14 - 2015-05-27 01:14 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-05-27 01:14 - 2015-05-27 01:14 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-05-27 01:14 - 2015-05-27 01:14 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-05-27 01:12 - 2015-05-27 01:12 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-05-27 01:12 - 2015-05-27 01:12 - 00641088 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-05-27 01:12 - 2015-05-27 01:12 - 00641088 _____ C:\Windows\system32\atiapfxx.blb
2015-05-27 01:12 - 2015-05-27 01:12 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-05-27 01:12 - 2015-05-27 01:12 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-05-27 01:12 - 2015-05-27 01:12 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-05-27 01:12 - 2015-05-27 01:12 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-05-27 01:12 - 2015-05-27 01:12 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-05-27 01:11 - 2015-05-27 01:11 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-05-27 01:11 - 2015-05-27 01:11 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-05-27 01:11 - 2015-05-27 01:11 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-05-27 01:11 - 2015-05-27 01:11 - 00204952 _____ C:\Windows\SysWOW64\ativvsvl.dat
2015-05-27 01:11 - 2015-05-27 01:11 - 00204952 _____ C:\Windows\system32\ativvsvl.dat
2015-05-27 01:11 - 2015-05-27 01:11 - 00157144 _____ C:\Windows\SysWOW64\ativvsva.dat
2015-05-27 01:11 - 2015-05-27 01:11 - 00157144 _____ C:\Windows\system32\ativvsva.dat
2015-05-27 01:09 - 2015-05-27 01:09 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-05-27 01:09 - 2015-05-27 01:09 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-05-27 01:08 - 2015-05-27 01:08 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-05-27 01:07 - 2015-05-27 01:07 - 00776192 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-05-27 01:07 - 2015-05-27 01:07 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-05-27 01:07 - 2015-05-27 01:07 - 00246272 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-05-27 01:07 - 2015-05-27 01:07 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-05-27 01:07 - 2015-05-27 01:07 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-05-27 01:05 - 2015-05-27 01:05 - 00846848 _____ (AMD) C:\Windows\system32\coinst_14.50.dll
2015-05-27 01:04 - 2015-05-27 01:04 - 01218560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-05-27 01:04 - 2015-05-27 01:04 - 00905728 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-05-27 01:04 - 2015-05-27 01:04 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-05-27 01:04 - 2015-05-27 01:04 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-05-27 01:04 - 2015-05-27 01:04 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-05-27 01:04 - 2015-05-27 01:04 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-05-27 01:04 - 2015-05-27 01:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-05-27 01:04 - 2015-05-27 01:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-05-27 01:03 - 2015-05-27 01:03 - 00591872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-05-27 01:03 - 2015-05-27 01:03 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-05-27 01:03 - 2015-05-27 01:03 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-05-26 18:32 - 2015-05-26 18:32 - 00051200 _____ C:\Windows\system32\kdbsdk64.dll
2015-05-26 18:30 - 2015-05-26 18:30 - 00038912 _____ C:\Windows\SysWOW64\kdbsdk32.dll
2015-05-24 20:04 - 2015-05-24 20:04 - 06846309 _____ C:\Users\gorkemeren\Downloads\SopCast (2).zip
2015-05-24 20:04 - 2015-05-24 20:04 - 00001003 _____ C:\Users\gorkemeren\Desktop\SopCast.lnk
2015-05-24 20:04 - 2015-05-24 20:04 - 00000000 ____D C:\Users\gorkemeren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
2015-05-24 20:04 - 2015-05-24 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
2015-05-24 20:04 - 2015-05-24 20:04 - 00000000 ____D C:\Program Files (x86)\SopCast
2015-05-24 19:02 - 2015-05-24 19:02 - 09514205 _____ C:\Users\gorkemeren\Downloads\SopCast (1).zip
2015-05-24 18:58 - 2015-05-24 18:58 - 06846309 _____ C:\Users\gorkemeren\Downloads\SopCast.zip
2015-05-23 11:17 - 2015-05-23 11:17 - 00000000 ____D C:\Users\gorkemeren\Downloads\ReShade_0.18.4_Public_Beta_with_SweetFX_2.0_Beta_8
2015-05-23 11:15 - 2015-05-23 11:15 - 00033702 _____ C:\Users\gorkemeren\Downloads\SweetFX_Settings_The Witcher 3- Wild Hunt_K-putt'e Config 1.2.txt
2015-05-23 11:13 - 2015-05-23 11:13 - 01382413 _____ C:\Users\gorkemeren\Downloads\ReShade_0.18.4_Public_Beta_with_SweetFX_2.0_Beta_8.7z
2015-05-22 16:58 - 2015-06-06 18:59 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-966167090-4290164784-3041656091-1001
2015-05-22 16:55 - 2015-06-07 13:19 - 00000000 ____D C:\Users\gorkemeren\Documents\The Witcher 3
2015-05-22 16:50 - 2015-06-08 12:02 - 02052741 _____ C:\Windows\WindowsUpdate.log
2015-05-21 22:37 - 2015-04-16 09:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-05-21 22:37 - 2015-04-14 01:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-05-21 22:37 - 2015-04-14 01:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-05-21 22:37 - 2015-04-10 03:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-05-21 22:37 - 2015-04-10 03:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-05-21 22:37 - 2015-04-09 01:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-05-21 22:37 - 2015-04-09 01:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
2015-05-21 22:37 - 2015-04-02 01:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-05-21 22:37 - 2015-04-02 01:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-05-21 22:37 - 2015-04-01 07:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-05-21 22:37 - 2015-04-01 07:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-05-21 22:37 - 2015-04-01 07:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-05-21 22:37 - 2015-04-01 07:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-05-21 22:37 - 2015-04-01 06:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-05-21 22:37 - 2015-04-01 06:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-05-21 22:37 - 2015-04-01 06:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-05-21 22:37 - 2015-04-01 05:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-05-21 22:37 - 2015-04-01 05:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-05-21 22:37 - 2015-04-01 05:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-05-21 22:37 - 2015-04-01 05:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-05-21 22:37 - 2015-04-01 05:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-05-21 22:37 - 2015-04-01 05:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-05-21 22:37 - 2015-03-20 06:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-05-21 22:37 - 2015-03-20 06:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-05-21 22:37 - 2015-03-20 05:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-05-21 22:37 - 2015-03-20 05:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-05-21 22:37 - 2015-03-02 04:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-05-21 22:37 - 2015-03-02 04:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-05-21 22:30 - 2015-05-21 22:30 - 00000885 _____ C:\Users\Public\Desktop\The Witcher 3 - Wild Hunt.lnk
2015-05-21 22:30 - 2015-05-21 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 Wild Hunt
2015-05-21 22:16 - 2015-05-21 22:16 - 00022278 _____ C:\Users\gorkemeren\Downloads\The.Witcher.3.Wild.Hunt.Update.v1.03-BAT-[torrent-oyun.com].torrent
2015-05-21 22:13 - 2015-05-21 22:14 - 319646128 _____ ( ) C:\Users\gorkemeren\Downloads\witcher3_patch_1.01.exe
2015-05-21 19:35 - 2015-05-21 19:35 - 00058814 _____ C:\Users\gorkemeren\Downloads\The_Witcher_3_Wild_Hunt-FLT-[torrent-oyun.com].torrent
2015-05-21 19:35 - 2015-05-21 19:35 - 00058814 _____ C:\Users\gorkemeren\Downloads\The_Witcher_3_Wild_Hunt-FLT-[torrent-oyun.com] (1).torrent
2015-05-21 19:19 - 2015-05-21 19:19 - 00000000 ____D C:\Users\gorkemeren\AppData\Local\GTATurk.com_-_erorcun
2015-05-21 19:12 - 2015-05-21 19:12 - 01088055 _____ C:\Users\gorkemeren\Downloads\GTAVTurk_TRYama_v1.rar
2015-05-17 10:04 - 2015-05-23 17:15 - 00104448 ___SH C:\Users\gorkemeren\Desktop\Thumbs.db
2015-05-13 17:39 - 2015-04-30 23:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 17:39 - 2015-04-30 23:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 16:13 - 2015-05-01 02:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 16:13 - 2015-05-01 01:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 16:13 - 2015-04-21 20:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 16:13 - 2015-04-21 19:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 16:13 - 2015-04-21 19:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 16:13 - 2015-04-21 19:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 16:13 - 2015-04-21 19:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 16:13 - 2015-04-21 19:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 16:13 - 2015-04-21 19:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 16:13 - 2015-04-21 19:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 16:13 - 2015-04-21 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-13 16:13 - 2015-04-21 19:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 16:13 - 2015-04-21 19:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 16:13 - 2015-04-21 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 16:13 - 2015-04-21 19:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-13 16:13 - 2015-04-21 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 16:13 - 2015-04-21 19:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 16:13 - 2015-04-21 18:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-13 16:13 - 2015-04-21 18:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 16:13 - 2015-04-21 18:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-13 16:13 - 2015-04-21 18:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 16:13 - 2015-04-21 18:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 16:13 - 2015-04-21 18:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 16:13 - 2015-04-21 18:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 16:13 - 2015-04-21 18:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 16:13 - 2015-04-21 18:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 16:13 - 2015-04-21 18:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-13 16:13 - 2015-04-21 18:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 16:13 - 2015-04-21 18:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-13 16:13 - 2015-04-21 18:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 16:13 - 2015-04-21 18:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-13 16:13 - 2015-04-21 18:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 16:13 - 2015-04-21 18:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 16:13 - 2015-04-21 18:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 16:13 - 2015-04-21 18:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 16:13 - 2015-04-21 18:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 16:13 - 2015-04-21 18:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 16:13 - 2015-04-21 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 16:13 - 2015-04-21 18:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 16:13 - 2015-04-21 17:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 16:13 - 2015-04-21 17:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 16:13 - 2015-04-14 01:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 16:13 - 2015-04-10 04:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 16:13 - 2015-04-10 03:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 16:13 - 2015-04-10 03:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 16:13 - 2015-04-09 01:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 16:13 - 2015-03-30 08:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-13 16:13 - 2015-03-27 06:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 16:13 - 2015-03-27 05:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 16:13 - 2015-03-27 05:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 17:59 - 2015-05-12 17:59 - 00000000 ____D C:\ProgramData\Socialclub
2015-05-12 17:38 - 2015-05-12 17:38 - 00014446 _____ C:\Users\gorkemeren\Downloads\Grand Theft Auto V PROPER CRACKS-RELOADED-[Torrent-Oyun.com].torrent
2015-05-11 18:38 - 2015-06-03 16:30 - 00001786 _____ C:\Windows\SysWOW64\BroomData.bit
2015-05-11 18:38 - 2013-04-08 15:30 - 00022752 _____ C:\Windows\system32\PCloudBroom64.exe
2015-05-11 18:24 - 2015-05-11 18:24 - 00001298 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2015-05-11 18:24 - 2015-05-11 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2015-05-11 18:24 - 2015-05-11 18:24 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-05-11 18:24 - 2013-04-29 08:17 - 00047632 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-05-10 14:14 - 2015-04-10 03:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-10 14:14 - 2015-04-10 03:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-08 13:00 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-08 12:52 - 2015-04-06 17:02 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-08 12:28 - 2014-08-28 14:01 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-08 12:24 - 2015-01-03 22:20 - 00000814 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-08 12:13 - 2014-09-18 16:34 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-06-08 12:05 - 2014-12-16 17:56 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-06-08 11:38 - 2014-03-18 18:40 - 01728544 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-08 11:38 - 2014-03-18 17:58 - 00711250 _____ C:\Windows\system32\perfh01F.dat
2015-06-08 11:38 - 2014-03-18 17:58 - 00146214 _____ C:\Windows\system32\perfc01F.dat
2015-06-08 11:34 - 2014-08-28 14:00 - 00001042 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-08 11:34 - 2013-08-22 17:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-07 13:17 - 2015-01-23 19:03 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2015-06-07 13:17 - 2015-01-23 19:02 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2015-06-07 13:09 - 2015-03-07 21:05 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-07 13:02 - 2015-04-06 17:02 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-07 12:12 - 2015-01-15 17:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-07 11:52 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-06 21:45 - 2015-01-11 15:10 - 00000000 ____D C:\Users\gorkemeren\AppData\Local\CrashDumps
2015-06-06 18:23 - 2013-08-22 16:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-06 13:22 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\rescache
2015-06-06 13:01 - 2014-08-28 15:46 - 00000000 ____D C:\Users\gorkemeren\AppData\Roaming\BitTorrent
2015-06-06 12:44 - 2014-09-03 00:47 - 00000000 ____D C:\ProgramData\TEMP
2015-06-05 13:25 - 2014-11-11 18:15 - 00000000 ____D C:\Users\gorkemeren\AppData\Roaming\WiseUpdate
2015-06-05 12:07 - 2015-01-15 17:14 - 00000000 ____D C:\Users\gorkemeren\AppData\Roaming\Skype
2015-06-05 12:06 - 2015-04-12 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-06-05 12:06 - 2015-01-15 17:14 - 00000000 ____D C:\ProgramData\Skype
2015-06-05 12:06 - 2014-08-28 13:52 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-06-04 17:57 - 2014-09-08 00:56 - 00000000 ___RD C:\Users\gorkemeren\Desktop\OYUNLAR
2015-06-04 17:03 - 2014-12-16 17:56 - 00000000 ____D C:\ProgramData\RogueKiller
2015-06-03 16:07 - 2015-04-12 20:27 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-03 16:07 - 2014-11-20 20:39 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-03 16:07 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\tr-TR
2015-06-03 16:07 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-03 16:07 - 2013-08-22 18:20 - 00000000 ____D C:\Windows\CbsTemp
2015-05-31 21:00 - 2015-04-12 12:39 - 00112128 _____ C:\Windows\SysWOW64\ff_vfw.dll
2015-05-30 12:14 - 2014-08-28 13:05 - 00000000 ____D C:\Users\gorkemeren\AppData\Roaming\Raptr
2015-05-30 12:14 - 2014-08-28 13:05 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-05-30 12:13 - 2014-12-10 18:34 - 00000000 ____D C:\Program Files (x86)\AMD
2015-05-30 12:13 - 2014-08-28 12:07 - 00000000 ____D C:\Program Files\AMD
2015-05-30 12:12 - 2014-08-28 12:07 - 00000000 ____D C:\AMD
2015-05-30 12:08 - 2015-01-24 13:02 - 00000000 ____D C:\Users\gorkemeren\Downloads\DDU 15.2.0.0
2015-05-27 14:26 - 2014-08-28 17:07 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-05-27 13:43 - 2014-08-28 13:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-05-27 12:37 - 2015-04-12 12:25 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-05-27 12:37 - 2014-08-30 21:40 - 00000000 ____D C:\Program Files\CCleaner
2015-05-26 16:28 - 2014-08-28 14:01 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-22 16:50 - 2014-08-28 15:42 - 00000000 ____D C:\Users\gorkemeren\AppData\Roaming\DAEMON Tools Lite
2015-05-22 16:13 - 2014-08-30 22:14 - 00003098 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-966167090-4290164784-3041656091-1001
2015-05-22 16:13 - 2014-08-28 12:03 - 00000000 __RDO C:\Users\gorkemeren\OneDrive
2015-05-21 22:55 - 2013-08-22 18:36 - 00000000 ___RD C:\Windows\ToastData
2015-05-21 22:30 - 2014-08-28 12:08 - 00000000 ____D C:\ProgramData\Package Cache
2015-05-20 17:30 - 2015-04-10 20:03 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-20 17:30 - 2015-04-10 20:03 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-16 21:12 - 2014-08-28 12:03 - 00000000 ____D C:\Users\gorkemeren\AppData\Local\Packages
2015-05-16 15:23 - 2014-08-28 14:01 - 00004018 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 15:23 - 2014-08-28 14:01 - 00003782 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 23:34 - 2014-08-30 22:09 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-13 18:05 - 2015-01-03 21:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-13 18:05 - 2015-01-03 21:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 17:39 - 2014-08-28 13:34 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 17:37 - 2015-01-03 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 17:37 - 2014-08-28 13:34 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 17:36 - 2014-03-18 18:15 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-12 17:56 - 2015-04-18 15:22 - 00000000 ____D C:\Program Files\Rockstar Games
2015-05-12 17:56 - 2014-09-08 23:00 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
 
Some files in TEMP:
====================
C:\Users\gorkemeren\AppData\Local\Temp\dllnt_dump.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-03 16:01
 
==================== End of log ============================
 
ROGUEKİLLER:
RogueKiller V10.8.1.0 [Jun  3 2015] by Adlice Software
 
Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Oyuncu [Administrator]
Started from : C:\Users\gorkemeren\Desktop\RogueKiller.exe
Mode : Scan -- Date : 06/08/2015  12:08:06
 
¤¤¤ Processes : 0 ¤¤¤
 
¤¤¤ Registry : 6 ¤¤¤
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-966167090-4290164784-3041656091-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-966167090-4290164784-3041656091-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 0.0.0.0 [-][(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 0.0.0.0 [-][(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{06BB80B0-BEF6-4357-97C2-C1ABC695616A} | DhcpNameServer : 192.168.1.1 0.0.0.0 [-][(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{06BB80B0-BEF6-4357-97C2-C1ABC695616A} | DhcpNameServer : 192.168.1.1 0.0.0.0 [-][(Private Address) (XX)]  -> Found
 
¤¤¤ Tasks : 0 ¤¤¤
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ Hosts File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD103SJ +++++
--- User ---
[MBR] 0476009e33329b0ccce357b9a6055960
[bSP] 62154bbb6140895966660331ee9dc5d7 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 499900 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1024002048 | Size: 453866 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
 
+++++ PhysicalDrive1: SanDisk SDSSDX120GG25 +++++
--- User ---
[MBR] d6c0cb3cc5a2b947fc6222e7821762f9
[bSP] 354b5a8f1d4e17360989a9f74171f9e3 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 114371 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
 
+++++ PhysicalDrive2: Generic USB SD Reader USB Device +++++
Error reading User MBR! ([15] Ayg?t haz?r de?il. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] ?stek desteklenmiyor. )
 
+++++ PhysicalDrive3: Generic USB CF Reader USB Device +++++
Error reading User MBR! ([15] Ayg?t haz?r de?il. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] ?stek desteklenmiyor. )
 
+++++ PhysicalDrive4: Generic USB SM Reader USB Device +++++
Error reading User MBR! ([15] Ayg?t haz?r de?il. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] ?stek desteklenmiyor. )
 
+++++ PhysicalDrive5: Generic USB MS Reader USB Device +++++
Error reading User MBR! ([15] Ayg?t haz?r de?il. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] ?stek desteklenmiyor. )
 
 
============================================
RKreport_SCN_12162014_170058.log - RKreport_DEL_12162014_170845.log - RKreport_SCN_01172015_120842.log - RKreport_DEL_01172015_121246.log
RKreport_SCN_02072015_134231.log - RKreport_DEL_02072015_134432.log - RKreport_SCN_02082015_203219.log - RKreport_DEL_02082015_203252.log
RKreport_SCN_02102015_201742.log - RKreport_DEL_02102015_202309.log - RKreport_SCN_02132015_162515.log - RKreport_DEL_02132015_162541.log
RKreport_SCN_02152015_172453.log - RKreport_DEL_02152015_172702.log - RKreport_SCN_02172015_170712.log - RKreport_SCN_02172015_204814.log
RKreport_SCN_03032015_174203.log - RKreport_DEL_03032015_181111.log - RKreport_SCN_03062015_204858.log - RKreport_DEL_03062015_204930.log
RKreport_SCN_03082015_185459.log - RKreport_DEL_03082015_185534.log - RKreport_SCN_03082015_190022.log - RKreport_SCN_03092015_174854.log
RKreport_DEL_03092015_174901.log - RKreport_SCN_03122015_194336.log - RKreport_DEL_03122015_194354.log - RKreport_SCN_03142015_001647.log
RKreport_DEL_03142015_002010.log - RKreport_SCN_03142015_111228.log - RKreport_DEL_03142015_112014.log - RKreport_SCN_03142015_113244.log
RKreport_SCN_03152015_113055.log - RKreport_SCN_03152015_113430.log - RKreport_SCN_03202015_223656.log - RKreport_DEL_03202015_230451.log
RKreport_SCN_03272015_160750.log - RKreport_SCN_04042015_124002.log - RKreport_SCN_04112015_113021.log - RKreport_DEL_04112015_113435.log
RKreport_SCN_04142015_190549.log - RKreport_DEL_04142015_191005.log - RKreport_SCN_04142015_191909.log - RKreport_DEL_04142015_192725.log
RKreport_SCN_05102015_135520.log - RKreport_DEL_05102015_135639.log - RKreport_SCN_06042015_170133.log - RKreport_DEL_06042015_170233.log

 

Addition.txt

Link to post
Share on other sites

Hello and Welcome!

Well we would really like to help you further if we could but since the logs show that this computer has entries designed to steal and/or pirate software from Microsoft and other companies, we will not be able to assist you without you removing the pirated software.

This topic will be closed by one of the Admins or Mods due to evidence of cracked or pirated software on this system.

Piracy Policy

Thank you

Link to post
Share on other sites

  • Root Admin

C:\Users\gorkemeren\Downloads\witcher3_patch_1.01.exe

C:\Users\gorkemeren\Downloads\The_Witcher_3_Wild_Hunt-FLT-[torrent-oyun.com].torrent

C:\Users\gorkemeren\Downloads\Grand Theft Auto V PROPER CRACKS-RELOADED-[Torrent-Oyun.com].torrent

 

Task: {A054648E-A4C9-4EE8-B520-BA7FACB75E76} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.