Trojaner-Board - Sweetpage hat netbook verlangsamt

Guten Tag,

ich brauche dringend Hilfe und hoffe, daß mir jemand erklären kann, was ich tun muß.
Vor einem Monat habe ich mir einen Video program heruntergeladen. Plötzlich hatte ich im Chrome die "Sweet page" als Startseite . Mit viel Mühe habe ich die Seite gestern irgendwie beseitigt. Das hoffe ich jedenfalls. Aber mein 3! Monate alter Netbook, den ich für meine Arbeit brauche ist so langsam wie eine Schnecke geworden und ich habe Probleme mit meiner Internetverbindung. Ich muss die Seiten 20 Mal neu laden bis ich sie öffnen kann :confused::confused: Ich habe Windows 8.1.

Was kann ich machen damit mein System so lauft wie vor 3 Monaten?

Ich bin wirklich nicht gut in Computerfragen, aber bei einer step by step Anleitung würde ich versuchen mitzukommen. Weiss nicht ob diese Daten was bringen aber FRST.txt und Addittion.txt habe ich bereits.

Vielen Dank,
Elfyda

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014

Ran by Elif (administrator) on ELFYS on 02-08-2014 20:29:30

Running from C:\Users\Elif\Desktop

Platform: Windows 8.1 Single Language (X64) OS Language: Türkçe (Türkiye)

Internet Explorer Version 11

Boot Mode: Normal
 

The only official download link for FRST:

Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 

Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(AMD) C:\Windows\System32\atiesrxx.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe

(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkManagerDMS.exe

(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkDMS.exe

(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe

(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe

(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe

(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe

(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe

(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsCmdServer.exe

(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsEventHandler.exe

() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe

(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894152 2013-09-13] (ELAN Microelectronics Corp.)

HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [3965904 2013-06-06] ()

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)

HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [597576 2013-09-13] (Copyright 2013 SAMSUNG)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-05] (AVAST Software)

HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-24] ( (Atheros Communications))

HKU\S-1-5-21-2179528533-2916032355-2825890867-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.)

HKU\S-1-5-21-2179528533-2916032355-2825890867-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)

HKU\S-1-5-21-2179528533-2916032355-2825890867-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-2179528533-2916032355-2825890867-1001\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-21-2179528533-2916032355-2825890867-1001\...\Policies\Explorer: [HideClock] 0

HKU\S-1-5-21-2179528533-2916032355-2825890867-1001\...\Policies\Explorer: [NoFind] 0

HKU\S-1-5-21-2179528533-2916032355-2825890867-1001\...\Policies\Explorer: [NoViewContextMenu] 0

AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found

AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found

Startup: C:\Users\Elif\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitör Mürekkep Uyarıları - HP Officejet Pro 8600 (Ağ).lnk

ShortcutTarget: Monitör Mürekkep Uyarıları - HP Officejet Pro 8600 (Ağ).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)

ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

ShellIconOverlayIdentifiers: 1EldosIconOverlay -> {BC88FC36-2BAA-40F3-B991-F2D426C8177E} => C:\windows\SYSTEM32\CbFsMntNtf3.dll (EldoS Corporation)

ShellIconOverlayIdentifiers: BitcasaIconOverlay -> {A6975448-A999-49BB-B3E4-7730CF6A82C0} => C:\Program Files\Bitcasa\ExplorerMenu.dll ()

ShellIconOverlayIdentifiers: BitcasaProgressOverlay -> {6FB8D52A-0064-45B2-B687-F596FEAD09C2} => C:\Program Files\Bitcasa\ExplorerMenu.dll ()

ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers-x32: 1EldosIconOverlay -> {BC88FC36-2BAA-40F3-B991-F2D426C8177E} => C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405150001&from=sof&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD896749&q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1405150001&from=sof&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD896749&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1405150001&from=sof&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD896749&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1405150001&from=sof&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD896749&q={searchTerms}

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM - {3C25E81E-06C6-4B6A-9D9A-85D0984D1E7F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=SMJB

SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 - {3C25E81E-06C6-4B6A-9D9A-85D0984D1E7F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=SMJB

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {3C25E81E-06C6-4B6A-9D9A-85D0984D1E7F} URL = 

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
 

FireFox:

========

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
 

Chrome: 

=======

CHR HomePage: https://www.google.com.tr/

CHR StartupUrls: "hxxp://www.sweet-page.com/?type=hp&ts=1405150001&from=sof&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD896749"

CHR Extension: (ZenMate) - C:\Users\Elif\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-04-07]

CHR Extension: (avast! Online Security) - C:\Users\Elif\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-12]

CHR Extension: (Google Cüzdan) - C:\Users\Elif\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-16]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-11]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated)

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkManagerDMS.exe [404360 2013-09-10] (Samsung) [File not signed]

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-24] (Windows (R) Win 7 DDK provider)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-11] (AVAST Software)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)

R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100104 2013-09-06] (ELAN Microelectronics Corp.)

R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [759688 2014-07-12] (Cherished Technololgy LIMITED)

R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [605768 2013-09-13] (Copyright 2013 SAMSUNG)

R2 Settings Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe [1592712 2013-09-07] (Samsung Electronics CO., LTD.) [File not signed]

R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-24] (Atheros) [File not signed]
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-11] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-11] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-11] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-11] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-11] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-11] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-11] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-11] ()

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)

S3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [223432 2013-09-24] (Qualcomm Atheros)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-24] (Qualcomm Atheros)

S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)

R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352448 2013-02-11] (EldoS Corporation)

S3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [22832 2013-07-24] (ELAN Microelectronic Corp.)

R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)

R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)

S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr))

S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr))

S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [67864 2013-06-21] (DEVGURU Co., LTD.)

S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr))

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

S3 SBIOSIO; \??\C:\Windows\Temp\SBIOSIO64.SYS [X]

U0 sr; 

S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-08-02 20:29 - 2014-08-02 20:30 - 00018882 _____ () C:\Users\Elif\Desktop\FRST.txt

2014-08-02 20:27 - 2014-08-02 20:29 - 00000000 ____D () C:\FRST

2014-08-02 20:25 - 2014-08-02 20:25 - 02094080 _____ (Farbar) C:\Users\Elif\Desktop\FRST64.exe

2014-08-02 20:21 - 2014-08-02 20:21 - 00000017 _____ () C:\Users\Elif\AppData\Local\resmon.resmoncfg

2014-07-23 23:02 - 2014-07-24 02:40 - 00011937 _____ () C:\Users\Elif\Desktop\ağustos.xlsx

2014-07-23 22:39 - 2014-07-23 22:39 - 00017121 _____ () C:\Users\Elif\Downloads\3 aylar-2.xlsx

2014-07-14 18:08 - 2014-07-14 22:43 - 00000000 ____D () C:\Users\Elif\Desktop\yeni

2014-07-14 18:06 - 2014-07-13 17:55 - 205823509 ____N () C:\Users\Elif\Desktop\IMG_2949.MOV

2014-07-14 18:05 - 2014-07-13 10:24 - 1378387347 ____N () C:\Users\Elif\Desktop\IMG_2947.MOV

2014-07-14 18:04 - 2014-07-14 09:00 - 17261035 ____N () C:\Users\Elif\Desktop\IMG_2951.MOV

2014-07-14 18:04 - 2014-07-07 09:42 - 47867573 ____N () C:\Users\Elif\Desktop\IMG_2910.MOV

2014-07-12 10:27 - 2014-08-02 00:11 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect

2014-07-12 10:27 - 2014-08-01 23:45 - 00000000 ____D () C:\Program Files (x86)\SupTab

2014-07-12 10:27 - 2014-07-12 10:27 - 00000000 ____D () C:\ProgramData\IePluginServices

2014-07-12 10:26 - 2014-07-12 10:26 - 00000000 ____D () C:\windows\XSxS

2014-07-12 10:22 - 2014-07-12 10:22 - 20001392 _____ (DeskShare ) C:\Users\Elif\Desktop\amc.exe

2014-07-12 10:21 - 2014-07-12 10:21 - 00360280 _____ (Softonic) C:\Users\Elif\Downloads\SoftonicDownloader_for_auto-movie-creator.exe

2014-07-10 10:30 - 2014-06-26 23:55 - 00703968 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe

2014-07-10 10:30 - 2014-06-26 23:55 - 00105440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-09 19:02 - 2014-04-14 06:29 - 01018880 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll

2014-07-09 15:22 - 2014-06-17 01:26 - 00779264 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe

2014-07-09 15:22 - 2014-06-17 01:24 - 00834048 _____ (Microsoft Corporation) C:\windows\system32\osk.exe

2014-07-09 15:22 - 2014-06-06 17:20 - 04190720 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

2014-07-09 15:22 - 2014-05-30 06:03 - 00563200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys

2014-07-09 15:22 - 2014-05-29 15:02 - 00565576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys

2014-07-09 15:22 - 2014-05-29 10:55 - 00735232 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll

2014-07-09 15:22 - 2014-05-29 09:40 - 00735232 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll

2014-07-09 15:22 - 2014-05-29 09:37 - 00436224 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll

2014-07-09 15:22 - 2014-05-29 08:34 - 00318976 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll

2014-07-09 15:22 - 2014-05-29 08:27 - 01417216 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll

2014-07-09 15:21 - 2014-06-19 04:39 - 23464448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-07-09 15:21 - 2014-06-19 03:16 - 17276416 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-07-09 15:21 - 2014-06-19 02:51 - 05721088 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-07-09 15:21 - 2014-06-19 02:46 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll

2014-07-09 15:21 - 2014-06-19 01:57 - 00225280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll

2014-07-09 15:20 - 2014-06-19 03:48 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-07-09 15:20 - 2014-06-19 03:09 - 00452608 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll

2014-07-09 15:20 - 2014-06-19 02:50 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll

2014-07-09 15:20 - 2014-06-19 02:48 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll

2014-07-09 15:20 - 2014-06-19 02:39 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-07-09 15:20 - 2014-06-19 02:33 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-07-09 15:20 - 2014-06-19 02:32 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-07-09 15:20 - 2014-06-19 02:27 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-07-09 15:20 - 2014-06-19 02:12 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll

2014-07-09 15:20 - 2014-06-19 01:59 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll

2014-07-09 15:20 - 2014-06-19 01:58 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-07-09 15:20 - 2014-06-19 01:58 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll

2014-07-09 15:20 - 2014-06-19 01:52 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-07-09 15:20 - 2014-06-19 01:51 - 13527040 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-07-09 15:20 - 2014-06-19 01:49 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-07-09 15:20 - 2014-06-19 01:45 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-07-09 15:20 - 2014-06-19 01:35 - 11742208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-07-09 15:20 - 2014-06-19 01:34 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-07-09 15:20 - 2014-06-19 01:15 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-07-09 15:20 - 2014-06-19 01:13 - 01791488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-07-09 15:20 - 2014-06-19 01:09 - 01139200 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-07-09 15:20 - 2014-06-19 01:07 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-07-09 15:20 - 2014-06-06 16:04 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll

2014-07-09 15:20 - 2014-06-06 15:18 - 00488960 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll

2014-07-09 15:20 - 2014-05-31 13:07 - 00054776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe

2014-07-09 15:20 - 2014-05-31 13:06 - 00555736 _____ (Microsoft Corporation) C:\windows\system32\twinapi.appcore.dll

2014-07-09 15:20 - 2014-05-31 06:40 - 13287936 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll

2014-07-09 15:20 - 2014-05-31 06:30 - 11792384 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll

2014-07-09 15:20 - 2014-05-31 06:12 - 00249344 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-09 15:20 - 2014-05-31 06:06 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll

2014-07-09 15:20 - 2014-05-31 06:03 - 00827392 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll

2014-07-09 15:20 - 2014-05-31 06:01 - 00189952 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-09 15:20 - 2014-05-31 05:56 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll

2014-07-09 15:20 - 2014-05-31 05:54 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll

2014-07-09 15:20 - 2014-05-31 05:48 - 03463680 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll

2014-07-09 15:20 - 2014-05-31 05:37 - 01054208 _____ (Microsoft Corporation) C:\windows\system32\twinui.appcore.dll

2014-07-09 15:20 - 2014-05-31 05:36 - 00923136 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll

2014-07-09 15:20 - 2014-05-31 05:35 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.appcore.dll

2014-07-09 15:20 - 2014-05-31 05:32 - 00756224 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll

2014-07-09 15:14 - 2014-07-09 15:14 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\WSReset.exe
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-08-02 20:30 - 2014-08-02 20:29 - 00018882 _____ () C:\Users\Elif\Desktop\FRST.txt

2014-08-02 20:29 - 2014-08-02 20:27 - 00000000 ____D () C:\FRST

2014-08-02 20:26 - 2014-03-31 00:09 - 00353792 ___SH () C:\Users\Elif\Downloads\Thumbs.db

2014-08-02 20:25 - 2014-08-02 20:25 - 02094080 _____ (Farbar) C:\Users\Elif\Desktop\FRST64.exe

2014-08-02 20:25 - 2014-03-16 20:08 - 00003940 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{2C40B357-8E27-44D9-B4BB-290DC93F171D}

2014-08-02 20:21 - 2014-08-02 20:21 - 00000017 _____ () C:\Users\Elif\AppData\Local\resmon.resmoncfg

2014-08-02 20:00 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\system32\sru

2014-08-02 19:41 - 2014-03-16 20:19 - 00001028 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-02 19:39 - 2014-03-31 17:42 - 00000000 ____D () C:\Users\Elif\AppData\Roaming\Skype

2014-08-02 19:32 - 2014-03-16 20:09 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2179528533-2916032355-2825890867-1001

2014-08-02 19:24 - 2013-11-07 10:13 - 00000000 ____D () C:\ProgramData\WinClon

2014-08-02 19:22 - 2014-05-01 09:06 - 00000000 ____D () C:\Users\Elif\Tracing

2014-08-02 19:22 - 2014-03-16 20:20 - 00002199 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-08-02 19:22 - 2014-03-16 20:19 - 00001024 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-02 19:21 - 2014-03-16 20:07 - 00000000 __RDO () C:\Users\Elif\SkyDrive

2014-08-02 15:34 - 2013-11-07 09:42 - 00065536 _____ () C:\windows\system32\spu_storage.bin

2014-08-02 12:55 - 2014-03-16 19:58 - 01733161 _____ () C:\windows\WindowsUpdate.log

2014-08-02 00:11 - 2014-07-12 10:27 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect

2014-08-01 23:45 - 2014-07-12 10:27 - 00000000 ____D () C:\Program Files (x86)\SupTab

2014-08-01 19:42 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\AppReadiness

2014-07-29 23:58 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\LiveKernelReports

2014-07-27 10:41 - 2014-03-26 11:06 - 01130496 ___SH () C:\Users\Elif\Desktop\Thumbs.db

2014-07-24 02:40 - 2014-07-23 23:02 - 00011937 _____ () C:\Users\Elif\Desktop\ağustos.xlsx

2014-07-23 22:40 - 2014-03-16 20:03 - 00000000 ____D () C:\Users\Elif\AppData\Local\Packages

2014-07-23 22:39 - 2014-07-23 22:39 - 00017121 _____ () C:\Users\Elif\Downloads\3 aylar-2.xlsx

2014-07-18 10:54 - 2014-03-26 21:14 - 00005040 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ELFYS-Elif Elfys

2014-07-17 14:28 - 2014-03-16 20:02 - 00000000 ____D () C:\Users\Elif

2014-07-17 14:13 - 2013-11-08 03:07 - 00724080 _____ () C:\windows\system32\perfh01F.dat

2014-07-17 14:13 - 2013-11-08 03:07 - 00150108 _____ () C:\windows\system32\perfc01F.dat

2014-07-17 14:13 - 2013-08-27 07:56 - 01728544 _____ () C:\windows\system32\PerfStringBackup.INI

2014-07-17 14:09 - 2013-08-27 07:50 - 00782226 _____ () C:\windows\PFRO.log

2014-07-17 14:09 - 2013-08-22 17:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT

2014-07-16 11:43 - 2014-06-11 18:08 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update

2014-07-14 22:43 - 2014-07-14 18:08 - 00000000 ____D () C:\Users\Elif\Desktop\yeni

2014-07-14 18:20 - 2014-03-19 23:35 - 00000000 ____D () C:\Users\Elif\AppData\Local\CrashDumps

2014-07-14 09:00 - 2014-07-14 18:04 - 17261035 ____N () C:\Users\Elif\Desktop\IMG_2951.MOV

2014-07-13 17:55 - 2014-07-14 18:06 - 205823509 ____N () C:\Users\Elif\Desktop\IMG_2949.MOV

2014-07-13 10:24 - 2014-07-14 18:05 - 1378387347 ____N () C:\Users\Elif\Desktop\IMG_2947.MOV

2014-07-12 10:27 - 2014-07-12 10:27 - 00000000 ____D () C:\ProgramData\IePluginServices

2014-07-12 10:26 - 2014-07-12 10:26 - 00000000 ____D () C:\windows\XSxS

2014-07-12 10:22 - 2014-07-12 10:22 - 20001392 _____ (DeskShare ) C:\Users\Elif\Desktop\amc.exe

2014-07-12 10:21 - 2014-07-12 10:21 - 00360280 _____ (Softonic) C:\Users\Elif\Downloads\SoftonicDownloader_for_auto-movie-creator.exe

2014-07-11 23:48 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\rescache

2014-07-10 10:30 - 2013-08-22 17:44 - 03487240 _____ () C:\windows\system32\FNTCACHE.DAT

2014-07-10 02:44 - 2013-08-22 16:25 - 00262144 ___SH () C:\windows\system32\config\BBI

2014-07-10 02:43 - 2013-08-22 18:36 - 00000000 ___RD () C:\windows\ToastData

2014-07-10 02:43 - 2013-08-22 18:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-07-10 02:43 - 2013-08-22 18:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-07-10 02:43 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\WinStore

2014-07-10 02:43 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\SysWOW64\tr-TR

2014-07-10 02:43 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\system32\tr-TR

2014-07-09 19:12 - 2013-08-22 18:20 - 00000000 ____D () C:\windows\CbsTemp

2014-07-09 19:10 - 2014-03-19 18:00 - 00000000 ____D () C:\windows\system32\MRT

2014-07-09 19:05 - 2014-03-19 17:59 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

2014-07-09 19:05 - 2013-08-22 16:25 - 00262144 ___SH () C:\windows\system32\config\ELAM

2014-07-09 19:01 - 2013-08-22 22:12 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-09 15:14 - 2014-07-09 15:14 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\WSReset.exe

2014-07-08 21:44 - 2014-03-16 20:11 - 00000000 ____D () C:\Program Files\Microsoft Office 15

2014-07-07 09:42 - 2014-07-14 18:04 - 47867573 ____N () C:\Users\Elif\Desktop\IMG_2910.MOV
 

Files to move or delete:

====================

C:\ProgramData\MakeMarkerFile.exe

C:\Users\EasySurvey\EasySurvey.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-07-25 22:36
 

==================== End Of Log ============================

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-08-2014

Ran by Elif at 2014-08-02 20:33:03

Running from C:\Users\Elif\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.2.0.26 - Absolute Software)

Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)

Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

Adobe Reader XI (11.0.03)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)

AllShare Framework DMS (HKLM\...\{3C98731D-98BC-4D0D-9366-0306B4B36A36}) (Version: 1.3.18 - Samsung)

AMD Accelerated Video Transcoding (Version: 13.15.100.30830 - Advanced Micro Devices, Inc.) Hidden

AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden

AMD Catalyst Install Manager (HKLM\...\{8D819115-F915-F5B3-3D4F-032A8DF32F5C}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)

avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)

Bitcasa version 1.0.1.5011 (HKLM\...\{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1) (Version: 1.0.1.5011 - Bitcasa Inc.)

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden

ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

ETDWare X64 11.7.18.2_WHQL (HKLM\...\Elantech) (Version: 11.7.18.2 - ELAN Microelectronic Corp.)

Fotoğraf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)

HomeSync Lite (HKLM-x32\...\{82EC241F-DFCA-4166-A8C3-EA5D2B9A41C4}) (Version: 1.1.0.27 - Samsung Electronics CO., LTD.)

HP Officejet Pro 8600 Temel Aygıt Yazılımı (HKLM\...\{2B56B0F5-5836-46E4-95F2-59D70DCE67B3}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office 365 - tr-tr (HKLM\...\O365HomePremRetail - tr-tr) (Version: 15.0.4631.1002 - Microsoft Corporation)

Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden

Phone Screen Sharing (HKLM-x32\...\{DF02C515-40B5-45AC-A601-5DC69D03885C}) (Version: 2.0.0.21 - RSUPPORT)

Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications)

Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7045 - Realtek Semiconductor Corp.)

Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.10.2 - Samsung Electronics CO., LTD.)

S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden

Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)

Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden

Samsung Link 1.7.0.1309132008 (HKLM\...\8474-7877-9059-0204) (Version: 1.7.0.1309132008 - Copyright 2013 SAMSUNG)

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)

Settings (HKLM-x32\...\{3BB58176-B3A7-47FD-9F18-C3576431D193}) (Version: 2.2.0 - Samsung Electronics CO., LTD.)

SideSync (HKLM-x32\...\{59687468-8CE9-4ABF-9C6A-5C31F0E09F8B}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

Support Center (HKLM\...\{843A1BDC-0879-4E5B-83E1-B81CC0CF3580}) (Version: 2.1.1201 - Samsung Electronics CO., LTD.)

Support Center FAQ (x32 Version: 1.0.12 - Samsung Electronics CO., LTD.) Hidden

SW Update (HKLM-x32\...\{DA06101F-FD76-4BF0-88BD-B26A197005E3}) (Version: 2.1.21 - Samsung Electronics CO., LTD.)

User Manual (HKLM-x32\...\{2EE78848-6204-4E23-B863-7BA8C0AE6AE1}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)

Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)

Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Temel Parçalar (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Windows Live Temel Parçalar (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 

CustomCLSID: HKU\S-1-5-21-2179528533-2916032355-2825890867-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Elif\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
 

==================== Restore Points  =========================
 

12-07-2014 07:23:27 Microsoft Visual C++ 2005 Redistributable Yüklendi

21-07-2014 13:34:54 Zamanlanmış Denetim Noktası

29-07-2014 16:57:37 Zamanlanmış Denetim Noktası
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2013-08-22 16:25 - 2013-08-22 16:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {01883F95-01BB-4D33-A441-262457CDC37A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-16] (Google Inc.)

Task: {04524D54-48F7-4366-88A8-EBA7217310AF} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ELFYS-Elif Elfys => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-06-03] (Microsoft Corporation)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

Task: {1125B2C0-3BC9-4225-87E9-634AF5625B7E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-07-09] (Microsoft Corporation)

Task: {13EED4C7-061C-4934-890B-9A1A25481EAF} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation

Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask

Task: {2A1AF8E3-FA7A-4752-8AE2-0E702D185037} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload

Task: {2B21BBAC-488C-438F-B372-968D342DE9C8} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2179528533-2916032355-2825890867-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe

Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)

Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)

Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance

Task: {5477AE74-5B1A-401C-8C66-4DC3EEDB2BAE} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)

Task: {62DAC5CC-F5AC-41E3-BD9C-59613FF3FFC5} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-09-20] (SEC)

Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup

Task: {6B4615B2-EF4B-4264-9CDC-D61D371A76ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-16] (Google Inc.)

Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task

Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

Task: {75AE3096-E9CA-4656-AEC8-41FE413380F9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-10] (Microsoft Corporation)

Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task

Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask

Task: {935B7432-6EB0-49EF-9F8E-84322E21D6DB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)

Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work

Task: {A050B524-CBC5-4908-A6FA-AED29DFB48DE} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv

Task: {A43EED4A-30A2-4AB0-8C93-88C1AAA5626D} - System32\Tasks\LaunchSettings => C:\Program Files (x86)\Samsung\Settings\Settings.exe [2013-09-07] ()

Task: {A4DDC09B-B634-488B-96EC-9E1978CBC92C} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics

Task: {B50D9DBF-5583-4150-B921-7853241D3F8C} - System32\Tasks\SamsungHomeSyncPC => C:\Program Files (x86)\Samsung\HomeSync Lite\RefreshToken.exe [2013-09-25] ()

Task: {BB2486FF-80D4-46F2-87C3-4B043E211716} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-11] (AVAST Software)

Task: {BE26A7A3-AB5F-4E18-B1DB-A95B8E21F4BD} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-09-24] (Realtek Semiconductor)

Task: {C40B0686-E95D-4CB5-B93F-D838C6543690} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)

Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask

Task: {D2E317B7-AF70-4BC5-84F3-15B3ADE61063} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management

Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing

Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization

Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE

Task: {EA727A91-72EB-4FD4-8A08-614A9B0A6035} - System32\Tasks\SettingsHibernateMonitor => C:\Program Files (x86)\Samsung\Settings\SettingsHibernateMonitor.exe [2013-09-07] (Samsung Electronics CO., LTD.)

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2014-03-19 17:09 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll

2013-11-07 10:10 - 2013-09-13 14:08 - 00012800 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll

2013-11-07 10:10 - 2013-11-07 10:10 - 00515584 _____ () C:\Windows\Temp\sqlite-3.7.2-sqlitejdbc.dll

2013-11-07 10:10 - 2013-09-13 14:08 - 01386496 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll

2013-11-07 10:10 - 2013-09-13 14:08 - 01427456 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll

2013-11-07 10:10 - 2013-09-13 14:08 - 01588736 _____ () C:\Program Files\Samsung\Samsung Link\SppAgentSvc.dll

2013-09-10 04:11 - 2013-09-10 04:11 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\64bit\JNIInterface.dll

2013-09-10 04:12 - 2013-09-10 04:12 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\64bit\ASFAPI.dll

2013-09-10 04:14 - 2013-09-10 04:14 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\64bit\MediaDB_Manager.dll

2013-08-23 08:34 - 2013-08-23 08:34 - 00030720 _____ () C:\windows\SYSTEM32\MediaDB64.dll

2013-08-23 08:34 - 2013-08-23 08:34 - 00908800 _____ () C:\windows\SYSTEM32\ContentDirectoryPresenter64.dll

2013-09-10 04:13 - 2013-09-10 04:13 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\64bit\DMS_Manager.dll

2013-07-23 13:19 - 2013-07-23 13:19 - 00049152 _____ () C:\windows\SYSTEM32\boost_date_time-vc90-mt-1_47.dll

2013-07-23 13:19 - 2013-07-23 13:19 - 00016896 _____ () C:\windows\SYSTEM32\boost_system-vc90-mt-1_47.dll

2013-07-23 13:19 - 2013-07-23 13:19 - 00058880 _____ () C:\windows\SYSTEM32\boost_thread-vc90-mt-1_47.dll

2013-07-23 13:19 - 2013-07-23 13:19 - 00299520 _____ () C:\windows\SYSTEM32\boost_serialization-vc90-mt-1_47.dll

2013-11-07 09:49 - 2013-06-06 07:15 - 00288720 _____ () C:\Program Files\Bitcasa\ExplorerMenu.dll

2013-11-07 09:49 - 2013-06-06 07:23 - 01645056 _____ () C:\Program Files\Bitcasa\bitcasaui.dll

2013-09-24 21:04 - 2013-09-24 21:04 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll

2013-09-24 21:01 - 2013-09-24 21:01 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll

2013-09-24 21:08 - 2013-09-24 21:08 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe

2013-11-07 10:10 - 2013-09-13 14:08 - 00043520 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll

2013-10-16 13:15 - 2013-10-16 13:15 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll

2014-07-16 11:43 - 2014-07-16 11:43 - 02793472 _____ () C:\Program Files\AVAST Software\Avast\defs\14071600\algo.dll

2014-08-01 21:24 - 2014-08-01 21:24 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14080101\algo.dll

2013-08-23 08:34 - 2013-08-23 08:34 - 01112576 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\DMSManager.dll

2013-07-23 13:18 - 2013-07-23 13:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\boost_serialization-vc90-mt-1_47.dll

2013-07-23 13:18 - 2013-07-23 13:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\boost_date_time-vc90-mt-1_47.dll

2013-07-23 13:18 - 2013-07-23 13:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\boost_system-vc90-mt-1_47.dll

2013-07-23 13:18 - 2013-07-23 13:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\boost_thread-vc90-mt-1_47.dll

2013-08-23 08:34 - 2013-08-23 08:34 - 00706560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\ContentDirectoryPresenter.dll

2013-08-23 08:34 - 2013-08-23 08:34 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\DCMCDP.dll

2013-08-23 08:34 - 2013-08-23 08:34 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\FolderCDP.dll

2013-07-23 13:30 - 2013-07-23 13:30 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\Autobackup.dll

2013-07-23 13:30 - 2013-07-23 13:30 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\RosettaAllShare.dll

2013-08-23 08:34 - 2013-08-23 08:34 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\MetadataFramework.dll

2013-07-23 13:30 - 2013-07-23 13:30 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\sqlite3.dll

2013-07-23 13:30 - 2013-07-23 13:30 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\MoodExtractor.dll

2013-07-23 13:30 - 2013-07-23 13:30 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\DCMImgExtractor.dll

2013-08-14 02:29 - 2013-08-14 02:29 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AutoChaptering.dll

2013-08-14 02:29 - 2013-08-14 02:29 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AudioExtractor.dll

2013-08-23 08:34 - 2013-08-23 08:34 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\VideoExtractor.dll

2013-08-14 02:29 - 2013-08-14 02:29 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\ImageExtractor.dll

2013-08-14 02:29 - 2013-08-14 02:29 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\TextExtractor.dll

2013-07-23 13:30 - 2013-07-23 13:30 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\libexpat.dll

2013-08-14 02:29 - 2013-08-14 02:29 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\VideoThumb.dll

2013-08-14 02:29 - 2013-08-14 02:29 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\ID3Driver.dll

2013-08-14 02:29 - 2013-08-14 02:29 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\RichInfoDriver.dll

2013-08-14 02:29 - 2013-08-14 02:29 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\ThumbnailMaker.dll

2013-08-23 08:34 - 2013-08-23 08:34 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\VideoMetadataDriver.dll

2013-08-14 02:29 - 2013-08-14 02:29 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\SECMetaDriver.dll

2013-07-23 13:30 - 2013-07-23 13:30 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\photoDriver.dll

2013-07-23 13:30 - 2013-07-23 13:30 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\avcodec-52.dll

2013-07-23 13:30 - 2013-07-23 13:30 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\avformat-52.dll

2013-07-23 13:30 - 2013-07-23 13:30 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\avutil-50.dll

2013-07-23 13:30 - 2013-07-23 13:30 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\swscale-0.dll

2013-07-23 13:30 - 2013-07-23 13:30 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\tag.dll

2013-07-23 13:30 - 2013-07-23 13:30 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\libThumbnail.dll

2013-08-14 02:29 - 2013-08-14 02:29 - 01033216 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\ImageMagickWrapper.dll

2013-08-14 02:29 - 2013-08-14 02:29 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\libKeyFrame.dll

2013-07-23 13:30 - 2013-07-23 13:30 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\libexif-12.dll.dll

2013-07-23 13:30 - 2013-07-23 13:30 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\us.dll

2013-09-07 04:58 - 2013-09-07 04:58 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll

2014-06-11 18:06 - 2014-06-11 18:06 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2014-07-19 23:50 - 2014-07-15 12:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll

2014-07-19 23:50 - 2014-07-15 12:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll

2014-07-19 23:50 - 2014-07-15 12:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll

2014-07-19 23:50 - 2014-07-15 12:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll

2014-07-19 23:50 - 2014-07-15 12:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\Users\Elif\SkyDrive:ms-properties
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 

==================== EXE Association (whitelisted) =============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 

(Currently there is no automatic fix for this section.)
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (08/02/2014 08:26:32 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1" için etkinleştirme içeriği oluşturulamadı. "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" adlı bildirim veya ilke dosyasında C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. satırda hata var.

Uygulama için gereken bir bileşen sürümü halen etkin olan bir başka bileşen sürümüyle çakışıyor.

Çakışan bileşenler:

Bileşen 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Bileşen 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 

Error: (08/02/2014 08:24:42 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: backgroundTaskHost.exe programının 6.3.9600.16384 sürümü, Windows ile birlikte çalışmayı durdurdu ve kapatıldı. Sorun hakkında daha fazla bilgi olup olmadığını görmek için Eylem Merkezi denetim masasında sorunun geçmişini denetleyin.
 

İşlem Kimlik No: a20
 

Başlatma Saati: 01cfae757c0e8fcf
 

Sona Erdirme Saati: 4294967295
 

Uygulama Yolu: C:\windows\system32\backgroundTaskHost.exe
 

Rapor Kimliği: c9330871-1a69-11e4-8271-1867b0ce0415
 

Hatalı paket tam adı: Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nnt
 

Hatalı paketle ilgili uygulama kimliği: App
 

Error: (08/02/2014 08:01:47 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: backgroundTaskHost.exe programının 6.3.9600.16384 sürümü, Windows ile birlikte çalışmayı durdurdu ve kapatıldı. Sorun hakkında daha fazla bilgi olup olmadığını görmek için Eylem Merkezi denetim masasında sorunun geçmişini denetleyin.
 

İşlem Kimlik No: 1c10
 

Başlatma Saati: 01cfae7260654847
 

Sona Erdirme Saati: 4294967295
 

Uygulama Yolu: C:\windows\system32\backgroundTaskHost.exe
 

Rapor Kimliği: ad81665a-1a66-11e4-8271-1867b0ce0415
 

Hatalı paket tam adı: Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nnt
 

Hatalı paketle ilgili uygulama kimliği: App
 

Error: (08/02/2014 07:42:04 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: backgroundTaskHost.exe programının 6.3.9600.16384 sürümü, Windows ile birlikte çalışmayı durdurdu ve kapatıldı. Sorun hakkında daha fazla bilgi olup olmadığını görmek için Eylem Merkezi denetim masasında sorunun geçmişini denetleyin.
 

İşlem Kimlik No: 35e0
 

Başlatma Saati: 01cfae6f066e749c
 

Sona Erdirme Saati: 4294967295
 

Uygulama Yolu: C:\windows\system32\backgroundTaskHost.exe
 

Rapor Kimliği: ec4e4b7f-1a63-11e4-8271-1867b0ce0415
 

Hatalı paket tam adı: Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nnt
 

Hatalı paketle ilgili uygulama kimliği: App
 

Error: (08/01/2014 08:35:23 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: backgroundTaskHost.exe programının 6.3.9600.16384 sürümü, Windows ile birlikte çalışmayı durdurdu ve kapatıldı. Sorun hakkında daha fazla bilgi olup olmadığını görmek için Eylem Merkezi denetim masasında sorunun geçmişini denetleyin.
 

İşlem Kimlik No: 2884
 

Başlatma Saati: 01cfadade448fb05
 

Sona Erdirme Saati: 4294967295
 

Uygulama Yolu: C:\windows\system32\backgroundTaskHost.exe
 

Rapor Kimliği: 35f85292-19a2-11e4-8271-1867b0ce0415
 

Hatalı paket tam adı: Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nnt
 

Hatalı paketle ilgili uygulama kimliği: App
 

Error: (08/01/2014 08:22:40 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: backgroundTaskHost.exe programının 6.3.9600.16384 sürümü, Windows ile birlikte çalışmayı durdurdu ve kapatıldı. Sorun hakkında daha fazla bilgi olup olmadığını görmek için Eylem Merkezi denetim masasında sorunun geçmişini denetleyin.
 

İşlem Kimlik No: 21f8
 

Başlatma Saati: 01cfadac78bfdc86
 

Sona Erdirme Saati: 4294967295
 

Uygulama Yolu: C:\windows\system32\backgroundTaskHost.exe
 

Rapor Kimliği: 6c47578d-19a0-11e4-8271-1867b0ce0415
 

Hatalı paket tam adı: Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nnt
 

Hatalı paketle ilgili uygulama kimliği: App
 

Error: (07/30/2014 09:29:22 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: backgroundTaskHost.exe programının 6.3.9600.16384 sürümü, Windows ile birlikte çalışmayı durdurdu ve kapatıldı. Sorun hakkında daha fazla bilgi olup olmadığını görmek için Eylem Merkezi denetim masasında sorunun geçmişini denetleyin.
 

İşlem Kimlik No: 2434
 

Başlatma Saati: 01cfac2376b9dfa4
 

Sona Erdirme Saati: 4294967295
 

Uygulama Yolu: C:\windows\system32\backgroundTaskHost.exe
 

Rapor Kimliği: 6a8c65cd-1817-11e4-8271-1867b0ce0415
 

Hatalı paket tam adı: Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nnt
 

Hatalı paketle ilgili uygulama kimliği: App
 

Error: (07/30/2014 09:14:07 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: backgroundTaskHost.exe programının 6.3.9600.16384 sürümü, Windows ile birlikte çalışmayı durdurdu ve kapatıldı. Sorun hakkında daha fazla bilgi olup olmadığını görmek için Eylem Merkezi denetim masasında sorunun geçmişini denetleyin.
 

İşlem Kimlik No: 2e4c
 

Başlatma Saati: 01cfac20998ac303
 

Sona Erdirme Saati: 4294967295
 

Uygulama Yolu: C:\windows\system32\backgroundTaskHost.exe
 

Rapor Kimliği: e8b30817-1814-11e4-8271-1867b0ce0415
 

Hatalı paket tam adı: Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nnt
 

Hatalı paketle ilgili uygulama kimliği: App
 

Error: (07/30/2014 04:06:34 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: backgroundTaskHost.exe programının 6.3.9600.16384 sürümü, Windows ile birlikte çalışmayı durdurdu ve kapatıldı. Sorun hakkında daha fazla bilgi olup olmadığını görmek için Eylem Merkezi denetim masasında sorunun geçmişini denetleyin.
 

İşlem Kimlik No: 2bdc
 

Başlatma Saati: 01cfabf605044ee8
 

Sona Erdirme Saati: 4294967295
 

Uygulama Yolu: C:\windows\system32\backgroundTaskHost.exe
 

Rapor Kimliği: 523ea87f-17ea-11e4-8271-1867b0ce0415
 

Hatalı paket tam adı: Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nnt
 

Hatalı paketle ilgili uygulama kimliği: App
 

Error: (07/30/2014 03:40:50 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Facebook.exe programının 0.0.0.1 sürümü, Windows ile birlikte çalışmayı durdurdu ve kapatıldı. Sorun hakkında daha fazla bilgi olup olmadığını görmek için Eylem Merkezi denetim masasında sorunun geçmişini denetleyin.
 

İşlem Kimlik No: 3004
 

Başlatma Saati: 01cfabe70cc49fe2
 

Sona Erdirme Saati: 4294967295
 

Uygulama Yolu: C:\Program Files\WindowsApps\Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nnt\Facebook.exe
 

Rapor Kimliği: ba9edb2a-17e6-11e4-8271-1867b0ce0415
 

Hatalı paket tam adı: Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nnt
 

Hatalı paketle ilgili uygulama kimliği: App
 
 

System errors:

=============

Error: (08/02/2014 01:42:47 AM) (Source: DCOM) (EventID: 10010) (User: ELFYS)

Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 

Error: (08/02/2014 01:42:47 AM) (Source: DCOM) (EventID: 10010) (User: ELFYS)

Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 

Error: (08/01/2014 09:25:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: avast! HardwareID hizmeti şu hata nedeniyle başlatılamadı: 

%%127
 

Error: (08/01/2014 03:54:26 PM) (Source: DCOM) (EventID: 10010) (User: ELFYS)

Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 

Error: (08/01/2014 03:54:26 PM) (Source: DCOM) (EventID: 10010) (User: ELFYS)

Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
 

Error: (08/01/2014 11:07:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: avast! HardwareID hizmeti şu hata nedeniyle başlatılamadı: 

%%127
 

Error: (07/31/2014 01:12:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: avast! HardwareID hizmeti şu hata nedeniyle başlatılamadı: 

%%127
 

Error: (07/30/2014 09:48:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: avast! HardwareID hizmeti şu hata nedeniyle başlatılamadı: 

%%127
 

Error: (07/29/2014 11:03:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: avast! HardwareID hizmeti şu hata nedeniyle başlatılamadı: 

%%127
 

Error: (07/29/2014 11:49:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: avast! HardwareID hizmeti şu hata nedeniyle başlatılamadı: 

%%127
 
 

Microsoft Office Sessions:

=========================

Error: (08/02/2014 08:26:32 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Elif\Downloads\SoftonicDownloader_for_auto-movie-creator.exe
 

Error: (08/02/2014 08:24:42 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: backgroundTaskHost.exe6.3.9600.16384a2001cfae757c0e8fcf4294967295C:\windows\system32\backgroundTaskHost.exec9330871-1a69-11e4-8271-1867b0ce0415Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nntApp
 

Error: (08/02/2014 08:01:47 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: backgroundTaskHost.exe6.3.9600.163841c1001cfae72606548474294967295C:\windows\system32\backgroundTaskHost.exead81665a-1a66-11e4-8271-1867b0ce0415Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nntApp
 

Error: (08/02/2014 07:42:04 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: backgroundTaskHost.exe6.3.9600.1638435e001cfae6f066e749c4294967295C:\windows\system32\backgroundTaskHost.exeec4e4b7f-1a63-11e4-8271-1867b0ce0415Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nntApp
 

Error: (08/01/2014 08:35:23 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: backgroundTaskHost.exe6.3.9600.16384288401cfadade448fb054294967295C:\windows\system32\backgroundTaskHost.exe35f85292-19a2-11e4-8271-1867b0ce0415Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nntApp
 

Error: (08/01/2014 08:22:40 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: backgroundTaskHost.exe6.3.9600.1638421f801cfadac78bfdc864294967295C:\windows\system32\backgroundTaskHost.exe6c47578d-19a0-11e4-8271-1867b0ce0415Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nntApp
 

Error: (07/30/2014 09:29:22 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: backgroundTaskHost.exe6.3.9600.16384243401cfac2376b9dfa44294967295C:\windows\system32\backgroundTaskHost.exe6a8c65cd-1817-11e4-8271-1867b0ce0415Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nntApp
 

Error: (07/30/2014 09:14:07 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: backgroundTaskHost.exe6.3.9600.163842e4c01cfac20998ac3034294967295C:\windows\system32\backgroundTaskHost.exee8b30817-1814-11e4-8271-1867b0ce0415Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nntApp
 

Error: (07/30/2014 04:06:34 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: backgroundTaskHost.exe6.3.9600.163842bdc01cfabf605044ee84294967295C:\windows\system32\backgroundTaskHost.exe523ea87f-17ea-11e4-8271-1867b0ce0415Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nntApp
 

Error: (07/30/2014 03:40:50 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Facebook.exe0.0.0.1300401cfabe70cc49fe24294967295C:\Program Files\WindowsApps\Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nnt\Facebook.exeba9edb2a-17e6-11e4-8271-1867b0ce0415Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nntApp
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 32%

Total physical RAM: 3526.83 MB

Available physical RAM: 2373.63 MB

Total Pagefile: 4614.83 MB

Available Pagefile: 2332.26 MB

Total Virtual: 131072 MB

Available Virtual: 131071.8 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:102.78 GB) (Free:52.86 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 119 GB) (Disk ID: ABD9D47E)
 

Partition: GPT Partition Type.
 

==================== End Of Log ============================

Wow vielen lieben Dank!:daumenhoc

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlauf Datum: 2.8.2014

Suchlauf-Zeit: 21:45:53

Logdatei: mbam.txt

Administrator: Ja
 

Version: 2.00.2.1012

Malware Datenbank: v2014.08.02.04

Rootkit Datenbank: v2014.08.01.01

Lizenz: Kostenlos

Malware Schutz: Deaktiviert

Bösartiger Webseiten Schutz: Deaktiviert

Self-protection: Deaktiviert
 

Betriebssystem: Windows 8.1

CPU: x64

Dateisystem: NTFS

Benutzer: Elif
 

Suchlauf-Art: Bedrohungs-Suchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 301935

Verstrichene Zeit: 38 Min, 16 Sek
 

Speicher: Aktiviert

Autostart: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Deaktiviert

Heuristics: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 1

PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, 1424, Löschen bei Neustart, [814bfec38eed6cca9150273809f87789]
 

Module: 1

PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, Löschen bei Neustart, [5b7111b08deebe78af8ec3cc8f722ed2], 
 

Registrierungsschlüssel: 4

PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, In Quarantäne, [814bfec38eed6cca9150273809f87789], 

PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, In Quarantäne, [ab219c25d6a5be7813a479b8bf459c64], 

PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, In Quarantäne, [b616d9e8ec8f59dd839a6fb7768e10f0], 

PUP.Optional.Softonic.A, HKU\S-1-5-21-2179528533-2916032355-2825890867-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [f4d86859b4c7f3431c64a04aa35f669a], 
 

Registrierungswerte: 0

(No malicious items detected)
 

Registrierungsdaten: 4

PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1405150001&from=sof&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD896749&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1405150001&from=sof&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD896749&q={searchTerms}),Ersetzt,[f9d3526f97e46accf79be0de34d022de]

PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1405150001&from=sof&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD896749&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1405150001&from=sof&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD896749&q={searchTerms}),Ersetzt,[14b87b46aad14aecdb95ebc87e867e82]

PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1405150001&from=sof&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD896749&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1405150001&from=sof&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD896749&q={searchTerms}),Ersetzt,[ca026f52e39864d2bdd5714d1fe5b54b]

PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1405150001&from=sof&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD896749&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1405150001&from=sof&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD896749&q={searchTerms}),Ersetzt,[c10b01c0750640f67ff1c4ef9f6514ec]
 

Ordner: 6

PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, Löschen bei Neustart, [bf0daf12b1caa98da5b1c8fb4eb48080], 

PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, In Quarantäne, [bf0daf12b1caa98da5b1c8fb4eb48080], 

PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, In Quarantäne, [c309f3ce0a711a1c9f2bebda32d0be42], 

PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, In Quarantäne, [c309f3ce0a711a1c9f2bebda32d0be42], 

PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [c309f3ce0a711a1c9f2bebda32d0be42], 

PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, Löschen bei Neustart, [5379843da4d7fd398d6418b3748efd03], 
 

Dateien: 11

PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, Löschen bei Neustart, [814bfec38eed6cca9150273809f87789], 

PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, Löschen bei Neustart, [5b7111b08deebe78af8ec3cc8f722ed2], 

PUP.Optional.OptimumInstaller.A, C:\$Recycle.Bin\S-1-5-21-2179528533-2916032355-2825890867-1001\$RAJ0DMB.exe, In Quarantäne, [00cc10b188f362d483ba2334e9186d93], 

PUP.Optional.Downloader, C:\$Recycle.Bin\S-1-5-21-2179528533-2916032355-2825890867-1001\$RMBLWND.exe, In Quarantäne, [11bb9829bcbfad8921f9d9da0afa6e92], 

Trojan.ELEX, C:\$Recycle.Bin\S-1-5-21-2179528533-2916032355-2825890867-1001\$RMWR2D2.exe, In Quarantäne, [54785a677cff88aed9a084cdfd04f60a], 

PUP.Optional.Softonic.A, C:\Users\Elif\Downloads\SoftonicDownloader_for_auto-movie-creator.exe, In Quarantäne, [5c700ab73546c76f138eaa7f28d9d32d], 

PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, In Quarantäne, [bf0daf12b1caa98da5b1c8fb4eb48080], 

PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-07-12[10-27-01-855].log, In Quarantäne, [c309f3ce0a711a1c9f2bebda32d0be42], 

PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, In Quarantäne, [c309f3ce0a711a1c9f2bebda32d0be42], 

PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, In Quarantäne, [5379843da4d7fd398d6418b3748efd03], 

PUP.Optional.SweetPage.A, C:\Users\Elif\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (      "startup_urls": [ "hxxp://www.sweet-page.com/?type=hp&ts=1405150001&from=sof&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD896749" ],), Ersetzt,[5874b011e39854e25a02f0ff996be31d]
 

Physische Sektoren: 0

(No malicious items detected)
 
 

(end)

Code:

# AdwCleaner v3.302 - Rapor olusturuldu 02/08/2014 tarihinde 22:44:11

# Guncellendi 30/07/2014 tarafindan Xplode

# Isletim sistemi : Windows 8.1 Single Language  (64 bits)

# Kullanici adi : Elif - ELFYS

# Adwcleaner konumu : C:\Users\Elif\Downloads\adwcleaner_3.302.exe

# Tarama turu : Temizle
 

***** [ Servisler ] *****
 
 

***** [ Dosyalar / Klasorler ] *****
 
 

***** [ Görevler ] *****
 
 

***** [ Kisayollar ] *****
 
 

***** [ Registry ] *****
 

Registry Key Silindi : HKLM\SOFTWARE\Classes\AppID\secman.DLL

Registry Key Silindi : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager

Registry Key Silindi : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1

Registry Key Silindi : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices

Registry Key Silindi : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect

Registry Key Silindi : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

Registry Key Silindi : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Registry Key Silindi : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

Registry Key Silindi : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Registry Key Silindi : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

Registry Key Silindi : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

Registry Key Silindi : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Registry Key Silindi : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

Registry Key Silindi : HKCU\Software\Softonic

Registry Key Silindi : HKLM\Software\SupDp

Registry Key Silindi : HKLM\Software\SupTab

Registry Key Silindi : HKLM\Software\supWPM

Data Silindi : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL

Data Silindi : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL
 

***** [ Tarayicilar ] *****
 

-\\ Internet Explorer v11.0.9600.17126
 
 

-\\ Google Chrome v36.0.1985.125
 

[ Dosya : C:\Users\Elif\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 

Silindi [Startup_urls] : hxxp://www.sweet-page.com/?type=hp&ts=1405150001&from=sof&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD896749
 

*************************
 

AdwCleaner[R0].txt - [2628 octets] - [02/08/2014 22:31:40]

AdwCleaner[S0].txt - [2486 octets] - [02/08/2014 22:44:11]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2546 octets] ##########

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 8.1 Single Language x64

Ran by Elif on Cmt 02.08.2014 at 23:11:37,36

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 
 
 

~~~ Files
 
 
 

~~~ Folders
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Cmt 02.08.2014 at 23:46:18,75

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014

Ran by Elif (administrator) on ELFYS on 02-08-2014 23:47:13

Running from C:\Users\Elif\Desktop

Platform: Windows 8.1 Single Language (X64) OS Language: Türkçe (Türkiye)

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkManagerDMS.exe

(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkDMS.exe

(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe

(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe

(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe

(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsCmdServer.exe

(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsEventHandler.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe

(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894152 2013-09-13] (ELAN Microelectronics Corp.)

HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [3965904 2013-06-06] ()

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)

HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [597576 2013-09-13] (Copyright 2013 SAMSUNG)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-05] (AVAST Software)

HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-24] ( (Atheros Communications))

HKU\S-1-5-21-2179528533-2916032355-2825890867-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.)

HKU\S-1-5-21-2179528533-2916032355-2825890867-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)

HKU\S-1-5-21-2179528533-2916032355-2825890867-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-2179528533-2916032355-2825890867-1001\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-21-2179528533-2916032355-2825890867-1001\...\Policies\Explorer: [HideClock] 0

HKU\S-1-5-21-2179528533-2916032355-2825890867-1001\...\Policies\Explorer: [NoFind] 0

HKU\S-1-5-21-2179528533-2916032355-2825890867-1001\...\Policies\Explorer: [NoViewContextMenu] 0

Startup: C:\Users\Elif\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitör Mürekkep Uyarıları - HP Officejet Pro 8600 (Ağ).lnk

ShortcutTarget: Monitör Mürekkep Uyarıları - HP Officejet Pro 8600 (Ağ).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)

ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

ShellIconOverlayIdentifiers: 1EldosIconOverlay -> {BC88FC36-2BAA-40F3-B991-F2D426C8177E} => C:\windows\SYSTEM32\CbFsMntNtf3.dll (EldoS Corporation)

ShellIconOverlayIdentifiers: BitcasaIconOverlay -> {A6975448-A999-49BB-B3E4-7730CF6A82C0} => C:\Program Files\Bitcasa\ExplorerMenu.dll ()

ShellIconOverlayIdentifiers: BitcasaProgressOverlay -> {6FB8D52A-0064-45B2-B687-F596FEAD09C2} => C:\Program Files\Bitcasa\ExplorerMenu.dll ()

ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers-x32: 1EldosIconOverlay -> {BC88FC36-2BAA-40F3-B991-F2D426C8177E} => C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)

ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKLM - {3C25E81E-06C6-4B6A-9D9A-85D0984D1E7F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=SMJB

SearchScopes: HKLM-x32 - {3C25E81E-06C6-4B6A-9D9A-85D0984D1E7F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=SMJB

SearchScopes: HKCU - {3C25E81E-06C6-4B6A-9D9A-85D0984D1E7F} URL = 

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
 

FireFox:

========

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
 

Chrome: 

=======

CHR HomePage: https://www.google.com.tr/

CHR StartupUrls: "hxxp://www.sweet-page.com/?type=hp&ts=1405150001&from=sof&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD896749"

CHR Extension: (ZenMate) - C:\Users\Elif\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-04-07]

CHR Extension: (avast! Online Security) - C:\Users\Elif\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-12]

CHR Extension: (Google Cüzdan) - C:\Users\Elif\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-16]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-11]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated)

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkManagerDMS.exe [404360 2013-09-10] (Samsung) [File not signed]

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-24] (Windows (R) Win 7 DDK provider)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-11] (AVAST Software)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)

R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100104 2013-09-06] (ELAN Microelectronics Corp.)

R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [605768 2013-09-13] (Copyright 2013 SAMSUNG)

R2 Settings Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe [1592712 2013-09-07] (Samsung Electronics CO., LTD.) [File not signed]

R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-24] (Atheros) [File not signed]
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-11] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-11] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-11] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-11] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-11] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-11] (AVAST Software)

S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-11] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-11] ()

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)

S3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [223432 2013-09-24] (Qualcomm Atheros)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-24] (Qualcomm Atheros)

S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)

R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352448 2013-02-11] (EldoS Corporation)

S3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [22832 2013-07-24] (ELAN Microelectronic Corp.)

S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-02] (Malwarebytes Corporation)

R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)

R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)

S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr))

S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr))

S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [67864 2013-06-21] (DEVGURU Co., LTD.)

S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr))

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

S3 SBIOSIO; \??\C:\Windows\Temp\SBIOSIO64.SYS [X]

U0 sr; 

S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-08-02 23:46 - 2014-08-02 23:46 - 00000637 _____ () C:\Users\Elif\Desktop\JRT.txt

2014-08-02 23:11 - 2014-08-02 23:11 - 01016261 _____ (Thisisu) C:\Users\Elif\Downloads\JRT.exe

2014-08-02 23:11 - 2014-08-02 23:11 - 00000000 ____D () C:\windows\ERUNT

2014-08-02 23:09 - 2014-08-02 23:09 - 00002638 _____ () C:\Users\Elif\Desktop\AdwCleaner[S0].txt

2014-08-02 22:41 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll

2014-08-02 22:29 - 2014-08-02 22:29 - 00005942 _____ () C:\Users\Elif\Desktop\mbam.txt

2014-08-02 22:00 - 2014-08-02 22:44 - 00000000 ____D () C:\AdwCleaner

2014-08-02 22:00 - 2014-08-02 22:00 - 01361309 _____ () C:\Users\Elif\Downloads\adwcleaner_3.302.exe

2014-08-02 21:44 - 2014-08-02 22:28 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2014-08-02 21:44 - 2014-08-02 21:44 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-08-02 21:44 - 2014-08-02 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-08-02 21:44 - 2014-08-02 21:44 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-02 21:44 - 2014-08-02 21:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-08-02 21:44 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys

2014-08-02 21:44 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys

2014-08-02 21:44 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys

2014-08-02 21:41 - 2014-08-02 21:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elif\Downloads\mbam-setup-2.0.2.1012.exe

2014-08-02 20:33 - 2014-08-02 20:35 - 00041601 _____ () C:\Users\Elif\Desktop\Addition.txt

2014-08-02 20:29 - 2014-08-02 23:47 - 00017231 _____ () C:\Users\Elif\Desktop\FRST.txt

2014-08-02 20:27 - 2014-08-02 23:47 - 00000000 ____D () C:\FRST

2014-08-02 20:25 - 2014-08-02 20:25 - 02094080 _____ (Farbar) C:\Users\Elif\Desktop\FRST64.exe

2014-08-02 20:21 - 2014-08-02 20:21 - 00000017 _____ () C:\Users\Elif\AppData\Local\resmon.resmoncfg

2014-07-23 23:02 - 2014-07-24 02:40 - 00011937 _____ () C:\Users\Elif\Desktop\ağustos.xlsx

2014-07-23 22:39 - 2014-07-23 22:39 - 00017121 _____ () C:\Users\Elif\Downloads\3 aylar-2.xlsx

2014-07-14 18:08 - 2014-07-14 22:43 - 00000000 ____D () C:\Users\Elif\Desktop\yeni

2014-07-14 18:06 - 2014-07-13 17:55 - 205823509 ____N () C:\Users\Elif\Desktop\IMG_2949.MOV

2014-07-14 18:05 - 2014-07-13 10:24 - 1378387347 ____N () C:\Users\Elif\Desktop\IMG_2947.MOV

2014-07-14 18:04 - 2014-07-14 09:00 - 17261035 ____N () C:\Users\Elif\Desktop\IMG_2951.MOV

2014-07-14 18:04 - 2014-07-07 09:42 - 47867573 ____N () C:\Users\Elif\Desktop\IMG_2910.MOV

2014-07-12 10:26 - 2014-07-12 10:26 - 00000000 ____D () C:\windows\XSxS

2014-07-12 10:22 - 2014-07-12 10:22 - 20001392 _____ (DeskShare ) C:\Users\Elif\Desktop\amc.exe

2014-07-10 10:30 - 2014-06-26 23:55 - 00703968 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe

2014-07-10 10:30 - 2014-06-26 23:55 - 00105440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-09 19:02 - 2014-04-14 06:29 - 01018880 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll

2014-07-09 15:22 - 2014-06-17 01:26 - 00779264 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe

2014-07-09 15:22 - 2014-06-17 01:24 - 00834048 _____ (Microsoft Corporation) C:\windows\system32\osk.exe

2014-07-09 15:22 - 2014-06-06 17:20 - 04190720 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

2014-07-09 15:22 - 2014-05-30 06:03 - 00563200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys

2014-07-09 15:22 - 2014-05-29 15:02 - 00565576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys

2014-07-09 15:22 - 2014-05-29 10:55 - 00735232 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll

2014-07-09 15:22 - 2014-05-29 09:40 - 00735232 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll

2014-07-09 15:22 - 2014-05-29 09:37 - 00436224 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll

2014-07-09 15:22 - 2014-05-29 08:34 - 00318976 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll

2014-07-09 15:22 - 2014-05-29 08:27 - 01417216 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll

2014-07-09 15:21 - 2014-06-19 04:39 - 23464448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-07-09 15:21 - 2014-06-19 03:16 - 17276416 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-07-09 15:21 - 2014-06-19 02:51 - 05721088 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-07-09 15:21 - 2014-06-19 02:46 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll

2014-07-09 15:21 - 2014-06-19 01:57 - 00225280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll

2014-07-09 15:20 - 2014-06-19 03:48 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-07-09 15:20 - 2014-06-19 03:09 - 00452608 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll

2014-07-09 15:20 - 2014-06-19 02:50 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll

2014-07-09 15:20 - 2014-06-19 02:48 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll

2014-07-09 15:20 - 2014-06-19 02:39 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-07-09 15:20 - 2014-06-19 02:33 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-07-09 15:20 - 2014-06-19 02:32 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-07-09 15:20 - 2014-06-19 02:27 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-07-09 15:20 - 2014-06-19 02:12 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll

2014-07-09 15:20 - 2014-06-19 01:59 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll

2014-07-09 15:20 - 2014-06-19 01:58 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-07-09 15:20 - 2014-06-19 01:58 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll

2014-07-09 15:20 - 2014-06-19 01:52 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-07-09 15:20 - 2014-06-19 01:51 - 13527040 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-07-09 15:20 - 2014-06-19 01:49 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-07-09 15:20 - 2014-06-19 01:45 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-07-09 15:20 - 2014-06-19 01:35 - 11742208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-07-09 15:20 - 2014-06-19 01:34 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-07-09 15:20 - 2014-06-19 01:15 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-07-09 15:20 - 2014-06-19 01:13 - 01791488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-07-09 15:20 - 2014-06-19 01:09 - 01139200 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-07-09 15:20 - 2014-06-19 01:07 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-07-09 15:20 - 2014-06-06 16:04 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll

2014-07-09 15:20 - 2014-06-06 15:18 - 00488960 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll

2014-07-09 15:20 - 2014-05-31 13:07 - 00054776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe

2014-07-09 15:20 - 2014-05-31 13:06 - 00555736 _____ (Microsoft Corporation) C:\windows\system32\twinapi.appcore.dll

2014-07-09 15:20 - 2014-05-31 06:40 - 13287936 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll

2014-07-09 15:20 - 2014-05-31 06:30 - 11792384 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll

2014-07-09 15:20 - 2014-05-31 06:12 - 00249344 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-09 15:20 - 2014-05-31 06:06 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll

2014-07-09 15:20 - 2014-05-31 06:03 - 00827392 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll

2014-07-09 15:20 - 2014-05-31 06:01 - 00189952 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-07-09 15:20 - 2014-05-31 05:56 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll

2014-07-09 15:20 - 2014-05-31 05:54 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll

2014-07-09 15:20 - 2014-05-31 05:48 - 03463680 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll

2014-07-09 15:20 - 2014-05-31 05:37 - 01054208 _____ (Microsoft Corporation) C:\windows\system32\twinui.appcore.dll

2014-07-09 15:20 - 2014-05-31 05:36 - 00923136 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll

2014-07-09 15:20 - 2014-05-31 05:35 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.appcore.dll

2014-07-09 15:20 - 2014-05-31 05:32 - 00756224 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll

2014-07-09 15:14 - 2014-07-09 15:14 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\WSReset.exe
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-08-02 23:47 - 2014-08-02 20:29 - 00017231 _____ () C:\Users\Elif\Desktop\FRST.txt

2014-08-02 23:47 - 2014-08-02 20:27 - 00000000 ____D () C:\FRST

2014-08-02 23:46 - 2014-08-02 23:46 - 00000637 _____ () C:\Users\Elif\Desktop\JRT.txt

2014-08-02 23:46 - 2014-03-16 20:09 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2179528533-2916032355-2825890867-1001

2014-08-02 23:41 - 2014-03-16 20:20 - 00002199 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-08-02 23:41 - 2014-03-16 20:19 - 00001028 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-02 23:41 - 2014-03-16 20:19 - 00001024 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-02 23:11 - 2014-08-02 23:11 - 01016261 _____ (Thisisu) C:\Users\Elif\Downloads\JRT.exe

2014-08-02 23:11 - 2014-08-02 23:11 - 00000000 ____D () C:\windows\ERUNT

2014-08-02 23:10 - 2013-11-07 10:13 - 00000000 ____D () C:\ProgramData\WinClon

2014-08-02 23:09 - 2014-08-02 23:09 - 00002638 _____ () C:\Users\Elif\Desktop\AdwCleaner[S0].txt

2014-08-02 23:08 - 2014-05-01 09:06 - 00000000 ____D () C:\Users\Elif\Tracing

2014-08-02 23:08 - 2014-03-31 17:42 - 00000000 ____D () C:\Users\Elif\AppData\Roaming\Skype

2014-08-02 23:07 - 2014-03-16 20:07 - 00000000 __RDO () C:\Users\Elif\SkyDrive

2014-08-02 23:00 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\system32\sru

2014-08-02 22:49 - 2013-11-08 03:07 - 00724080 _____ () C:\windows\system32\perfh01F.dat

2014-08-02 22:49 - 2013-11-08 03:07 - 00150108 _____ () C:\windows\system32\perfc01F.dat

2014-08-02 22:49 - 2013-08-27 07:56 - 01728544 _____ () C:\windows\system32\PerfStringBackup.INI

2014-08-02 22:45 - 2013-08-27 07:50 - 00786356 _____ () C:\windows\PFRO.log

2014-08-02 22:45 - 2013-08-22 17:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT

2014-08-02 22:44 - 2014-08-02 22:00 - 00000000 ____D () C:\AdwCleaner

2014-08-02 22:44 - 2013-08-22 16:25 - 00262144 ___SH () C:\windows\system32\config\BBI

2014-08-02 22:43 - 2014-03-16 20:08 - 00003940 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{2C40B357-8E27-44D9-B4BB-290DC93F171D}

2014-08-02 22:29 - 2014-08-02 22:29 - 00005942 _____ () C:\Users\Elif\Desktop\mbam.txt

2014-08-02 22:28 - 2014-08-02 21:44 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2014-08-02 22:00 - 2014-08-02 22:00 - 01361309 _____ () C:\Users\Elif\Downloads\adwcleaner_3.302.exe

2014-08-02 21:44 - 2014-08-02 21:44 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-08-02 21:44 - 2014-08-02 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-08-02 21:44 - 2014-08-02 21:44 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-02 21:44 - 2014-08-02 21:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-08-02 21:42 - 2014-08-02 21:41 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elif\Downloads\mbam-setup-2.0.2.1012.exe

2014-08-02 21:14 - 2014-03-16 19:58 - 01738556 _____ () C:\windows\WindowsUpdate.log

2014-08-02 20:35 - 2014-08-02 20:33 - 00041601 _____ () C:\Users\Elif\Desktop\Addition.txt

2014-08-02 20:26 - 2014-03-31 00:09 - 00353792 ___SH () C:\Users\Elif\Downloads\Thumbs.db

2014-08-02 20:25 - 2014-08-02 20:25 - 02094080 _____ (Farbar) C:\Users\Elif\Desktop\FRST64.exe

2014-08-02 20:21 - 2014-08-02 20:21 - 00000017 _____ () C:\Users\Elif\AppData\Local\resmon.resmoncfg

2014-08-02 15:34 - 2013-11-07 09:42 - 00065536 _____ () C:\windows\system32\spu_storage.bin

2014-08-01 19:42 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\AppReadiness

2014-07-29 23:58 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\LiveKernelReports

2014-07-27 10:41 - 2014-03-26 11:06 - 01130496 ___SH () C:\Users\Elif\Desktop\Thumbs.db

2014-07-24 02:40 - 2014-07-23 23:02 - 00011937 _____ () C:\Users\Elif\Desktop\ağustos.xlsx

2014-07-23 22:40 - 2014-03-16 20:03 - 00000000 ____D () C:\Users\Elif\AppData\Local\Packages

2014-07-23 22:39 - 2014-07-23 22:39 - 00017121 _____ () C:\Users\Elif\Downloads\3 aylar-2.xlsx

2014-07-18 10:54 - 2014-03-26 21:14 - 00005040 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ELFYS-Elif Elfys

2014-07-17 14:28 - 2014-03-16 20:02 - 00000000 ____D () C:\Users\Elif

2014-07-16 11:43 - 2014-06-11 18:08 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update

2014-07-14 22:43 - 2014-07-14 18:08 - 00000000 ____D () C:\Users\Elif\Desktop\yeni

2014-07-14 18:20 - 2014-03-19 23:35 - 00000000 ____D () C:\Users\Elif\AppData\Local\CrashDumps

2014-07-14 09:00 - 2014-07-14 18:04 - 17261035 ____N () C:\Users\Elif\Desktop\IMG_2951.MOV

2014-07-13 17:55 - 2014-07-14 18:06 - 205823509 ____N () C:\Users\Elif\Desktop\IMG_2949.MOV

2014-07-13 10:24 - 2014-07-14 18:05 - 1378387347 ____N () C:\Users\Elif\Desktop\IMG_2947.MOV

2014-07-12 10:26 - 2014-07-12 10:26 - 00000000 ____D () C:\windows\XSxS

2014-07-12 10:22 - 2014-07-12 10:22 - 20001392 _____ (DeskShare ) C:\Users\Elif\Desktop\amc.exe

2014-07-11 23:48 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\rescache

2014-07-10 10:30 - 2013-08-22 17:44 - 03487240 _____ () C:\windows\system32\FNTCACHE.DAT

2014-07-10 02:43 - 2013-08-22 18:36 - 00000000 ___RD () C:\windows\ToastData

2014-07-10 02:43 - 2013-08-22 18:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-07-10 02:43 - 2013-08-22 18:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-07-10 02:43 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\WinStore

2014-07-10 02:43 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\SysWOW64\tr-TR

2014-07-10 02:43 - 2013-08-22 18:36 - 00000000 ____D () C:\windows\system32\tr-TR

2014-07-09 19:12 - 2013-08-22 18:20 - 00000000 ____D () C:\windows\CbsTemp

2014-07-09 19:10 - 2014-03-19 18:00 - 00000000 ____D () C:\windows\system32\MRT

2014-07-09 19:05 - 2014-03-19 17:59 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

2014-07-09 19:05 - 2013-08-22 16:25 - 00262144 ___SH () C:\windows\system32\config\ELAM

2014-07-09 19:01 - 2013-08-22 22:12 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-09 15:14 - 2014-07-09 15:14 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\WSReset.exe

2014-07-08 21:44 - 2014-03-16 20:11 - 00000000 ____D () C:\Program Files\Microsoft Office 15

2014-07-07 09:42 - 2014-07-14 18:04 - 47867573 ____N () C:\Users\Elif\Desktop\IMG_2910.MOV
 

Files to move or delete:

====================

C:\ProgramData\MakeMarkerFile.exe

C:\Users\EasySurvey\EasySurvey.exe
 
 

Some content of TEMP:

====================

C:\Users\Elif\AppData\Local\Temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-07-25 22:36
 

==================== End Of Log ============================

--- --- ---