Additional scan result of Farbar Recovery Scan Tool (x86) Version:21-05-2016
Ran by Administrator (2016-05-21 23:53:40)
Running from C:\Documents and Settings\Administrator\Belgelerim\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) (2014-01-02 14:53:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2052111302-823518204-1801674531-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-2052111302-823518204-1801674531-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-2052111302-823518204-1801674531-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-2052111302-823518204-1801674531-1002 - Limited - Disabled)
UpdatusUser (S-1-5-21-2052111302-823518204-1801674531-1003 - Limited - Enabled) => %SystemDrive%\Documents and Settings\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: 电脑管家系统防护 (Disabled - Up to date) {9AAC524A-BF34-49b0-91D2-71838CBB8110}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Office sistemi için Uyumluluk Paketi (HKLM\...\{90120000-0020-041F-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Reader XI - Turkish (HKLM\...\{AC76BA86-7AD7-1055-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
ComboMax (HKLM\...\{F15018CE-6B90-401E-B7D2-129D71B3A23B}) (Version: 1.00.0000 - Elkotek Mühendislik)
Depolama için Windows Özellik Paketi (32-bit) - Blu-Ray için IMAPI güncelleştirmesi (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
DoubleOptMedia (HKLM\...\DoubleOptMedia11.041.44) (Version: 11.041.44 - M/s Children Code)
EXARadyo 3.2 (HKLM\...\{1303A808-A806-42A4-BCCE-DB7643C66B5E}_is1) (Version: 3.2 - Terkon Teknoloji)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
GOM Player (HKLM\...\GOM Player) (Version: 2.1.40.5106 - Gretech Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
K-Lite Mega Codec Pack 9.6.0 (HKLM\...\KLiteCodecPack_is1) (Version: 9.6.0 - )
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - TRK (HKLM\...\{5A7C66A5-75B0-35AE-B5A7-4E60E491A061}) (Version: 2.1.21022 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - TRK (HKLM\...\{91A2B143-B71C-39CD-8E3F-C01205D87E71}) (Version: 3.1.21022 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 Dil Paketi - TRK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack - trk) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{9011041F-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.5 (HKLM\...\Wudf01005) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 tr) (HKLM\...\Mozilla Firefox 46.0.1 (x86 tr)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 46.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
Nero Lite 12.0.28001 TR [SilentAll Team] (HKLM\...\Nero) (Version: - By Progressive)
Nokia Connectivity Cable Driver (HKLM\...\{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625}) (Version: 7.1.8.0 - Nokia)
Nokia Flashing Cable Driver (HKLM\...\{A4E0CA0F-1903-440A-9B98-FEA6CB049999}) (Version: 8.6.0.2 - Nokia)
NVIDIA Grafik Sürücüsü 285.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.58 - NVIDIA Corporation)
NVIDIA Güncelleştirmeleri 1.5.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.5.20 - NVIDIA Corporation)
NVIDIA HD Ses Sürücüsü 1.2.24.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.24.0 - NVIDIA Corporation)
NVIDIA NView 135.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 135.95 - NVIDIA Corporation)
NVIDIA PhysX Sistem Yazılımı 9.11.0621 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.0621 - NVIDIA Corporation)
PC Connectivity Solution (HKLM\...\{D848D140-41C3-4A53-86D8-E866A100B4CD}) (Version: 8.47.6.0 - Nokia)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6299 - Realtek Semiconductor Corp.)
Rich Media View (HKLM\...\RichMediaViewV1release326) (Version: 1.1 - Rich Media View) <==== ATTENTION
Shopping Helper Smartbar (HKLM\...\{16F8A832-DD84-4271-8B76-ACADE6DB3968}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKU\S-1-5-21-2052111302-823518204-1801674531-500\...\{70447b4c-9195-41b7-9c37-97740959c441}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ATTENTION
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.7 Beta - Nullsoft, Inc)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
Windows Media Player (KB2834904-v2) için Güvenlik Güncelleştirmesi (HKLM\...\KB2834904-v2_WM11) (Version: - Microsoft Corporation)
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Rights Management İstemcisi Service Pack 2 (HKLM\...\{86876616-94D7-478E-B703-18D1A7A06D5A}) (Version: 5.2.95 - Microsoft)
Windows Sürücü Paketi - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows XP için Düzeltme (KB969084) (HKLM\...\KB969084) (Version: 3 - Microsoft Corporation)
Windows XP için Güncelleştirme (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Windows XP için Güncelleştirme (KB2813347-v2) (HKLM\...\KB2813347-v2) (Version: 2 - Microsoft Corporation)
Windows XP için Güncelleştirme (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Windows XP için Güncelleştirme (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2483614) (HKLM\...\KB2483614) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2884256) (HKLM\...\KB2884256) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Windows XP için Güvenlik Güncelleştirmesi (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{0109A629-F4BB-421B-AEFB-B2568F098A71}\InprocServer32 -> C:\WINDOWS\system32\invScrollBox.dll (invite Yazılım ve Donanım Ltd.)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{0F3C31C6-4661-4756-8F76-4F5985578458}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{1202FCFB-746E-4ABE-871F-9CFCD040ABE6}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{1BA9AD48-F36A-4E64-8160-0841447F43B3}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{2A2FDDA2-4818-4102-926D-0DE199E920A2}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{3835A722-CF03-411A-9CAA-9B2650591FFF}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{47AC62CB-41A3-49AA-B116-4C538C16A2D9}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{49E2B098-5F6F-4241-BAEA-553DEA042C21}\InprocServer32 -> C:\WINDOWS\system32\invSubClassing.dll (invite Software and Hardware)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{550BD384-4927-43FD-A43D-6AE8FC8E8360}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{55D9737F-82A6-4DC4-AFF7-43987CD97332}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{6B31BB81-6A1D-48A7-865C-FDC1D3F487F8}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{6B6ADD0E-6275-43B3-B66F-46DC5B7EB431}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{6B7CEB65-1E79-4CFF-9274-D836CAB69780}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{7825E3E4-9104-4050-A867-FB736164AA94}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{814B0FEB-DE08-44EF-89AC-CCE6D1DE40DF}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{87E83CA8-CE1D-473D-AD94-B752D9DE114F}\InprocServer32 -> C:\WINDOWS\system32\invSubClassing.dll (invite Software and Hardware)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{8F264AF2-5930-4CD3-9638-37F3766B361E}\InprocServer32 -> C:\WINDOWS\system32\invSystray.dll (invite Software and Hardware)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C27CCE32-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C27CCE33-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C27CCE35-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C27CCE36-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C27CCE37-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C27CCE38-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C27CCE39-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C27CCE3A-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C27CCE3B-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C27CCE3C-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C27CCE3D-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C27CCE3E-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C27CCE3F-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C27CCE40-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C27CCE41-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C27CCE42-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{CF55729D-9EF7-45C5-AA81-73A7D85F2DCF}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{D7820605-BEE4-4E17-80CB-D2B1A3379EDD}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{D9FB9F7C-8654-4AC6-8CD2-BD3C884D2A36}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{DC9EDB2F-DE3A-4E5D-B519-0F79E34F0312}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{E60DB814-F8C3-44C4-AC87-EDA82D34926A}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2052111302-823518204-1801674531-500_Classes\CLSID\{FCF224DD-7F96-4191-8CDD-8D8EA68A533D}\InprocServer32 -> C:\WINDOWS\system32\UCXUICTRLS.OCX (üçAdım Yazılım Teknolojileri)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC9_PerformanceMonitor.job => C:\Program Files\IObit\Advanced SystemCare\Monitor.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2052111302-823518204-1801674531-500Core.job => C:\Documents and Settings\Administrator\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP Hizmet Sonu Bildirimi Aylık.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP Hizmet Sonu Bildirimi Oturum Açma.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{560FB9F0-5527-4BF4-BC59-889929CC132F}.job => C:\WINDOWS\system32\msfeedssync.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-05-21 20:33 - 2016-05-21 20:33 - 00088416 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\zlib.dll
2016-05-21 20:33 - 2016-05-21 20:33 - 00115904 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QMAntiInject.dll
2016-05-21 20:33 - 2016-05-21 20:33 - 00488640 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\sqlite.dll
2016-05-21 20:33 - 2016-05-21 20:33 - 00100704 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\tinyxml.dll
2016-05-21 20:33 - 2016-05-21 20:33 - 00025280 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQFileFlt.dll
2016-05-21 20:33 - 2016-05-21 20:33 - 00046784 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll
2016-05-21 20:33 - 2016-05-21 20:33 - 00070848 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll
2016-05-21 20:33 - 2016-02-28 01:55 - 00036128 _____ () C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\oDayProtect.dll
2016-05-21 20:33 - 2016-05-21 20:33 - 00128192 _____ () c:\program files\tencent\qqpcmgr\11.5.17499.219\qmrtpcontroller.dll
2014-01-02 18:43 - 2011-10-08 07:50 - 00355432 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
2008-04-15 14:00 - 2008-04-15 14:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2014-09-19 20:44 - 2014-02-10 13:44 - 04592128 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-09-19 20:44 - 2014-02-10 13:44 - 00112128 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2008-04-15 14:00 - 2016-05-21 22:25 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2052111302-823518204-1801674531-1003\Control Panel\Desktop\\Wallpaper -> (Yok)
HKU\S-1-5-21-2052111302-823518204-1801674531-500\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.1.1
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: 2 =>
MSCONFIG\startupreg: ctfmon.exe =>
MSCONFIG\startupreg: KernelFaultCheck =>
MSCONFIG\startupreg: QQPCTray =>
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCmgrInstallGuide.exe] => Enabled:
?-
?
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCTray.exe] => Enabled:
?-
?
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCMgr.exe] => Enabled:
?-
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCRTP.exe] => Enabled:
?-
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QMDL.exe] => Enabled:
?-
?
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\bugreport.exe] => Enabled:
?-crash??
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCFileOpen.exe] => Enabled:
?-
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCLeakScan.exe] => Enabled:
?-
?
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPConfig.exe] => Enabled:
?-
?
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCSoftMgr.exe] => Enabled:
?-
?
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\plugins\QMNetMon\QQPCNetFlow.exe] => Enabled:
?-
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCBTU.exe] => Enabled:
?-
?
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCClinic.exe] => Enabled:
?-
?
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCLaunch.exe] => Enabled:
?-QQPCLaunch
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QMUpdate\QQPCMgrUpdate.exe] => Enabled:
?-
??
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCSoftGame.exe] => Enabled:
?-QQPCSoftGame
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCSysOptimize.exe] => Enabled:
?-
?
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCUpdateAVLib.exe] => Enabled:
?-
??
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQRepair.exe] => Enabled:
?-
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\Uninst.exe] => Enabled:
?-
?
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCPatch.exe] => Enabled:
?-QQPCPatch
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\TpkUpdate.exe] => Enabled:
?-
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QMRouterMgr.exe] => Enabled:
?-
??
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QMAccountProtection.exe] => Enabled:
?-
DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QMAdBlock.exe] => Enabled:
?-
?
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\Tencent\QQDownload\130\Tencentdl.exe] => Enabled:腾讯产品下载组件
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\Tencent\QQDownload\130\bugreport_xf.exe] => Enabled:腾讯产品下载组件Crash上报
StandardProfile\AuthorizedApplications: [C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe] => Enabled:Daemonu.exe
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrator\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe] => Enabled:Facebook Video Calling Plugin
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCmgrInstallGuide.exe] => Enabled:
?-
?
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCTray.exe] => Enabled:
?-
?
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCMgr.exe] => Enabled:
?-
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCRTP.exe] => Enabled:
?-
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QMDL.exe] => Enabled:
?-
?
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\bugreport.exe] => Enabled:
?-crash??
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCFileOpen.exe] => Enabled:
?-
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCLeakScan.exe] => Enabled:
?-
?
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPConfig.exe] => Enabled:
?-
?
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCSoftMgr.exe] => Enabled:
?-
?
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\plugins\QMNetMon\QQPCNetFlow.exe] => Enabled:
?-
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCBTU.exe] => Enabled:
?-
?
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCClinic.exe] => Enabled:
?-
?
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCLaunch.exe] => Enabled:
?-QQPCLaunch
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QMUpdate\QQPCMgrUpdate.exe] => Enabled:
?-
??
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCSoftGame.exe] => Enabled:
?-QQPCSoftGame
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCSysOptimize.exe] => Enabled:
?-
?
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCUpdateAVLib.exe] => Enabled:
?-
??
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQRepair.exe] => Enabled:
?-
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\Uninst.exe] => Enabled:
?-
?
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCPatch.exe] => Enabled:
?-QQPCPatch
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\TpkUpdate.exe] => Enabled:
?-
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QMRouterMgr.exe] => Enabled:
?-
??
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QMAccountProtection.exe] => Enabled:
?-
StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QMAdBlock.exe] => Enabled:
?-
?
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Tencent\QQDownload\130\Tencentdl.exe] => Enabled:
??
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Tencent\QQDownload\130\bugreport_xf.exe] => Enabled:
??Crash??
==================== Restore Points =========================
15-06-2014 13:07:44 Software Distribution Service 3.0
16-06-2014 21:18:06 Software Distribution Service 3.0
18-06-2014 15:42:05 Software Distribution Service 3.0
19-06-2014 19:26:58 Software Distribution Service 3.0
20-06-2014 20:21:38 Software Distribution Service 3.0
22-06-2014 19:38:04 Software Distribution Service 3.0
23-06-2014 19:53:02 Software Distribution Service 3.0
25-06-2014 22:48:10 Software Distribution Service 3.0
27-06-2014 21:48:17 Software Distribution Service 3.0
28-06-2014 23:58:16 Software Distribution Service 3.0
29-06-2014 18:41:31 Geri Yükleme İşlemi
02-07-2014 22:09:26 Software Distribution Service 3.0
04-07-2014 19:07:26 Software Distribution Service 3.0
06-07-2014 21:52:24 Software Distribution Service 3.0
09-07-2014 23:56:16 RegClean Pro Çar, Tem 09, 14 23:56
09-07-2014 23:59:46 Software Distribution Service 3.0
12-07-2014 19:53:08 Software Distribution Service 3.0
15-07-2014 18:27:38 Software Distribution Service 3.0
16-07-2014 23:50:48 Software Distribution Service 3.0
19-07-2014 21:26:09 Software Distribution Service 3.0
21-07-2014 18:54:07 Software Distribution Service 3.0
22-07-2014 19:21:36 Software Distribution Service 3.0
23-07-2014 20:50:23 Software Distribution Service 3.0
25-07-2014 19:14:15 Software Distribution Service 3.0
27-07-2014 19:32:15 Software Distribution Service 3.0
29-07-2014 13:35:11 Software Distribution Service 3.0
30-07-2014 14:06:30 Software Distribution Service 3.0
31-07-2014 20:08:04 Software Distribution Service 3.0
02-08-2014 22:33:37 Software Distribution Service 3.0
04-08-2014 19:57:32 Software Distribution Service 3.0
07-08-2014 12:50:08 Software Distribution Service 3.0
08-08-2014 13:36:49 Software Distribution Service 3.0
09-08-2014 13:58:19 Software Distribution Service 3.0
13-08-2014 19:58:11 Software Distribution Service 3.0
16-08-2014 19:36:01 Software Distribution Service 3.0
18-08-2014 19:24:00 Software Distribution Service 3.0
21-08-2014 17:43:42 Software Distribution Service 3.0
22-08-2014 13:40:35 Software Distribution Service 3.0
22-08-2014 16:00:02 Software Distribution Service 3.0
22-08-2014 16:06:36 Software Distribution Service 3.0
23-08-2014 22:20:51 Software Distribution Service 3.0
23-08-2014 22:36:19 Software Distribution Service 3.0
24-08-2014 18:16:40 Software Distribution Service 3.0
24-08-2014 18:22:15 Software Distribution Service 3.0
25-08-2014 19:23:29 Software Distribution Service 3.0
26-08-2014 19:49:19 Software Distribution Service 3.0
28-08-2014 19:29:30 Software Distribution Service 3.0
30-08-2014 15:20:37 Software Distribution Service 3.0
30-08-2014 19:54:51 Software Distribution Service 3.0
31-08-2014 20:44:49 Software Distribution Service 3.0
01-09-2014 13:37:29 Software Distribution Service 3.0
01-09-2014 18:57:50 Software Distribution Service 3.0
02-09-2014 19:54:30 Software Distribution Service 3.0
04-09-2014 19:39:35 Software Distribution Service 3.0
06-09-2014 20:13:08 Sistem Denetleme Noktası
07-09-2014 17:26:22 Software Distribution Service 3.0
08-09-2014 18:38:52 Software Distribution Service 3.0
11-09-2014 12:48:33 Software Distribution Service 3.0
11-09-2014 19:24:29 Software Distribution Service 3.0
13-09-2014 18:12:59 Software Distribution Service 3.0
14-09-2014 19:13:56 Software Distribution Service 3.0
15-09-2014 18:56:02 Software Distribution Service 3.0
16-09-2014 18:58:10 Software Distribution Service 3.0
17-09-2014 12:56:48 Software Distribution Service 3.0
19-09-2014 20:04:21 Software Distribution Service 3.0
22-09-2014 13:29:32 Software Distribution Service 3.0
23-09-2014 18:44:55 Software Distribution Service 3.0
28-09-2014 14:00:46 Software Distribution Service 3.0
02-10-2014 20:12:59 Software Distribution Service 3.0
04-10-2014 11:28:28 Software Distribution Service 3.0
05-10-2014 19:23:29 Software Distribution Service 3.0
12-10-2014 21:51:14 Software Distribution Service 3.0
17-10-2014 20:08:29 Software Distribution Service 3.0
17-10-2014 20:36:55 Software Distribution Service 3.0
18-10-2014 19:04:51 Software Distribution Service 3.0
19-10-2014 18:40:10 Software Distribution Service 3.0
20-05-2016 18:24:39 Kaldırıldı ComboMax
20-05-2016 18:24:42 Kaldırıldı Internet Explorer için Yandex Elements 7.2
20-05-2016 18:26:30 Removed Nokia Software Updater.
20-05-2016 18:27:56 Nokia Music kaldırıldı.
20-05-2016 19:40:44 Software Distribution Service 3.0
21-05-2016 20:08:46 Yüklenen Samsung New PC Studio
21-05-2016 20:30:21 Kaldırılan Samsung New PC Studio
21-05-2016 20:49:57 Kaldırıldı ComboMax
21-05-2016 20:50:00 Removed User Profile Hive Cleanup Service
21-05-2016 21:14:56 Kaldırıldı ComboMax
21-05-2016 21:51:42 Sound+ restore point
21-05-2016 21:52:49 Sound+ restore point
21-05-2016 22:01:00 Windows Sürücü Paketi - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) restore point
21-05-2016 22:01:39 crack 1.00 restore point
21-05-2016 23:42:45 Advanced SystemCare 9 restore point
==================== Faulty Device Manager Devices =============
Name: Nokia 5800 XpressMusic
Description: Nokia 5800 XpressMusic
Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/21/2016 11:47:17 PM) (Source: MsiInstaller) (EventID: 11705) (User: PROGRESSIVE-PC)
Description: Ürün: ComboMax -- Hata 1705. Bu ürünün önceki bir yükleme işlemi sürüyor. Devam etmek için bu yüklemenin yaptığı değişiklikleri geri almalısınız. Bu değişiklikleri geri almak istiyor musunuz?
Error: (05/21/2016 08:49:57 PM) (Source: MsiInstaller) (EventID: 11704) (User: PROGRESSIVE-PC)
Description: Product: User Profile Hive Cleanup Service -- Error 1704. An installation for ComboMax is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?
Error: (05/21/2016 08:38:00 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Üçüncü parti kök listesinin ayıklanamadığı otomatik güncelleştirme kabin dosyasının konumu: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> hata: Gerekli sertifika, geçerli sistem saatiyle veya imzalı dosyadaki zaman damgasıyla doğrulanırken geçerlilik süresi dışındaydı.
Error: (05/21/2016 08:38:00 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Üçüncü parti kök listesinin ayıklanamadığı otomatik güncelleştirme kabin dosyasının konumu: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> hata: Gerekli sertifika, geçerli sistem saatiyle veya imzalı dosyadaki zaman damgasıyla doğrulanırken geçerlilik süresi dışındaydı.
Error: (05/21/2016 08:34:20 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Üçüncü parti kök listesinin ayıklanamadığı otomatik güncelleştirme kabin dosyasının konumu: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> hata: Gerekli sertifika, geçerli sistem saatiyle veya imzalı dosyadaki zaman damgasıyla doğrulanırken geçerlilik süresi dışındaydı.
Error: (05/21/2016 08:34:20 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Üçüncü parti kök listesinin ayıklanamadığı otomatik güncelleştirme kabin dosyasının konumu: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> hata: Gerekli sertifika, geçerli sistem saatiyle veya imzalı dosyadaki zaman damgasıyla doğrulanırken geçerlilik süresi dışındaydı.
Error: (05/20/2016 06:27:52 PM) (Source: Nokia Software Installer) (EventID: 1) (User: )
Description: Nokia Software Installer 3.1.276 (NLib 0.7.487)
Setup failed with exit code 1618.
Error: (05/20/2016 06:27:49 PM) (Source: Nokia Software Installer) (EventID: 1) (User: )
Description: Nokia Software Installer 3.1.276 (NLib 0.7.487)
Setup failed with exit code 1618.
Error: (05/20/2016 06:27:46 PM) (Source: Nokia Software Installer) (EventID: 1) (User: )
Description: Nokia Software Installer 3.1.276 (NLib 0.7.487)
Setup failed with exit code 1618.
Error: (05/20/2016 06:27:43 PM) (Source: Nokia Software Installer) (EventID: 1) (User: )
Description: Nokia Software Installer 3.1.276 (NLib 0.7.487)
Setup failed with exit code 1618.
System errors:
=============
Error: (05/21/2016 11:42:00 PM) (Source: WPDClassInstaller) (EventID: 25088) (User: )
Description: It was not possible to install drivers for the device USB\Vid_04e8&Pid_6860&Rev_0400. Error code 0x80070002.
Error: (05/21/2016 11:26:24 PM) (Source: WPDClassInstaller) (EventID: 25088) (User: )
Description: It was not possible to install drivers for the device USB\Vid_04e8&Pid_6860&Rev_0400. Error code 0x80070002.
Error: (05/21/2016 10:28:07 PM) (Source: 0) (EventID: 55) (User: )
Description: D:
Error: (05/21/2016 10:28:07 PM) (Source: 0) (EventID: 55) (User: )
Description: D:
Error: (05/21/2016 10:16:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Skype C2C Service hizmeti beklenmeyen bir şekilde sonlandırıldı. Bu şimdiye kadar 1 kez oluştu.
Error: (05/21/2016 09:55:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Util NetCrawl hizmeti aşağıdaki hata nedeniyle başlatılamadı:
%%3
Error: (05/21/2016 09:55:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Update ToggleMark hizmeti aşağıdaki hata nedeniyle başlatılamadı:
%%3
Error: (05/21/2016 09:55:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Update NetCrawl hizmeti aşağıdaki hata nedeniyle başlatılamadı:
%%3
Error: (05/21/2016 09:55:43 PM) (Source: 0) (EventID: 55) (User: )
Description: D:
Error: (05/21/2016 09:55:43 PM) (Source: 0) (EventID: 55) (User: )
Description: D:
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz
Percentage of memory in use: 30%
Total physical RAM: 2046.42 MB
Available physical RAM: 1431.42 MB
Total Virtual: 3939.24 MB
Available Virtual: 3334.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:146.48 GB) (Free:116.44 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (YEDEK) (Fixed) (Total:37.27 GB) (Free:14.56 GB) NTFS
Drive e: (YEDEK) (Fixed) (Total:319.27 GB) (Free:294.77 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 28CA28C9)
Partition 1: (Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=319.3 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 37.3 GB) (Disk ID: 00A300A3)
Partition 1: (Not Active) - (Size=37.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
------------------------------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-05-2016
Ran by Administrator (administrator) on PROGRESSIVE-PC (21-05-2016 23:53:07)
Running from C:\Documents and Settings\Administrator\Belgelerim\Downloads
Loaded Profiles: UpdatusUser & Administrator (Available Profiles: UpdatusUser & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: Türkçe
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
(Tencent) C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCRTP.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [NPSStartup] => [X]
HKLM\...\Run: [ QQPCTray] => C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCTRAY.EXE [362304 2016-05-21] (Tencent)
HKU\S-1-5-21-2052111302-823518204-1801674531-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QMGCShellExt.dll [2016-05-21] (Tencent)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{450A79F9-ACE4-479D-AB52-DBC51D903A8A}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{78B75494-FB2E-4F3A-A3DF-A9A89EA425D9}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2052111302-823518204-1801674531-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2052111302-823518204-1801674531-500\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2052111302-823518204-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2052111302-823518204-1801674531-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2052111302-823518204-1801674531-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=Af31026&s=o400493_1
URLSearchHook: [S-1-5-21-2052111302-823518204-1801674531-1003] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2052111302-823518204-1801674531-500 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL =
SearchScopes: HKU\S-1-5-21-2052111302-823518204-1801674531-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> No File
BHO: No Name -> {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
Toolbar: HKLM - No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Toolbar: HKU\.DEFAULT -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Toolbar: HKU\S-1-5-21-2052111302-823518204-1801674531-500 -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Toolbar: HKU\S-1-5-21-2052111302-823518204-1801674531-500 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Profiles\8l4vqygw.default
FF NewTab: hxxp://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqAnUpAHMmAk..&v=20160518&uid=2D17C2676435592D08FD023B4E4CE416&ptid=amz&mode=loadm
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: data:text/plain,browser.search.defaultenginename.US=cloudfront
FF SearchEngineOrder.1: Google
FF Homepage: hxxps://www.facebook.com/
FF Keyword.URL: hxxp://d2ucfwpxlh3zh3.cloudfront.net/chrome.php?uid=2D17C2676435592D08FD023B4E4CE416&ptid=amz&ts=AHEqAnUpAHMmAk..&v=20160518&mode=ffexttoolbar&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-20] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @qq.com/QQPCMgr -> C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\npQMExtensionsMozilla.dll [2016-05-21] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-20] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-20] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2052111302-823518204-1801674531-500: @skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Administrator\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF user.js: detected! => C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uo0n34cj.default\user.js [2016-05-21]
FF user.js: detected! => C:\Documents and Settings\Administrator\Application Data\Profiles\8l4vqygw.default\user.js [2016-05-21]
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uo0n34cj.default\searchplugins\yandex.com.tr-194921.xml [2014-01-06]
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uo0n34cj.default\searchplugins\yqs-barff-yagorsel.xml [2014-01-04]
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uo0n34cj.default\searchplugins\yqs-barff-yahaber.xml [2014-01-04]
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uo0n34cj.default\searchplugins\yqs-barff-yavideo.xml [2014-01-04]
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Profiles\8l4vqygw.default\searchplugins\82eux7o5.xml [2016-05-21]
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Profiles\8l4vqygw.default\searchplugins\yandex.com.tr-194921.xml [2014-01-06]
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Profiles\8l4vqygw.default\searchplugins\yqs-barff-yagorsel.xml [2014-01-04]
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Profiles\8l4vqygw.default\searchplugins\yqs-barff-yahaber.xml [2014-01-04]
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Profiles\8l4vqygw.default\searchplugins\yqs-barff-yavideo.xml [2014-01-04]
FF Extension: RadioRage - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uo0n34cj.default\Extensions\4jffxtbr@RadioRage_4j.com [2014-06-06] [not signed]
FF Extension: CouponDownloader - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uo0n34cj.default\Extensions\CouponDownloader@jetpack [2014-05-05] [not signed]
FF Extension: Linkey for Firefox - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uo0n34cj.default\Extensions\extension@linkeyproject.com [2014-05-05] [not signed]
FF Extension: Visual Bookmarks - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uo0n34cj.default\Extensions\vb@yandex.ru [2014-07-02] [not signed]
FF Extension: &Yandex Elements& - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uo0n34cj.default\Extensions\yasearch@yandex.ru [2014-06-12] [not signed]
FF Extension: Settings Manager - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uo0n34cj.default\Extensions\{2AE40B21-2432-2852-F891-21943FB49383} [2014-05-20] [not signed]
FF Extension: . - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uo0n34cj.default\Extensions\{4e38134d-ba98-4066-b898-e296d8acc938}.xpi [2014-03-20] [not signed]
FF Extension: Shopping Suggestion - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uo0n34cj.default\Extensions\{D394D188-BAC7-4e03-8FAF-389A4D7EC6F4}.xpi [2014-03-20] [not signed]
FF Extension: BonanzaDeals - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uo0n34cj.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi [2014-01-06] [not signed]
FF Extension: RadioRage - C:\Documents and Settings\Administrator\Application Data\Profiles\8l4vqygw.default\Extensions\4jffxtbr@RadioRage_4j.com [2016-05-21] [not signed]
FF Extension: GsearchFinder - C:\Documents and Settings\Administrator\Application Data\Profiles\8l4vqygw.default\Extensions\@e9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi [2016-05-19]
FF Extension: CouponDownloader - C:\Documents and Settings\Administrator\Application Data\Profiles\8l4vqygw.default\Extensions\CouponDownloader@jetpack [2016-05-21] [not signed]
FF Extension: Linkey for Firefox - C:\Documents and Settings\Administrator\Application Data\Profiles\8l4vqygw.default\Extensions\extension@linkeyproject.com [2016-05-21] [not signed]
FF Extension: Visual Bookmarks - C:\Documents and Settings\Administrator\Application Data\Profiles\8l4vqygw.default\Extensions\vb@yandex.ru [2016-05-21] [not signed]
FF Extension: &Yandex Elements& - C:\Documents and Settings\Administrator\Application Data\Profiles\8l4vqygw.default\Extensions\yasearch@yandex.ru [2016-05-21] [not signed]
FF Extension: Settings Manager - C:\Documents and Settings\Administrator\Application Data\Profiles\8l4vqygw.default\Extensions\{2AE40B21-2432-2852-F891-21943FB49383} [2016-05-21] [not signed]
FF Extension: . - C:\Documents and Settings\Administrator\Application Data\Profiles\8l4vqygw.default\Extensions\{4e38134d-ba98-4066-b898-e296d8acc938}.xpi [2014-03-20] [not signed]
FF Extension: Shopping Suggestion - C:\Documents and Settings\Administrator\Application Data\Profiles\8l4vqygw.default\Extensions\{D394D188-BAC7-4e03-8FAF-389A4D7EC6F4}.xpi [2014-03-20] [not signed]
FF Extension: BonanzaDeals - C:\Documents and Settings\Administrator\Application Data\Profiles\8l4vqygw.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi [2014-01-06] [not signed]
FF Extension: CostMin - C:\Program Files\Mozilla Firefox\browser\extensions\ayiexgll@exxyl.edu [2014-07-02] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-08-22] [not signed]
FF HKLM\...\Firefox\Extensions: [ext@MediaBuzzV1mode5725.net] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode5725\ff => not found
FF HKLM\...\Firefox\Extensions: [ext@RichMediaViewV1release326.net] - C:\Program Files\RichMediaViewV1\RichMediaViewV1release326\ff => not found
FF HKLM\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha2346.net] - C:\Program Files\TrustMediaViewerV1\TrustMediaViewerV1alpha2346\ff => not found
FF HKU\S-1-5-21-2052111302-823518204-1801674531-500\...\Firefox\Extensions: [{F816408D-4202-64E5-FA78-DA8FDA4278DA}] - C:\Program Files\v01BlockAndSurf\174.xpi => not found
Chrome:
=======
CHR HomePage: ChromeDefaultData -> hxxp://www.google.com/
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.google.com/"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://d2ucfwpxlh3zh3.cloudfront.net/chrome.php?q={searchTerms}&ts=AHEqAnUpAHMmAk..&v=20160518&uid=2D17C2676435592D08FD023B4E4CE416&ptid=amz&mode=loadm
CHR DefaultSearchKeyword: ChromeDefaultData -> hohosearch
CHR HKLM\...\Chrome\Extension: [ahkleonegjnjadlkpfpigoihgjihnaeb] - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode5725\ch\MediaBuzzV1mode5725.crx <not found>
CHR HKLM\...\Chrome\Extension: [bililmjmmmkemgcbgehhgmeikiokphod] - C:\Program Files\RichMediaViewV1\RichMediaViewV1release326\ch\RichMediaViewV1release326.crx <not found>
CHR HKLM\...\Chrome\Extension: [pjajnkpiekedgbhdpahidcjaanoealmp] - C:\Program Files\TrustMediaViewerV1\TrustMediaViewerV1alpha2346\ch\TrustMediaViewerV1alpha2346.crx <not found>
StartMenuInternet: old_chrome.exe - c:\program files\google\chrome\application\old_chrome.exe
Opera:
=======
OPR StartupUrls: "hxxp://htp%20www%20facebook%20com%20tr./"
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2960160 2016-04-22] (IObit)
R2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2253120 2011-10-08] (NVIDIA Corporation)
R2 QQPCRTP; C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQPCRTP.exe [313936 2016-05-21] (Tencent)
S3 ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [620544 2008-11-11] (Nokia.) [File not signed]
S2 shefaleCloudservice; C:\Program Files\Shefale\shefaleCloudservice.exe [985752 2016-05-19] ()
R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R2 AdvancedSystemCareService9; C:\Program Files\IObit\Advanced SystemCare\ASCService.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [19984 2016-05-21] ()
S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [File not signed]
R3 L1c; C:\WINDOWS\System32\DRIVERS\l1c51x86.sys [62576 2010-09-27] (Atheros Communications, Inc.)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R0 mv61xxmm; C:\WINDOWS\system32\Drivers\mv61xxmm.sys [14184 2012-10-29] (Marvell Semiconductor Inc.)
R0 mv64xxmm; C:\WINDOWS\system32\Drivers\mv64xxmm.sys [5632 2012-10-29] (Marvell Semiconductor Inc.) [File not signed]
R0 mvxxmm; C:\WINDOWS\system32\Drivers\mvxxmm.sys [14184 2012-10-29] (Marvell Semiconductor Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [119656 2011-07-08] (NVIDIA Corporation)
R1 QMIEProtect; C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QMIEProtect.sys [50488 2016-01-12] ()
R1 QMUdisk; C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QMUdisk.sys [104152 2016-02-28] (Tencent)
R2 QQSysMon; C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\QQSysMon.sys [120952 2016-05-21] (电脑管家)
R3 RTL8192cu; C:\WINDOWS\System32\DRIVERS\RTL8192cu.sys [1076968 2012-10-25] (Realtek Semiconductor Corporation )
R1 softaal; C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\softaal.sys [45816 2016-05-21] (Tencent)
R3 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator.sys [126008 2016-05-21] (Tencent)
R1 TAOKernelDriver; C:\WINDOWS\system32\Drivers\TAOKernelXP.sys [110200 2016-05-21] (Tencent Technology(Shenzhen) Company Limited)
R1 TFsFlt; C:\WINDOWS\System32\Drivers\TFsFlt.sys [159608 2016-05-21] (电脑管家)
R3 TS888; C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\TS888.sys [39928 2016-05-21] (Tencent)
R1 TSDefenseBt; C:\WINDOWS\System32\DRIVERS\TSDefenseBt.sys [14008 2016-05-21] (Tencent)
R0 TsFltMgr; C:\WINDOWS\System32\drivers\TsFltMgr.sys [137816 2016-05-21] (电脑管家)
R1 TSKSP; C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\TSKsp.sys [220984 2016-05-21] (电脑管家)
S3 TSSK; C:\WINDOWS\System32\tssk.sys [83576 2016-03-16] (电脑管家)
R1 TSSysKit; C:\Program Files\Tencent\QQPCMgr\11.5.17499.219\TSSysKit.sys [111736 2016-05-21] (电脑管家)
S3 upperdev; C:\WINDOWS\System32\DRIVERS\usbser_lowerflt.sys [8064 2008-09-15] (Windows (R) Codename Longhorn DDK provider)
S3 UsbserFilt; C:\WINDOWS\System32\DRIVERS\usbser_lowerfltj.sys [8064 2008-09-15] (Windows (R) Codename Longhorn DDK provider)
R1 {1b646e65-56b2-4543-b72c-0e8976cf559e}Gt; C:\WINDOWS\System32\drivers\{1b646e65-56b2-4543-b72c-0e8976cf559e}Gt.sys [55232 2014-04-24] (StdLib)
R1 {1b646e65-56b2-4543-b72c-0e8976cf559e}t; C:\WINDOWS\System32\drivers\{1b646e65-56b2-4543-b72c-0e8976cf559e}t.sys [55232 2014-06-20] (StdLib)
R1 {6fcd6092-9615-4f7f-8898-8df53980e5d2}Gt; C:\WINDOWS\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gt.sys [55224 2014-07-04] (StdLib)
R1 {6fcd6092-9615-4f7f-8898-8df53980e5d2}t; C:\WINDOWS\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}t.sys [55224 2014-08-06] (StdLib)
R1 {9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gt; C:\WINDOWS\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gt.sys [55232 2014-07-08] (StdLib)
R1 {af16abf4-eac1-49b4-93fc-58f6ca799135}Gt; C:\WINDOWS\System32\drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}Gt.sys [55232 2014-06-09] (StdLib)
S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X]
S4 IntelIde; no ImagePath
U5 usbser; C:\Windows\System32\Drivers\usbser.sys [26240 2013-08-29] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-21 23:52 - 2016-05-21 23:53 - 00000000 ____D C:\FRST
2016-05-21 22:28 - 2016-05-21 22:28 - 00002556 _____ C:\WINDOWS\SchedLgU.Txt
2016-05-21 22:25 - 2016-05-21 22:25 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Local Settings\temp
2016-05-21 22:25 - 2016-05-21 22:25 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2016-05-21 22:25 - 2016-05-21 22:25 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2016-05-21 22:18 - 2016-05-21 22:26 - 00000000 ____D C:\ComboFix
2016-05-21 22:16 - 2016-05-21 22:25 - 00000000 ____D C:\WINDOWS\erdnt
2016-05-21 22:16 - 2016-05-21 22:25 - 00000000 ____D C:\Qoobox
2016-05-21 22:16 - 2016-05-21 22:16 - 00000000 ___RD C:\Documents and Settings\Administrator\Start Menu\Programlar\Yönetimsel Araçlar
2016-05-21 22:16 - 2011-06-26 09:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2016-05-21 22:16 - 2010-11-07 20:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2016-05-21 22:16 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2016-05-21 22:16 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2016-05-21 22:16 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2016-05-21 22:16 - 2000-08-31 03:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2016-05-21 22:16 - 2000-08-31 03:00 - 00098816 _____ C:\WINDOWS\sed.exe
2016-05-21 22:16 - 2000-08-31 03:00 - 00080412 _____ C:\WINDOWS\grep.exe
2016-05-21 22:16 - 2000-08-31 03:00 - 00068096 _____ C:\WINDOWS\zip.exe
2016-05-21 21:50 - 2016-05-21 23:47 - 00000292 _____ C:\WINDOWS\Tasks\ASC9_PerformanceMonitor.job
2016-05-21 21:50 - 2016-05-21 21:50 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2016-05-21 21:50 - 2016-05-21 21:50 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-05-21 21:49 - 2016-05-21 23:44 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programlar\Advanced SystemCare
2016-05-21 21:49 - 2016-05-21 21:51 - 00000000 ____D C:\Program Files\Common Files\IObit
2016-05-21 21:49 - 2016-05-21 21:50 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ProductData
2016-05-21 21:49 - 2016-05-21 21:49 - 00000000 ____D C:\Documents and Settings\Administrator\IObit
2016-05-21 21:49 - 2016-05-21 21:49 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\ProductData
2016-05-21 21:48 - 2016-05-21 23:47 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programlar\IObit Uninstaller
2016-05-21 21:48 - 2016-05-21 21:50 - 00000000 ____D C:\Program Files\IObit
2016-05-21 21:48 - 2016-05-21 21:50 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\IObit
2016-05-21 21:48 - 2016-05-21 21:50 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\IObit
2016-05-21 21:15 - 2016-05-21 21:15 - 00081920 _____ C:\WINDOWS\Minidump\Mini052116-02.dmp
2016-05-21 20:53 - 2016-05-21 20:53 - 00019984 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-05-21 20:47 - 2016-05-21 22:33 - 00000066 _____ C:\WINDOWS\QMNetworkMgr.ini
2016-05-21 20:42 - 2016-05-21 22:28 - 00039928 _____ (Tencent) C:\WINDOWS\system32\Drivers\TS888.sys
2016-05-21 20:42 - 2016-05-21 20:42 - 00081920 _____ C:\WINDOWS\Minidump\Mini052116-01.dmp
2016-05-21 20:33 - 2016-05-21 20:33 - 00159608 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFlt.sys
2016-05-21 20:33 - 2016-05-21 20:33 - 00137816 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TsFltMgr.sys
2016-05-21 20:33 - 2016-05-21 20:33 - 00126008 _____ (Tencent) C:\WINDOWS\system32\Drivers\TAOAccelerator.sys
2016-05-21 20:33 - 2016-05-21 20:33 - 00110200 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelXP.sys
2016-05-21 20:33 - 2016-05-21 20:33 - 00014008 _____ (Tencent) C:\WINDOWS\system32\Drivers\TSDefenseBt.sys
2016-05-21 20:33 - 2016-05-21 20:33 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-05-21 20:33 - 2016-05-21 20:33 - 00000000 ____D C:\Documents and Settings\All Users\TXQMPC
2016-05-21 20:33 - 2016-03-16 14:00 - 00083576 _____ (电脑管家) C:\WINDOWS\system32\TSSK.sys
2016-05-21 20:32 - 2016-05-21 20:36 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Tencent
2016-05-21 20:32 - 2016-05-21 20:32 - 00000000 ____D C:\Program Files\Tencent
2016-05-21 20:31 - 2016-05-21 20:42 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Baidu
2016-05-21 20:31 - 2016-05-21 20:38 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Tencent
2016-05-21 20:31 - 2016-05-21 20:31 - 00000000 ____D C:\Program Files\Common Files\Baidu
2016-05-21 20:31 - 2016-05-21 20:31 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Baidu
2016-05-21 20:30 - 2016-05-21 20:30 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\csdi_monetize_120160520
2016-05-21 20:29 - 2016-05-21 21:14 - 00000000 ____D C:\Program Files\Caster
2016-05-21 20:27 - 2016-05-21 20:41 - 00000000 ____D C:\Program Files\Razoghchak
2016-05-21 20:27 - 2016-05-21 20:29 - 00000000 ____D C:\Program Files\Shefale
2016-05-21 20:27 - 2016-05-21 20:29 - 00000000 ____D C:\Program Files\Platoward
2016-05-21 20:27 - 2016-05-21 20:28 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-05-21 20:10 - 2016-05-21 20:10 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Samsung
2016-05-21 20:10 - 2010-07-04 19:07 - 00238952 _____ (Teruten) C:\WINDOWS\system32\FsUsbExService.Exe
2016-05-21 20:10 - 2010-06-14 09:32 - 00110592 _____ () C:\WINDOWS\system32\FsUsbExDevice.Dll
2016-05-21 20:10 - 2010-06-14 09:32 - 00036608 _____ C:\WINDOWS\system32\FsUsbExDisk.Sys
2016-05-21 20:09 - 2016-05-21 20:31 - 00000000 ____D C:\Program Files\InstallShield Installation Information
2016-05-21 20:09 - 2016-05-21 20:31 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Samsung
2016-05-21 20:09 - 2016-05-21 20:10 - 00000000 ____D C:\Program Files\Samsung
2016-05-21 20:09 - 2016-05-21 20:09 - 00002528 _____ C:\Documents and Settings\Administrator\Application Data\$_hpcst$.hpc
2016-05-21 20:02 - 2016-05-21 20:02 - 00000000 ____D C:\Documents and Settings\Administrator\Belgelerim\İndirilenler
2016-05-21 19:59 - 2016-05-21 20:41 - 00001784 _____ C:\Documents and Settings\All Users\Start Menu\Programlar\Mozilla Firefox.lnk
2016-05-21 19:59 - 2016-05-21 20:41 - 00001536 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2016-05-21 19:59 - 2016-05-21 19:59 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-05-20 20:34 - 2016-05-21 22:24 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Media Player Classic
2016-05-20 19:32 - 2016-05-21 21:14 - 00000000 ____D C:\AdwCleaner
2016-05-20 19:26 - 2016-05-20 19:26 - 00126776 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2016-05-20 18:52 - 2016-05-21 20:41 - 00001935 _____ C:\Documents and Settings\All Users\Start Menu\Programlar\Google Chrome.lnk
2016-05-20 18:52 - 2016-05-21 20:41 - 00001687 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2016-05-20 18:51 - 2016-05-21 22:28 - 00001004 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-20 18:22 - 2016-05-20 18:22 - 00081920 _____ C:\WINDOWS\Minidump\Mini052016-01.dmp
2016-05-20 17:55 - 2012-10-25 09:47 - 01076968 ____R (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\RTL8192cu.sys
2016-05-09 23:06 - 2016-05-09 23:07 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\Turkish
2016-05-09 23:05 - 2016-05-09 23:06 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\Commercial
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-21 23:53 - 2014-01-02 17:54 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
2016-05-21 23:47 - 2014-01-02 19:40 - 00000000 ___RD C:\Documents and Settings\All Users\Start Menu\Programlar
2016-05-21 23:26 - 2014-01-02 19:33 - 00000000 ___HD C:\WINDOWS\inf
2016-05-21 23:21 - 2014-09-11 19:46 - 00000468 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{560FB9F0-5527-4BF4-BC59-889929CC132F}.job
2016-05-21 23:20 - 2014-01-02 19:11 - 00000814 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-21 22:28 - 2014-08-22 15:57 - 00000238 _____ C:\WINDOWS\Tasks\Microsoft Windows XP Hizmet Sonu Bildirimi Oturum Açma.job
2016-05-21 22:28 - 2014-01-02 17:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-21 22:26 - 2014-01-02 17:55 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2016-05-21 22:26 - 2014-01-02 17:54 - 00000000 ____D C:\Documents and Settings\Administrator
2016-05-21 22:25 - 2008-04-15 14:00 - 00000227 _____ C:\WINDOWS\system.ini
2016-05-21 22:24 - 2014-01-02 17:54 - 00000000 ___RD C:\Documents and Settings\Administrator\Start Menu\Programlar
2016-05-21 22:01 - 2014-01-28 21:38 - 00000000 ____D C:\Program Files\DIFX
2016-05-21 21:34 - 2014-01-02 17:54 - 00000000 ___RD C:\Documents and Settings\Administrator\Belgelerim
2016-05-21 21:14 - 2014-01-02 18:43 - 00000178 ___SH C:\Documents and Settings\UpdatusUser\ntuser.ini
2016-05-21 20:55 - 2014-07-08 20:07 - 00046904 _____ C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2016-05-21 20:42 - 2014-03-10 20:34 - 00000000 ____D C:\WINDOWS\Minidump
2016-05-21 20:42 - 2014-01-02 19:39 - 00213672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-21 20:33 - 2014-01-02 19:39 - 00000000 ____D C:\Documents and Settings\All Users
2016-05-21 20:31 - 2014-04-25 18:41 - 00001078 __RSH C:\Documents and Settings\All Users\ntuser.pol
2016-05-21 20:31 - 2014-01-02 19:39 - 00000000 ___HD C:\Documents and Settings\Default User
2016-05-21 19:59 - 2014-05-15 17:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-05-21 17:12 - 2014-01-02 19:02 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
2016-05-20 20:40 - 2014-01-28 21:46 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Nokia
2016-05-20 20:31 - 2014-01-28 21:37 - 00000000 ____D C:\Program Files\Nokia
2016-05-20 19:51 - 2014-08-22 16:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-20 19:41 - 2012-12-28 21:33 - 136686448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt.exe
2016-05-20 19:20 - 2014-01-02 19:11 - 00797376 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-05-20 19:20 - 2014-01-02 19:11 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-05-20 18:52 - 2014-01-04 20:02 - 00000000 ____D C:\Program Files\Google
2016-05-20 18:52 - 2014-01-04 19:42 - 00001008 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2052111302-823518204-1801674531-500Core.job
2016-05-20 18:51 - 2014-01-30 15:52 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Deployment
2016-05-20 18:28 - 2014-01-02 19:17 - 00001912 _____ C:\WINDOWS\epplauncher.mif
2016-05-20 18:27 - 2008-04-15 14:00 - 00420298 _____ C:\WINDOWS\system32\perfh01F.dat
2016-05-20 18:27 - 2008-04-15 14:00 - 00077184 _____ C:\WINDOWS\system32\perfc01F.dat
2016-05-20 18:25 - 2014-08-21 17:57 - 00000000 ____D C:\Program Files\Opera
2016-05-20 18:24 - 2014-01-02 17:54 - 00000000 ___RD C:\Documents and Settings\Administrator\Start Menu\Programlar\Başlangıç
2016-05-20 17:53 - 2008-04-15 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-05-09 21:54 - 2014-08-22 15:57 - 00000232 _____ C:\WINDOWS\Tasks\Microsoft Windows XP Hizmet Sonu Bildirimi Aylık.job
==================== Files in the root of some directories =======
2014-05-15 17:46 - 2014-05-15 17:46 - 50053120 _____ () C:\Program Files\GUT174.tmp
2016-05-21 20:09 - 2016-05-21 20:09 - 0002528 _____ () C:\Documents and Settings\Administrator\Application Data\$_hpcst$.hpc
2014-01-06 20:29 - 2014-01-06 20:29 - 0295728 _____ (VuuPC Limited) C:\Documents and Settings\Administrator\Local Settings\Application Data\VuuPCBaseSetup.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================