OTL.exe Logum - ReadBull.net

19-09-2019, 12:30:57

#1
MI6

Açık Profil bilgileri

Özel Mesaj Gönder

MI6 tarafından gönderilen tüm mesajları bul

MI6'ı arkadaş olarak ekle

Kayıtlı Üye
OTL logfile created on: 24.04.2013 20:34:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\HAKAN\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 0000041f | Country: Turkiye | Language: TRK | Date Format: dd.MM.yyyy

7,96 Gb Total Physical Memory | 6,89 Gb Available Physical Memory | 86,52% Memory free
15,93 Gb Paging File | 14,77 Gb Available in Paging File | 92,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 89,60 Gb Free Space | 75,14% Space Free | Partition Type: NTFS
Drive D: | 1863,01 Gb Total Space | 1850,70 Gb Free Space | 99,34% Space Free | Partition Type: NTFS

Computer Name: HAKANCAN | User Name: HAKAN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (All) ==========

PRC - [2013.04.24 20:07:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\HAKAN\Desktop\OTL.exe
PRC - [2013.04.19 07:24:21 | 001,364,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.04.18 22:15:42 | 000,412,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.04.05 18:57:09 | 001,216,834 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2012.12.12 16:44:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV:64bit: - [2009.07.14 04:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 04:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.04.24 13:50:05 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.19 07:24:21 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.04.18 22:15:42 | 000,412,960 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009.06.11 00:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.04.05 14:32:40 | 000,166,576 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2013.03.15 12:53:39 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013.03.15 12:53:39 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013.03.15 12:42:42 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013.03.15 12:40:56 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.03.15 12:40:56 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013.03.15 12:40:56 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013.03.15 12:40:56 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013.02.25 08:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.08.07 10:09:00 | 000,088,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2012.08.07 10:09:00 | 000,065,152 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2012.07.19 12:14:28 | 000,110,744 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.11.21 06:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 06:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 06:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 06:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 04:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 04:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 04:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 23:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 23:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 23:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 23:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2010.01.29 11:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2009.07.14 04:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com//srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com//srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\: "URL" = http://www.bing.com/search?q=&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\: "URL" = http://www.bing.com/search?q=&FORM=IE8SRC

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir...=ie&ar=msnhome

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir...=ie&ar=msnhome

IE - HKU\S-1-5-19\..\URLSearchHook: - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20\..\URLSearchHook: - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-931720473-2086657933-1607969013-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\PROGRAMLAR
IE - HKU\S-1-5-21-931720473-2086657933-1607969013-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-931720473-2086657933-1607969013-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
IE - HKU\S-1-5-21-931720473-2086657933-1607969013-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.tr
IE - HKU\S-1-5-21-931720473-2086657933-1607969013-1000\..\URLSearchHook: - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-931720473-2086657933-1607969013-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-931720473-2086657933-1607969013-1000\..\SearchScopes\: "URL" = http://www.bing.com/search?q=&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-931720473-2086657933-1607969013-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-931720473-2086657933-1607969013-1002\..\URLSearchHook: - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_70 0_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_70 0_169.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122 .dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: D:\OYUNLAR\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Exten sions\\[email protected]: C:\Users\HAKAN\AppData\Roaming\IDM\idmmzcc5 [2013.04.24 13:50:53 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = search?q=&ie=
CHR - default_search_provider: suggest_url = search?client=chrome&q=&sugkey=
CHR - homepage: http://www.google.com.tr
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Peppe rFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoo gleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.d ll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122 .dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_70 0_169.dll
CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Adblock Plus = C:\Users\HAKAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddi lifddb\1.4_0\
CHR - Extension: AdBlock = C:\Users\HAKAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbi glidom\2.5.61_0\
CHR - Extension: IDM Integration = C:\Users\HAKAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlng ancncm\6.15.8_0\

O1 HOSTS File: ([2013.04.24 20:10:22 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKU\S-1-5-21-931720473-2086657933-1607969013-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-931720473-2086657933-1607969013-1002..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-931720473-2086657933-1607969013-1002..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-931720473-2086657933-1607969013-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-931720473-2086657933-1607969013-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-931720473-2086657933-1607969013-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: Butun linkleri IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Butun linkleri IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: IDM ile indir - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\about - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.ex e (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - - No CLSID value found.
O21 - SSODL: WebCheck - - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.04.24 20:25:34 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.04.24 20:19:26 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.04.24 20:16:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2013.04.24 20:16:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis
[2013.04.24 20:08:13 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.04.24 20:08:13 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.04.24 20:08:13 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.04.24 20:08:11 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.04.24 20:08:05 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.04.24 20:07:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\HAKAN\Desktop\OTL.exe
[2013.04.24 20:07:12 | 005,059,204 | R--- | C] (Swearware) -- C:\Users\HAKAN\Desktop\ComboFix.exe
[2013.04.24 18:21:36 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Ubisoft
[2013.04.24 18:21:35 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Local\Ubisoft Game Launcher
[2013.04.24 18:04:25 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Local\SWTORPerf
[2013.04.24 18:01:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
[2013.04.24 18:01:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2013.04.24 16:40:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2013.04.24 16:40:10 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Roaming\SystemRequirementsL ab
[2013.04.24 14:36:46 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013.04.24 14:36:33 | 000,000,000 | ---D | C] -- C:\Boot
[2013.04.24 14:25:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.04.24 14:24:41 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Local\Google
[2013.04.24 14:24:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.04.24 14:24:34 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Local\Deployment
[2013.04.24 14:24:34 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Local\Apps
[2013.04.24 14:22:57 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Local\Frameworkx.com
[2013.04.24 14:19:16 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Local\ElevatedDiagnostics
[2013.04.24 14:18:36 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Local\Programs
[2013.04.24 14:18:17 | 000,000,000 | ---D | C] -- C:\VISUAL
[2013.04.24 14:17:52 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Frameworkx
[2013.04.24 14:17:52 | 000,000,000 | ---D | C] -- C:\Program Files\Frameworkx
[2013.04.24 14:11:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.04.24 14:11:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013.04.24 14:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013.04.24 14:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013.04.24 14:04:36 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013.04.24 14:04:36 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013.04.24 14:04:26 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013.04.24 14:04:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013.04.24 13:50:51 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Roaming\IDM
[2013.04.24 13:50:51 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2013.04.24 13:50:51 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Roaming\DMCache
[2013.04.24 13:49:47 | 000,088,832 | ---- | C] (Etron Technology Inc) -- C:\Windows\SysNative\drivers\EtronXHCI.sys
[2013.04.24 13:49:47 | 000,065,152 | ---- | C] (Etron Technology Inc) -- C:\Windows\SysNative\drivers\EtronHub3.sys
[2013.04.24 13:49:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Etron Technology
[2013.04.24 13:49:28 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Roaming\Macromedia
[2013.04.24 13:49:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013.04.24 13:49:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013.04.24 13:48:43 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013.04.24 13:48:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.04.24 13:48:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.04.24 13:48:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.04.24 13:48:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013.04.24 13:47:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2013.04.24 13:46:51 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2013.04.24 13:46:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013.04.24 13:46:46 | 000,000,000 | ---D | C] -- C:\Intel
[2013.04.24 13:46:20 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Roaming\Nero
[2013.04.24 13:46:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2013.04.24 13:46:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2013.04.24 13:46:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2013.04.24 13:45:57 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013.04.24 13:45:48 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Internet Download Manager
[2013.04.24 13:45:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2013.04.24 13:45:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2013.04.24 13:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.04.24 13:45:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
[2013.04.24 13:45:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UltraISO
[2013.04.24 13:45:39 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\Documents\My ISO Files
[2013.04.24 13:45:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\EZB Systems
[2013.04.24 13:45:05 | 000,110,744 | ---- | C] (Qualcomm Atheros Co., Ltd.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2013.04.24 13:44:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2013.04.24 13:44:50 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013.04.24 13:44:21 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Roaming\WinRAR
[2013.04.24 13:44:21 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\WinRAR
[2013.04.24 13:44:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.04.24 13:44:20 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.04.24 13:44:16 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013.04.24 13:41:41 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Roaming\Adobe
[2013.04.24 13:41:40 | 000,000,000 | R--D | C] -- C:\Users\HAKAN\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup
[2013.04.24 13:41:40 | 000,000,000 | R--D | C] -- C:\Users\HAKAN\Searches
[2013.04.24 13:41:40 | 000,000,000 | R--D | C] -- C:\Users\HAKAN\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Administrative Tools
[2013.04.24 13:41:40 | 000,000,000 | -H-D | C] -- C:\Users\HAKAN\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013.04.24 13:41:11 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Roaming\Identities
[2013.04.24 13:41:10 | 000,000,000 | R--D | C] -- C:\Users\HAKAN\Contacts
[2013.04.24 13:41:10 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Local\VirtualStore
[2013.04.24 13:41:08 | 000,000,000 | --SD | C] -- C:\Users\HAKAN\AppData\Roaming\Microsoft
[2013.04.24 13:41:08 | 000,000,000 | R--D | C] -- C:\Users\HAKAN\Videos
[2013.04.24 13:41:08 | 000,000,000 | R--D | C] -- C:\Users\HAKAN\Saved Games
[2013.04.24 13:41:08 | 000,000,000 | R--D | C] -- C:\Users\HAKAN\Pictures
[2013.04.24 13:41:08 | 000,000,000 | R--D | C] -- C:\Users\HAKAN\Music
[2013.04.24 13:41:08 | 000,000,000 | R--D | C] -- C:\Users\HAKAN\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Maintenance
[2013.04.24 13:41:08 | 000,000,000 | R--D | C] -- C:\Users\HAKAN\Links
[2013.04.24 13:41:08 | 000,000,000 | R--D | C] -- C:\Users\HAKAN\Favorites
[2013.04.24 13:41:08 | 000,000,000 | R--D | C] -- C:\Users\HAKAN\Downloads
[2013.04.24 13:41:08 | 000,000,000 | R--D | C] -- C:\Users\HAKAN\Documents
[2013.04.24 13:41:08 | 000,000,000 | R--D | C] -- C:\Users\HAKAN\Desktop
[2013.04.24 13:41:08 | 000,000,000 | R--D | C] -- C:\Users\HAKAN\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Accessories
[2013.04.24 13:41:08 | 000,000,000 | -HSD | C] -- C:\Users\HAKAN\Documents\Videolarım
[2013.04.24 13:41:08 | 000,000,000 | -HSD | C] -- C:\Users\HAKAN\AppData\Local\Temporary Internet Files
[2013.04.24 13:41:08 | 000,000,000 | -HSD | C] -- C:\Users\HAKAN\Templates
[2013.04.24 13:41:08 | 000,000,000 | -HSD | C] -- C:\Users\HAKAN\Start Menu
[2013.04.24 13:41:08 | 000,000,000 | -HSD | C] -- C:\Users\HAKAN\SendTo
[2013.04.24 13:41:08 | 000,000,000 | -HSD | C] -- C:\Users\HAKAN\Documents\Resimlerim
[2013.04.24 13:41:08 | 000,000,000 | -HSD | C] -- C:\Users\HAKAN\Recent
[2013.04.24 13:41:08 | 000,000,000 | -HSD | C] -- C:\Users\HAKAN\PrintHood
[2013.04.24 13:41:08 | 000,000,000 | -HSD | C] -- C:\Users\HAKAN\NetHood
[2013.04.24 13:41:08 | 000,000,000 | -HSD | C] -- C:\Users\HAKAN\Documents\Muziğim
[2013.04.24 13:41:08 | 000,000,000 | -HSD | C] -- C:\Users\HAKAN\Local Settings
[2013.04.24 13:41:08 | 000,000,000 | -HSD | C] -- C:\Users\HAKAN\AppData\Local\History
[2013.04.24 13:41:08 | 000,000,000 | -HSD | C] -- C:\Users\HAKAN\Cookies
[2013.04.24 13:41:08 | 000,000,000 | -HSD | C] -- C:\Users\HAKAN\Belgelerim
[2013.04.24 13:41:08 | 000,000,000 | -HSD | C] -- C:\Users\HAKAN\Application Data
[2013.04.24 13:41:08 | 000,000,000 | -HSD | C] -- C:\Users\HAKAN\AppData\Local\Application Data
[2013.04.24 13:41:08 | 000,000,000 | -H-D | C] -- C:\Users\HAKAN\AppData
[2013.04.24 13:41:08 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Local\Temp
[2013.04.24 13:41:08 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Local\Microsoft
[2013.04.24 13:41:08 | 000,000,000 | ---D | C] -- C:\Users\HAKAN\AppData\Roaming\Media Center Programs
[2013.04.24 13:40:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Videolarım
[2013.04.24 13:40:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Sık Kullanılanlar
[2013.04.24 13:40:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Resimlerim
[2013.04.24 13:40:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Muziğim
[2013.04.24 13:40:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Belgeler
[2013.04.24 13:40:50 | 000,000,000 | ---D | C] -- C:\Recovery
[2013.04.24 13:40:48 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.04.24 13:37:33 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013.04.24 13:37:21 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013.04.05 14:43:34 | 000,166,576 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys

========== Files - Modified Within 30 Days ==========

[2013.04.24 20:32:38 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.24 20:32:38 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.24 20:31:03 | 001,432,496 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.24 20:31:03 | 000,609,650 | ---- | M] () -- C:\Windows\SysNative\perfh01F.dat
[2013.04.24 20:31:03 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.24 20:31:03 | 000,118,138 | ---- | M] () -- C:\Windows\SysNative\perfc01F.dat
[2013.04.24 20:31:03 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.24 20:29:00 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.24 20:25:36 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.24 20:25:34 | 000,002,279 | ---- | M] () -- C:\Users\HAKAN\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.04.24 20:25:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.24 20:25:26 | 2118,963,199 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.24 20:18:00 | 000,000,814 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.24 20:16:01 | 000,002,093 | ---- | M] () -- C:\Users\HAKAN\Desktop\HijackThis.lnk
[2013.04.24 20:10:22 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.04.24 20:07:45 | 005,059,204 | R--- | M] (Swearware) -- C:\Users\HAKAN\Desktop\ComboFix.exe
[2013.04.24 20:07:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\HAKAN\Desktop\OTL.exe
[2013.04.24 18:27:28 | 000,000,332 | ---- | M] () -- C:\Users\HAKAN\Desktop\Ghost Recon Online (EU).appref-ms
[2013.04.24 18:21:36 | 000,000,808 | ---- | M] () -- C:\Users\HAKAN\Desktop\Uplay.lnk
[2013.04.24 18:01:01 | 000,000,994 | ---- | M] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
[2013.04.24 14:36:34 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013.04.24 14:25:13 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.04.24 14:06:52 | 000,275,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.24 13:48:13 | 000,001,391 | ---- | M] () -- C:\Users\HAKAN\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013.04.24 13:46:20 | 000,001,140 | ---- | M] () -- C:\Users\HAKAN\Desktop\Nero Express.lnk
[2013.04.24 13:46:20 | 000,001,075 | ---- | M] () -- C:\Users\HAKAN\Desktop\Nero Burning Rom.lnk
[2013.04.24 13:45:49 | 000,001,009 | ---- | M] () -- C:\Users\HAKAN\Desktop\Internet Download Manager.lnk
[2013.04.24 13:45:44 | 000,000,906 | ---- | M] () -- C:\Users\HAKAN\Desktop\CCleaner.lnk
[2013.04.24 13:45:39 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\UltraISO.lnk
[2013.04.24 13:44:21 | 000,000,736 | ---- | M] () -- C:\Users\HAKAN\Desktop\WinRAR.lnk
[2013.04.24 13:39:50 | 000,199,126 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013.04.24 13:39:50 | 000,199,126 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013.04.19 07:24:21 | 000,061,216 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013.04.19 07:24:21 | 000,053,024 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013.04.19 07:24:21 | 000,020,536 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013.04.17 20:30:28 | 003,122,645 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.04.05 14:32:40 | 000,166,576 | ---- | M] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys

========== Files Created - No Company Name ==========

[2013.04.24 20:16:01 | 000,002,093 | ---- | C] () -- C:\Users\HAKAN\Desktop\HijackThis.lnk
[2013.04.24 20:08:13 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.04.24 20:08:13 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.04.24 20:08:13 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.04.24 20:08:13 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.04.24 20:08:13 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.04.24 18:27:28 | 000,000,332 | ---- | C] () -- C:\Users\HAKAN\Desktop\Ghost Recon Online (EU).appref-ms
[2013.04.24 18:21:36 | 000,000,808 | ---- | C] () -- C:\Users\HAKAN\Desktop\Uplay.lnk
[2013.04.24 18:01:01 | 000,000,994 | ---- | C] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
[2013.04.24 14:36:34 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2013.04.24 14:36:33 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2013.04.24 14:25:13 | 000,002,279 | ---- | C] () -- C:\Users\HAKAN\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.04.24 14:25:13 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.04.24 14:24:41 | 000,001,018 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.24 14:24:41 | 000,001,014 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.24 14:18:36 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\msvcrt10.dll
[2013.04.24 14:11:19 | 003,122,645 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.04.24 14:09:19 | 000,020,536 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2013.04.24 13:49:20 | 000,000,814 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.24 13:48:13 | 000,001,391 | ---- | C] () -- C:\Users\HAKAN\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013.04.24 13:46:20 | 000,001,140 | ---- | C] () -- C:\Users\HAKAN\Desktop\Nero Express.lnk
[2013.04.24 13:46:20 | 000,001,075 | ---- | C] () -- C:\Users\HAKAN\Desktop\Nero Burning Rom.lnk
[2013.04.24 13:45:49 | 000,001,009 | ---- | C] () -- C:\Users\HAKAN\Desktop\Internet Download Manager.lnk
[2013.04.24 13:45:44 | 000,000,906 | ---- | C] () -- C:\Users\HAKAN\Desktop\CCleaner.lnk
[2013.04.24 13:45:39 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\UltraISO.lnk
[2013.04.24 13:44:21 | 000,000,736 | ---- | C] () -- C:\Users\HAKAN\Desktop\WinRAR.lnk
[2013.04.24 13:41:41 | 000,001,397 | ---- | C] () -- C:\Users\HAKAN\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Internet Explorer.lnk
[2013.04.24 13:41:08 | 000,000,290 | ---- | C] () -- C:\Users\HAKAN\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013.04.24 13:41:08 | 000,000,272 | ---- | C] () -- C:\Users\HAKAN\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013.04.24 13:39:34 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013.04.24 13:39:31 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013.04.24 13:37:21 | 2118,963,199 | -HS- | C] () -- C:\hiberfil.sys

========== ZeroAccess Check ==========

[2009.07.14 07:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\\InProcSe rver32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\cls id\\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\\InProcSe rver32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\cls id\\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\\InProcS erver32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.15 12:45:12 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.15 12:45:12 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\\InProcS erver32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 04:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 06:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\\InProcS erver32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 04:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\cl sid\\InProcServer32]

========== LOP Check ==========

[2013.04.24 20:22:53 | 000,000,000 | ---D | M] -- C:\Users\HAKAN\AppData\Roaming\DMCache
[2013.04.24 20:07:58 | 000,000,000 | ---D | M] -- C:\Users\HAKAN\AppData\Roaming\IDM
[2013.04.24 16:40:10 | 000,000,000 | ---D | M] -- C:\Users\HAKAN\AppData\Roaming\SystemRequirementsL ab

========== Purity Check ==========

< End of report >
__________________