LOguma BAkarmısnz - ReadBull.net

19-09-2019, 12:33:31

#1
MI6

Açık Profil bilgileri

Özel Mesaj Gönder

MI6 tarafından gönderilen tüm mesajları bul

MI6'ı arkadaş olarak ekle

Kayıtlı Üye
OTL.text
OTL logfile created on: 6.4.2013 19:26:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\toygar\Downloads
Professional (Version = 6.2.8400) - Type = NTWorkstation
Internet Explorer (Version = 9.10.8400.0)
Locale: 0000041f | Country: Turkiye | Language: TRK | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 53,55% Memory free
4,00 Gb Paging File | 2,51 Gb Available in Paging File | 62,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 87,89 Gb Total Space | 59,30 Gb Free Space | 67,47% Space Free | Partition Type: NTFS
Drive D: | 210,06 Gb Total Space | 50,63 Gb Free Space | 24,10% Space Free | Partition Type: NTFS

Computer Name: TOYGAR | User Name: toygar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (All) ==========

PRC - [2013.04.06 19:24:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\toygar\Downloads\OTL.exe
PRC - [2013.04.05 23:52:55 | 001,043,536 | ---- | M] (BitTorrent Inc.) -- C:\Users\toygar\AppData\Roaming\uTorrent\uTorrent. exe
PRC - [2013.04.05 21:18:07 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler. exe
PRC - [2013.03.22 01:50:35 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012.12.03 18:39:40 | 001,259,880 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.12.01 07:38:02 | 001,821,032 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.12.01 07:38:02 | 000,865,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012.12.01 07:37:55 | 000,645,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2012.11.30 22:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.05.19 08:35:08 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2012.05.19 08:35:08 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2012.05.19 08:35:08 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2012.05.19 08:35:06 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2012.05.19 07:57:44 | 002,104,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012.05.19 07:48:52 | 000,242,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpCmdRun.exe
PRC - [2012.05.19 07:48:52 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2012.05.19 07:43:58 | 000,410,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2012.05.19 07:43:58 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2012.05.19 07:43:54 | 000,240,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2012.05.19 07:43:54 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhostex.exe
PRC - [2012.05.19 07:43:54 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.05.19 07:43:53 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012.05.19 07:43:53 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012.05.19 07:43:53 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012.05.19 07:43:53 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012.05.19 07:43:53 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012.05.19 07:43:53 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012.05.19 07:43:53 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012.05.19 07:43:53 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012.05.19 07:43:53 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2012.05.19 07:43:52 | 000,535,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2012.05.19 07:43:43 | 000,669,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2012.05.19 07:43:43 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe
PRC - [2012.05.19 07:43:43 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe
PRC - [2012.05.19 07:43:31 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiexec.exe
PRC - [2012.05.19 07:43:21 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2012.05.19 07:43:20 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe

========== Modules (No Company Name) ==========

MOD - [2013.03.22 01:50:33 | 000,390,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.43\ppgoo glenaclpluginchrome.dll
MOD - [2013.03.22 01:50:32 | 012,662,224 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.43\Peppe rFlash\pepflashplayer.dll
MOD - [2013.03.22 01:50:31 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.43\pdf.d ll
MOD - [2013.03.22 01:49:41 | 000,598,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.43\libgl esv2.dll
MOD - [2013.03.22 01:49:40 | 000,124,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.43\libeg l.dll
MOD - [2013.03.22 01:49:38 | 001,606,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.43\ffmpe gsumo.dll

========== Services (SafeList) ==========

SRV - [2012.12.03 18:39:40 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.11.30 22:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.05.19 08:30:01 | 002,188,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintCo nfig.dll -- (PrintNotify)
SRV - [2012.05.19 07:56:45 | 002,002,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WSService.dll -- (WSService)
SRV - [2012.05.19 07:48:52 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2012.05.19 07:42:58 | 001,515,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV - [2012.05.19 07:42:44 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV - [2012.05.19 07:42:38 | 000,231,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV - [2012.05.19 07:42:35 | 000,194,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc)
SRV - [2012.05.19 07:42:23 | 000,113,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker)
SRV - [2012.05.19 07:42:19 | 000,115,712 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV - [2012.05.19 07:42:17 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2012.05.19 07:42:17 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc)
SRV - [2012.05.19 07:41:59 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2012.05.19 07:41:36 | 002,029,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2012.05.19 07:41:07 | 000,369,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2012.05.19 07:41:05 | 000,139,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV - [2012.05.19 07:41:05 | 000,063,488 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2012.05.19 07:40:32 | 000,350,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM)
SRV - [2012.05.19 07:40:25 | 000,044,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2012.05.19 07:40:06 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV - [2012.05.19 07:40:02 | 000,026,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS)
SRV - [2012.05.19 07:39:56 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV - [2012.05.19 07:39:53 | 000,259,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV - [2012.05.19 07:39:42 | 000,122,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV - [2012.05.19 07:39:40 | 000,107,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV - [2012.05.19 07:39:39 | 000,137,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2012.05.19 04:50:28 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvss)
SRV - [2012.05.19 04:50:28 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV - [2012.05.19 04:50:28 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV - [2012.05.19 04:50:28 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicrdv)
SRV - [2012.05.19 04:50:28 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV - [2012.05.19 04:50:28 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat)

========== Driver Services (SafeList) ==========

DRV - [2012.12.03 18:39:40 | 009,373,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.07.03 18:25:17 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012.05.19 08:35:09 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\condrv.sys -- (condrv)
DRV - [2012.05.19 08:07:59 | 000,099,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV - [2012.05.19 08:07:59 | 000,070,344 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\EhStorClass.sys -- (EhStorClass)
DRV - [2012.05.19 08:07:56 | 000,085,192 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\3ware.sys -- (3ware)
DRV - [2012.05.19 08:06:09 | 000,285,384 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV - [2012.05.19 08:06:08 | 000,356,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV - [2012.05.19 08:06:08 | 000,263,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV - [2012.05.19 08:06:08 | 000,237,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\spaceport.sys -- (spaceport)
DRV - [2012.05.19 08:06:08 | 000,079,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VerifierExt.sys -- (VerifierExt)
DRV - [2012.05.19 08:06:08 | 000,076,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\uaspstor.sys -- (UASPStor)
DRV - [2012.05.19 08:06:08 | 000,066,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storahci.sys -- (storahci)
DRV - [2012.05.19 08:06:07 | 000,179,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\UCX01000.SYS -- (UCX01000)
DRV - [2012.05.19 08:06:04 | 000,102,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV - [2012.05.19 08:06:04 | 000,068,808 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV - [2012.05.19 08:06:04 | 000,059,080 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\mvumis.sys -- (mvumis)
DRV - [2012.05.19 08:06:04 | 000,040,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\sdstor.sys -- (sdstor)
DRV - [2012.05.19 08:06:04 | 000,019,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV - [2012.05.19 08:05:14 | 000,058,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\acpiex.sys -- (acpiex)
DRV - [2012.05.19 08:05:12 | 000,121,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\tpm.sys -- (TPM)
DRV - [2012.05.19 08:05:09 | 000,046,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\dam.sys -- (dam)
DRV - [2012.05.19 08:00:59 | 000,028,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\cnghwassist.sys -- (cnghwassist)
DRV - [2012.05.19 08:00:11 | 000,029,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\terminpt.sys -- (terminpt)
DRV - [2012.05.19 08:00:11 | 000,023,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.05.19 07:59:18 | 000,038,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV - [2012.05.19 07:56:51 | 000,056,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\pdc.sys -- (pdc)
DRV - [2012.05.19 07:56:46 | 000,256,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\clfs.sys -- (CLFS)
DRV - [2012.05.19 07:55:04 | 000,200,904 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\WdFilter.sys -- (WdFilter)
DRV - [2012.05.19 07:50:43 | 000,129,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmbus.sys -- (vmbus)
DRV - [2012.05.19 07:50:43 | 000,042,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmstorfl.sys -- (storflt)
DRV - [2012.05.19 07:50:43 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storvsc.sys -- (storvsc)
DRV - [2012.05.19 07:48:50 | 000,028,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\WdBoot.sys -- (WdBoot)
DRV - [2012.05.19 06:54:37 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV - [2012.05.19 06:54:32 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mshidumdf.sys -- (mshidumdf)
DRV - [2012.05.19 06:54:21 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\HyperVideo.sys -- (HyperVideo)
DRV - [2012.05.19 06:54:18 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicRender.sys -- (BasicRender)
DRV - [2012.05.19 06:53:35 | 000,024,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV - [2012.05.19 06:53:14 | 000,006,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vms3cap.sys -- (s3cap)
DRV - [2012.05.19 06:53:12 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\npsvctrig.sys -- (npsvctrig)
DRV - [2012.05.19 06:53:05 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\fxppm.sys -- (FxPPM)
DRV - [2012.05.19 06:52:50 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\kdnic.sys -- (kdnic)
DRV - [2012.05.19 06:52:46 | 000,009,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vmgencounter.sys -- (gencounter)
DRV - [2012.05.19 06:52:46 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpitime.sys -- (acpitime)
DRV - [2012.05.19 06:52:23 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpipagr.sys -- (acpipagr)
DRV - [2012.05.19 06:52:21 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV - [2012.05.19 06:52:02 | 000,018,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2012.05.19 06:51:57 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthhfHid.sys -- (bthhfhid)
DRV - [2012.05.19 06:51:46 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hyperkbd.sys -- (hyperkbd)
DRV - [2012.05.19 06:51:40 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SerCx.sys -- (SerCx)
DRV - [2012.05.19 06:51:33 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SpbCx.sys -- (SpbCx)
DRV - [2012.05.19 06:51:14 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012.05.19 06:50:53 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV - [2012.05.19 06:50:40 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hidi2c.sys -- (hidi2c)
DRV - [2012.05.19 06:50:38 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012.05.19 06:50:33 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\dmvsc.sys -- (dmvsc)
DRV - [2012.05.19 06:49:47 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\wpcfltr.sys -- (wpcfltr)
DRV - [2012.05.19 06:49:06 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV - [2012.05.19 06:48:46 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\mslldp.sys -- (MsLldp)
DRV - [2012.05.19 06:48:34 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\Ndu.sys -- (Ndu)
DRV - [2012.04.13 21:00:18 | 000,085,504 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\L1C63x86.sys -- (L1C)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=247820
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=247820
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\: "URL" = http://www.bing.com/search?q=&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=247820
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.bing.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = tr-TR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0D 93 C1 58 27 32 CE 01 [binary data]
IE - HKCU\..\URLSearchHook: - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\: "URL" = http://www.bing.com/search?q=&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = search?q=&ie=
CHR - default_search_provider: suggest_url = search?client=chrome&q=&sugkey=,
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.43\Peppe rFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.43\ppGoo gleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.43\pdf.d ll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

O1 HOSTS File: ([2012.05.19 08:35:11 | 000,000,824 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O4 - HKCU..\Run: [uTorrent] C:\Users\toygar\AppData\Roaming\uTorrent\uTorrent. exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.ex e (Microsoft Corporation)
O21 - SSODL: WebCheck - - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.05.19 11:21:33 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.04.06 18:34:24 | 000,976,896 | ---- | C] (7pm Tech) -- C:\Users\toygar\Desktop\7pm Tech - W8 AIO Tool 1.1.0.1.exe
[2013.04.06 18:34:24 | 000,448,512 | ---- | C] (SCYPT) -- C:\Users\toygar\Desktop\WinAct_1.4.1.exe
[2013.04.06 18:31:31 | 031,311,926 | ---- | C] (ByELDI) -- C:\Users\toygar\Desktop\KMSnano.exe
[2013.04.06 15:46:23 | 000,000,000 | ---D | C] -- C:\Program Files\The Elder Scrolls V Skyrim
[2013.04.06 15:39:17 | 000,000,000 | ---D | C] -- C:\Users\toygar\AppData\Local\Skyrim
[2013.04.06 15:39:17 | 000,000,000 | ---D | C] -- C:\Users\toygar\Documents\My Games
[2013.04.06 14:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2013.04.06 13:56:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.1
[2013.04.06 13:56:25 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine 6.1
[2013.04.06 12:30:28 | 000,000,000 | ---D | C] -- C:\Users\toygar\Documents\My Cheat Tables
[2013.04.06 12:30:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2
[2013.04.06 12:30:02 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine 6.2
[2013.04.05 23:51:18 | 000,000,000 | ---D | C] -- C:\Users\toygar\AppData\Roaming\uTorrent
[2013.04.05 21:52:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013.04.05 21:47:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.04.05 21:47:24 | 000,000,000 | ---D | C] -- C:\Users\toygar\AppData\Local\Diagnostics
[2013.04.05 21:39:00 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2013.04.05 21:38:33 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013.04.05 21:36:22 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013.04.05 21:31:02 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2013.04.05 21:29:45 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013.04.05 21:29:21 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013.04.05 21:18:08 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.04.05 21:18:05 | 000,000,000 | ---D | C] -- C:\Users\toygar\AppData\Local\Google
[2013.04.05 21:17:39 | 000,000,000 | ---D | C] -- C:\Program Files\Joygame
[2013.04.05 21:17:35 | 000,000,000 | ---D | C] -- C:\Users\toygar\AppData\Local\Programs
[2013.04.05 21:05:16 | 000,000,000 | ---D | C] -- C:\Users\toygar\AppData\Roaming\WinRAR
[2013.04.05 21:05:16 | 000,000,000 | ---D | C] -- C:\Users\toygar\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\WinRAR
[2013.04.05 21:05:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.04.05 21:05:09 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.04.05 21:01:15 | 000,000,000 | ---D | C] -- C:\Users\toygar\AppData\Roaming\Macromedia
[2013.04.05 20:53:15 | 000,000,000 | ---D | C] -- C:\Users\toygar\AppData\Roaming\Adobe
[2013.04.05 20:53:14 | 000,000,000 | R--D | C] -- C:\Users\toygar\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup
[2013.04.05 20:53:14 | 000,000,000 | R--D | C] -- C:\Users\toygar\Searches
[2013.04.05 20:53:14 | 000,000,000 | R--D | C] -- C:\Users\toygar\Contacts
[2013.04.05 20:53:14 | 000,000,000 | R--D | C] -- C:\Users\toygar\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Administrative Tools
[2013.04.05 20:53:14 | 000,000,000 | -H-D | C] -- C:\Users\toygar\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013.04.05 20:53:07 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2013.04.05 20:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache
[2013.04.05 20:52:57 | 000,000,000 | ---D | C] -- C:\Users\toygar\AppData\Local\Packages
[2013.04.05 20:52:55 | 000,000,000 | ---D | C] -- C:\Users\toygar\AppData\Local\VirtualStore
[2013.04.05 20:52:43 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.04.05 20:52:30 | 000,000,000 | -HSD | C] -- C:\Users\toygar\Documents\Videolarım
[2013.04.05 20:52:30 | 000,000,000 | -HSD | C] -- C:\Users\toygar\AppData\Local\Temporary Internet Files
[2013.04.05 20:52:30 | 000,000,000 | -HSD | C] -- C:\Users\toygar\Templates
[2013.04.05 20:52:30 | 000,000,000 | -HSD | C] -- C:\Users\toygar\Start Menu
[2013.04.05 20:52:30 | 000,000,000 | -HSD | C] -- C:\Users\toygar\SendTo
[2013.04.05 20:52:30 | 000,000,000 | -HSD | C] -- C:\Users\toygar\Documents\Resimlerim
[2013.04.05 20:52:30 | 000,000,000 | -HSD | C] -- C:\Users\toygar\Recent
[2013.04.05 20:52:30 | 000,000,000 | -HSD | C] -- C:\Users\toygar\PrintHood
[2013.04.05 20:52:30 | 000,000,000 | -HSD | C] -- C:\Users\toygar\NetHood
[2013.04.05 20:52:30 | 000,000,000 | -HSD | C] -- C:\Users\toygar\Documents\Muziğim
[2013.04.05 20:52:30 | 000,000,000 | -HSD | C] -- C:\Users\toygar\Local Settings
[2013.04.05 20:52:30 | 000,000,000 | -HSD | C] -- C:\Users\toygar\AppData\Local\History
[2013.04.05 20:52:30 | 000,000,000 | -HSD | C] -- C:\Users\toygar\Cookies
[2013.04.05 20:52:30 | 000,000,000 | -HSD | C] -- C:\Users\toygar\Belgelerim
[2013.04.05 20:52:30 | 000,000,000 | -HSD | C] -- C:\Users\toygar\Application Data
[2013.04.05 20:52:30 | 000,000,000 | -HSD | C] -- C:\Users\toygar\AppData\Local\Application Data
[2013.04.05 20:52:29 | 000,000,000 | --SD | C] -- C:\Users\toygar\AppData\Roaming\Microsoft
[2013.04.05 20:52:29 | 000,000,000 | R--D | C] -- C:\Users\toygar\Videos
[2013.04.05 20:52:29 | 000,000,000 | R--D | C] -- C:\Users\toygar\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\System Tools
[2013.04.05 20:52:29 | 000,000,000 | R--D | C] -- C:\Users\toygar\Saved Games
[2013.04.05 20:52:29 | 000,000,000 | R--D | C] -- C:\Users\toygar\Pictures
[2013.04.05 20:52:29 | 000,000,000 | R--D | C] -- C:\Users\toygar\Music
[2013.04.05 20:52:29 | 000,000,000 | R--D | C] -- C:\Users\toygar\Links
[2013.04.05 20:52:29 | 000,000,000 | R--D | C] -- C:\Users\toygar\Favorites
[2013.04.05 20:52:29 | 000,000,000 | R--D | C] -- C:\Users\toygar\Downloads
[2013.04.05 20:52:29 | 000,000,000 | R--D | C] -- C:\Users\toygar\Documents
[2013.04.05 20:52:29 | 000,000,000 | R--D | C] -- C:\Users\toygar\Desktop
[2013.04.05 20:52:29 | 000,000,000 | R--D | C] -- C:\Users\toygar\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Accessories
[2013.04.05 20:52:29 | 000,000,000 | R--D | C] -- C:\Users\toygar\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Accessibility
[2013.04.05 20:52:29 | 000,000,000 | -H-D | C] -- C:\Users\toygar\AppData
[2013.04.05 20:52:29 | 000,000,000 | ---D | C] -- C:\Users\toygar\AppData\Local\Temp
[2013.04.05 20:52:29 | 000,000,000 | ---D | C] -- C:\Users\toygar\AppData\Local\Microsoft
[2013.04.05 20:52:29 | 000,000,000 | ---D | C] -- C:\Users\toygar\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Maintenance
[2013.04.05 20:50:19 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Videolarım
[2013.04.05 20:50:19 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Resimlerim
[2013.04.05 20:50:19 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Muziğim
[2013.04.05 20:50:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Belgeler
[2013.04.05 20:38:00 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013.03.22 18:33:23 | 000,000,000 | ---D | C] -- C:\Game
[2013.03.20 22:44:46 | 000,000,000 | RH-D | C] -- C:\MSOCache

========== Files - Modified Within 30 Days ==========

[2013.04.06 19:23:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.06 18:46:37 | 000,676,646 | ---- | M] () -- C:\Windows\System32\perfh01F.dat
[2013.04.06 18:46:37 | 000,674,750 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.04.06 18:46:37 | 000,138,746 | ---- | M] () -- C:\Windows\System32\perfc01F.dat
[2013.04.06 18:46:37 | 000,124,636 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.04.06 18:42:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.06 18:41:18 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.06 18:40:41 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.04.06 18:40:39 | 1716,715,520 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.06 17:23:07 | 000,859,121 | ---- | M] () -- C:\Users\toygar\Desktop\Adsız.png
[2013.04.06 12:30:10 | 000,001,047 | ---- | M] () -- C:\Users\toygar\Desktop\Cheat Engine.lnk
[2013.04.06 11:03:28 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_LocationProv ider_01_11_00.Wdf
[2013.04.05 23:52:55 | 000,000,834 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013.04.05 23:52:55 | 000,000,794 | ---- | M] () -- C:\Users\toygar\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013.04.05 21:52:14 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2013.04.05 21:51:49 | 000,002,229 | ---- | M] () -- C:\Users\toygar\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.04.05 21:47:55 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.04.05 21:36:10 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013.04.05 21:19:45 | 000,002,024 | ---- | M] () -- C:\Users\toygar\Desktop\WolfTeam Turkiye.lnk
[2013.04.05 20:59:38 | 000,001,412 | ---- | M] () -- C:\Users\toygar\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013.04.05 20:38:42 | 000,049,295 | ---- | M] () -- C:\Windows\System32\license.rtf
[2013.04.05 20:37:26 | 000,281,032 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2013.04.06 18:54:03 | 002,494,473 | ---- | C] () -- C:\Users\toygar\Desktop\Windows 8 Ekinleştirme.exe
[2013.04.06 18:31:30 | 000,741,793 | ---- | C] () -- C:\Users\toygar\Desktop\KMSnano Documentation v15-US.pdf
[2013.04.06 17:23:07 | 000,859,121 | ---- | C] () -- C:\Users\toygar\Desktop\Adsız.png
[2013.04.06 15:56:29 | 000,128,645 | ---- | C] () -- C:\Users\toygar\Desktop\SKY.esp.bak
[2013.04.06 15:56:29 | 000,128,645 | ---- | C] () -- C:\Users\toygar\Desktop\SKY.esp
[2013.04.06 15:56:16 | 000,002,429 | ---- | C] () -- C:\Users\toygar\Desktop\Frostmourne.esp
[2013.04.06 12:30:10 | 000,001,047 | ---- | C] () -- C:\Users\toygar\Desktop\Cheat Engine.lnk
[2013.04.06 11:03:28 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_LocationProv ider_01_11_00.Wdf
[2013.04.05 23:52:55 | 000,000,834 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013.04.05 23:52:55 | 000,000,794 | ---- | C] () -- C:\Users\toygar\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2013.04.05 21:52:14 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2013.04.05 21:47:55 | 000,002,229 | ---- | C] () -- C:\Users\toygar\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.04.05 21:47:55 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.04.05 21:19:45 | 000,002,024 | ---- | C] () -- C:\Users\toygar\Desktop\WolfTeam Turkiye.lnk
[2013.04.05 21:18:11 | 000,001,022 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.05 21:18:09 | 000,001,018 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.05 20:59:38 | 000,001,412 | ---- | C] () -- C:\Users\toygar\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013.04.05 20:53:15 | 000,001,418 | ---- | C] () -- C:\Users\toygar\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Internet Explorer.lnk
[2013.04.05 20:52:29 | 000,000,352 | ---- | C] () -- C:\Users\toygar\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013.04.05 20:52:29 | 000,000,334 | ---- | C] () -- C:\Users\toygar\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013.04.05 20:37:10 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2012.05.19 13:04:20 | 000,676,646 | ---- | C] () -- C:\Windows\System32\perfh01F.dat
[2012.05.19 13:04:20 | 000,289,978 | ---- | C] () -- C:\Windows\System32\perfi01F.dat
[2012.05.19 13:04:20 | 000,138,746 | ---- | C] () -- C:\Windows\System32\perfc01F.dat
[2012.05.19 13:04:20 | 000,039,088 | ---- | C] () -- C:\Windows\System32\perfd01F.dat
[2012.05.19 11:24:37 | 000,674,750 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2012.05.19 11:24:37 | 000,296,742 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2012.05.19 11:24:37 | 000,124,636 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2012.05.19 11:24:37 | 000,033,362 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2012.05.19 11:23:03 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2012.05.19 11:23:02 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2012.05.19 10:33:54 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.05.19 10:29:38 | 000,281,032 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.05.19 05:55:09 | 000,093,696 | ---- | C] () -- C:\Windows\System32\OEMLicense.dll
[2012.05.19 05:37:09 | 000,071,680 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2012.05.19 05:34:38 | 000,043,520 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2012.05.19 01:11:52 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.05.19 00:55:21 | 000,526,068 | ---- | C] () -- C:\Windows\System32\staticurllist.bin
[2012.04.24 20:31:46 | 000,041,690 | ---- | C] () -- C:\Windows\System32\srms.dat
[2012.03.22 21:22:28 | 001,520,828 | ---- | C] () -- C:\Windows\System32\WpcNBModel.bin
[2012.02.29 06:56:32 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2012.02.29 06:56:12 | 000,008,192 | ---- | C] () -- C:\Windows\System32\settings.dat

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\\InProcSe rver32]

[HKEY_CURRENT_USER\Software\Classes\clsid\\InProcSe rver32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\\InProcS erver32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.05.19 07:42:08 | 017,492,480 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\\InProcS erver32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.05.19 07:40:05 | 000,787,456 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\\InProcS erver32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2012.05.19 07:42:38 | 000,355,328 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.04.06 19:27:16 | 000,000,000 | ---D | M] -- C:\Users\toygar\AppData\Roaming\uTorrent

========== Purity Check ==========

< End of report >

OTL Extras logfile created on: 6.4.2013 19:26:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\toygar\Downloads
Professional (Version = 6.2.8400) - Type = NTWorkstation
Internet Explorer (Version = 9.10.8400.0)
Locale: 0000041f | Country: Turkiye | Language: TRK | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 53,55% Memory free
4,00 Gb Paging File | 2,51 Gb Available in Paging File | 62,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 87,89 Gb Total Space | 59,30 Gb Free Space | 67,47% Space Free | Partition Type: NTFS
Drive D: | 210,06 Gb Total Space | 50,63 Gb Free Space | 24,10% Space Free | Partition Type: NTFS

Computer Name: TOYGAR | User Name: toygar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\System32\mshta.exe "%1" -url="%U" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\ [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"" = dir=out | [email protected] |
"" = dir=out | [email protected] |
"" = dir=out | [email protected] |
"" = protocol=6 | dir=in | app=c:\users\toygar\appdata\roaming\utorrent\utorr ent.exe |
"" = dir=out | [email protected] |
"" = dir=out | [email protected] |
"" = dir=in | [email protected] |
"" = dir=in | [email protected] |
"" = dir=out | [email protected] |
"" = dir=in | [email protected] |
"" = protocol=6 | dir=in | app=c:\users\toygar\appdata\local\temp\kmsnano\dat a\qemu-system-i386.exe |
"" = dir=out | [email protected] |
"" = protocol=17 | dir=in | app=c:\users\toygar\appdata\roaming\utorrent\utorr ent.exe |
"" = dir=in | [email protected] |
"" = dir=out | [email protected] |
"" = protocol=17 | dir=in | app=c:\users\toygar\appdata\local\temp\kmsnano\dat a\qemu-system-i386.exe |
"" = dir=out | [email protected] |
"" = dir=out | [email protected] |
"" = dir=out | [email protected] |
"" = dir=out | [email protected] |
"" = dir=out | [email protected] |
"" = dir=in | [email protected] |
"TCP Query UserC:\program files\joygame\wolfteamts\wolfteam.bin" = protocol=6 | dir=in | app=c:\program files\joygame\wolfteamts\wolfteam.bin |
"UDP Query UserC:\program files\joygame\wolfteamts\wolfteam.bin" = protocol=17 | dir=in | app=c:\program files\joygame\wolfteamts\wolfteam.bin |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"_is1" = WolfTeam Turkiye
"" = NVIDIA PhysX
"" = Google Update Helper
"_Display.3DVision" = NVIDIA 3D Vision Surucusu 310.70
"_Display.ControlPanel" = NVIDIA Denetim Masası 310.70
"_Display.Driver" = NVIDIA Grafik Surucusu 310.70
"_Display.NVIRUSB" = NVIDIA 3D Vision Denetleyici Surucusu 310.70
"_Display.PhysX" = NVIDIA PhysX Sistem Yazılımı 9.12.1031
"_Display.Update" = NVIDIA Guncelleştirmeleri 1.11.3
"_HDAudio.Driver" = NVIDIA HD Ses Surucusu 1.3.18.0
"_installer" = NVIDIA Install Application
"_NVIDIA.Update" = NVIDIA Update Components
"" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"Google Chrome" = Google Chrome
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"uTorrent" = µTorrent
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6.4.2013 11:39:21 | Computer Name = Toygar | Source = Software Protection Platform Service | ID = 8200
Description = Lisans alma hatası ayrıntıları. hr=0xC004C003

Error - 6.4.2013 11:39:21 | Computer Name = Toygar | Source = Software Protection Platform Service | ID = 1014
Description = Son Kullanıcı Lisansı alınamadı. hr=0xC004C003 Sku kimliği=507660dd-3fc4-4df2-81f5-b559467ad56b

Error - 6.4.2013 11:39:25 | Computer Name = Toygar | Source = Software Protection Platform Service | ID = 8200
Description = Lisans alma hatası ayrıntıları. hr=0xC004C003

Error - 6.4.2013 11:39:25 | Computer Name = Toygar | Source = Software Protection Platform Service | ID = 1014
Description = Son Kullanıcı Lisansı alınamadı. hr=0xC004C003 Sku kimliği=507660dd-3fc4-4df2-81f5-b559467ad56b

Error - 6.4.2013 11:39:30 | Computer Name = Toygar | Source = Software Protection Platform Service | ID = 8200
Description = Lisans alma hatası ayrıntıları. hr=0xC004C003

Error - 6.4.2013 11:39:30 | Computer Name = Toygar | Source = Software Protection Platform Service | ID = 1014
Description = Son Kullanıcı Lisansı alınamadı. hr=0xC004C003 Sku kimliği=507660dd-3fc4-4df2-81f5-b559467ad56b

Error - 6.4.2013 11:39:32 | Computer Name = Toygar | Source = Software Protection Platform Service | ID = 8200
Description = Lisans alma hatası ayrıntıları. hr=0xC004C003

Error - 6.4.2013 11:39:32 | Computer Name = Toygar | Source = Software Protection Platform Service | ID = 1014
Description = Son Kullanıcı Lisansı alınamadı. hr=0xC004C003 Sku kimliği=507660dd-3fc4-4df2-81f5-b559467ad56b

Error - 6.4.2013 11:42:16 | Computer Name = Toygar | Source = Software Protection Platform Service | ID = 8200
Description = Lisans alma hatası ayrıntıları. hr=0xC004C003

Error - 6.4.2013 11:42:16 | Computer Name = Toygar | Source = Software Protection Platform Service | ID = 1014
Description = Son Kullanıcı Lisansı alınamadı. hr=0xC004C003 Sku kimliği=507660dd-3fc4-4df2-81f5-b559467ad56b

[ System Events ]
Error - 5.4.2013 14:48:56 | Computer Name = Toygar | Source = DCOM | ID = 10010
Description =

Error - 6.4.2013 03:47:43 | Computer Name = Toygar | Source = EventLog | ID = 6008
Description = 01:50:14, ?6.?4.?2013 tarihinde gercekleşen onceki sistem kapanışı
beklenmiyordu.

Error - 6.4.2013 04:03:23 | Computer Name = Toygar | Source = DCOM | ID = 10016
Description =

Error - 6.4.2013 04:03:23 | Computer Name = Toygar | Source = DCOM | ID = 10016
Description =

Error - 6.4.2013 04:03:23 | Computer Name = Toygar | Source = DCOM | ID = 10016
Description =

Error - 6.4.2013 04:03:23 | Computer Name = Toygar | Source = DCOM | ID = 10016
Description =

Error - 6.4.2013 04:04:21 | Computer Name = Toygar | Source = DCOM | ID = 10016
Description =

Error - 6.4.2013 04:10:58 | Computer Name = Toygar | Source = EventLog | ID = 6008
Description = 10:47:43, ?6.?4.?2013 tarihinde gercekleşen onceki sistem kapanışı
beklenmiyordu.

Error - 6.4.2013 06:17:58 | Computer Name = Toygar | Source = EventLog | ID = 6008
Description = 13:10:58, ?6.?4.?2013 tarihinde gercekleşen onceki sistem kapanışı
beklenmiyordu.

Error - 6.4.2013 06:33:46 | Computer Name = Toygar | Source = EventLog | ID = 6008
Description = 13:17:58, ?6.?4.?2013 tarihinde gercekleşen onceki sistem kapanışı
beklenmiyordu.

< End of report >
__________________