cpu-auslastung 100%

gino29 · 06.07.2013, 10:31

Hallo

ich habe auf meinem Windows XP Rechner mit SP3 sehr oft 100% CPU Auslatung.
Den Eintrag unter 24 kriege ich nicht gelöscht.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:27:56, on 06.07.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\Program Files\Common Files\COMODO\launcher_service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hostless Modem\Turkcell VINN\CheckNDISPort_df.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files\IObit\Advanced SystemCare 6\Suo10_SmartRAM.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\Comodo\GeekBuddy\unit_manager.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\Hostless Modem\Turkcell VINN\ShowTip.exe
C:\Program Files\Comodo\GeekBuddy\unit.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\taskmgr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yandex.com.tr?clid=1818323
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;<local>
R3 - URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.2\iobitappsToolbarIE.dll
O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.2\iobitappsToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.2\iobitappsToolbarIE.dll
O4 - HKLM\..\Run: [CheckNDISPort_df] C:\Program Files\Hostless Modem\Turkcell VINN\CheckNDISPort_df.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Vimicro USB PC Camera (ZC0301PL)
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 6\Suo10_SmartRAM.exe" /m
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\Comodo\GeekBuddy\launcher.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions Inc. - C:\Program Files\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: GeekBuddyRSP Service (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O24 - Desktop Component 0: (no name) - (no file)

--
End of file - 5846 bytes

M-K-D-B · 06.07.2013, 10:54

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden. Es können mehrere Analyse- und Bereinigungsschritte erforderlich sein.
Abschließend entfernen wir wieder alle verwendeten Programme und ich gebe dir ein paar Tipps für die Zukunft mit auf den Weg.
Bei Anzeichen von illegaler Software wird der Support ohne Diskussion eingestellt.
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Führe nur Scans durch, zu denen du von mir oder einem anderen Helfer aufgefordert wirst.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software außer du wirst dazu aufgefordert.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!
Ich kann Dir niemals eine Garantie geben, dass auch ich alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Ich habe dein Thema in Arbeit und melde mich so schnell wie möglich mit weiteren Anweisungen.

M-K-D-B · 06.07.2013, 10:55

Servus,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

gino29 · 06.07.2013, 11:37

Anbei die Daten

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2013
Ran by öz(administrator) on 06-07-2013 13:29:35
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: 041F
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
(Comodo Security Solutions Inc.) C:\Program Files\Common Files\COMODO\launcher_service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
() C:\Program Files\Hostless Modem\Turkcell VINN\CheckNDISPort_df.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\Suo10_SmartRAM.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\GeekBuddy\unit_manager.exe
() C:\Program Files\Hostless Modem\Turkcell VINN\ShowTip.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\GeekBuddy\unit.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CheckNDISPort_df] C:\Program Files\Hostless Modem\Turkcell VINN\CheckNDISPort_df.exe [442696 2012-10-10] ()
HKLM\...\Run: []  [x]
HKLM\...\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd [x]
HKCU\...\Run: [Advanced SystemCare 6] "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart [491840 2013-04-18] (IObit)
HKCU\...\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 6\Suo10_SmartRAM.exe" /m [547648 2013-06-14] (IObit)
HKCU\...\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background [449248 2013-05-29] (Sony)
MountPoints2: {fd2f514b-a4d3-11e0-a3fc-000c6e801cb5} - F:\Quickstart.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKLM SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {2DFCEDD2-5630-42CC-8676-7FC5DF5668BB} URL = hxxp://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&fl=1&vl=lang_tr&ilc=12&type=198484&p={searchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Toolbar: HKCU -&Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -&Bağlantılar - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Handler: ipp - No CLSID Value - 
Handler: livecall - No CLSID Value - 
Handler: msdaipp - No CLSID Value - 
Handler: msnim - No CLSID Value - 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\öz\Application Data\Mozilla\Firefox\Profiles\b8s5h94m.default
FF user.js: detected! => C:\Documents and Settings\öz\Application Data\Mozilla\Firefox\Profiles\b8s5h94m.default\user.js
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: hxxp://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&fl=1&vl=lang_tr&ilc=12&type=198484&p=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: No Name - C:\Documents and Settings\öz\Application Data\Mozilla\Extensions\{33cb9019-c295-46dd-be21-8c4936574bee}
FF Extension: No Name - C:\Documents and Settings\öz\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Advanced SystemCare Surfing Protection - C:\Documents and Settings\öz\Application Data\Mozilla\Firefox\Profiles\b8s5h94m.default\Extensions\ascsurfingprotection@iobit.com
FF Extension: CustomGSearch - C:\Documents and Settings\öz\Application Data\Mozilla\Firefox\Profiles\b8s5h94m.default\Extensions\CustomGSearch@mozilla.org.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit)
S4 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [806776 2013-06-07] (Spigot, Inc.)
S3 AppMgmt; C:\Windows\system32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
R2 CLPSLauncher; C:\Program Files\Common Files\COMODO\launcher_service.exe [70344 2013-04-17] (Comodo Security Solutions Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4785848 2013-06-18] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [127192 2013-06-18] (COMODO)
R2 GeekBuddyRSP; C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [1851088 2013-04-17] (Comodo Security Solutions, Inc.)
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [335168 2013-04-25] (IObit)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 SoundMAX Agent Service (default); C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x]

==================== Drivers (Whitelisted) ====================

R2 ACEDRV09; C:\WINDOWS\system32\drivers\ACEDRV09.sys [110304 2011-07-08] (Protect Software GmbH)
S3 basic2; C:\Windows\System32\DRIVERS\HSF_BSC2.sys [67167 2001-08-17] (Conexant)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [36112 2013-05-07] (Windows (R) Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [18528 2013-06-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [593408 2013-06-18] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [32816 2013-06-18] (COMODO)
R3 cmuda; C:\Windows\System32\drivers\cmuda.sys [784832 2003-12-12] (C-Media Inc)
R2 Fallback; C:\Windows\System32\DRIVERS\HSF_FALL.sys [289887 2001-08-17] (Conexant)
S4 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [247968 2013-03-23] (IObit)
R2 Fsks; C:\Windows\System32\DRIVERS\HSF_FSKS.sys [115807 2001-08-17] (Conexant)
S3 HSFHWBS2; C:\Windows\System32\DRIVERS\HSFBS2S2.sys [220032 2004-08-04] (Conexant Systems, Inc.)
S3 HSF_DP; C:\Windows\System32\DRIVERS\HSFDPSP2.sys [1041536 2004-08-04] (Conexant Systems, Inc.)
S3 hsf_msft; C:\Windows\System32\DRIVERS\HSF_MSFT.sys [542879 2001-08-17] (Conexant)
R0 Inspect; C:\Windows\System32\DRIVERS\inspect.sys [99520 2013-06-18] (COMODO)
R2 K56; C:\Windows\System32\DRIVERS\HSF_K56K.sys [391199 2001-08-17] (Conexant)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2013-07-06] (Malwarebytes Corporation)
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys [31520 2013-03-26] (IObit.com)
S3 Rksample; C:\Windows\System32\DRIVERS\HSF_SAMP.sys [57471 2001-08-17] (Conexant)
R0 SiSide; C:\Windows\System32\DRIVERS\siside.sys [4096 2003-03-25] (Silicon Integrated Systems Corp.)
R0 sisidex; C:\Windows\System32\drivers\sisidex.sys [49024 2002-10-17] (Windows (R) 2000 DDK provider)
S3 SISNIC; C:\Windows\System32\DRIVERS\sisnic.sys [32256 2002-07-10] (SiS Corporation)
R0 sisperf; C:\Windows\System32\drivers\sisperf.sys [9472 2002-08-20] (Silicon Integrated Systems Corp.)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [14776 2013-05-22] ()
R2 SoftFax; C:\Windows\System32\DRIVERS\HSF_FAXX.sys [199711 2001-08-17] (Conexant)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation)
R2 Tones; C:\Windows\System32\DRIVERS\HSF_TONE.sys [50751 2001-08-17] (Conexant)
S3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys [17360 2013-03-26] (IObit.com)
R2 V124; C:\Windows\System32\DRIVERS\HSF_V124.sys [488383 2001-08-17] (Conexant)
S3 winachsf; C:\Windows\System32\DRIVERS\HSFCXTS2.sys [685056 2004-08-04] (Conexant Systems, Inc.)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation)
S3 ZSMC301b; C:\Windows\System32\Drivers\usbVM31b.sys [1471104 2007-04-04] (Vimicro Corporation)
S3 GT680x; No ImagePath
S0 IntelIde; System32\DRIVERS\intelide.sys [x]
S3 MEMSWEEP2; No ImagePath
S3 RDPWD; No ImagePath
U4 RemoteRegistry; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-06 13:29 - 2013-07-06 13:29 - 00000000 ____D C:\FRST
2013-07-06 12:27 - 2013-07-06 12:27 - 00005847 ____A C:\Documents and Settings\öz\Desktop\hijackthis.log
2013-07-06 12:15 - 2013-07-06 13:26 - 00000232 ____A C:\Windows\setupact.log
2013-07-06 12:15 - 2013-07-06 12:15 - 00000000 ____A C:\Windows\setuperr.log
2013-07-06 12:14 - 2013-07-06 13:26 - 00030719 ____A C:\Windows\setupapi.log
2013-07-05 18:07 - 2013-07-05 18:07 - 00000717 ____A C:\Documents and Settings\All Users.WINDOWS\Desktop\CPUID CPU-Z.lnk
2013-07-05 18:07 - 2013-07-05 18:07 - 00000000 ____D C:\Program Files\CPUID
2013-07-05 01:09 - 2013-07-06 13:25 - 00000284 ____A C:\Windows\Tasks\ASC6_PerformanceMonitor.job
2013-07-03 16:35 - 2013-07-06 12:48 - 00040776 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
2013-07-03 16:12 - 2013-07-03 16:12 - 00001739 ____A C:\Documents and Settings\All Users.WINDOWS\Desktop\Sony PC Companion 2.1.lnk
2013-07-03 16:11 - 2013-07-03 16:11 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony
2013-07-03 16:09 - 2013-07-03 16:09 - 00000554 ____A C:\Documents and Settings\öz\Desktop\Download.lnk
2013-07-03 15:58 - 2013-07-03 15:58 - 00001622 ____A C:\Documents and Settings\All Users.WINDOWS\Desktop\Media Go.lnk
2013-07-03 15:56 - 2013-07-03 16:01 - 00000000 ____D C:\Documents and Settings\öz\Local Settings\Application Data\Sony
2013-07-03 15:56 - 2013-07-03 15:56 - 00000000 ____D C:\Program Files\Common Files\Sony Shared
2013-07-03 15:56 - 2013-07-03 15:56 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony Corporation
2013-07-03 15:54 - 2013-07-03 16:11 - 00000000 ____D C:\Program Files\Sony
2013-07-03 15:46 - 2013-07-03 15:54 - 00000000 ____D C:\Program Files\Sony Media Go Install
2013-07-03 15:36 - 2013-07-03 15:36 - 00000000 __HDC C:\Windows\$NtUninstallKB942288-v3$
2013-07-03 15:33 - 2013-07-03 16:02 - 00000000 ____D C:\Documents and Settings\öz\Application Data\Sony
2013-07-03 12:16 - 2013-05-22 18:49 - 00014776 ____A C:\Windows\System32\Drivers\SmartDefragDriver.sys
2013-07-03 12:10 - 2013-07-03 12:11 - 00000000 ____D C:\Windows\Tasks\TaskDisabled
2013-07-02 23:19 - 2013-07-03 00:19 - 00065536 ____A C:\Windows\System32\config\WindowsPowerShell.evt
2013-07-02 23:19 - 2013-07-03 00:19 - 00065536 ____A C:\Windows\System32\config\EventForwarding-Operational.Evt
2013-07-02 22:57 - 2013-07-02 22:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2808679$
2013-07-02 22:57 - 2013-03-27 01:53 - 00602624 ____A (Microsoft Corporation) C:\Windows\System32\SET1FD.tmp
2013-07-02 22:57 - 2013-03-27 01:53 - 00074752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cryptdlg.dll
2013-07-02 22:56 - 2013-07-02 22:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2492386$
2013-07-02 22:55 - 2011-03-11 17:11 - 00225262 ____C C:\Windows\System32\dllcache\msimain.sdb
2013-07-02 22:54 - 2013-07-02 23:17 - 00065536 ____A C:\Windows\System32\config\Windows .evt
2013-07-02 22:54 - 2013-07-02 23:17 - 00065536 ____A C:\Windows\System32\config\Microsof.evt
2013-07-02 22:54 - 2013-07-02 22:54 - 00000000 ____D C:\Windows\System32\winrm
2013-07-02 22:54 - 2013-07-02 22:54 - 00000000 ____D C:\Windows\System32\WindowsPowerShell
2013-07-02 22:54 - 2013-07-02 22:54 - 00000000 ____D C:\Windows\System32\GroupPolicy
2013-07-02 22:53 - 2013-07-02 22:54 - 00000000 __HDC C:\Windows\$968930Uinstall_KB968930$
2013-07-02 22:53 - 2013-07-02 22:53 - 00000000 ____D C:\Windows\$NtUninstallKB968930$
2013-07-02 22:46 - 2013-07-02 22:46 - 00000000 __HDC C:\Windows\$NtUninstallbasecsp$
2013-07-02 22:46 - 2013-07-02 22:33 - 23792936 ____A (IObit                                                       ) C:\Documents and Settings\öz\Desktop\asc-6.3.0.269-tamindir.exe
2013-07-02 22:45 - 2013-04-17 20:22 - 00023360 ____A (IObit) C:\Windows\System32\RegistryDefragBootTime.exe
2013-07-02 22:37 - 2013-07-02 22:37 - 00000000 ____D C:\Documents and Settings\öz\Application Data\Search Settings
2013-07-02 22:37 - 2013-07-02 22:37 - 00000000 ____D C:\Documents and Settings\öz\Application Data\Apple Computer
2013-07-02 22:37 - 2013-07-02 22:37 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-07-02 22:36 - 2013-07-03 12:16 - 00000000 ____D C:\Documents and Settings\öz\Application Data\IObit
2013-07-02 22:36 - 2013-07-03 12:13 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
2013-07-02 22:36 - 2013-07-02 22:36 - 00000000 ____D C:\Program Files\IObit Apps Toolbar
2013-07-02 22:36 - 2013-07-02 22:36 - 00000000 ____D C:\Program Files\Common Files\Spigot
2013-07-02 22:36 - 2013-07-02 22:36 - 00000000 ____D C:\Program Files\Application Updater
2013-07-02 22:35 - 2013-07-03 12:16 - 00000000 ____D C:\Program Files\IObit
2013-07-02 21:55 - 2013-07-02 21:55 - 00001580 ____A C:\Documents and Settings\özDesktop\xp-AntiSpy.lnk
2013-07-02 21:55 - 2013-07-02 21:55 - 00000000 ____D C:\Program Files\xp-AntiSpy
2013-07-02 16:32 - 2007-04-04 20:27 - 01471104 ____A (Vimicro Corporation) C:\Windows\System32\Drivers\usbVM31b.sys
2013-07-02 16:32 - 2007-03-28 10:48 - 00225357 ____A (Vimicro) C:\Windows\System32\VM31bPrp.Ax
2013-07-02 15:59 - 2013-07-02 15:59 - 00000000 ____D C:\NVIDIA
2013-07-02 14:52 - 2013-07-02 14:52 - 00000812 ____A C:\Documents and Settings\All Users.WINDOWS\Desktop\Paint.NET.lnk
2013-07-02 14:52 - 2013-07-02 14:52 - 00000000 ____D C:\Program Files\Paint.NET
2013-07-02 14:51 - 2013-07-02 20:43 - 00000000 ____D C:\Documents and Settings\öz\Local Settings\Application Data\Paint.NET
2013-07-02 14:08 - 2013-07-02 14:08 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
2013-07-02 13:30 - 2013-07-02 13:30 - 00000000 ___AH C:\Windows\System32\config\software.rhk.LOG
2013-07-02 13:30 - 2013-07-02 13:30 - 00000000 ___AH C:\Windows\System32\config\SECURITY.rhk.LOG
2013-07-02 13:30 - 2013-07-02 13:30 - 00000000 ___AH C:\Windows\System32\config\SAM.rhk.LOG
2013-07-02 13:30 - 2013-07-02 13:30 - 00000000 ___AH C:\Windows\System32\config\default.rhk.LOG
2013-07-02 13:30 - 2013-07-02 13:30 - 00000000 ___AH C:\Documents and Settings\öz\NTUSER.rhk.LOG
2013-07-02 13:30 - 2013-07-02 13:30 - 00000000 ___AH C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.rhk.LOG
2013-07-02 13:30 - 2013-07-02 13:30 - 00000000 ___AH C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.rhk.LOG
2013-07-02 13:17 - 2013-07-02 13:28 - 00000000 ____D C:\Documents and Settings\öz\Application Data\Wise Registry Cleaner
2013-07-02 13:17 - 2013-07-02 13:17 - 00000000 ____D C:\Program Files\Wise
2013-07-02 13:15 - 2013-07-02 13:15 - 00000000 ____D C:\Program Files\Wise Memory Optimizer
2013-07-02 13:15 - 2013-07-02 13:15 - 00000000 ____D C:\Documents and Settings\öz\Application Data\Wise Care 365
2013-07-02 13:02 - 2013-07-02 13:02 - 00000000 ____D C:\Documents and Settings\öz\Local Settings\Application Data\DownloadGuide
2013-07-02 12:53 - 2013-07-02 13:03 - 00063904 ____A C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\FontCache3.0.0.0.dat
2013-07-02 12:52 - 2013-07-02 13:08 - 00000000 ____D C:\Program Files\Microsoft Bootvis
2013-07-02 04:02 - 2013-07-02 04:02 - 00000000 ____D C:\Program Files\Lavalys
2013-07-01 15:09 - 2013-07-01 15:12 - 00000000 ____D C:\Program Files\Mobile Partner
2013-06-29 16:29 - 2008-04-14 19:00 - 00159232 ____A (Microsoft Corporation) C:\Windows\System32\ptpusd.dll
2013-06-29 16:29 - 2008-04-13 21:45 - 00015104 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\usbscan.sys
2013-06-29 16:29 - 2008-04-13 21:45 - 00015104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbscan.sys
2013-06-29 16:29 - 2001-11-21 21:35 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\ptpusb.dll
2013-06-26 08:22 - 2013-06-26 08:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-25 14:32 - 2013-06-25 14:32 - 00000000 ____D C:\Documents and Settings\öz\Local Settings\Application Data\Sun
2013-06-25 14:30 - 2013-06-25 14:29 - 00867240 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-06-25 14:30 - 2013-06-25 14:29 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-25 14:30 - 2013-06-25 14:29 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-25 14:30 - 2013-06-25 14:29 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-25 14:30 - 2013-06-25 14:29 - 00144896 ____A (Oracle Corporation) C:\Windows\System32\javacpl.cpl
2013-06-25 14:30 - 2013-06-25 14:29 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-25 13:46 - 2013-06-25 13:46 - 00000000 ____D C:\Program Files\MSXML 4.0
2013-06-25 13:46 - 2013-06-25 13:46 - 00000000 ____D C:\Documents and Settings\öz\Desktop\Samsung_ChannelListPCEditor_1.10
2013-06-24 19:57 - 2013-06-24 19:57 - 01060864 ____A (Microsoft Corporation) C:\Windows\System32\mfc71.dll
2013-06-24 19:57 - 2013-06-24 19:57 - 00348160 ____A (Microsoft Corporation) C:\Windows\System32\msvcr71.dll
2013-06-24 19:52 - 2013-07-06 13:25 - 00879056 ____A C:\Windows\System32\Drivers\sfi.dat
2013-06-24 19:52 - 2013-07-06 13:25 - 00000440 ____A C:\Windows\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2013-06-24 19:52 - 2013-07-06 13:25 - 00000440 ____A C:\Windows\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2013-06-24 19:52 - 2013-07-06 13:25 - 00000440 ____A C:\Windows\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
2013-06-24 19:52 - 2013-07-06 13:25 - 00000440 ____A C:\Windows\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
2013-06-24 19:52 - 2013-06-24 19:52 - 00000000 ____D C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\COMODO
2013-06-24 17:43 - 2013-06-24 17:43 - 00001695 ____A C:\Documents and Settings\All Users.WINDOWS\Desktop\COMODO Internet Security.lnk
2013-06-24 17:43 - 2013-06-24 17:43 - 00000777 ____A C:\Documents and Settings\All Users.WINDOWS\Desktop\Paylaşılan Alan.lnk
2013-06-24 17:41 - 2013-06-24 17:41 - 00000000 ____D C:\Program Files\Common Files\COMODO
2013-06-24 17:41 - 2013-06-24 17:41 - 00000000 ____D C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\COMODO
2013-06-24 17:40 - 2013-06-24 19:57 - 00000000 ____D C:\Program Files\Comodo
2013-06-24 17:40 - 2013-06-24 19:57 - 00000000 ____D C:\Documents and Settings\öz\Local Settings\Application Data\COMODO
2013-06-24 17:40 - 2013-06-24 17:40 - 00047368 ____A (COMODO CA Limited) C:\Windows\System32\certsentry.dll
2013-06-24 17:08 - 2013-06-24 17:43 - 00000000 ___SD C:\Documents and Settings\All Users.WINDOWS\Application Data\Shared Space
2013-06-24 17:05 - 2013-06-24 19:52 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Comodo
2013-06-24 17:05 - 2013-06-24 17:05 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Comodo Downloader
2013-06-24 12:44 - 2013-06-24 12:44 - 00000000 ____D C:\Program Files\Sophos
2013-06-24 12:34 - 2005-04-15 19:58 - 01351392 ____A (Microsoft Corporation) C:\Windows\System32\comctl32.ocx
2013-06-24 12:34 - 2004-03-09 17:45 - 00152848 ____A (Microsoft Corporation) C:\Windows\System32\Comdlg32.ocx
2013-06-24 12:34 - 2003-04-18 17:29 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\msxml4r.dll
2013-06-24 12:34 - 2003-04-18 17:29 - 00044544 ____A (Microsoft Corporation) C:\Windows\System32\msxml4a.dll
2013-06-24 12:34 - 1998-07-06 18:55 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\CMDLGDE.DLL
2013-06-24 12:34 - 1998-06-24 11:55 - 00164144 ____A (Microsoft Corporation) C:\Windows\System32\COMCT232.OCX
2013-06-24 12:34 - 1998-05-05 17:35 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\CMCTLde.DLL
2013-06-24 12:34 - 1998-05-05 17:35 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\CMCT2DE.dll
2013-06-24 12:26 - 2013-06-24 12:26 - 00000000 ____D C:\Documents and Settings\öz\Application Data\Malwarebytes
2013-06-24 12:25 - 2013-06-24 12:25 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-24 12:25 - 2013-06-24 12:25 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2013-06-24 12:25 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-24 12:19 - 2004-01-01 01:20 - 00000000 ____A C:\Windows\wininit.ini
2013-06-24 12:11 - 2013-06-24 12:20 - 00065536 ____A C:\Windows\System32\config\Spybot -.evt
2013-06-24 12:11 - 2013-06-24 12:17 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2013-06-24 10:15 - 2013-07-02 13:22 - 00000000 ____D C:\Program Files\VS Revo Group
2013-06-24 10:10 - 2013-06-24 10:11 - 00000000 ____D C:\Documents and Settings\öz\Desktop\Kopyası Resim karısık
2013-06-24 09:49 - 2013-06-24 11:17 - 00000000 ____D C:\Documents and Settings\öz\Application Data\Auslogics
2013-06-24 09:49 - 2013-06-24 09:49 - 00000000 ____D C:\Documents and Settings\öz\Local Settings\Application Data\O&O
2013-06-24 09:40 - 2013-06-24 09:40 - 00000042 ____A C:\Windows\oodjobd.INI
2013-06-24 09:38 - 2013-07-03 15:54 - 00000000 ____D C:\Documents and Settings\öz\Local Settings\Application Data\Downloaded Installations
2013-06-23 11:03 - 2013-06-23 12:00 - 00000000 __SHD C:\Documents and Settings\All Users.WINDOWS\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-23 09:51 - 2013-02-12 03:32 - 00012928 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023x.sys
2013-06-23 09:51 - 2013-02-12 03:32 - 00012928 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023.sys
2013-06-22 15:07 - 2008-04-14 19:00 - 00021504 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\hidserv.dll
2013-06-22 15:07 - 2008-04-14 19:00 - 00021504 ____A (Microsoft Corporation) C:\Windows\System32\hidserv.dll
2013-06-22 15:06 - 2008-04-14 18:40 - 00014592 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\kbdhid.sys
2013-06-22 15:06 - 2008-04-14 18:40 - 00014592 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\kbdhid.sys
2013-06-22 13:40 - 2008-04-13 21:45 - 00010368 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\hidusb.sys
2013-06-22 13:40 - 2008-04-13 21:45 - 00010368 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-06-22 13:40 - 2001-11-21 19:12 - 00012160 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mouhid.sys
2013-06-22 13:40 - 2001-11-21 19:12 - 00012160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys
2013-06-22 10:47 - 2013-06-22 10:47 - 00000034 ____A C:\Windows\System32\_WKERNEL.EXP
2013-06-18 16:16 - 2013-06-18 16:16 - 00593408 ____A (COMODO) C:\Windows\System32\Drivers\cmdGuard.sys
2013-06-18 16:16 - 2013-06-18 16:16 - 00099520 ____A (COMODO) C:\Windows\System32\Drivers\inspect.sys
2013-06-18 16:16 - 2013-06-18 16:16 - 00032816 ____A (COMODO) C:\Windows\System32\Drivers\cmdhlp.sys
2013-06-18 16:16 - 2013-06-18 16:16 - 00018528 ____A (COMODO) C:\Windows\System32\Drivers\cmderd.sys
2013-06-18 16:15 - 2013-06-18 16:15 - 00348584 ____A (COMODO) C:\Windows\System32\guard32.dll
2013-06-18 16:15 - 2013-06-18 16:15 - 00278232 ____A (COMODO) C:\Windows\System32\cmdvrt32.dll
2013-06-18 16:15 - 2013-06-18 16:15 - 00040664 ____A (COMODO) C:\Windows\System32\cmdkbd32.dll
2013-06-18 16:15 - 2013-06-18 16:15 - 00035488 ____A (COMODO) C:\Windows\System32\cmdcsr.dll

==================== One Month Modified Files and Folders ========

2013-07-06 13:29 - 2013-07-06 13:29 - 00000000 ____D C:\FRST
2013-07-06 13:29 - 2010-04-23 22:36 - 01011554 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-06 13:29 - 2003-05-08 15:00 - 00420000 ____A C:\Windows\System32\perfh01F.dat
2013-07-06 13:29 - 2003-05-08 15:00 - 00077014 ____A C:\Windows\System32\perfc01F.dat
2013-07-06 13:26 - 2013-07-06 12:15 - 00000232 ____A C:\Windows\setupact.log
2013-07-06 13:26 - 2013-07-06 12:14 - 00030719 ____A C:\Windows\setupapi.log
2013-07-06 13:26 - 2012-06-28 10:08 - 02026924 ____A C:\Windows\WindowsUpdate.log
2013-07-06 13:25 - 2013-07-05 01:09 - 00000284 ____A C:\Windows\Tasks\ASC6_PerformanceMonitor.job
2013-07-06 13:25 - 2013-06-24 19:52 - 00879056 ____A C:\Windows\System32\Drivers\sfi.dat
2013-07-06 13:25 - 2013-06-24 19:52 - 00000440 ____A C:\Windows\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2013-07-06 13:25 - 2013-06-24 19:52 - 00000440 ____A C:\Windows\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2013-07-06 13:25 - 2013-06-24 19:52 - 00000440 ____A C:\Windows\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
2013-07-06 13:25 - 2013-06-24 19:52 - 00000440 ____A C:\Windows\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
2013-07-06 13:25 - 2012-07-11 17:51 - 00000159 ____A C:\Windows\wiadebug.log
2013-07-06 13:25 - 2012-07-11 17:51 - 00000050 ____A C:\Windows\wiaservc.log
2013-07-06 13:25 - 2010-04-23 19:55 - 00000062 __ASH C:\Documents and Settings\öz\Local Settings\desktop.ini
2013-07-06 13:25 - 2010-04-23 19:52 - 00000062 __ASH C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\desktop.ini
2013-07-06 13:25 - 2010-04-23 19:52 - 00000062 __ASH C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\desktop.ini
2013-07-06 13:25 - 2010-04-23 19:48 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-06 12:58 - 2011-12-24 20:09 - 00032518 ____A C:\Windows\SchedLgU.Txt
2013-07-06 12:58 - 2010-04-23 19:55 - 00000178 ___SH C:\Documents and Settings\öz\ntuser.ini
2013-07-06 12:57 - 2012-06-29 09:08 - 00000814 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-06 12:48 - 2013-07-03 16:35 - 00040776 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
2013-07-06 12:27 - 2013-07-06 12:27 - 00005847 ____A C:\Documents and Settings\öz\Desktop\hijackthis.log
2013-07-06 12:15 - 2013-07-06 12:15 - 00000000 ____A C:\Windows\setuperr.log
2013-07-06 12:14 - 2003-05-08 15:00 - 00001374 ____A C:\Windows\System32\wpa.dbl
2013-07-05 18:07 - 2013-07-05 18:07 - 00000717 ____A C:\Documents and Settings\All Users.WINDOWS\Desktop\CPUID CPU-Z.lnk
2013-07-05 18:07 - 2013-07-05 18:07 - 00000000 ____D C:\Program Files\CPUID
2013-07-05 17:00 - 2010-04-23 20:51 - 00039424 ____A C:\Documents and Settings\öz\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-03 16:12 - 2013-07-03 16:12 - 00001739 ____A C:\Documents and Settings\All Users.WINDOWS\Desktop\Sony PC Companion 2.1.lnk
2013-07-03 16:11 - 2013-07-03 16:11 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony
2013-07-03 16:11 - 2013-07-03 15:54 - 00000000 ____D C:\Program Files\Sony
2013-07-03 16:09 - 2013-07-03 16:09 - 00000554 ____A C:\Documents and Settings\öz\Desktop\Download.lnk
2013-07-03 16:02 - 2013-07-03 15:33 - 00000000 ____D C:\Documents and Settings\öz\Application Data\Sony
2013-07-03 16:01 - 2013-07-03 15:56 - 00000000 ____D C:\Documents and Settings\öz\Local Settings\Application Data\Sony
2013-07-03 16:00 - 2010-04-23 22:35 - 00000000 ___RD C:\Documents and Settings\All Users.WINDOWS\Belgeler
2013-07-03 16:00 - 2010-04-23 19:55 - 00000000 ___RD C:\Documents and Settings\öz\Belgelerim
2013-07-03 15:58 - 2013-07-03 15:58 - 00001622 ____A C:\Documents and Settings\All Users.WINDOWS\Desktop\Media Go.lnk
2013-07-03 15:56 - 2013-07-03 15:56 - 00000000 ____D C:\Program Files\Common Files\Sony Shared
2013-07-03 15:56 - 2013-07-03 15:56 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony Corporation
2013-07-03 15:54 - 2013-07-03 15:46 - 00000000 ____D C:\Program Files\Sony Media Go Install
2013-07-03 15:54 - 2013-06-24 09:38 - 00000000 ____D C:\Documents and Settings\öz\Local Settings\Application Data\Downloaded Installations
2013-07-03 15:48 - 2010-04-23 19:48 - 00000000 __SHD C:\Documents and Settings\All Users.WINDOWS\DRM
2013-07-03 15:47 - 2010-07-09 12:53 - 00316640 ____A C:\Windows\WMSysPr9.prx
2013-07-03 15:46 - 2009-03-12 19:26 - 00000000 __HDC C:\Windows\$NtUninstallWMFDist11$
2013-07-03 15:45 - 2008-09-28 08:04 - 00000000 ____D C:\Windows\System32\LogFiles
2013-07-03 15:36 - 2013-07-03 15:36 - 00000000 __HDC C:\Windows\$NtUninstallKB942288-v3$
2013-07-03 15:36 - 2008-08-15 03:27 - 00000000 ____D C:\Windows\System32\mui
2013-07-03 13:04 - 2008-08-15 03:28 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-03 12:16 - 2013-07-02 22:36 - 00000000 ____D C:\Documents and Settings\öz\Application Data\IObit
2013-07-03 12:16 - 2013-07-02 22:35 - 00000000 ____D C:\Program Files\IObit
2013-07-03 12:13 - 2013-07-02 22:36 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
2013-07-03 12:11 - 2013-07-03 12:10 - 00000000 ____D C:\Windows\Tasks\TaskDisabled
2013-07-03 00:19 - 2013-07-02 23:19 - 00065536 ____A C:\Windows\System32\config\WindowsPowerShell.evt
2013-07-03 00:19 - 2013-07-02 23:19 - 00065536 ____A C:\Windows\System32\config\EventForwarding-Operational.Evt
2013-07-02 23:17 - 2013-07-02 22:54 - 00065536 ____A C:\Windows\System32\config\Windows .evt
2013-07-02 23:17 - 2013-07-02 22:54 - 00065536 ____A C:\Windows\System32\config\Microsof.evt
2013-07-02 23:17 - 2008-08-15 03:27 - 00000000 ____D C:\Windows\security
2013-07-02 22:57 - 2013-07-02 22:57 - 00000000 __HDC C:\Windows\$NtUninstallKB2808679$
2013-07-02 22:57 - 2009-06-25 00:02 - 00000000 ____D C:\Windows\ie8updates
2013-07-02 22:57 - 2008-08-15 00:55 - 00000000 ___HD C:\Windows\$hf_mig$
2013-07-02 22:56 - 2013-07-02 22:56 - 00000000 __HDC C:\Windows\$NtUninstallKB2492386$
2013-07-02 22:54 - 2013-07-02 22:54 - 00000000 ____D C:\Windows\System32\winrm
2013-07-02 22:54 - 2013-07-02 22:54 - 00000000 ____D C:\Windows\System32\WindowsPowerShell
2013-07-02 22:54 - 2013-07-02 22:54 - 00000000 ____D C:\Windows\System32\GroupPolicy
2013-07-02 22:54 - 2013-07-02 22:53 - 00000000 __HDC C:\Windows\$968930Uinstall_KB968930$
2013-07-02 22:54 - 2008-08-15 03:27 - 00000000 ____D C:\Windows\Help
2013-07-02 22:53 - 2013-07-02 22:53 - 00000000 ____D C:\Windows\$NtUninstallKB968930$
2013-07-02 22:52 - 2008-08-15 10:51 - 00000000 ____D C:\Windows\System32\tr-tr
2013-07-02 22:46 - 2013-07-02 22:46 - 00000000 __HDC C:\Windows\$NtUninstallbasecsp$
2013-07-02 22:45 - 2002-01-01 00:01 - 00000000 ____D C:\Windows\Minidump
2013-07-02 22:37 - 2013-07-02 22:37 - 00000000 ____D C:\Documents and Settings\öz\Application Data\Search Settings
2013-07-02 22:37 - 2013-07-02 22:37 - 00000000 ____D C:\Documents and Settings\öz\Application Data\Apple Computer
2013-07-02 22:37 - 2013-07-02 22:37 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-07-02 22:36 - 2013-07-02 22:36 - 00000000 ____D C:\Program Files\IObit Apps Toolbar
2013-07-02 22:36 - 2013-07-02 22:36 - 00000000 ____D C:\Program Files\Common Files\Spigot
2013-07-02 22:36 - 2013-07-02 22:36 - 00000000 ____D C:\Program Files\Application Updater
2013-07-02 22:33 - 2013-07-02 22:46 - 23792936 ____A (IObit                                                       ) C:\Documents and Settings\öz\Desktop\asc-6.3.0.269-tamindir.exe
2013-07-02 21:55 - 2013-07-02 21:55 - 00001580 ____A C:\Documents and Settings\öz\Desktop\xp-AntiSpy.lnk
2013-07-02 21:55 - 2013-07-02 21:55 - 00000000 ____D C:\Program Files\xp-AntiSpy
2013-07-02 21:48 - 2012-06-29 09:08 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-07-02 21:48 - 2012-06-29 09:08 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-07-02 21:48 - 2010-07-18 11:32 - 00000000 ____D C:\Documents and Settings\öz\Local Settings\Application Data\Adobe
2013-07-02 20:43 - 2013-07-02 14:51 - 00000000 ____D C:\Documents and Settings\öz\Local Settings\Application Data\Paint.NET
2013-07-02 16:34 - 2008-08-15 03:27 - 00000000 ____D C:\Windows\twain_32
2013-07-02 15:59 - 2013-07-02 15:59 - 00000000 ____D C:\NVIDIA
2013-07-02 14:52 - 2013-07-02 14:52 - 00000812 ____A C:\Documents and Settings\All Users.WINDOWS\Desktop\Paint.NET.lnk
2013-07-02 14:52 - 2013-07-02 14:52 - 00000000 ____D C:\Program Files\Paint.NET
2013-07-02 14:08 - 2013-07-02 14:08 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
2013-07-02 13:30 - 2013-07-02 13:30 - 00000000 ___AH C:\Windows\System32\config\software.rhk.LOG
2013-07-02 13:30 - 2013-07-02 13:30 - 00000000 ___AH C:\Windows\System32\config\SECURITY.rhk.LOG
2013-07-02 13:30 - 2013-07-02 13:30 - 00000000 ___AH C:\Windows\System32\config\SAM.rhk.LOG
2013-07-02 13:30 - 2013-07-02 13:30 - 00000000 ___AH C:\Windows\System32\config\default.rhk.LOG
2013-07-02 13:30 - 2013-07-02 13:30 - 00000000 ___AH C:\Documents and Settings\öz\NTUSER.rhk.LOG
2013-07-02 13:30 - 2013-07-02 13:30 - 00000000 ___AH C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.rhk.LOG
2013-07-02 13:30 - 2013-07-02 13:30 - 00000000 ___AH C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.rhk.LOG
2013-07-02 13:30 - 2010-04-23 22:35 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak
2013-07-02 13:30 - 2010-04-23 22:35 - 00020480 ____A C:\Windows\System32\config\SAM.bak
2013-07-02 13:30 - 2010-04-23 22:34 - 16252928 ____A C:\Windows\System32\config\software.bak
2013-07-02 13:30 - 2010-04-23 22:34 - 00262144 ____A C:\Windows\System32\config\default.bak
2013-07-02 13:30 - 2010-04-23 19:55 - 03407872 ____A C:\Documents and Settings\öz\NTUSER.bak
2013-07-02 13:30 - 2010-04-23 19:52 - 00229376 ____A C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.bak
2013-07-02 13:30 - 2010-04-23 19:52 - 00229376 ____A C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.bak
2013-07-02 13:28 - 2013-07-02 13:17 - 00000000 ____D C:\Documents and Settings\öz\Application Data\Wise Registry Cleaner
2013-07-02 13:22 - 2013-06-24 10:15 - 00000000 ____D C:\Program Files\VS Revo Group
2013-07-02 13:17 - 2013-07-02 13:17 - 00000000 ____D C:\Program Files\Wise
2013-07-02 13:15 - 2013-07-02 13:15 - 00000000 ____D C:\Program Files\Wise Memory Optimizer
2013-07-02 13:15 - 2013-07-02 13:15 - 00000000 ____D C:\Documents and Settings\öz\Application Data\Wise Care 365
2013-07-02 13:08 - 2013-07-02 12:52 - 00000000 ____D C:\Program Files\Microsoft Bootvis
2013-07-02 13:03 - 2013-07-02 12:53 - 00063904 ____A C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\FontCache3.0.0.0.dat
2013-07-02 13:02 - 2013-07-02 13:02 - 00000000 ____D C:\Documents and Settings\öz\Local Settings\Application Data\DownloadGuide
2013-07-02 04:02 - 2013-07-02 04:02 - 00000000 ____D C:\Program Files\Lavalys
2013-07-01 15:12 - 2013-07-01 15:09 - 00000000 ____D C:\Program Files\Mobile Partner
2013-07-01 07:59 - 2010-07-10 20:16 - 00000000 ____D C:\Documents and Settings\öz\Desktop\Oyunlar
2013-06-26 08:23 - 2013-06-26 08:22 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-26 08:22 - 2012-06-23 19:58 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-25 14:32 - 2013-06-25 14:32 - 00000000 ____D C:\Documents and Settings\öz\Local Settings\Application Data\Sun
2013-06-25 14:30 - 2008-08-17 16:47 - 00000000 ____D C:\Program Files\Common Files\Java
2013-06-25 14:29 - 2013-06-25 14:30 - 00867240 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-06-25 14:29 - 2013-06-25 14:30 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-25 14:29 - 2013-06-25 14:30 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-25 14:29 - 2013-06-25 14:30 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-25 14:29 - 2013-06-25 14:30 - 00144896 ____A (Oracle Corporation) C:\Windows\System32\javacpl.cpl
2013-06-25 14:29 - 2013-06-25 14:30 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-25 14:29 - 2010-04-30 01:17 - 00789416 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-06-25 14:29 - 2008-08-17 16:49 - 00000000 ____D C:\Program Files\Java
2013-06-25 13:46 - 2013-06-25 13:46 - 00000000 ____D C:\Program Files\MSXML 4.0
2013-06-25 13:46 - 2013-06-25 13:46 - 00000000 ____D C:\Documents and Settings\öz\Desktop\Samsung_ChannelListPCEditor_1.10
2013-06-24 19:57 - 2013-06-24 19:57 - 01060864 ____A (Microsoft Corporation) C:\Windows\System32\mfc71.dll
2013-06-24 19:57 - 2013-06-24 19:57 - 00348160 ____A (Microsoft Corporation) C:\Windows\System32\msvcr71.dll
2013-06-24 19:57 - 2013-06-24 17:40 - 00000000 ____D C:\Program Files\Comodo
2013-06-24 19:57 - 2013-06-24 17:40 - 00000000 ____D C:\Documents and Settings\öz\Local Settings\Application Data\COMODO
2013-06-24 19:52 - 2013-06-24 19:52 - 00000000 ____D C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\COMODO
2013-06-24 19:52 - 2013-06-24 17:05 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Comodo
2013-06-24 17:43 - 2013-06-24 17:43 - 00001695 ____A C:\Documents and Settings\All Users.WINDOWS\Desktop\COMODO Internet Security.lnk
2013-06-24 17:43 - 2013-06-24 17:43 - 00000777 ____A C:\Documents and Settings\All Users.WINDOWS\Desktop\Paylaşılan Alan.lnk
2013-06-24 17:43 - 2013-06-24 17:08 - 00000000 ___SD C:\Documents and Settings\All Users.WINDOWS\Application Data\Shared Space
2013-06-24 17:41 - 2013-06-24 17:41 - 00000000 ____D C:\Program Files\Common Files\COMODO
2013-06-24 17:41 - 2013-06-24 17:41 - 00000000 ____D C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\COMODO
2013-06-24 17:40 - 2013-06-24 17:40 - 00047368 ____A (COMODO CA Limited) C:\Windows\System32\certsentry.dll
2013-06-24 17:05 - 2013-06-24 17:05 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Comodo Downloader
2013-06-24 12:44 - 2013-06-24 12:44 - 00000000 ____D C:\Program Files\Sophos
2013-06-24 12:37 - 2012-07-08 15:53 - 00000000 __SHD C:\found.000
2013-06-24 12:37 - 2010-07-09 15:35 - 00000000 ____D C:\Windows\System32\NtmsData
2013-06-24 12:37 - 2009-03-12 19:28 - 00000000 ____D C:\Windows\Downloaded Installations
2013-06-24 12:26 - 2013-06-24 12:26 - 00000000 ____D C:\Documents and Settings\öz\Application Data\Malwarebytes
2013-06-24 12:25 - 2013-06-24 12:25 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-24 12:25 - 2013-06-24 12:25 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2013-06-24 12:20 - 2013-06-24 12:11 - 00065536 ____A C:\Windows\System32\config\Spybot -.evt
2013-06-24 12:17 - 2013-06-24 12:11 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2013-06-24 12:14 - 2008-08-15 03:33 - 00000245 _RASH C:\boot.ini
2013-06-24 11:32 - 2008-08-17 20:55 - 00000000 ____D C:\Program Files\Adobe
2013-06-24 11:28 - 2009-03-27 23:32 - 00000000 ____D C:\Documents and Settings\öz\Desktop\nişan
2013-06-24 11:27 - 2008-09-06 13:11 - 00000000 ____D C:\Documents and Settings\öz\Desktop\İndirilenler
2013-06-24 11:18 - 2009-08-12 02:20 - 00000000 ____D C:\Program Files\Winamp
2013-06-24 11:17 - 2013-06-24 09:49 - 00000000 ____D C:\Documents and Settings\öz\Application Data\Auslogics
2013-06-24 10:50 - 2010-07-09 15:35 - 00065536 ____A C:\Windows\System32\config\TuneUp.evt
2013-06-24 10:12 - 2010-04-23 19:55 - 00000000 ___RD C:\Documents and Settings\öz\Sık Kullanılanlar
2013-06-24 10:11 - 2013-06-24 10:10 - 00000000 ____D C:\Documents and Settings\öz\Desktop\Kopyası Resim karısık
2013-06-24 10:10 - 2012-07-09 11:30 - 00000000 ____D C:\Documents and Settings\öz\Desktop\Müzik
2013-06-24 09:49 - 2013-06-24 09:49 - 00000000 ____D C:\Documents and Settings\öz\Local Settings\Application Data\O&O
2013-06-24 09:40 - 2013-06-24 09:40 - 00000042 ____A C:\Windows\oodjobd.INI
2013-06-23 12:20 - 2010-04-23 22:35 - 00099048 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-23 12:00 - 2013-06-23 11:03 - 00000000 __SHD C:\Documents and Settings\All Users.WINDOWS\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-23 12:00 - 2010-07-09 15:32 - 00000000 __SHD C:\Documents and Settings\All Users.WINDOWS\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2013-06-23 11:55 - 2010-07-09 15:34 - 00000000 ____D C:\Documents and Settings\öz\Application Data\TuneUp Software
2013-06-23 11:55 - 2010-07-09 15:34 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Application Data\TuneUp Software
2013-06-23 11:27 - 2010-07-09 13:36 - 00028194 ____A C:\Windows\System32\TZLog.log
2013-06-22 15:16 - 2009-09-20 18:09 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-06-22 15:16 - 2008-08-19 13:40 - 00000000 ____D C:\Program Files\Google
2013-06-22 15:16 - 2008-08-15 03:36 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-06-22 11:24 - 2012-05-13 17:18 - 00000116 ____A C:\Windows\System32\_WKERNEL.SYL
2013-06-22 10:47 - 2013-06-22 10:47 - 00000034 ____A C:\Windows\System32\_WKERNEL.EXP
2013-06-22 10:46 - 2012-07-11 17:51 - 00000000 ____N C:\Windows\Sti_Trace.log
2013-06-18 16:16 - 2013-06-18 16:16 - 00593408 ____A (COMODO) C:\Windows\System32\Drivers\cmdGuard.sys
2013-06-18 16:16 - 2013-06-18 16:16 - 00099520 ____A (COMODO) C:\Windows\System32\Drivers\inspect.sys
2013-06-18 16:16 - 2013-06-18 16:16 - 00032816 ____A (COMODO) C:\Windows\System32\Drivers\cmdhlp.sys
2013-06-18 16:16 - 2013-06-18 16:16 - 00018528 ____A (COMODO) C:\Windows\System32\Drivers\cmderd.sys
2013-06-18 16:15 - 2013-06-18 16:15 - 00348584 ____A (COMODO) C:\Windows\System32\guard32.dll
2013-06-18 16:15 - 2013-06-18 16:15 - 00278232 ____A (COMODO) C:\Windows\System32\cmdvrt32.dll
2013-06-18 16:15 - 2013-06-18 16:15 - 00040664 ____A (COMODO) C:\Windows\System32\cmdkbd32.dll
2013-06-18 16:15 - 2013-06-18 16:15 - 00035488 ____A (COMODO) C:\Windows\System32\cmdcsr.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2003-05-08 15:00] - [2008-04-14 19:00] - 1033728 ____A (Microsoft Corporation) 95c8ac96e12cab1f1444bcc120dd1773 

C:\Windows\System32\winlogon.exe
[2003-05-08 15:00] - [2008-04-14 19:00] - 0507904 ____A (Microsoft Corporation) 94c716a073277d5a040ef83abc5dae53 

C:\Windows\System32\svchost.exe
[2003-05-08 15:00] - [2008-04-14 19:00] - 0014336 ____A (Microsoft Corporation) 7514a44aee0cdf8a8ed501a9b984627e 

C:\Windows\System32\services.exe
[2003-05-08 15:00] - [2009-02-09 14:23] - 0111104 ____A (Microsoft Corporation) 782ee83d0f77f497ecf0a07da1c3589f 

C:\Windows\System32\User32.dll
[2003-05-08 15:00] - [2008-04-14 19:00] - 0579072 ____A (Microsoft Corporation) dbc887b627b9ca423270c951f9e88f0e 

C:\Windows\System32\userinit.exe
[2003-05-08 15:00] - [2008-04-14 19:00] - 0026112 ____A (Microsoft Corporation) ca23a0e005090603cd307b6f7a5018b9 

C:\Windows\System32\Drivers\volsnap.sys
[2003-05-08 15:00] - [2008-04-14 18:35] - 0052352 ____A (Microsoft Corporation) 2a405a3e1d925b49e09369999854e853 


==================== End Of Log ============================

--- --- ---

--- --- ---

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-07-2013
Ran by öz at 2013-07-06 13:30:37
Running from C:\Documents and Settings\öz\Belgelerim\Karşıdan Yüklenenler
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

3D-Fahrschule (Version: )
7-Zip 4.65
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader 9.5.5 - Turkish (Version: 9.5.5)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Advanced SystemCare 6 (Version: 6.3)
ASUSUpdate
C-Media 3D Audio
COMODO Internet Security Premium (Version: 6.2.20728.2847)
CPUID CPU-Z 1.65.0
EVEREST Home Edition v2.20 (Version: 2.20)
GeekBuddy (Version: 4.7.55)
HijackThis 2.0.2 (Version: 2.0.2)
IObit Apps Toolbar v7.2 (Version: 7.2)
IObit Malware Fighter (Version: 2.0)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Mario Forever 5.01
Media Go (Version: 2.4.256)
Media Go Video Playback Engine 1.116.105.02020 (Version: 1.116.105.02020)
Microsoft .NET Framework 2.0 Language Pack - DEU
Microsoft .NET Framework 2.0 Language Pack - DEU (Version: 1.1.50727.42)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - TRK (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - TRK (Version: 3.2.30729)
Microsoft .NET Framework 3.5 Dil Paketi SP1 - trk
Microsoft .NET Framework 3.5 Language Pack SP1 - trk (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Bootvis (Version: 1.3.37)
Microsoft Temel Akıllı Kart Şifreleme Hizmeti Sağlayıcısı Paketi
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 22.0 (x86 tr) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Paint.NET v3.5.10 (Version: 3.60.0)
PlayStation(R)Store (Version: 4.14.6.15183)
Revo Uninstaller 1.94 (Version: 1.94)
Segoe UI (Version: 14.0.4327.805)
SiS 900 PCI Fast Ethernet Adapter Driver
SiSAGP driver (Version: 1.21)
Smart Defrag 2 (Version: 2.8)
Sony PC Companion 2.10.165 (Version: 2.10.165)
Super Mario Bros. X version 1.3 (Version: 1.3)
swMSM (Version: 12.0.0.1)
Turkcell VINN Hostless Modem (Version: 1.0.0.2)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
WebFldrs XP (Version: 9.50.6513)
Windows Internet Explorer 8 için Güncelleştirme (KB2598845) (Version: 1)
Windows Internet Explorer 8 için Güncelleştirme (KB2632503) (Version: 1)
Windows Internet Explorer 8 için Güncelleştirme (KB976662) (Version: 1)
Windows Internet Explorer 8 için Güncelleştirme (KB982632) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2183461) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2360131) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2416400) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2482017) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2497640) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2510531) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2530548) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2544521) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2559049) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2586448) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2618444) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2647516) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2699988) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2722913) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2838727) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB971961) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB981332) (Version: 1)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB982381) (Version: 1)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Temel Parçalar (Version: 14.0.8089.726)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player (KB975558) için Güvenlik Güncelleştirmesi
Windows XP için Düzeltme (KB942288-v3) (Version: 3)
Windows XP için Güncelleştirme (KB2492386) (Version: 1)
Windows XP için Güncelleştirme (KB2808679) (Version: 1)
Wise Registry Cleaner 7.73 (Version: 7.73)
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
xp-AntiSpy 3.98-2

==================== Restore Points  =========================

26-06-2013 18:23:17 Sistem Denetleme Noktası
28-06-2013 08:21:36 Sistem Denetleme Noktası
01-07-2013 01:32:27 Sistem Denetleme Noktası
02-07-2013 01:13:03 Yüklü Akamai NetSession Interface
02-07-2013 01:14:35 Yüklü Akamai NetSession Interface
02-07-2013 09:52:31 Installed Microsoft Bootvis
02-07-2013 10:22:33 Revo Uninstaller's restore point - Sophos Anti-Rootkit 1.5.0
02-07-2013 11:51:58 Paint.NET v3.5.10
02-07-2013 12:51:47 Kaldırıldı NVIDIA PhysX
02-07-2013 13:28:51 İmzasız sürücü yüklemesi
02-07-2013 13:34:13 İmzalanmamış bir sürücüye yükselt
02-07-2013 14:02:44 İmzalanmamış bir sürücüye yükselt
02-07-2013 14:03:43 İmzasız sürücü yüklemesi
02-07-2013 18:31:00 Revo Uninstaller's restore point - Auslogics BoostSpeed
02-07-2013 18:40:58 Revo Uninstaller's restore point - Auslogics Disk Defrag
02-07-2013 19:46:54 %1 %2 yüklendi.
02-07-2013 19:53:00 Installed %1 %2.
02-07-2013 19:54:00 %1 %2 yüklendi.
02-07-2013 19:56:19 Windows XP KB2492386 yüklendi.
02-07-2013 19:56:53 Windows XP KB2598845 yüklendi.
02-07-2013 19:57:26 Windows XP KB2632503 yüklendi.
02-07-2013 19:58:02 Windows XP KB2808679 yüklendi.
03-07-2013 12:36:21 Windows XP KB942288-v3 yüklendi.
03-07-2013 12:37:51 Microsoft Visual C++ 2005 Redistributable Yüklendi
03-07-2013 12:44:27 Installed Windows Media Format Runtime
03-07-2013 12:45:12 Installed Windows XP Wudf01000.
03-07-2013 12:48:49 Installed Windows Media Format Runtime
03-07-2013 13:12:49 Sony PC Companion
03-07-2013 13:19:56 Microsoft XPS Document Writer Yazıcı Sürücüsü Yüklendi
03-07-2013 13:20:32 Sony PC Companion
03-07-2013 13:27:47 Microsoft XPS Document Writer Yazıcı Sürücüsü Yüklendi
03-07-2013 13:28:48 Sony PC Companion
03-07-2013 13:33:55 Sony PC Companion
03-07-2013 13:37:28 Installed ASUSUpdate
31-12-2003 22:03:40 Software Distribution Service 3.0
31-12-2003 22:23:16 Yüklenen SiSAGP driver

==================== Hosts content: ==========================

2003-05-08 15:00 - 2003-05-08 15:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC6_PerformanceMonitor.job => C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
Task: C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe

==================== Faulty Device Manager Devices =============

Name: SiS 900 PCI Fast Ethernet Adapter
Description: SiS 900 PCI Fast Ethernet Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: SiS
Service: SISNIC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/01/2004 00:11:45 AM) (Source: crypt32) (User: )
Description: Üçüncü parti kök listesi sıra numarasının otomatik güncelleştirme yapılarak alınamadığı konum: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> hata: Bu ağ bağlantısı yok.

Error: (01/01/2004 00:11:45 AM) (Source: crypt32) (User: )
Description: Üçüncü parti kök listesinin ayıklanamadığı otomatik güncelleştirme kabin dosyasının konumu: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> hata: Gerekli sertifika, geçerli sistem saatiyle veya imzalı dosyadaki zaman damgasıyla doğrulanırken geçerlilik süresi dışındaydı.

Error: (01/01/2004 00:11:43 AM) (Source: crypt32) (User: )
Description: Üçüncü parti kök listesi sıra numarasının otomatik güncelleştirme yapılarak alınamadığı konum: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> hata: Bu ağ bağlantısı yok.

Error: (01/01/2004 00:11:43 AM) (Source: crypt32) (User: )
Description: Üçüncü parti kök listesinin ayıklanamadığı otomatik güncelleştirme kabin dosyasının konumu: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> hata: Gerekli sertifika, geçerli sistem saatiyle veya imzalı dosyadaki zaman damgasıyla doğrulanırken geçerlilik süresi dışındaydı.

Error: (01/01/2004 00:11:42 AM) (Source: crypt32) (User: )
Description: Üçüncü parti kök listesi sıra numarasının otomatik güncelleştirme yapılarak alınamadığı konum: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> hata: Bu ağ bağlantısı yok.

Error: (01/01/2004 00:11:42 AM) (Source: crypt32) (User: )
Description: Üçüncü parti kök listesinin ayıklanamadığı otomatik güncelleştirme kabin dosyasının konumu: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> hata: Gerekli sertifika, geçerli sistem saatiyle veya imzalı dosyadaki zaman damgasıyla doğrulanırken geçerlilik süresi dışındaydı.

Error: (01/01/2004 00:11:41 AM) (Source: crypt32) (User: )
Description: Üçüncü parti kök listesi sıra numarasının otomatik güncelleştirme yapılarak alınamadığı konum: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> hata: The server name or address could not be resolved

Error: (01/01/2004 00:11:41 AM) (Source: crypt32) (User: )
Description: Üçüncü parti kök listesinin ayıklanamadığı otomatik güncelleştirme kabin dosyasının konumu: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> hata: Gerekli sertifika, geçerli sistem saatiyle veya imzalı dosyadaki zaman damgasıyla doğrulanırken geçerlilik süresi dışındaydı.

Error: (01/01/2004 00:11:37 AM) (Source: crypt32) (User: )
Description: Üçüncü parti kök listesi sıra numarasının otomatik güncelleştirme yapılarak alınamadığı konum: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> hata: Bu ağ bağlantısı yok.

Error: (01/01/2004 00:11:37 AM) (Source: crypt32) (User: )
Description: Üçüncü parti kök listesinin ayıklanamadığı otomatik güncelleştirme kabin dosyasının konumu: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> hata: Gerekli sertifika, geçerli sistem saatiyle veya imzalı dosyadaki zaman damgasıyla doğrulanırken geçerlilik süresi dışındaydı.


System errors:
=============
Error: (07/06/2013 01:25:45 PM) (Source: W32Time) (User: )
Description: NtpClient zaman sağlayıcısı, bir ya da daha fazla zaman kaynağından zaman
alacak şekilde yapılandırılmış, ancak şu anda kaynakların hiçbirine erişilemiyor. 
14 dakika süresince kaynağa bağlanma denemesi yapılmayacak.
NtpClient'ın hiç doğru zaman kaynağı yok.

Error: (07/06/2013 01:25:45 PM) (Source: W32Time) (User: )
Description: Zaman Sağlayıcı NtpClient: El ile yapılandırılmış '??????????' eşi için DNS araması sırasında
bir hata oluştu. NtpClient, DNS aramasını 15 dakika içinde
yeniden deneyecek.
Hata: Bir yuva işlemi erişilemeyen bir ana makine için denendi. (0x80072751)

Error: (07/06/2013 00:36:29 PM) (Source: W32Time) (User: )
Description: NtpClient zaman sağlayıcısı, bir ya da daha fazla zaman kaynağından zaman
alacak şekilde yapılandırılmış, ancak şu anda kaynakların hiçbirine erişilemiyor. 
14 dakika süresince kaynağa bağlanma denemesi yapılmayacak.
NtpClient'ın hiç doğru zaman kaynağı yok.

Error: (07/06/2013 00:36:29 PM) (Source: W32Time) (User: )
Description: Zaman Sağlayıcı NtpClient: El ile yapılandırılmış '??????????' eşi için DNS araması sırasında
bir hata oluştu. NtpClient, DNS aramasını 15 dakika içinde
yeniden deneyecek.
Hata: Bir yuva işlemi erişilemeyen bir ana makine için denendi. (0x80072751)

Error: (07/06/2013 00:36:28 PM) (Source: W32Time) (User: )
Description: NtpClient zaman sağlayıcısı, bir ya da daha fazla zaman kaynağından zaman
alacak şekilde yapılandırılmış, ancak şu anda kaynakların hiçbirine erişilemiyor. 
15 dakika süresince kaynağa bağlanma denemesi yapılmayacak.
NtpClient'ın hiç doğru zaman kaynağı yok.

Error: (07/06/2013 00:36:28 PM) (Source: W32Time) (User: )
Description: Zaman Sağlayıcı NtpClient: El ile yapılandırılmış '??????????' eşi için DNS araması sırasında
bir hata oluştu. NtpClient, DNS aramasını 15 dakika içinde
yeniden deneyecek.
Hata: Bir yuva işlemi erişilemeyen bir ana makine için denendi. (0x80072751)

Error: (07/06/2013 00:36:28 PM) (Source: W32Time) (User: )
Description: NtpClient zaman sağlayıcısı, bir ya da daha fazla zaman kaynağından zaman
alacak şekilde yapılandırılmış, ancak şu anda kaynakların hiçbirine erişilemiyor. 
14 dakika süresince kaynağa bağlanma denemesi yapılmayacak.
NtpClient'ın hiç doğru zaman kaynağı yok.

Error: (07/06/2013 00:36:28 PM) (Source: W32Time) (User: )
Description: Zaman Sağlayıcı NtpClient: El ile yapılandırılmış '??????????' eşi için DNS araması sırasında
bir hata oluştu. NtpClient, DNS aramasını 15 dakika içinde
yeniden deneyecek.
Hata: Bir yuva işlemi erişilemeyen bir ana makine için denendi. (0x80072751)

Error: (07/06/2013 00:29:47 PM) (Source: W32Time) (User: )
Description: NtpClient zaman sağlayıcısı, bir ya da daha fazla zaman kaynağından zaman
alacak şekilde yapılandırılmış, ancak şu anda kaynakların hiçbirine erişilemiyor. 
30 dakika süresince kaynağa bağlanma denemesi yapılmayacak.
NtpClient'ın hiç doğru zaman kaynağı yok.

Error: (07/06/2013 00:29:47 PM) (Source: W32Time) (User: )
Description: Zaman Sağlayıcı NtpClient: El ile yapılandırılmış '??????????' eşi için DNS araması sırasında
bir hata oluştu. NtpClient, DNS aramasını 30 dakika içinde
yeniden deneyecek.
Hata: Bir yuva işlemi erişilemeyen bir ana makine için denendi. (0x80072751)


Microsoft Office Sessions:
=========================
Error: (01/01/2004 00:11:45 AM) (Source: crypt32)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtBu ağ bağlantısı yok.

Error: (01/01/2004 00:11:45 AM) (Source: crypt32)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabGerekli sertifika, geçerli sistem saatiyle veya imzalı dosyadaki zaman damgasıyla doğrulanırken geçerlilik süresi dışındaydı.

Error: (01/01/2004 00:11:43 AM) (Source: crypt32)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtBu ağ bağlantısı yok.

Error: (01/01/2004 00:11:43 AM) (Source: crypt32)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabGerekli sertifika, geçerli sistem saatiyle veya imzalı dosyadaki zaman damgasıyla doğrulanırken geçerlilik süresi dışındaydı.

Error: (01/01/2004 00:11:42 AM) (Source: crypt32)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtBu ağ bağlantısı yok.

Error: (01/01/2004 00:11:42 AM) (Source: crypt32)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabGerekli sertifika, geçerli sistem saatiyle veya imzalı dosyadaki zaman damgasıyla doğrulanırken geçerlilik süresi dışındaydı.

Error: (01/01/2004 00:11:41 AM) (Source: crypt32)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe server name or address could not be resolved

Error: (01/01/2004 00:11:41 AM) (Source: crypt32)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabGerekli sertifika, geçerli sistem saatiyle veya imzalı dosyadaki zaman damgasıyla doğrulanırken geçerlilik süresi dışındaydı.

Error: (01/01/2004 00:11:37 AM) (Source: crypt32)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtBu ağ bağlantısı yok.

Error: (01/01/2004 00:11:37 AM) (Source: crypt32)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabGerekli sertifika, geçerli sistem saatiyle veya imzalı dosyadaki zaman damgasıyla doğrulanırken geçerlilik süresi dışındaydı.


==================== Memory info =========================== 

Percentage of memory in use: 37%
Total physical RAM: 1791.49 MB
Available physical RAM: 1112.9 MB
Total Pagefile: 3563.56 MB
Available Pagefile: 2938.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1951.03 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:20.04 GB) (Free:4.15 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Backup) (Fixed) (Total:17.27 GB) (Free:11.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 37 GB) (Disk ID: D359D359)
Partition 1: (Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=17 GB) - (Type=07 NTFS)

==================== End Of Log ============================

M-K-D-B · 06.07.2013, 15:58

Servus,

Schritt 1

Folge folgendem Pfad: Start -> Systemsteuerung -> Software / Programme deinstallieren
Suche in der Liste Software mit dem folgenden Namen
- IObit Apps Toolbar v7.2
und deinstalliere das Programm.
Solltest du am Ende der Deinstallation zu einem Neustart aufgefordert werden, so führe diesen durch.
Sollte es Probleme mit der Deinstallation geben, so lass es mich bitte wissen.

Schritt 2
Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Combofix wird überprüfen, ob die Microsoft Windows Wiederherstellungskonsole installiert ist.
Ist diese nicht installiert, erlaube Combofix diese herunter zu laden und zu installieren. Folge dazu einfach den Anweisungen und aktzeptiere die Endbenutzer-Lizenz.
Bei heutiger Malware ist dies sehr empfehlenswert, da diese uns eine Möglichkeit bietet, dein System zu reparieren, falls etwas schief geht.
Bestätige die Information, dass die Wiederherstellungskonsole installiert wurde mit Ja.
Hinweis: Ist diese bereits installiert, wird Combofix mit der Malwareentfernung fortfahren.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es eine Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Schritt 3
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 4
Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop (falls noch nicht vorhanden).

Starte bitte die OTL.exe.
Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Standard Ausgabe.
Setze einen Haken bei Scanne alle Benutzer.
Unter Extra Registry, wähle bitte Use SafeList.
Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:

ATTFilter

activex
msconfig
CREATERESTOREPOINT

Schließe bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Scan Button.
Am Ende des Suchlaufs werden 2 Logdateien erstellt.
Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Bitte poste mit deiner nächsten Antwort

die Logdatei von ComboFix,
die Logdatei von AdwCleaner,
die beiden Logdateien von OTL.

M-K-D-B · 09.07.2013, 19:14

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

09.07.2013, 19:14	#6
M-K-D-B /// TB-Ausbilder	cpu-auslastung 100% Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

cpu-auslastung 100%

Log-Analyse und Auswertung: cpu-auslastung 100%