Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by Emel (administrator) on ASUS on 24-09-2014 09:32:54
Running from C:\Users\Emel\Desktop
Platform: Windows 8 Pro (X64) OS Language: Türkçe (Türkiye)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
() C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(A.E.T. Europe B.V.) C:\Windows\System32\aetcrss1.exe
(CANON INC.) C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Akamai Technologies, Inc.) C:\Users\Emel\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Akamai Technologies, Inc.) C:\Users\Emel\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CertificateRegistration] => C:\Windows\system32\aetcrss1.exe [191488 2012-03-13] (A.E.T. Europe B.V.)
HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [486552 2012-09-27] (CANON INC.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Net iD] => C:\Windows\SysWOW64\iid.exe [77824 2007-02-12] (NetMaker Consulting Group AB)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-4075898193-2291822166-3250366710-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Emel\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4075898193-2291822166-3250366710-1001\...\Run: [uTorrent] => C:\Users\Emel\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-04] (BitTorrent Inc.)
HKU\S-1-5-21-4075898193-2291822166-3250366710-1001\...\Run: [AkisSIL.exe] => D:\Palma\AkisSIL.exe [24576 2010-08-11] ()
HKU\S-1-5-21-4075898193-2291822166-3250366710-1001\...\Run: [AVG-Secure-Search-Update_0414c] => C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2725912 2014-04-25] ()
HKU\S-1-5-21-4075898193-2291822166-3250366710-1001\...\Run: [GoogleChromeAutoLaunch_DCBD1231C63BF0E76FC0BA0227F92F49] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-04] (Google Inc.)
HKU\S-1-5-21-4075898193-2291822166-3250366710-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CardOS API.lnk
ShortcutTarget: CardOS API.lnk -> C:\Program Files\Siemens\CardOS API\bin\siecacst.exe (Siemens AG)
Startup: C:\Users\Emel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Emel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitör Mürekkep Uyarıları - HP Deskjet Ink Adv 2060 K110.lnk
ShortcutTarget: Monitör Mürekkep Uyarıları - HP Deskjet Ink Adv 2060 K110.lnk -> C:\Program Files\HP\HP Deskjet Ink Adv 2060 K110\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: 0YndCase0Sync -> {63D48440-63AB-44D0-B323-4731DFCDE9E9} => C:\Program Files\Yandex\YandexDisk\bin\YandexDiskOverlays-2398.dll ()
ShellIconOverlayIdentifiers: 0YndCase1Modified -> {7E7DC279-E6BE-4D57-9DEC-14FA0339DBC0} => C:\Program Files\Yandex\YandexDisk\bin\YandexDiskOverlays-2398.dll ()
ShellIconOverlayIdentifiers: 0YndCase2Error -> {FB2FE984-05F5-4512-9D9B-69D3DE61F6D9} => C:\Program Files\Yandex\YandexDisk\bin\YandexDiskOverlays-2398.dll ()
ShellIconOverlayIdentifiers: 0YndCase3Shared -> {AF8D197E-7022-4c3d-BD88-68AD35C9C169} => C:\Program Files\Yandex\YandexDisk\bin\YandexDiskOverlays-2398.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBACBB0C858EBCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = tr-TR
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {5554DCB0-700B-498D-9B58-4E40E5814405}
http://titubb.titck.gov.tr/Reserved...a520725be9&Mode=true&OpType=PrintCab&Arch=X86
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Emel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-07-24]
Chrome:
=======
CHR Profile: C:\Users\Emel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Emel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-28]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-20] (Avira Operations GmbH & Co. KG)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [X]
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 A38CCID; C:\Windows\system32\DRIVERS\a38ccid.sys [62592 2014-03-24] (Advanced Card Systems Ltd.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70416 2013-09-23] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-14] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-13] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 cxbu0x64; C:\Windows\system32\DRIVERS\cxbu0x64.sys [143360 2013-08-19] (HID Global Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-22] (Disc Soft Ltd)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-03-19] (Anchorfree Inc.)
U3 TrueSight; C:\Windows\System32\Drivers\TrueSight.sys [33512 2014-09-18] ()
U3 TrueSight; C:\Windows\SysWOW64\Drivers\TrueSight.sys [33512 2014-09-17] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 mdareDriver_43; \??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_43.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-24 09:32 - 2014-09-24 09:33 - 00017866 _____ () C:\Users\Emel\Desktop\FRST.txt
2014-09-24 09:32 - 2014-09-24 09:32 - 00000000 ____D () C:\FRST
2014-09-24 09:06 - 2014-09-24 09:06 - 00001351 _____ () C:\Users\Emel\Desktop\JRT.txt
2014-09-24 09:00 - 2014-09-24 09:00 - 00000000 ____D () C:\Windows\ERUNT
2014-09-24 08:50 - 2014-09-24 08:50 - 00006785 _____ () C:\Users\Emel\Desktop\AdwCleaner[S0].txt
2014-09-24 08:41 - 2014-09-24 08:45 - 00000000 ____D () C:\AdwCleaner
2014-09-23 14:15 - 2014-09-23 14:15 - 00000000 ____D () C:\Users\Emel\EgaApi
2014-09-23 13:55 - 2014-09-23 13:55 - 02105856 _____ (Farbar) C:\Users\Emel\Desktop\FRST64.exe
2014-09-23 13:55 - 2014-09-23 13:55 - 01024790 _____ (Thisisu) C:\Users\Emel\Desktop\JRT.exe
2014-09-23 13:54 - 2014-09-23 13:55 - 01373475 _____ () C:\Users\Emel\Desktop\adwcleaner_3.310.exe
2014-09-22 10:29 - 2014-09-22 10:29 - 00028439 _____ () C:\ComboFix.txt
2014-09-22 09:49 - 2011-06-26 09:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-22 09:49 - 2010-11-07 20:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-22 09:49 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-22 09:49 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-22 09:49 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-22 09:49 - 2000-08-31 03:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-09-22 09:49 - 2000-08-31 03:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-22 09:49 - 2000-08-31 03:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-22 09:49 - 2000-08-31 03:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-22 09:46 - 2014-09-22 10:29 - 00000000 ____D () C:\Qoobox
2014-09-22 09:45 - 2014-09-22 10:23 - 00000000 ____D () C:\Windows\erdnt
2014-09-22 02:08 - 2014-09-22 02:08 - 00285683 _____ () C:\Users\Emel\Desktop\LİMA STOK.xlsx
2014-09-19 09:21 - 2014-09-19 10:12 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-18 18:26 - 2014-09-18 18:26 - 00033512 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-09-18 11:25 - 2014-09-18 11:25 - 00006835 _____ () C:\Users\Emel\Documents\DokumaninIndirildigineIliskinForm3.html
2014-09-18 11:24 - 2014-09-18 11:25 - 05733513 _____ () C:\Users\Emel\Documents\ihale_dokumani_2014_109257.zip
2014-09-18 11:20 - 2014-09-18 11:20 - 00006829 _____ () C:\Users\Emel\Documents\DokumaninIndirildigineIliskinForm1.html
2014-09-18 11:19 - 2014-09-18 11:20 - 05990206 _____ () C:\Users\Emel\Documents\ihale_dokumani_2014_109585.zip
2014-09-18 11:17 - 2014-09-18 11:17 - 00006821 _____ () C:\Users\Emel\Documents\DokumaninIndirildigineIliskinForm.html
2014-09-18 08:57 - 2014-09-18 08:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-17 16:11 - 2014-09-18 08:35 - 00024415 _____ () C:\Users\Emel\Desktop\Standart İhale Evrakları.xlsx
2014-09-17 10:43 - 2014-09-17 10:43 - 00033512 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys
2014-09-17 10:43 - 2014-09-17 10:43 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-09-16 15:57 - 2014-09-16 15:57 - 00001130 _____ () C:\Users\Emel\Documents\ihale_dokumani_2014_100341.zip
2014-09-16 10:16 - 2014-09-16 10:16 - 03632135 _____ () C:\Users\Emel\Documents\ihale_dokumani_2014_92408.zip
2014-09-12 20:55 - 2014-09-12 20:55 - 00039087 _____ () C:\Users\Emel\Documents\UDF1.nru
2014-09-12 20:40 - 2014-09-12 20:40 - 00000000 ____D () C:\Users\Emel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.Disk
2014-09-12 18:24 - 2014-09-12 18:24 - 00035869 _____ () C:\Users\Emel\Documents\KarışıkMod1.nrm
2014-09-12 17:30 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-09-12 17:30 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-09-12 16:56 - 2014-09-12 17:34 - 00000000 ____D () C:\Users\Emel\AppData\Roaming\Nero
2014-09-12 16:52 - 2014-09-15 09:42 - 00000000 ____D () C:\ProgramData\Nero
2014-09-12 16:05 - 2014-09-12 16:05 - 00012750 _____ () C:\Users\Emel\Desktop\trek otw ubb.xlsx
2014-09-12 12:09 - 2014-09-12 12:09 - 00000685 _____ () C:\Users\Emel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ipscan23.lnk
2014-09-12 11:37 - 2014-09-12 11:37 - 00000497 _____ () C:\Users\Emel\Desktop\Elements.lnk
2014-09-12 10:52 - 2014-09-16 12:11 - 01801790 _____ () C:\Users\Emel\Desktop\Lima Sagl_k Teklif Sablonu.xlsx
2014-09-10 15:34 - 2014-08-16 12:33 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 15:34 - 2014-08-16 10:36 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 15:34 - 2014-03-07 03:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 15:34 - 2013-05-14 16:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 15:34 - 2013-05-14 12:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 15:34 - 2012-07-26 06:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 15:33 - 2014-08-16 12:34 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 15:33 - 2014-08-16 12:34 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 15:33 - 2014-08-16 12:34 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-09-10 15:33 - 2014-08-16 12:34 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 15:33 - 2014-08-16 12:33 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 15:33 - 2014-08-16 12:32 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 15:33 - 2014-08-16 12:32 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 15:33 - 2014-08-16 12:32 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 15:33 - 2014-08-16 12:32 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 15:33 - 2014-08-16 12:32 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-10 15:33 - 2014-08-16 12:32 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 15:33 - 2014-08-16 12:32 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 15:33 - 2014-08-16 12:32 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 15:33 - 2014-08-16 10:37 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 15:33 - 2014-08-16 10:37 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 15:33 - 2014-08-16 10:36 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 15:33 - 2014-08-16 10:36 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 15:33 - 2014-08-16 10:36 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 15:33 - 2014-08-16 10:36 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-10 15:33 - 2014-08-16 10:36 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 15:33 - 2014-08-16 10:36 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 15:33 - 2014-08-16 10:36 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 15:33 - 2014-08-16 10:36 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 15:33 - 2014-08-16 10:35 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 15:33 - 2013-05-16 01:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-10 15:33 - 2013-05-16 01:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-10 15:33 - 2013-02-21 13:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-10 15:33 - 2013-02-21 13:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 15:33 - 2013-02-21 13:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 15:33 - 2013-02-21 13:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 15:33 - 2013-02-21 13:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-10 15:33 - 2013-02-21 13:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 15:33 - 2013-02-19 12:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-09-10 15:33 - 2012-11-08 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 15:33 - 2012-11-08 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 15:32 - 2014-08-16 12:33 - 19280384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 15:32 - 2014-08-16 10:36 - 14369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 14:58 - 2014-08-01 02:40 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-10 14:57 - 2014-09-05 01:36 - 00755712 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 14:57 - 2014-09-03 04:49 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 14:57 - 2014-08-28 14:34 - 00059400 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-10 14:57 - 2014-08-28 09:05 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-10 14:57 - 2014-08-28 09:05 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-10 14:57 - 2014-08-28 09:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-10 14:57 - 2014-08-28 09:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-10 14:57 - 2014-08-28 09:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-10 14:57 - 2014-08-28 09:01 - 03285504 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-10 14:57 - 2014-08-28 09:01 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-10 14:57 - 2014-08-28 09:01 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-10 14:57 - 2014-08-28 09:01 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-10 14:57 - 2014-08-28 09:01 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-09-10 14:57 - 2014-08-28 09:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-10 14:57 - 2014-08-28 09:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-10 14:57 - 2014-08-28 09:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-09-10 14:57 - 2014-06-05 04:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2014-09-10 14:57 - 2014-06-04 02:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2014-09-10 14:56 - 2014-07-24 06:33 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-10 14:56 - 2014-07-24 06:33 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-04 09:45 - 2014-09-04 09:46 - 00000873 _____ () C:\Users\Emel\Desktop\LTD ŞTİ.lnk
2014-09-04 09:42 - 2014-09-04 09:42 - 00000851 _____ () C:\Users\Emel\Desktop\GoPlus.lnk
2014-09-02 14:26 - 2014-09-23 18:17 - 00005036 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Asus-Emel Asus
2014-08-28 09:04 - 2014-08-23 09:47 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 10:58 - 2014-08-27 10:58 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-24 09:33 - 2014-09-24 09:32 - 00017866 _____ () C:\Users\Emel\Desktop\FRST.txt
2014-09-24 09:32 - 2014-09-24 09:32 - 00000000 ____D () C:\FRST
2014-09-24 09:29 - 2013-11-27 13:20 - 00000000 ____D () C:\Users\Emel\Documents\Outlook Dosyaları
2014-09-24 09:25 - 2013-11-28 12:45 - 00001026 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-24 09:25 - 2013-11-28 12:45 - 00001022 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-24 09:06 - 2014-09-24 09:06 - 00001351 _____ () C:\Users\Emel\Desktop\JRT.txt
2014-09-24 09:06 - 2013-11-27 13:13 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4075898193-2291822166-3250366710-1001
2014-09-24 09:04 - 2013-11-27 13:07 - 01768199 _____ () C:\Windows\WindowsUpdate.log
2014-09-24 09:02 - 2013-11-27 14:28 - 05947392 ___SH () C:\Users\Emel\Desktop\Thumbs.db
2014-09-24 09:00 - 2014-09-24 09:00 - 00000000 ____D () C:\Windows\ERUNT
2014-09-24 09:00 - 2012-07-26 11:12 - 00000000 ____D () C:\Windows\system32\sru
2014-09-24 08:57 - 2013-11-27 13:07 - 00000000 ____D () C:\Users\Emel\AppData\Local\Packages
2014-09-24 08:50 - 2014-09-24 08:50 - 00006785 _____ () C:\Users\Emel\Desktop\AdwCleaner[S0].txt
2014-09-24 08:48 - 2014-04-25 11:16 - 00000384 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job
2014-09-24 08:48 - 2014-04-25 11:16 - 00000384 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job
2014-09-24 08:48 - 2012-07-26 10:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-24 08:47 - 2014-02-21 22:19 - 00000000 ____D () C:\Users\Emel\AppData\Local\AVG SafeGuard toolbar
2014-09-24 08:47 - 2013-11-27 13:03 - 00132130 _____ () C:\Windows\PFRO.log
2014-09-24 08:45 - 2014-09-24 08:41 - 00000000 ____D () C:\AdwCleaner
2014-09-23 18:17 - 2014-09-02 14:26 - 00005036 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Asus-Emel Asus
2014-09-23 16:20 - 2013-11-28 14:15 - 00000934 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4075898193-2291822166-3250366710-1001UA.job
2014-09-23 14:15 - 2014-09-23 14:15 - 00000000 ____D () C:\Users\Emel\EgaApi
2014-09-23 14:15 - 2013-11-27 13:07 - 00000000 ____D () C:\Users\Emel
2014-09-23 14:04 - 2013-11-28 17:23 - 00000000 ____D () C:\Users\Emel\AppData\Local\Deployment
2014-09-23 13:55 - 2014-09-23 13:55 - 02105856 _____ (Farbar) C:\Users\Emel\Desktop\FRST64.exe
2014-09-23 13:55 - 2014-09-23 13:55 - 01024790 _____ (Thisisu) C:\Users\Emel\Desktop\JRT.exe
2014-09-23 13:55 - 2014-09-23 13:54 - 01373475 _____ () C:\Users\Emel\Desktop\adwcleaner_3.310.exe
2014-09-23 13:20 - 2013-11-28 14:15 - 00000912 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4075898193-2291822166-3250366710-1001Core.job
2014-09-23 10:27 - 2014-01-22 15:32 - 00167368 _____ () C:\Users\Emel\Desktop\İHALE SONUÇLARI.xlsx
2014-09-23 10:25 - 2014-02-04 18:25 - 00078004 _____ () C:\Users\Emel\Documents\gpfax.adr
2014-09-23 10:25 - 2014-02-04 18:25 - 00000624 _____ () C:\Users\Emel\Documents\gpfax.idx
2014-09-23 08:46 - 2012-07-26 10:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-22 20:33 - 2012-07-26 13:03 - 00711712 _____ () C:\Windows\system32\perfh01F.dat
2014-09-22 20:33 - 2012-07-26 13:03 - 00146728 _____ () C:\Windows\system32\perfc01F.dat
2014-09-22 20:33 - 2012-07-26 10:28 - 01697282 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-22 15:37 - 2013-11-28 17:23 - 00000000 ____D () C:\Users\Emel\AppData\Local\Apps\2.0
2014-09-22 15:16 - 2013-12-19 16:43 - 00018432 ___SH () C:\Users\Emel\Documents\Thumbs.db
2014-09-22 10:48 - 2012-07-26 08:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-22 10:29 - 2014-09-22 10:29 - 00028439 _____ () C:\ComboFix.txt
2014-09-22 10:29 - 2014-09-22 09:46 - 00000000 ____D () C:\Qoobox
2014-09-22 10:29 - 2012-07-26 08:37 - 00000000 __RHD () C:\Users\Default
2014-09-22 10:23 - 2014-09-22 09:45 - 00000000 ____D () C:\Windows\erdnt
2014-09-22 10:21 - 2012-07-26 08:26 - 00000215 _____ () C:\Windows\system.ini
2014-09-22 10:18 - 2012-07-26 08:26 - 81002496 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-09-22 10:18 - 2012-07-26 08:26 - 16777216 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-09-22 10:18 - 2012-07-26 08:26 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-09-22 10:18 - 2012-07-26 08:26 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-09-22 10:18 - 2012-07-26 08:26 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-09-22 02:08 - 2014-09-22 02:08 - 00285683 _____ () C:\Users\Emel\Desktop\LİMA STOK.xlsx
2014-09-21 13:43 - 2012-07-26 10:21 - 00064334 _____ () C:\Windows\setupact.log
2014-09-20 09:33 - 2014-04-15 10:46 - 00000000 ____D () C:\Users\Emel\AppData\Local\CrashDumps
2014-09-19 10:56 - 2014-05-21 13:20 - 00000000 ____D () C:\Program Files (x86)\Labeljoy 5
2014-09-19 10:12 - 2014-09-19 09:21 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-18 18:30 - 2013-11-27 13:28 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-18 18:26 - 2014-09-18 18:26 - 00033512 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-09-18 12:18 - 2012-07-26 11:12 - 00000000 ____D () C:\Windows\rescache
2014-09-18 11:25 - 2014-09-18 11:25 - 00006835 _____ () C:\Users\Emel\Documents\DokumaninIndirildigineIliskinForm3.html
2014-09-18 11:25 - 2014-09-18 11:24 - 05733513 _____ () C:\Users\Emel\Documents\ihale_dokumani_2014_109257.zip
2014-09-18 11:20 - 2014-09-18 11:20 - 00006829 _____ () C:\Users\Emel\Documents\DokumaninIndirildigineIliskinForm1.html
2014-09-18 11:20 - 2014-09-18 11:19 - 05990206 _____ () C:\Users\Emel\Documents\ihale_dokumani_2014_109585.zip
2014-09-18 11:17 - 2014-09-18 11:17 - 00006821 _____ () C:\Users\Emel\Documents\DokumaninIndirildigineIliskinForm.html
2014-09-18 08:57 - 2014-09-18 08:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-18 08:35 - 2014-09-17 16:11 - 00024415 _____ () C:\Users\Emel\Desktop\Standart İhale Evrakları.xlsx
2014-09-17 10:43 - 2014-09-17 10:43 - 00033512 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys
2014-09-17 10:43 - 2014-09-17 10:43 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-09-16 15:57 - 2014-09-16 15:57 - 00001130 _____ () C:\Users\Emel\Documents\ihale_dokumani_2014_100341.zip
2014-09-16 12:11 - 2014-09-12 10:52 - 01801790 _____ () C:\Users\Emel\Desktop\Lima Sagl_k Teklif Sablonu.xlsx
2014-09-16 10:24 - 2012-07-26 11:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-09-16 10:16 - 2014-09-16 10:16 - 03632135 _____ () C:\Users\Emel\Documents\ihale_dokumani_2014_92408.zip
2014-09-15 09:42 - 2014-09-12 16:52 - 00000000 ____D () C:\ProgramData\Nero
2014-09-15 09:34 - 2014-07-25 15:54 - 00000000 ___RD () C:\Users\Emel\YandexDisk
2014-09-15 09:26 - 2014-07-16 08:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-15 09:26 - 2012-07-26 11:12 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-12 20:55 - 2014-09-12 20:55 - 00039087 _____ () C:\Users\Emel\Documents\UDF1.nru
2014-09-12 20:40 - 2014-09-12 20:40 - 00000000 ____D () C:\Users\Emel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.Disk
2014-09-12 18:24 - 2014-09-12 18:24 - 00035869 _____ () C:\Users\Emel\Documents\KarışıkMod1.nrm
2014-09-12 17:34 - 2014-09-12 16:56 - 00000000 ____D () C:\Users\Emel\AppData\Roaming\Nero
2014-09-12 16:05 - 2014-09-12 16:05 - 00012750 _____ () C:\Users\Emel\Desktop\trek otw ubb.xlsx
2014-09-12 12:09 - 2014-09-12 12:09 - 00000685 _____ () C:\Users\Emel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ipscan23.lnk
2014-09-12 12:06 - 2014-02-25 19:33 - 00000000 ____D () C:\Users\Emel\olesa
2014-09-12 11:37 - 2014-09-12 11:37 - 00000497 _____ () C:\Users\Emel\Desktop\Elements.lnk
2014-09-10 15:32 - 2013-11-28 13:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 15:12 - 2013-11-28 13:50 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-08 11:12 - 2013-11-27 15:02 - 00000000 ____D () C:\Users\Emel\EMEL
2014-09-06 13:59 - 2014-08-20 11:54 - 00000000 ____D () C:\Users\Emel\AppData\Local\EvernoteNW
2014-09-05 01:36 - 2014-09-10 14:57 - 00755712 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 09:46 - 2014-09-04 09:45 - 00000873 _____ () C:\Users\Emel\Desktop\LTD ŞTİ.lnk
2014-09-04 09:42 - 2014-09-04 09:42 - 00000851 _____ () C:\Users\Emel\Desktop\GoPlus.lnk
2014-09-03 04:49 - 2014-09-10 14:57 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-02 22:32 - 2014-08-17 22:17 - 00705480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 22:32 - 2014-08-17 22:17 - 00104904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-02 11:23 - 2014-07-16 11:11 - 00317680 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-29 15:45 - 2014-04-06 00:02 - 00000000 ____D () C:\Users\Emel\AppData\Roaming\HpUpdate
2014-08-28 14:34 - 2014-09-10 14:57 - 00059400 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-28 09:05 - 2014-09-10 14:57 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-28 09:05 - 2014-09-10 14:57 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-28 09:05 - 2014-09-10 14:57 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-28 09:05 - 2014-09-10 14:57 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-28 09:02 - 2014-09-10 14:57 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-28 09:01 - 2014-09-10 14:57 - 03285504 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-28 09:01 - 2014-09-10 14:57 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-28 09:01 - 2014-09-10 14:57 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-28 09:01 - 2014-09-10 14:57 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-08-28 09:01 - 2014-09-10 14:57 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-08-28 09:01 - 2014-09-10 14:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-28 09:01 - 2014-09-10 14:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-28 09:01 - 2014-09-10 14:57 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-08-27 10:58 - 2014-08-27 10:58 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-08-26 09:24 - 2013-11-27 13:13 - 00000000 ____D () C:\Program Files\Microsoft Office 15
Files to move or delete:
====================
C:\Users\Emel\3Dsubtitler.exe
Some content of TEMP:
====================
C:\Users\Emel\AppData\Local\temp\avgnt.exe
C:\Users\Emel\AppData\Local\temp\pkcs11wrapper.dll
C:\Users\Emel\AppData\Local\temp\pkcs11wrapper_x32_131.dll
C:\Users\Emel\AppData\Local\temp\pkcs11wrapper_x32_17.dll
C:\Users\Emel\AppData\Local\temp\pkcs11wrapper_x32_192.dll
C:\Users\Emel\AppData\Local\temp\pkcs11wrapper_x32_22.dll
C:\Users\Emel\AppData\Local\temp\pkcs11wrapper_x32_24.dll
C:\Users\Emel\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-16 12:45
==================== End Of Log ============================