Zuerst Virus PRoblem, jetzt geht der Pc nicht mehr an Zitat:
Zitat von
Canstar168 OTL Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
OTL logfile created on: 12.09.2010 23:36:47 - Run 2
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Can Eryilmaz\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 69,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 64,00% Paging File free
Paging file location(s): [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,36 Gb Total Space | 224,06 Gb Free Space | 80,20% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 373,74 Gb Free Space | 80,24% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 669,53 Gb Free Space | 71,88% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 1863,01 Gb Total Space | 1378,92 Gb Free Space | 74,02% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive L: | 15,08 Gb Total Space | 13,21 Gb Free Space | 87,59% Space Free | Partition Type: FAT32
Drive M: | 298,02 Gb Total Space | 126,28 Gb Free Space | 42,37% Space Free | Partition Type: FAT32
Computer Name: CANERYILMAZ-PC
Current User Name: Can Eryilmaz
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010.09.10 22:40:41 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Can Eryilmaz\Desktop\OTL.exe
PRC - [2010.05.14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010.04.20 23:03:16 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.03.02 11:28:23 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2009.07.22 01:00:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\Windows\SysWOW64\brss01a.exe
PRC - [2004.06.14 01:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) -- C:\Windows\SysWOW64\brsvc01a.exe
========== Modules (SafeList) ==========
MOD - [2010.09.10 22:40:41 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Can Eryilmaz\Desktop\OTL.exe
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - File not found [Auto | Stopped] -- C:\Windows\SysNative\srvany.exe -- (KMService)
SRV:64bit: - [2010.07.07 03:50:54 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.03.25 10:41:00 | 051,456,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV:64bit: - [2010.01.09 21:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV:64bit: - [2009.07.14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009.07.14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009.07.14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.06.08 16:02:44 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2010.05.14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010.04.20 23:03:16 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.03.30 11:16:14 | 001,823,112 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.03.18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.01.12 16:57:44 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009.08.05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009.01.29 17:54:44 | 000,102,400 | ---- | M] (PacketVideo) [Disabled | Stopped] -- C:\Program Files (x86)\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -- (TwonkyMedia)
SRV - [2004.06.14 01:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Running] -- C:\Windows\SysWOW64\brsvc01a.exe -- (Brother XP spl Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2010.07.24 03:19:59 | 000,311,968 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.07.24 02:56:36 | 000,043,168 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.07.07 04:30:08 | 007,195,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.07.07 04:30:08 | 007,195,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.07.07 03:15:42 | 000,265,728 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.05.24 20:07:58 | 000,253,728 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2010.05.06 11:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.03.22 17:57:20 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.03.18 11:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010.03.18 11:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2010.03.10 04:03:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2010.03.02 13:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2010.02.26 14:33:40 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2010.02.26 14:33:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.02.26 14:33:22 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2010.02.26 14:33:22 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2010.02.24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2010.02.16 14:24:00 | 000,081,072 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010.02.03 15:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2010.01.27 16:58:38 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2010.01.17 23:59:02 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.12.21 21:56:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.08.28 20:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009.08.06 00:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009.07.14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009.07.14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.07.14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.07.14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009.07.14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009.07.14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2009.11.25 14:11:20 | 000,023,712 | ---- | M] () [Kernel | System | Stopped] -- C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray64.sys -- (atitray)
DRV - [2009.02.19 11:39:06 | 000,044,344 | ---- | M] (MICRO-STAR INT'L CO., LTD.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\AutoBoot\NTGLM7X64.sys -- (AutoBoot)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AA 4F DF 7E FD 96 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: "LEO Eng-Deu"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.2.0
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q="
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files (x86)\SpeedBit Video Downloader\SPFireFox [2010.06.28 09:15:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.07.23 20:31:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.09.09 00:23:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.09.09 00:23:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.07.23 20:31:51 | 000,000,000 | ---D | M]
[2010.01.17 01:14:45 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\mozilla\Extensions
[2010.09.12 01:33:20 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\mozilla\Firefox\Profiles\59n38xlr.default\extensions
[2010.06.28 09:16:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Can Eryilmaz\AppData\Roaming\mozilla\Firefox\Profiles\59n38xlr.default\extensions\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
[2010.08.23 09:49:25 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Users\Can Eryilmaz\AppData\Roaming\mozilla\Firefox\Profiles\59n38xlr.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2010.06.18 16:22:31 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\mozilla\Firefox\Profiles\59n38xlr.default\extensions\piclens@cooliris.com
[2010.01.17 23:59:25 | 000,002,055 | ---- | M] () -- C:\Users\Can Eryilmaz\AppData\Roaming\Mozilla\FireFox\Profiles\59n38xlr.default\searchplugins\daemon-search.xml
[2010.09.06 17:33:36 | 000,000,950 | ---- | M] () -- C:\Users\Can Eryilmaz\AppData\Roaming\Mozilla\FireFox\Profiles\59n38xlr.default\searchplugins\icqplugin-1.xml
[2010.03.26 19:16:53 | 000,000,950 | ---- | M] () -- C:\Users\Can Eryilmaz\AppData\Roaming\Mozilla\FireFox\Profiles\59n38xlr.default\searchplugins\icqplugin-2.xml
[2010.04.02 20:15:02 | 000,000,950 | ---- | M] () -- C:\Users\Can Eryilmaz\AppData\Roaming\Mozilla\FireFox\Profiles\59n38xlr.default\searchplugins\icqplugin-3.xml
[2010.06.24 21:12:35 | 000,000,950 | ---- | M] () -- C:\Users\Can Eryilmaz\AppData\Roaming\Mozilla\FireFox\Profiles\59n38xlr.default\searchplugins\icqplugin-4.xml
[2010.06.28 07:40:11 | 000,000,950 | ---- | M] () -- C:\Users\Can Eryilmaz\AppData\Roaming\Mozilla\FireFox\Profiles\59n38xlr.default\searchplugins\icqplugin-5.xml
[2010.02.22 17:07:40 | 000,000,955 | ---- | M] () -- C:\Users\Can Eryilmaz\AppData\Roaming\Mozilla\FireFox\Profiles\59n38xlr.default\searchplugins\icqplugin.xml
[2010.07.27 22:15:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.01.20 23:37:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.09.21 11:00:44 | 001,447,328 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\NpFv522.dll
[2010.06.24 21:12:17 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.06.24 21:12:17 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.06.24 21:12:17 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.06.24 21:12:17 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.06.24 21:12:17 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.09.12 13:44:59 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SBCONVERT Class) - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~2\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~2\SPEEDB~1\Toolbar\grabber.dll (Speedbit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoBoot.lnk - C:\PROGRA~2\MSI\AutoBoot\STARTA~1.EXE - ()
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: ATICustomerCare - hkey= - key= - C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
MsConfig:64bit - StartUpReg: AtiTrayTools - hkey= - key= - C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray.exe (Ray Adams)
MsConfig:64bit - StartUpReg: BrMfcWnd - hkey= - key= - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
MsConfig:64bit - StartUpReg: EvtMgr6 - hkey= - key= - C:\Program Files\Logitech\SetPointP\SetPoint.exe File not found
MsConfig:64bit - StartUpReg: ISUSPM Startup - hkey= - key= - C:\Programme (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found
MsConfig:64bit - StartUpReg: ISUSScheduler - hkey= - key= - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
MsConfig:64bit - StartUpReg: JMB36X IDE Setup - hkey= - key= - C:\Windows\RaidTool\xInsIDE.exe ()
MsConfig:64bit - StartUpReg: MSIAfterburner - hkey= - key= - C:\Program Files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe File not found
MsConfig:64bit - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig:64bit - StartUpReg: NokiaMusic FastStart - hkey= - key= - C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
MsConfig:64bit - StartUpReg: Ocs_SM - hkey= - key= - C:\Users\Can Eryilmaz\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
MsConfig:64bit - StartUpReg: RGSC - hkey= - key= - C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe File not found
MsConfig:64bit - StartUpReg: RtHDVCpl - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe File not found
MsConfig:64bit - StartUpReg: StartCCC - hkey= - key= - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
MsConfig:64bit - State: "services" - Reg Error: Key error.
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
2.seite kommt
Code:
Alles auswählen Aufklappen ATTFilter
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 90 Days ==========
[2010.09.12 13:44:59 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.09.10 22:40:39 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Can Eryilmaz\Desktop\OTL.exe
[2010.09.09 19:46:11 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\Documents\CAPCOM
[2010.09.09 19:41:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CAPCOM
[2010.09.09 13:14:14 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Roaming\Kalypso Media
[2010.09.09 12:48:19 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Roaming\ProtectDISC
[2010.09.09 12:47:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProtectDisc Driver Installer
[2010.09.09 12:47:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kalypso Media
[2010.09.08 13:43:37 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Roaming\Malwarebytes
[2010.09.08 13:43:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.09.08 13:43:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.06 21:33:05 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.09.06 21:33:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.09.06 16:43:53 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\Documents\Hitman Blood Money
[2010.09.03 01:27:41 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client
[2010.08.30 19:31:10 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Roaming\bizarre creations
[2010.08.30 14:37:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.08.30 14:37:07 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Local\2K Games
[2010.08.30 14:30:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2010.07.27 22:21:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.07.27 12:22:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GoldWave
[2010.07.26 16:51:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.07.26 15:04:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Digital Image 2006
[2010.07.26 12:34:02 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\Documents\Password Depot 5
[2010.07.26 12:34:02 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Roaming\AceBIT
[2010.07.24 03:44:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Recorded TV
[2010.07.24 03:44:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Recorded Audio
[2010.07.23 20:33:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Orb Networks
[2010.07.23 20:31:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2010.07.23 20:30:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2010.07.21 14:38:42 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Roaming\Flatcast
[2010.07.14 21:13:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pixelan
[2010.07.14 21:11:06 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Roaming\Publish Providers
[2010.07.14 21:04:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2010.07.14 21:04:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2010.07.14 21:04:05 | 000,000,000 | ---D | C] -- C:\Programme\Sony
[2010.07.14 21:00:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010.07.14 16:31:00 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Roaming\Sony
[2010.07.14 16:31:00 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Local\Sony
[2010.07.12 19:16:27 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Roaming\teamspeak2
[2010.07.12 19:16:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Teamspeak2_RC2
[2010.07.12 19:14:54 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Roaming\TS3Client
[2010.07.11 15:12:35 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Roaming\HandBrake
[2010.07.11 14:44:03 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Local\HandBrake
[2010.07.11 14:43:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HandBrake
[2010.07.11 14:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010.07.07 03:51:26 | 000,462,336 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2010.07.07 03:50:54 | 000,203,264 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2010.07.07 03:49:48 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2010.07.07 03:49:36 | 000,421,376 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2010.07.07 03:49:28 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2010.07.07 03:49:18 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2010.07.07 03:49:14 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2010.07.07 03:49:10 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2010.07.07 03:49:06 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2010.07.07 01:28:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010.07.07 01:28:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\softonic-de3
[2010.06.28 09:15:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedBit Video Downloader
[2010.06.28 09:15:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchPredict
[2010.06.27 02:10:10 | 000,000,000 | ---D | C] -- C:\AMD
[2010.06.24 22:49:13 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\Documents\BioWare
[2010.06.24 22:40:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2010.06.22 22:01:36 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.06.22 15:03:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2010.06.22 15:02:48 | 000,018,960 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2010.06.22 15:02:33 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2010.06.22 15:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2010.06.22 15:01:44 | 000,347,680 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2010.06.22 15:01:41 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Roaming\Logitech
[2010.06.22 15:01:41 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Roaming\Logishrd
[2010.06.22 15:00:31 | 000,369,864 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64H.dll
[2010.06.22 15:00:31 | 000,307,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll
[2010.06.22 15:00:31 | 000,307,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll
[2010.06.22 15:00:31 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64H.dll
[2010.06.22 15:00:31 | 000,095,432 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64H.dll
[2010.06.22 15:00:31 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64H.dll
[2010.06.22 14:57:30 | 000,000,000 | ---D | C] -- C:\RaidTool
[2010.06.22 14:57:23 | 000,000,000 | ---D | C] -- C:\Windows\RaidTool
[2010.06.22 14:49:41 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\Documents\DriverGenius
[2010.06.22 14:47:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft
[2010.06.19 03:01:02 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Local\Electronic_Arts_Inc
[2010.06.17 17:44:19 | 000,000,000 | ---D | C] -- C:\Users\Can Eryilmaz\AppData\Roaming\Facebook
[1 C:\Users\Can Eryilmaz\Desktop\*.tmp files -> C:\Users\Can Eryilmaz\Desktop\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2010.09.12 23:37:53 | 003,145,728 | -HS- | M] () -- C:\Users\Can Eryilmaz\NTUSER.DAT
[2010.09.12 22:51:07 | 000,017,552 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.12 22:51:07 | 000,017,552 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.12 22:48:54 | 001,522,556 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.12 22:48:54 | 000,662,254 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.09.12 22:48:54 | 000,624,136 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.12 22:48:54 | 000,133,190 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.09.12 22:48:54 | 000,109,580 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.12 22:43:54 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.12 22:43:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.12 22:43:48 | 3219,841,024 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.12 20:48:57 | 004,851,274 | -H-- | M] () -- C:\Users\Can Eryilmaz\AppData\Local\IconCache.db
[2010.09.12 13:44:59 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2010.09.10 22:40:41 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Can Eryilmaz\Desktop\OTL.exe
[2010.09.09 12:48:22 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\00001726.LCS
[2010.09.09 12:47:46 | 000,002,098 | ---- | M] () -- C:\Users\Public\Desktop\Patrizier IV.lnk
[2010.09.09 00:50:55 | 000,326,212 | ---- | M] () -- C:\Users\Can Eryilmaz\Desktop\adress.jpg
[2010.09.08 13:43:34 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.06 21:57:43 | 000,065,600 | ---- | M] () -- C:\Users\Can Eryilmaz\Documents\cc_20100906_215738.reg
[2010.09.03 01:27:42 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.09.01 15:24:48 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.08.23 09:45:36 | 000,457,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.08.03 16:28:42 | 000,132,448 | ---- | M] () -- C:\Users\Can Eryilmaz\Desktop\eliff.veg
[2010.08.03 16:28:39 | 000,008,192 | ---- | M] () -- C:\Users\Can Eryilmaz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.27 12:22:11 | 000,000,748 | ---- | M] () -- C:\Users\Can Eryilmaz\Desktop\GoldWave.lnk
[2010.07.26 15:09:35 | 000,126,712 | ---- | M] () -- C:\Users\Can Eryilmaz\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.07.26 15:08:16 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Foto 2006 Standard Edition Bibliothek.lnk
[2010.07.26 15:07:53 | 000,002,213 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Foto 2006 Standard Edition Editor.lnk
[2010.07.24 03:19:59 | 000,311,968 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2010.07.24 02:56:36 | 000,043,168 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2010.07.23 20:33:05 | 000,002,063 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.07.22 21:12:20 | 000,002,176 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2010.07.21 14:38:42 | 000,000,880 | ---- | M] () -- C:\Windows\unins000.dat
[2010.07.21 14:38:40 | 000,695,578 | ---- | M] () -- C:\Windows\unins000.exe
[2010.07.14 21:04:13 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Vegas Pro 9.0 (64-bit).lnk
[2010.07.14 21:00:08 | 000,001,011 | ---- | M] () -- C:\Users\Can Eryilmaz\Desktop\CCleaner.lnk
[2010.07.12 19:16:20 | 000,000,982 | ---- | M] () -- C:\Users\Can Eryilmaz\Desktop\Teamspeak 2 RC2.lnk
[2010.07.11 14:43:33 | 000,001,023 | ---- | M] () -- C:\Users\Can Eryilmaz\Desktop\HandBrake.lnk
[2010.07.07 03:54:32 | 000,063,416 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2010.07.07 03:51:26 | 000,462,336 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2010.07.07 03:50:54 | 000,203,264 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2010.07.07 03:49:48 | 000,120,320 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2010.07.07 03:49:36 | 000,421,376 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2010.07.07 03:49:28 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2010.07.07 03:49:18 | 000,278,528 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2010.07.07 03:49:14 | 000,012,288 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2010.07.07 03:49:10 | 000,059,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2010.07.07 03:49:06 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2010.07.07 03:27:28 | 000,543,664 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2010.07.07 03:24:34 | 000,055,296 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst.dll
[2010.07.07 03:22:52 | 000,543,664 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2010.06.24 15:49:06 | 000,000,162 | -H-- | M] () -- C:\Users\Can Eryilmaz\Desktop\~$tationskörper.docx
[2010.06.22 15:02:48 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2010.06.18 07:13:30 | 000,021,682 | ---- | M] () -- C:\Windows\atiogl.xml
[2010.06.16 00:28:58 | 000,002,857 | ---- | M] () -- C:\Windows\SysWow64\atipblag.dat
[2010.06.16 00:28:58 | 000,002,857 | ---- | M] () -- C:\Windows\SysNative\atipblag.dat
[1 C:\Users\Can Eryilmaz\Desktop\*.tmp files -> C:\Users\Can Eryilmaz\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.09.09 12:48:22 | 000,004,096 | ---- | C] () -- C:\Users\Public\Documents\00001726.LCS
[2010.09.09 12:47:46 | 000,002,098 | ---- | C] () -- C:\Users\Public\Desktop\Patrizier IV.lnk
[2010.09.09 00:50:55 | 000,326,212 | ---- | C] () -- C:\Users\Can Eryilmaz\Desktop\adress.jpg
[2010.09.08 13:43:34 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.06 21:57:41 | 000,065,600 | ---- | C] () -- C:\Users\Can Eryilmaz\Documents\cc_20100906_215738.reg
[2010.09.03 01:27:42 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.07.27 16:49:46 | 000,132,448 | ---- | C] () -- C:\Users\Can Eryilmaz\Desktop\eliff.veg
[2010.07.27 12:22:11 | 000,000,748 | ---- | C] () -- C:\Users\Can Eryilmaz\Desktop\GoldWave.lnk
[2010.07.26 15:08:16 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Foto 2006 Standard Edition Bibliothek.lnk
[2010.07.26 15:07:53 | 000,002,213 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Foto 2006 Standard Edition Editor.lnk
[2010.07.24 02:56:36 | 000,311,968 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2010.07.24 02:56:36 | 000,043,168 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2010.07.23 20:33:05 | 000,002,063 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.07.21 14:38:42 | 000,695,578 | ---- | C] () -- C:\Windows\unins000.exe
[2010.07.21 14:38:42 | 000,000,880 | ---- | C] () -- C:\Windows\unins000.dat
[2010.07.14 21:04:13 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Vegas Pro 9.0 (64-bit).lnk
[2010.07.14 21:00:08 | 000,001,011 | ---- | C] () -- C:\Users\Can Eryilmaz\Desktop\CCleaner.lnk
[2010.07.12 19:16:20 | 000,000,982 | ---- | C] () -- C:\Users\Can Eryilmaz\Desktop\Teamspeak 2 RC2.lnk
[2010.07.11 14:43:33 | 000,001,023 | ---- | C] () -- C:\Users\Can Eryilmaz\Desktop\HandBrake.lnk
[2010.07.07 03:54:32 | 000,063,416 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2010.07.07 03:27:28 | 000,543,664 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2010.07.07 03:22:52 | 000,543,664 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2010.06.24 15:49:06 | 000,000,162 | -H-- | C] () -- C:\Users\Can Eryilmaz\Desktop\~$tationskörper.docx
[2010.06.22 15:01:45 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2010.06.18 07:13:30 | 000,021,682 | ---- | C] () -- C:\Windows\atiogl.xml
[2010.06.16 00:28:58 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.06.16 00:28:58 | 000,002,857 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2010.05.28 02:09:00 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2010.04.02 22:47:50 | 000,000,083 | ---- | C] () -- C:\Users\Can Eryilmaz\AppData\Local\X-Plane Installer.prf
[2010.04.02 21:58:50 | 000,000,042 | ---- | C] () -- C:\Users\Can Eryilmaz\AppData\Local\x-plane_install.txt
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.03.20 20:34:21 | 000,008,192 | ---- | C] () -- C:\Users\Can Eryilmaz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.20 18:40:45 | 001,499,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.01.22 22:21:51 | 000,000,600 | ---- | C] () -- C:\Users\Can Eryilmaz\AppData\Roaming\winscp.rnd
[2010.01.22 22:10:27 | 000,000,600 | ---- | C] () -- C:\Users\Can Eryilmaz\AppData\Local\PUTTY.RND
[2010.01.21 19:56:41 | 000,000,017 | ---- | C] () -- C:\Users\Can Eryilmaz\AppData\Local\resmon.resmoncfg
[2010.01.21 16:43:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.01.17 02:07:09 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini
[2010.01.17 02:07:08 | 000,000,469 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.01.17 02:07:08 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.01.17 00:50:05 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010.01.17 00:50:05 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
========== LOP Check ==========
[2010.07.26 12:34:02 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\AceBIT
[2010.04.12 19:52:40 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Anthropics
[2010.08.30 19:31:10 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\bizarre creations
[2010.01.21 01:00:13 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\DAEMON Tools
[2010.01.18 00:13:28 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\DAEMON Tools Lite
[2010.01.21 01:00:13 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\DAEMON Tools Pro
[2010.06.17 17:44:19 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Facebook
[2010.07.21 14:38:42 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Flatcast
[2010.07.11 15:12:35 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\HandBrake
[2010.09.12 23:34:44 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\ICQ
[2010.09.09 13:14:14 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Kalypso Media
[2010.01.22 03:26:26 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Leadertech
[2010.05.27 15:16:28 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Nokia
[2010.05.27 15:16:29 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Nokia Ovi Suite
[2010.02.02 05:17:07 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\OCS
[2010.05.29 22:48:36 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Octoshape
[2010.01.17 01:48:13 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\OpenOffice.org
[2010.02.02 05:17:09 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Opera
[2010.05.27 15:09:25 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\PC Suite
[2010.09.09 12:48:19 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\ProtectDISC
[2010.07.14 23:16:02 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Publish Providers
[2010.08.03 15:22:12 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Sony
[2010.02.02 00:17:38 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\TeamViewer
[2010.02.27 16:00:16 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\The Creative Assembly
[2010.09.03 01:30:35 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\TS3Client
[2010.03.30 13:28:19 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Ubisoft
[2010.03.11 22:42:19 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Wippien
[2010.09.08 15:58:05 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.07.26 12:34:02 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\AceBIT
[2010.01.21 16:41:56 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Adobe
[2010.01.21 16:42:45 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\AdobeUM
[2010.04.12 19:52:40 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Anthropics
[2010.03.27 15:21:58 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Apple Computer
[2010.01.17 01:10:12 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\ATI
[2010.01.26 23:17:06 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\atitray
[2010.03.26 17:01:55 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Avira
[2010.08.30 19:31:10 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\bizarre creations
[2010.01.21 22:59:53 | 000,000,000 | R--D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Brother
[2010.01.21 01:00:13 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\DAEMON Tools
[2010.01.18 00:13:28 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\DAEMON Tools Lite
[2010.01.21 01:00:13 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\DAEMON Tools Pro
[2010.05.01 18:21:47 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\DivX
[2010.08.03 14:59:10 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\dvdcss
[2010.06.17 17:44:19 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Facebook
[2010.07.21 14:38:42 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Flatcast
[2010.03.11 23:12:02 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Hamachi
[2010.07.11 15:12:35 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\HandBrake
[2010.09.12 23:34:44 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\ICQ
[2010.01.17 00:42:55 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Identities
[2010.01.17 02:06:04 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\InstallShield
[2010.09.09 13:14:14 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Kalypso Media
[2010.01.22 03:26:26 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Leadertech
[2010.06.22 15:01:47 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Logishrd
[2010.06.22 15:03:11 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Logitech
[2010.01.17 01:19:36 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Macromedia
[2010.09.08 13:43:37 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Malwarebytes
[2009.07.14 20:18:19 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Media Center Programs
[2010.07.26 15:35:55 | 000,000,000 | --SD | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Microsoft
[2010.05.29 22:48:37 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Mozilla
[2010.05.27 15:16:28 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Nokia
[2010.05.27 15:16:29 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Nokia Ovi Suite
[2010.02.02 05:17:07 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\OCS
[2010.05.29 22:48:36 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Octoshape
[2010.01.17 01:48:13 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\OpenOffice.org
[2010.02.02 05:17:09 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Opera
[2010.05.27 15:09:25 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\PC Suite
[2010.09.09 12:48:19 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\ProtectDISC
[2010.07.14 23:16:02 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Publish Providers
[2010.05.21 18:22:35 | 000,000,000 | RH-D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\SecuROM
[2010.07.26 17:31:50 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Skype
[2010.07.26 16:50:32 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\skypePM
[2010.08.03 15:22:12 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Sony
[2010.07.12 19:17:58 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\teamspeak2
[2010.02.02 00:17:38 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\TeamViewer
[2010.02.27 16:00:16 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\The Creative Assembly
[2010.09.03 01:30:35 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\TS3Client
[2010.03.30 13:28:19 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Ubisoft
[2010.09.12 00:05:28 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\vlc
[2010.01.17 03:23:48 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\WinRAR
[2010.03.11 22:42:19 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Wippien
[2010.07.04 22:27:45 | 000,000,000 | ---D | M] -- C:\Users\Can Eryilmaz\AppData\Roaming\Xfire
< %APPDATA%\*.exe /s >
[2010.06.17 17:44:19 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Users\Can Eryilmaz\AppData\Roaming\Facebook\uninstall.exe
[2010.06.22 15:03:08 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Can Eryilmaz\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2010.03.11 21:29:41 | 000,077,542 | R--- | M] () -- C:\Users\Can Eryilmaz\AppData\Roaming\Microsoft\Installer\{3FC6307A-0EDE-9922-5898-3512D1CA44EE}\ARPPRODUCTICON.exe
[2010.06.27 02:10:46 | 000,077,542 | R--- | M] () -- C:\Users\Can Eryilmaz\AppData\Roaming\Microsoft\Installer\{B702F355-FE10-D065-C6DD-3706595EB1CD}\ARPPRODUCTICON.exe
[2010.06.04 00:48:06 | 000,077,542 | R--- | M] () -- C:\Users\Can Eryilmaz\AppData\Roaming\Microsoft\Installer\{BE30158C-B5DA-0831-ED0D-EDA0902EFAD8}\ARPPRODUCTICON.exe
[2010.06.14 12:08:50 | 000,425,984 | ---- | M] () -- C:\Users\Can Eryilmaz\AppData\Roaming\Mozilla\Firefox\Profiles\59n38xlr.default\extensions\piclens@cooliris.com\libs\LaunchCooliris.exe
[2010.06.14 12:08:50 | 000,545,280 | ---- | M] () -- C:\Users\Can Eryilmaz\AppData\Roaming\Mozilla\Firefox\Profiles\59n38xlr.default\extensions\piclens@cooliris.com\libs\PicLensHelper.exe
[2010.02.02 05:17:07 | 000,106,496 | ---- | M] (OCS) -- C:\Users\Can Eryilmaz\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
[2010.02.02 05:17:07 | 000,040,960 | ---- | M] () -- C:\Users\Can Eryilmaz\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Can Eryilmaz\Documents\DriverGenius\Backup\Driver Backup 6-22-2010-145343\IDE-Kanal#1\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Can Eryilmaz\Documents\DriverGenius\Backup\Driver Backup 6-22-2010-145343\IDE-Kanal#2\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Can Eryilmaz\Documents\DriverGenius\Backup\Driver Backup 6-22-2010-145343\IDE-Kanal#3\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Can Eryilmaz\Documents\DriverGenius\Backup\Driver Backup 6-22-2010-145343\IDE-Kanal#4\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Can Eryilmaz\Documents\DriverGenius\Backup\Driver Backup 6-22-2010-145343\IDE-Kanal#5\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Can Eryilmaz\Documents\DriverGenius\Backup\Driver Backup 6-22-2010-145343\IDE-Kanal\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Can Eryilmaz\Documents\DriverGenius\Backup\Driver Backup 6-22-2010-145343\Standard-Zweikanal-PCI-IDE-Controller#1\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Can Eryilmaz\Documents\DriverGenius\Backup\Driver Backup 6-22-2010-145343\Standard-Zweikanal-PCI-IDE-Controller#2\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\Can Eryilmaz\Documents\DriverGenius\Backup\Driver Backup 6-22-2010-145343\Standard-Zweikanal-PCI-IDE-Controller\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
< MD5 for: USER32.DLL >
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< End of report >
--- --- ---
14.09.2010, 14:10
Hybrid-Darstellung
