Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win7 64 bit.Regelmäßige Bluescreens + Abstürze.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 30.04.2011, 17:45   #1
Manakusur
 
Win7 64 bit.Regelmäßige Bluescreens + Abstürze. - Standard

Win7 64 bit.Regelmäßige Bluescreens + Abstürze.



Hallo Liebes Trojaner Board.

Ich hab da ein Problem und bitte um hilfe -

Zum Problem :

Ich kriege oft Bluescreens (wink.32sys,page_fault_in_nonpaged_area) und manchmal friert mein PC auch einfach ein d.H ich kann garnix mehr machen tastatur und maus geht nixmehr.Der PC höhrt auf zu arbeiten und blinkt nichtmehr.

Ich bin echt am verzweifeln und bitte um Hilfe

PC:
- OS : Windows 7 Ultimate 64 bit
- GRAKA : Geforce GTX 275
- Festplatte : 500 GB
- RAM : 4GB DDR3
- Mainboard : Gigabyte GA-ex58-ud3r
- Cpu : Intel core i7 920 4 x 2.67 GHZ

Logs :

- QTL

Code:
ATTFilter
OTL logfile created on: 30.04.2011 17:09:09 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Onur\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,39 Gb Total Space | 63,27 Gb Free Space | 43,22% Space Free | Partition Type: NTFS
Drive D: | 319,15 Gb Total Space | 248,47 Gb Free Space | 77,85% Space Free | Partition Type: NTFS
 
Computer Name: ONUR-PC | User Name: Onur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Onur\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe ()
PRC - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\avgam.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
PRC - C:\Program Files (x86)\Logitech\G35\G35.exe (Logitech(c))
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Onur\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (MSMQTriggers) -- C:\Windows\SysNative\mqtgsvc.exe (Microsoft Corporation)
SRV:64bit: - (MSMQ) -- C:\Windows\SysNative\mqsvc.exe (Microsoft Corporation)
SRV:64bit: - (IISADMIN) -- C:\Windows\SysNative\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Akamai) -- C:/Program Files (x86)/Common Files/Akamai/netsession_win_a35e6b9.dll ()
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgfws) -- C:\Program Files (x86)\AVG\AVG10\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (GEST Service) -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\drivers\fwlanusb.sys (AVM GmbH)
DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys (AVM Berlin)
DRV:64bit: - (LADF_SBVM) -- C:\Windows\SysNative\drivers\ladfSBVMamd64.sys (Logitech)
DRV:64bit: - (LADF_DHP2) -- C:\Windows\SysNative\drivers\ladfDHP2amd64.sys (Logitech)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (MQAC) -- C:\Windows\SysNative\drivers\mqac.sys (Microsoft Corporation)
DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\drivers\rmcast.sys (Microsoft Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (SaiK0728) -- C:\Windows\SysNative\drivers\SaiK0728.sys (Saitek)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=aeb42a78000000000000000000000000&tlver=1.4.19.19&affID=17159
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://start.icq.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=aeb42a78000000000000000000000000&tlver=1.4.19.19&affID=17159
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FF 0D 0E 73 27 A5 CB 01  [binary data]
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentBar_DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=aeb42a78000000000000000000000000&tlver=1.4.19.19&affID=17159"
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {c840e246-6b95-475e-9bd7-caa1c7eca9f2}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.4.0024
FF - prefs.js..extensions.enabledItems: {3b488ab2-a258-463e-8918-abe24dcabcb0}:0.1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1319
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:7.2.8
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.04.07 09:38:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.04.07 09:38:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2011.04.14 20:23:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2011.04.20 14:40:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.04.30 06:51:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.04.30 06:51:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Namoroka 3.6\extensions\\Components: C:\Program Files (x86)\Namoroka\components [2011.01.20 19:04:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Namoroka 3.6\extensions\\Plugins: C:\Program Files (x86)\Namoroka\plugins [2011.02.18 23:18:53 | 000,000,000 | ---D | M]
 
[2010.12.28 04:04:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Onur\AppData\Roaming\mozilla\Extensions
[2011.04.30 03:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Onur\AppData\Roaming\mozilla\Firefox\Profiles\pi1hwb4f.default\extensions
[2011.02.11 13:05:31 | 000,000,000 | ---D | M] ("Manaflask Stream Status") -- C:\Users\Onur\AppData\Roaming\mozilla\Firefox\Profiles\pi1hwb4f.default\extensions\{3b488ab2-a258-463e-8918-abe24dcabcb0}
[2011.01.11 15:26:11 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\Onur\AppData\Roaming\mozilla\Firefox\Profiles\pi1hwb4f.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
[2011.01.20 18:55:59 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Onur\AppData\Roaming\mozilla\Firefox\Profiles\pi1hwb4f.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.01.28 16:56:33 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Onur\AppData\Roaming\mozilla\Firefox\Profiles\pi1hwb4f.default\extensions\DTToolbar@toolbarnet.com
[2011.01.11 15:26:11 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Onur\AppData\Roaming\mozilla\Firefox\Profiles\pi1hwb4f.default\extensions\engine@conduit.com
[2011.04.21 13:13:13 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Onur\AppData\Roaming\mozilla\Firefox\Profiles\pi1hwb4f.default\extensions\ffxtlbr@babylon.com
[2011.01.11 15:26:11 | 000,000,931 | ---- | M] () -- C:\Users\Onur\AppData\Roaming\Mozilla\Firefox\Profiles\pi1hwb4f.default\searchplugins\conduit.xml
[2011.01.28 16:56:21 | 000,002,059 | ---- | M] () -- C:\Users\Onur\AppData\Roaming\Mozilla\Firefox\Profiles\pi1hwb4f.default\searchplugins\daemon-search.xml
[2011.04.29 02:27:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.04.29 02:27:03 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.01.02 01:44:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.04.14 20:23:40 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG10\FIREFOX4
[2011.04.07 09:38:26 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011.04.07 09:38:26 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2011.04.20 14:40:35 | 000,000,000 | ---D | M] (Roboform Toolbar for Firefox) -- C:\PROGRAM FILES (X86)\SIBER SYSTEMS\AI ROBOFORM\FIREFOX
[2011.01.02 01:44:48 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.04.30 06:51:06 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.04.21 13:13:13 | 000,002,423 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011.04.30 06:51:06 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.04.30 06:51:06 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.04.30 06:51:06 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.04.30 06:51:06 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar_DE Toolbar) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\Windows\SysNative\mqrt.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SaiVolume] C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe (Saitek)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [Logitech G35] C:\Program Files (x86)\Logitech\G35\G35.exe (Logitech(c))
O4 - HKLM..\Run: [TaskTray]  File not found
O4 - Startup: C:\Users\Onur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: RF - Formular ausfüllen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: RF - Formular speichern - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:64bit: - Extra context menu item: RF - Menü anpassen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: RF - RoboForm-Leiste ein/aus - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: RF - Formular ausfüllen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RF - Formular speichern - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: RF - Menü anpassen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: RF - RoboForm-Leiste ein/aus - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1232f4e4-1117-11e0-a3d0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1232f4e4-1117-11e0-a3d0-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Run.exe
O33 - MountPoints2\{243374c9-111b-11e0-b3d2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{243374c9-111b-11e0-b3d2-806e6f6e6963}\Shell\AutoRun\command - "" = E:\CDSETUP.EXE
O33 - MountPoints2\{7cde593e-1119-11e0-8c66-001fd0af161a}\Shell - "" = AutoRun
O33 - MountPoints2\{7cde593e-1119-11e0-8c66-001fd0af161a}\Shell\AutoRun\command - "" = F:\pushinst.exe
O33 - MountPoints2\{c569a7a1-2ace-11e0-a666-001fd0af161a}\Shell - "" = AutoRun
O33 - MountPoints2\{c569a7a1-2ace-11e0-a666-001fd0af161a}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) -  File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.30 16:53:47 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Onur\Desktop\OTL.exe
[2011.04.30 16:52:35 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\Malwarebytes
[2011.04.30 16:52:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.04.30 16:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.30 16:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.30 16:52:26 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.04.30 16:52:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.04.30 08:48:49 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\SKIDROW
[2011.04.30 08:24:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
[2011.04.30 03:37:39 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{7F87A8AD-A795-4F7C-B5B3-DE25C1B00FD2}
[2011.04.29 15:36:32 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{0FB1852C-A0E8-4FAA-9EED-F821411AE089}
[2011.04.29 15:29:15 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{5D83C026-EDF9-4B46-912D-0A3BDA430E6F}
[2011.04.29 02:27:53 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\skypePM
[2011.04.29 02:27:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011.04.29 02:27:07 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\Skype
[2011.04.29 02:26:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.04.29 02:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011.04.29 02:26:56 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.04.29 02:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.04.29 02:23:59 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{0A077035-CA77-47B4-A5E9-6F96D4D31E8C}
[2011.04.28 20:16:23 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{49D9BF32-A14F-4390-92A9-1A46DFF298BC}
[2011.04.28 17:35:47 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{70A1ECEB-F42F-43DE-A5F2-4CB12374A215}
[2011.04.28 04:26:09 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{7BD02421-0265-4547-A2EC-DF16033CEE8E}
[2011.04.27 17:19:17 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
[2011.04.27 17:17:25 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\Apps
[2011.04.27 17:17:24 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\Deployment
[2011.04.27 16:24:37 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{428956BD-ED9F-4584-8FDE-008D124503F6}
[2011.04.27 02:21:12 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\.minecraft
[2011.04.27 02:20:48 | 000,000,000 | ---D | C] -- C:\Users\Onur\Desktop\Minecraft by KAY-C
[2011.04.27 01:29:09 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.04.27 01:29:09 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011.04.27 01:29:08 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.04.27 01:29:08 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.04.27 01:28:55 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011.04.27 01:28:54 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011.04.27 01:28:54 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011.04.27 01:28:54 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011.04.27 01:28:54 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011.04.27 01:28:53 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011.04.27 01:28:53 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011.04.27 01:28:45 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011.04.27 01:28:45 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011.04.26 23:33:45 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{BA30AE5A-CDD5-4EE4-AC9D-7EAE5C442719}
[2011.04.26 22:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PocketSoft
[2011.04.26 21:59:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atari
[2011.04.26 21:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
[2011.04.26 21:43:21 | 000,000,000 | ---D | C] -- C:\Users\Onur\Documents\RCT3
[2011.04.26 21:43:21 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\Atari
[2011.04.26 15:15:34 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{1730B73E-4AB6-435A-BA4C-CA4D1092A779}
[2011.04.25 13:36:50 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{B196C74F-2641-4986-838F-95973D3AF6CF}
[2011.04.25 05:58:23 | 000,000,000 | ---D | C] -- C:\Users\Onur\Falsh
[2011.04.25 05:48:26 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\MyPhoneExplorer
[2011.04.25 05:48:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
[2011.04.25 05:48:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPhoneExplorer
[2011.04.24 15:29:42 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{F33606CF-6986-4ECF-BD95-35E73267C604}
[2011.04.24 15:26:42 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{26897BA7-BA16-4DDB-A324-6B11B486BFF3}
[2011.04.24 00:48:46 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{DD4FC382-BC39-4627-8232-63CC060AD576}
[2011.04.23 13:20:28 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{F11DA02C-8682-45F8-BEA8-F0D47E20CAA1}
[2011.04.23 12:47:47 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{49ACF6EE-F529-42B7-A286-FF0FE3C9D01F}
[2011.04.23 04:25:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\alaplaya
[2011.04.23 04:11:08 | 711,189,938 | ---- | C] (InstallShield Software Corporation) -- C:\Users\Onur\Desktop\S4League.exe
[2011.04.23 04:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai
[2011.04.23 02:30:49 | 000,000,000 | ---D | C] -- C:\Users\Onur\Desktop\Pirox
[2011.04.23 02:25:30 | 000,000,000 | ---D | C] -- C:\Users\Onur\Desktop\Fishbot
[2011.04.22 19:31:11 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{9A2EDD90-0E80-4545-9449-9A22C0CA226C}
[2011.04.22 11:49:49 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{D5E5743F-867D-435C-B834-CC9E0D844C80}
[2011.04.21 13:13:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yuna Software
[2011.04.21 13:11:23 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{9440D5A8-3B6C-46E5-BA95-AB97A855EA48}
[2011.04.20 18:20:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011.04.20 18:19:56 | 002,578,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2011.04.20 18:19:56 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011.04.20 18:19:56 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011.04.20 18:19:56 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011.04.20 18:19:56 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011.04.20 18:19:55 | 003,048,552 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2011.04.20 18:19:55 | 002,392,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2011.04.20 18:19:55 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2011.04.20 18:19:55 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2011.04.20 18:19:55 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2011.04.20 18:19:54 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2011.04.20 18:19:54 | 001,242,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2011.04.20 18:19:54 | 000,876,120 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll
[2011.04.20 18:19:54 | 000,738,392 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll
[2011.04.20 18:19:54 | 000,648,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2011.04.20 18:19:54 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011.04.20 18:19:54 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011.04.20 18:19:54 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011.04.20 18:19:54 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011.04.20 18:19:54 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011.04.20 18:19:54 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011.04.20 18:19:54 | 000,084,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2011.04.20 18:19:54 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011.04.20 18:19:54 | 000,064,600 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBppld64.dll
[2011.04.20 18:19:54 | 000,060,504 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBPPCn64.dll
[2011.04.20 18:19:51 | 002,075,712 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011.04.20 18:19:51 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2011.04.20 18:19:51 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2011.04.20 18:19:48 | 001,284,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2011.04.20 14:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm
[2011.04.20 14:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
[2011.04.20 14:40:29 | 000,000,000 | ---D | C] -- C:\Users\Onur\Documents\My RoboForm Data
[2011.04.20 14:40:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Siber Systems
[2011.04.20 13:11:39 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{24D5DA1A-B9F8-408C-8A93-EE8A5A00ABBC}
[2011.04.19 23:11:14 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{AAB2715C-F079-4A4E-AC97-64482D459408}
[2011.04.19 15:24:36 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011.04.19 14:53:08 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike Source 2010
[2011.04.19 14:38:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Counterstrike source
[2011.04.19 13:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Source
[2011.04.19 11:10:18 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{A17F7737-55FA-41E0-8FA4-FCD1724E6978}
[2011.04.18 11:02:00 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{BD286723-BA3A-44FF-96C1-FC912C18D687}
[2011.04.17 11:52:57 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{4B70CB1F-AAB3-4A74-A890-A6D64E520E80}
[2011.04.17 10:03:08 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{25EC19D9-46D0-4AC1-B07D-05F223B97DA4}
[2011.04.16 16:37:35 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{825B4263-646C-4B90-A9F2-BC3757B18CB4}
[2011.04.15 23:51:45 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{05094028-CBCC-4E94-A2D2-03D47F974467}
[2011.04.15 13:21:07 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.04.15 13:21:07 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.04.15 13:21:06 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.04.15 13:21:06 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.04.15 13:21:06 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.04.15 13:21:05 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011.04.15 13:21:05 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011.04.15 13:21:05 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011.04.15 13:21:04 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011.04.15 13:20:59 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.04.15 13:20:59 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.04.15 13:20:59 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.04.15 13:20:59 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.04.15 13:20:53 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.04.15 13:20:53 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.04.15 13:20:52 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.04.15 13:20:52 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.04.15 13:20:52 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.04.15 13:20:52 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.04.15 13:20:52 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.04.15 13:20:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.04.15 13:20:52 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.04.15 13:20:52 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.04.15 13:20:52 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.04.15 13:20:52 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.04.15 13:20:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.04.15 13:20:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.04.15 13:20:42 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011.04.15 13:20:42 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011.04.15 13:20:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011.04.15 13:20:41 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011.04.15 13:20:41 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011.04.15 13:20:41 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011.04.15 13:20:41 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011.04.15 13:20:41 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011.04.15 13:20:41 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011.04.15 13:20:41 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011.04.15 13:20:40 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011.04.15 11:50:17 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{BA0E2617-4095-43B0-BEBF-58982B3881CB}
[2011.04.14 21:06:01 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011.04.14 15:05:31 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{2759FEFA-8668-42C2-BE66-59846188EB8B}
[2011.04.13 18:20:19 | 000,000,000 | ---D | C] -- C:\Users\Onur\Desktop\Extreme Redeemer
[2011.04.13 12:48:41 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{86C7A76E-08B4-4B85-8FBA-4161BE476E15}
[2011.04.12 15:16:58 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{E9B47FED-C3B6-4DB4-968D-FBD3E7D17BD9}
[2011.04.11 18:12:28 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{9D5143D5-B9C5-454C-A285-AACFEB3C7954}
[2011.04.11 11:18:03 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{A17E407F-D721-47B2-BED8-634DDC8B9D73}
[2011.04.10 11:08:43 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{CF7B946C-A735-422C-BE9D-7B110BF08606}
[2011.04.09 14:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2011.04.09 13:57:56 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\Leadertech
[2011.04.09 13:57:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2011.04.09 13:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2011.04.09 13:57:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2011.04.09 13:54:03 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{8CA888CE-3059-4F4E-9867-4EA8E2BE9695}
[2011.04.08 14:30:16 | 000,000,000 | ---D | C] -- C:\Program Files\Saitek
[2011.04.08 14:27:50 | 020,487,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2011.04.08 14:27:50 | 015,061,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011.04.08 14:27:50 | 006,607,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011.04.08 14:27:50 | 004,941,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011.04.08 14:27:50 | 003,113,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011.04.08 14:27:50 | 002,895,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011.04.08 14:27:50 | 002,482,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011.04.08 14:27:50 | 002,252,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011.04.08 14:27:50 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.04.08 14:27:50 | 000,055,704 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011.04.08 14:27:49 | 018,577,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011.04.08 14:27:49 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011.04.08 14:27:49 | 000,008,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2011.04.08 14:14:40 | 042,459,336 | ---- | C] (Logitech                                                  ) -- C:\Users\Onur\Desktop\g35_101178_x64.exe
[2011.04.08 13:38:24 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{6A90891A-5546-4280-8D0C-9F64AE34AD99}
[2011.04.07 00:51:59 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{169AB2D2-9921-4BFA-8C88-3C198565E2B9}
[2011.04.06 12:53:56 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{8C182313-DAD4-4639-8376-D260FFEEBEC1}
[2011.04.05 12:58:54 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{F1FC42F9-735F-49C3-A08B-E5FCEB5FEBEC}
[2011.04.04 13:35:28 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{20DA2FC7-0E45-411F-A3BC-9E6724055A83}
[2011.04.03 21:49:34 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{E6588E53-15D1-4E23-9AB6-43135F2A292E}
[2011.04.03 09:47:47 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{6E1380E0-C21B-4395-A270-A5FB41F5B43F}
[2011.04.02 10:55:55 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{4DBB36FC-0F7F-4380-8DFA-74E0336AE6A3}
[2011.04.01 12:52:24 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{CD819EB9-8255-4690-ADF8-7077A964EFF4}
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.30 17:10:14 | 001,802,098 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.04.30 17:10:14 | 000,770,072 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.04.30 17:10:14 | 000,714,620 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.04.30 17:10:14 | 000,174,024 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.04.30 17:10:14 | 000,142,002 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.04.30 17:07:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.30 17:04:17 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011.04.30 17:04:17 | 000,024,072 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2011.04.30 17:04:14 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.30 17:03:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.30 17:03:51 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.30 16:53:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Onur\Desktop\OTL.exe
[2011.04.30 16:48:34 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.30 16:48:34 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.30 16:44:40 | 113,791,285 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011.04.30 16:37:42 | 000,000,000 | ---- | M] () -- C:\Users\Onur\AppData\Local\{5DD05F1C-C88B-410B-9C9B-286F086D6139}
[2011.04.30 16:37:06 | 481,650,767 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.04.30 09:32:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3293479335-605803016-50362143-1000UA.job
[2011.04.30 08:24:54 | 000,000,587 | ---- | M] () -- C:\Users\Public\Desktop\Portal 2.lnk
[2011.04.30 01:09:39 | 000,309,079 | ---- | M] () -- C:\Users\Onur\Desktop\Sasuke_Amaterasu___415_by_Ryouto.jpg
[2011.04.29 18:32:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3293479335-605803016-50362143-1000Core.job
[2011.04.29 15:28:57 | 000,000,000 | ---- | M] () -- C:\Users\Onur\AppData\Local\{7B758891-625C-43C8-AC58-BA7341CECE11}
[2011.04.29 05:51:50 | 000,000,000 | ---- | M] () -- C:\Users\Onur\AppData\Local\{80492A6A-F980-4C89-8FAE-F6C8FDB71CB3}
[2011.04.29 02:27:59 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2011.04.29 02:26:57 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.04.27 17:19:45 | 000,000,000 | ---- | M] () -- C:\Users\Onur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2011.04.27 16:30:55 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011.04.26 22:04:03 | 000,043,520 | ---- | M] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011.04.25 05:35:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2011.04.23 04:22:07 | 711,189,938 | ---- | M] (InstallShield Software Corporation) -- C:\Users\Onur\Desktop\S4League.exe
[2011.04.22 18:06:26 | 000,651,666 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm
[2011.04.21 18:06:45 | 000,251,691 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2011.04.21 13:12:50 | 000,001,152 | ---- | M] () -- C:\Users\Onur\Desktop\Continue Messenger Plus! Installation.lnk
[2011.04.19 14:53:08 | 000,002,387 | ---- | M] () -- C:\Users\Onur\Desktop\Counter Strike Source 2010.lnk
[2011.04.15 19:44:55 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.04.12 15:18:30 | 000,254,616 | ---- | M] () -- C:\Users\Onur\Documents\ts3_clientui-win64-12815-2011-04-12 15_18_30.670129.dmp
[2011.04.12 15:17:29 | 000,259,742 | ---- | M] () -- C:\Users\Onur\Documents\ts3_clientui-win64-12815-2011-04-12 15_17_26.152439.dmp
[2011.04.10 21:17:59 | 002,384,684 | ---- | M] () -- C:\Users\Onur\Desktop\ts3_recording_11_04_10_21_17_7.wav
[2011.04.09 17:27:32 | 000,054,920 | ---- | M] () -- C:\Users\Onur\Desktop\Krzlichaktualisier.e3d980f1413a8375415bee89ded79ff7.jpg
[2011.04.08 14:15:14 | 042,459,336 | ---- | M] (Logitech                                                  ) -- C:\Users\Onur\Desktop\g35_101178_x64.exe
[2011.04.01 20:59:49 | 000,577,917 | ---- | M] () -- C:\Users\Onur\Desktop\WoWScrnShot_040111_205949.jpg
 
========== Files Created - No Company Name ==========
 
[2011.04.30 16:37:42 | 000,000,000 | ---- | C] () -- C:\Users\Onur\AppData\Local\{5DD05F1C-C88B-410B-9C9B-286F086D6139}
[2011.04.30 16:37:06 | 481,650,767 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.04.30 08:24:54 | 000,000,587 | ---- | C] () -- C:\Users\Public\Desktop\Portal 2.lnk
[2011.04.30 01:09:39 | 000,309,079 | ---- | C] () -- C:\Users\Onur\Desktop\Sasuke_Amaterasu___415_by_Ryouto.jpg
[2011.04.29 15:28:57 | 000,000,000 | ---- | C] () -- C:\Users\Onur\AppData\Local\{7B758891-625C-43C8-AC58-BA7341CECE11}
[2011.04.29 05:51:50 | 000,000,000 | ---- | C] () -- C:\Users\Onur\AppData\Local\{80492A6A-F980-4C89-8FAE-F6C8FDB71CB3}
[2011.04.29 02:27:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.29 02:26:57 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.04.27 17:19:45 | 000,000,000 | ---- | C] () -- C:\Users\Onur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2011.04.26 22:04:03 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011.04.26 22:03:17 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2011.04.25 05:35:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2011.04.21 13:12:50 | 000,001,152 | ---- | C] () -- C:\Users\Onur\Desktop\Continue Messenger Plus! Installation.lnk
[2011.04.21 01:17:32 | 000,577,917 | ---- | C] () -- C:\Users\Onur\Desktop\WoWScrnShot_040111_205949.jpg
[2011.04.19 14:53:08 | 000,002,387 | ---- | C] () -- C:\Users\Onur\Desktop\Counter Strike Source 2010.lnk
[2011.04.19 13:22:09 | 733,777,632 | ---- | C] () -- C:\Users\Onur\Desktop\CSS_07-07-2005_DZ.exe
[2011.04.12 15:18:30 | 000,254,616 | ---- | C] () -- C:\Users\Onur\Documents\ts3_clientui-win64-12815-2011-04-12 15_18_30.670129.dmp
[2011.04.12 15:17:26 | 000,259,742 | ---- | C] () -- C:\Users\Onur\Documents\ts3_clientui-win64-12815-2011-04-12 15_17_26.152439.dmp
[2011.04.10 21:17:09 | 002,384,684 | ---- | C] () -- C:\Users\Onur\Desktop\ts3_recording_11_04_10_21_17_7.wav
[2011.04.09 17:27:32 | 000,054,920 | ---- | C] () -- C:\Users\Onur\Desktop\Krzlichaktualisier.e3d980f1413a8375415bee89ded79ff7.jpg
[2011.04.08 13:45:15 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011.04.06 21:58:21 | 000,544,737 | ---- | C] () -- C:\Users\Onur\Desktop\WoWScrnShot_031011_173620.jpg
[2011.01.01 16:27:01 | 001,761,506 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.27 02:11:15 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
[2010.12.26 19:51:47 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010.06.25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.03.17 13:09:34 | 000,007,718 | ---- | C] () -- C:\Windows\cadx2.ini
[2007.06.21 08:34:08 | 000,203,328 | R--- | C] () -- C:\Windows\GSetup.exe
 
========== LOP Check ==========
 
[2011.04.27 02:21:46 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\.minecraft
[2011.04.26 21:43:21 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\Atari
[2010.12.26 21:12:11 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\AVG10
[2011.01.28 16:57:34 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\DAEMON Tools Lite
[2011.01.26 18:37:42 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\EurekaLog
[2011.04.30 09:39:43 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\ICQ
[2011.04.09 13:57:56 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\Leadertech
[2011.04.25 05:52:28 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\MyPhoneExplorer
[2010.12.26 20:06:58 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\Opera
[2011.04.30 06:13:51 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\TS3Client
[2011.04.30 09:39:39 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\uTorrent
[2010.12.27 03:29:30 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\VDownloader
[2011.04.11 11:16:56 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
         


< End of report >



Code:
ATTFilter
OTL Extras logfile created on: 30.04.2011 17:09:09 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Onur\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,39 Gb Total Space | 63,27 Gb Free Space | 43,22% Space Free | Partition Type: NTFS
Drive D: | 319,15 Gb Total Space | 248,47 Gb Free Space | 77,85% Space Free | Partition Type: NTFS
 
Computer Name: ONUR-PC | User Name: Onur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{088E976C-6B19-E3D3-1EAB-6E13B2D34CD7}" = ATI Catalyst Install Manager
"{0C682623-8F66-46A8-B9B3-93FE1E66A001}" = iTunes
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{27607A94-33AC-4AA7-AACE-95AF6ACA3E30}" = Logitech G35
"{34280DB1-8558-4709-AB7E-62A572C03355}" = Saitek Cyborg Keyboard Volume 6.2.1.3
"{742DF898-7ABE-4CF4-8557-5D17C400D49C}" = AVG 2011
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82D8F93E-8A8C-4CCE-B88F-A99E4F3DECA7}" = AVG 2011
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 267.60
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 267.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 267.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2011
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.1208.1
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon® 3
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}" = Driver Whiz
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C71CBF8-B1DB-45EA-842E-E8D8E7E54125}" = S4 League_EU
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.0.733
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{B4C7FA0D-392F-4653-A631-6028E5CE1294}_is1" = Extreme Redeemer Version 4.1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C768790F-04FB-11E0-9B2C-001AA037B01E}" = Google Earth
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{EA926717-CE5A-4CB4-AB21-9E6E9565A458}" = RCT3 Soaked
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AI RoboForm" = RoboForm 7-2-8 (All Users)
"Akamai" = Akamai NetSession Interface
"AVMWLANCLI" = AVM FRITZ!WLAN
"conduitEngine" = Conduit Engine
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Content Uploader" = DivX Content Uploader
"DivX Setup.divx.com" = DivX-Setup
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"MPE" = MyPhoneExplorer
"Namoroka (3.6)" = Namoroka (3.6)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 11.10.2092" = Opera 11.10
"Postal 2_is1" = Portal 2
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"uTorrent" = µTorrent
"uTorrentBar_DE Toolbar" = uTorrentBar_DE Toolbar
"VLC media player" = VLC media player 1.1.5
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 28.04.2011 23:28:26 | Computer Name = Onur-PC | Source = Application Hang | ID = 1002
Description = Programm Skype.exe, Version 5.3.0.111 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: d90    Startzeit: 
01cc061cf5aa6221    Endzeit: 9    Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe
 
Berichts-ID:
 
 
Error - 29.04.2011 19:51:21 | Computer Name = Onur-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4da54080  Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel:
 0x4d4d45fc  Ausnahmecode: 0xc0000417  Fehleroffset: 0x00042926  ID des fehlerhaften Prozesses:
 0x18e0  Startzeit der fehlerhaften Anwendung: 0x01cc06c852bcd7a2  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Counterstrike source\Counter Strike Source 2010\hl2.exe
Pfad
 des fehlerhaften Moduls: c:\program files (x86)\counterstrike source\counter strike
 source 2010\bin\steamclient.dll  Berichtskennung: 94c86fdd-72bb-11e0-901e-cee88e2b631d
 
Error - 29.04.2011 19:52:57 | Computer Name = Onur-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4da54080  Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel:
 0x4d4d45fc  Ausnahmecode: 0xc0000417  Fehleroffset: 0x00042926  ID des fehlerhaften Prozesses:
 0x1278  Startzeit der fehlerhaften Anwendung: 0x01cc06c88f7abe32  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Counterstrike source\Counter Strike Source 2010\hl2.exe
Pfad
 des fehlerhaften Moduls: c:\program files (x86)\counterstrike source\counter strike
 source 2010\bin\steamclient.dll  Berichtskennung: ce26a408-72bb-11e0-901e-cee88e2b631d
 
Error - 29.04.2011 19:53:11 | Computer Name = Onur-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4da54080  Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel:
 0x4d4d45fc  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0003cc43  ID des fehlerhaften Prozesses:
 0x1604  Startzeit der fehlerhaften Anwendung: 0x01cc06c8981a34a4  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Counterstrike source\Counter Strike Source 2010\hl2.exe
Pfad
 des fehlerhaften Moduls: c:\program files (x86)\counterstrike source\counter strike
 source 2010\bin\steamclient.dll  Berichtskennung: d66d4ace-72bb-11e0-901e-cee88e2b631d
 
Error - 29.04.2011 22:37:03 | Computer Name = Onur-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4da54080  Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel:
 0x4d4d45fc  Ausnahmecode: 0xc0000417  Fehleroffset: 0x00042926  ID des fehlerhaften Prozesses:
 0x450  Startzeit der fehlerhaften Anwendung: 0x01cc06df7a9e81d8  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Counterstrike source\Counter Strike Source 2010\hl2.exe
Pfad
 des fehlerhaften Moduls: c:\program files (x86)\counterstrike source\counter strike
 source 2010\bin\steamclient.dll  Berichtskennung: ba9c4100-72d2-11e0-901e-cee88e2b631d
 
Error - 29.04.2011 22:37:11 | Computer Name = Onur-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4da54080  Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel:
 0x4d4d45fc  Ausnahmecode: 0xc0000417  Fehleroffset: 0x00042926  ID des fehlerhaften Prozesses:
 0x650  Startzeit der fehlerhaften Anwendung: 0x01cc06df814443c3  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Counterstrike source\Counter Strike Source 2010\hl2.exe
Pfad
 des fehlerhaften Moduls: c:\program files (x86)\counterstrike source\counter strike
 source 2010\bin\steamclient.dll  Berichtskennung: bf838382-72d2-11e0-901e-cee88e2b631d
 
Error - 29.04.2011 23:07:38 | Computer Name = Onur-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
 0x4da54080  Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel:
 0x4d4d45fc  Ausnahmecode: 0xc0000417  Fehleroffset: 0x00042926  ID des fehlerhaften Prozesses:
 0x1018  Startzeit der fehlerhaften Anwendung: 0x01cc06e3b8da5f0b  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Counterstrike source\Counter Strike Source 2010\hl2.exe
Pfad
 des fehlerhaften Moduls: c:\program files (x86)\counterstrike source\counter strike
 source 2010\bin\steamclient.dll  Berichtskennung: 00758a2f-72d7-11e0-aa04-d60c42692655
 
Error - 30.04.2011 02:27:13 | Computer Name = Onur-PC | Source = Application Hang | ID = 1002
Description = Programm portal2.exe, Version 0.0.0.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 224    Startzeit: 
01cc06ff8d36d601    Endzeit: 43    Anwendungspfad: D:\Portal 2\portal2.exe    Berichts-ID:   
 
Error - 30.04.2011 11:07:57 | Computer Name = Onur-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.22.3 kann nicht mehr unter Windows ausgeführt
 werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1270    Startzeit:
 01cc07480d51eecf    Endzeit: 2    Anwendungspfad: C:\Users\Onur\Desktop\OTL.exe    Berichts-ID:
 
 
Error - 30.04.2011 11:08:59 | Computer Name = Onur-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.22.3 kann nicht mehr unter Windows ausgeführt
 werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 10ec    Startzeit:
 01cc07486595fb7b    Endzeit: 1    Anwendungspfad: C:\Users\Onur\Desktop\OTL.exe    Berichts-ID:
 
 
[ System Events ]
Error - 17.04.2011 07:03:29 | Computer Name = Onur-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?17.?04.?2011 um 12:42:24 unerwartet heruntergefahren.
 
Error - 17.04.2011 07:03:34 | Computer Name = ONUR-PC | Source = BugCheck | ID = 1001
Description = 
 
Error - 17.04.2011 07:07:57 | Computer Name = Onur-PC | Source = Microsoft-Windows-Time-Service | ID = 34
Description = Der Zeitdienst hat festgestellt, dass die Systemzeit um -86388 Sekunden
 geändert werden muss. Die Systemzeit kann durch den Zeitdienst um maximal 54000
 Sekunden geändert werden. Stellen Sie sicher, dass die Uhrzeit und Zeitzone richtig
 sind und dass die Zeitquelle time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->207.46.232.182:123)
 ordnungsgemäß ausgeführt wird.
 
Error - 17.04.2011 11:11:14 | Computer Name = Onur-PC | Source = Microsoft-Windows-Time-Service | ID = 34
Description = Der Zeitdienst hat festgestellt, dass die Systemzeit um -86388 Sekunden
 geändert werden muss. Die Systemzeit kann durch den Zeitdienst um maximal 54000
 Sekunden geändert werden. Stellen Sie sicher, dass die Uhrzeit und Zeitzone richtig
 sind und dass die Zeitquelle time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->207.46.232.182:123)
 ordnungsgemäß ausgeführt wird.
 
Error - 17.04.2011 14:21:57 | Computer Name = Onur-PC | Source = Microsoft-Windows-Time-Service | ID = 34
Description = Der Zeitdienst hat festgestellt, dass die Systemzeit um -86387 Sekunden
 geändert werden muss. Die Systemzeit kann durch den Zeitdienst um maximal 54000
 Sekunden geändert werden. Stellen Sie sicher, dass die Uhrzeit und Zeitzone richtig
 sind und dass die Zeitquelle time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->207.46.232.182:123)
 ordnungsgemäß ausgeführt wird.
 
Error - 18.04.2011 05:02:07 | Computer Name = Onur-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 18.04.2011 05:02:07 | Computer Name = Onur-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 18.04.2011 05:08:18 | Computer Name = Onur-PC | Source = Microsoft-Windows-Time-Service | ID = 34
Description = Der Zeitdienst hat festgestellt, dass die Systemzeit um -86387 Sekunden
 geändert werden muss. Die Systemzeit kann durch den Zeitdienst um maximal 54000
 Sekunden geändert werden. Stellen Sie sicher, dass die Uhrzeit und Zeitzone richtig
 sind und dass die Zeitquelle time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->207.46.232.182:123)
 ordnungsgemäß ausgeführt wird.
 
Error - 18.04.2011 05:34:18 | Computer Name = Onur-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?18.?04.?2011 um 11:32:27 unerwartet heruntergefahren.
 
Error - 18.04.2011 05:34:23 | Computer Name = ONUR-PC | Source = BugCheck | ID = 1001
Description = 
 
 
< End of report >
         


- Malewarebytes (Voller Scan)
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
 
Datenbank Version: 6478
 
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
 
30.04.2011 17:42:19
mbam-log-2011-04-30 (17-42-19).txt
 
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 153077
Laufzeit: 1 Minute(n), 25 Sekunde(n)
 
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
 
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
 
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
 
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
 
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
 
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
 
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
 
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         
Vielen Dank

sry hier ist der volle scan

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 6478

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

30.04.2011 17:40:06
mbam-log-2011-04-30 (17-40-06).txt

Art des Suchlaufs: Vollständiger Suchlauf (A:\|C:\|D:\|E:\|)
Durchsuchte Objekte: 358325
Laufzeit: 33 Minute(n), 50 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\program files (x86)\counterstrike source\counter strike source 2010\bin\steamclient.dll (Trojan.Dropper.PGen) -> Quarantined and deleted successfully

heute nochmal paar bluescreens , darunter ein neuer "Memory Management"

Alt 01.05.2011, 17:22   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7 64 bit.Regelmäßige Bluescreens + Abstürze. - Standard

Win7 64 bit.Regelmäßige Bluescreens + Abstürze.



Seit wann hast du die Abstürze und Bluescreens? Am System was verändert?
Meinst du man kann hardwaredefekte ausschließen, schonmal das System mit einer Linux-Live-CD wie Knoppix oder Ubuntu getestet bzw auch mal einen Arbeitsspeichertest mit Memtest86 gemacht?
__________________

__________________

Alt 09.05.2011, 16:30   #3
Manakusur
 
Win7 64 bit.Regelmäßige Bluescreens + Abstürze. - Standard

Win7 64 bit.Regelmäßige Bluescreens + Abstürze.



Zitat:
Zitat von cosinus Beitrag anzeigen
Seit wann hast du die Abstürze und Bluescreens? Am System was verändert?
Meinst du man kann hardwaredefekte ausschließen, schonmal das System mit einer Linux-Live-CD wie Knoppix oder Ubuntu getestet bzw auch mal einen Arbeitsspeichertest mit Memtest86 gemacht?
Huhu danke für die schnelle und sorry für meine verspätete antwort.
War die Tage weg.
b ich
Die hab ich schon lange .. vllt 3 monate , aber die waren nicht so schlimm.
Jetz ist es so ,dass ich alle 5-10 Minuten 1 kriege oder n Absturz kriege ist ziemlich mies -.-.Allerdings hab ich auch mal mit Darik's Boot And Nuke meine Festplatte komplett formatiert damit die Bluescreens weggehen.Ohne erfolg.
Ein test mit Memtest86 werd ich machen.
Mit Ubuntu hab ich es schon getestet.Keine probleme.
__________________

Alt 09.05.2011, 17:05   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7 64 bit.Regelmäßige Bluescreens + Abstürze. - Standard

Win7 64 bit.Regelmäßige Bluescreens + Abstürze.



Schon merkwürdig, wenn unter Ubuntu alles normal läuft, ist die Hardware ok und nicht defekt.

Zitat:
PC:
- OS : Windows 7 Ultimate 64 bit
Woher stammt diese Windows-Version?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Win7 64 bit.Regelmäßige Bluescreens + Abstürze.
akamai, bho, blinkt, bonjour, c:\windows\system32\rundll32.exe, conduit, continue, counter-strike source, driver genius, error, festplatte, firefox, flash player, geforce gtx, google chrome, install.exe, jdownloader, langs, location, logfile, maus, maximal, memory management, mozilla, object, oldtimer, page_fault, problem, programm, realtek, registry, scan, search the web, searchplugins, security, server, shell32.dll, shortcut, skype.exe, software, start menu, studio, syswow64, tastatur, teamspeak, trojan.dropper.pgen, trojaner, visual studio, webcheck, win7 64, windows, windows 7 ultimate



Ähnliche Themen: Win7 64 bit.Regelmäßige Bluescreens + Abstürze.


  1. Win7 viele Bluescreens
    Alles rund um Windows - 27.07.2015 (12)
  2. Unzählige Abstürze, Win7 sehr instabil und langsam
    Plagegeister aller Art und deren Bekämpfung - 23.04.2015 (21)
  3. Regelmäßige Bluescreens und der Verdacht durch Rougekiller auf einen IRP Hook Rootkit
    Log-Analyse und Auswertung - 05.04.2015 (21)
  4. Windows 8.1: Sporadische Bluescreens (meist ntoskrnl.exe) und häufige Abstürze
    Plagegeister aller Art und deren Bekämpfung - 03.11.2014 (7)
  5. WIN7:CI.A - sehr langsam/diverse abstürze von programmen/explorer.exe absturz
    Log-Analyse und Auswertung - 01.11.2014 (9)
  6. Regelmäßige Bluescreens nur beim Spielen
    Plagegeister aller Art und deren Bekämpfung - 16.07.2014 (9)
  7. Häufige Abstürze und Bluescreens - Software oder Hardware Problem?
    Plagegeister aller Art und deren Bekämpfung - 17.06.2014 (5)
  8. Win7 - Regelmäßige Systemabstürze
    Log-Analyse und Auswertung - 10.05.2014 (23)
  9. Div. Bluescreens bei Win7 und Win7-Installation nach durchgeb. Netzteil
    Alles rund um Windows - 24.11.2013 (8)
  10. Opera & Win7 Abstürze, Avira Echtzeitscanner & Browserschutz deaktiviert und nicht startbar
    Log-Analyse und Auswertung - 15.09.2013 (9)
  11. Regelmäßige Abstürze des Flash Players
    Log-Analyse und Auswertung - 15.08.2012 (1)
  12. win7, Darstellungsfehler System relevanter Fenster/Programme, Bluescreens
    Plagegeister aller Art und deren Bekämpfung - 20.06.2012 (1)
  13. Bluescreens und Anwendungsgabstürze Win7 x64
    Plagegeister aller Art und deren Bekämpfung - 23.03.2012 (1)
  14. Pc-Abstürze durch Bluescreens und automatisches Öffnen von Tabs im Browser
    Plagegeister aller Art und deren Bekämpfung - 17.09.2011 (28)
  15. Dauernd Abstürze, Bluescreens nach löschen von diversen Trojanern
    Log-Analyse und Auswertung - 20.02.2011 (1)
  16. Diverse sporadische Bluescreens und Abstürze
    Alles rund um Windows - 22.06.2009 (1)
  17. Mysteriöse Abstürze, seltsame Hänger und Bluescreens
    Log-Analyse und Auswertung - 15.11.2008 (3)

Zum Thema Win7 64 bit.Regelmäßige Bluescreens + Abstürze. - Hallo Liebes Trojaner Board. Ich hab da ein Problem und bitte um hilfe - Zum Problem : Ich kriege oft Bluescreens (wink.32sys,page_fault_in_nonpaged_area) und manchmal friert mein PC auch einfach ein - Win7 64 bit.Regelmäßige Bluescreens + Abstürze....
Archiv
Du betrachtest: Win7 64 bit.Regelmäßige Bluescreens + Abstürze. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.