| blackhope | 18.12.2011 13:52 |
hallo nochmal ,
ich habe jetz das getan was du mir vegeschrieben hast
erstamals danke das du die zeit dir genommen hast das ganze mal dursch zu lesen
und jetz zu OTL
ich habe alles bevolkt am ende hat sich der editor geöffnet und im textdokument stand drinn :OTL Logfile: Code:
OTL logfile created on: 18.12.2011 13:30:03 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\AGGÜL EMRE\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,98 Gb Total Physical Memory | 5,34 Gb Available Physical Memory | 89,25% Memory free
11,96 Gb Paging File | 11,33 Gb Available in Paging File | 94,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,66 Gb Total Space | 394,00 Gb Free Space | 87,43% Space Free | Partition Type: NTFS
Computer Name: AGGÜL-PC | User Name: AGGÜL EMRE | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.12.18 13:16:03 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\AGGÜL EMRE\Desktop\OTL.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.09.16 15:44:36 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010.10.29 19:22:12 | 000,868,224 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010.10.28 03:38:16 | 000,203,264 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.10.08 02:24:16 | 000,150,016 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Stopped] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011.12.14 20:47:40 | 003,316,000 | ---- | M] () [Auto | Stopped] -- c:\program files (x86)\common files\akamai/netsession_win_b427739.dll -- (Akamai)
SRV - [2011.09.16 15:51:20 | 002,027,840 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.09.16 15:44:28 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.07.04 11:53:50 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.24 21:55:00 | 004,066,168 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.22 14:24:30 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.11.12 02:21:52 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.10.06 05:08:48 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.10.06 05:08:44 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.09.28 03:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010.09.14 03:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.06.02 00:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.07.04 11:53:51 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.07.04 11:53:51 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.05.10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.10 20:22:10 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2010.12.10 20:22:10 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2010.12.10 20:22:10 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.10.28 04:11:46 | 007,877,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.10.28 03:03:40 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.10.08 02:23:38 | 000,019,192 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.09.27 08:24:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.09.14 03:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.07.29 14:30:48 | 001,383,472 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.07.20 10:43:22 | 000,247,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.07.09 04:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010.05.11 11:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.05.05 22:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.04.20 03:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.04.29 15:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2011.05.31 13:03:04 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.03.20 10:33:26 | 000,028,672 | ---- | M] (libusb-Win32) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)
DRV - [2005.01.01 10:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Acer | MSN
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Acer | MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Acer | MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Acer | MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Acer | MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "foxsearch"
FF - prefs.js..browser.search.order.1: "foxsearch"
FF - prefs.js..browser.search.selectedEngine: "foxsearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - user.js..browser.search.selectedEngine: "foxsearch"
FF - user.js..browser.search.order.1: "foxsearch"
FF - user.js..browser.search.defaultenginename: "foxsearch"
FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\AGGÜL EMRE\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\AGGÜL EMRE\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\AGGÜL EMRE\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.25 14:17:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.25 14:17:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.25 14:17:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.25 14:17:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.25 14:17:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.25 14:17:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.25 14:17:23 | 000,000,000 | ---D | M]
[2011.06.21 13:44:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AGGÜL EMRE\AppData\Roaming\mozilla\Extensions
[2011.12.15 16:25:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AGGÜL EMRE\AppData\Roaming\mozilla\Firefox\Profiles\oq3l7qjp.default\extensions
[2011.11.06 07:39:40 | 000,000,000 | ---D | M] (FDislike) -- C:\Users\AGGÜL EMRE\AppData\Roaming\mozilla\Firefox\Profiles\oq3l7qjp.default\extensions\fbdislike@doweb.fr
[2011.07.04 18:19:27 | 000,002,425 | ---- | M] () -- C:\Users\AGGÜL EMRE\AppData\Roaming\Mozilla\Firefox\Profiles\oq3l7qjp.default\searchplugins\4-loot.xml
[2011.07.04 18:37:08 | 000,001,801 | ---- | M] () -- C:\Users\AGGÜL EMRE\AppData\Roaming\Mozilla\Firefox\Profiles\oq3l7qjp.default\searchplugins\search-the-web.xml
[2011.06.21 13:43:51 | 000,002,501 | ---- | M] () -- C:\Users\AGGÜL EMRE\AppData\Roaming\Mozilla\Firefox\Profiles\oq3l7qjp.default\searchplugins\SearchResults.xml
[2011.12.16 14:00:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.12.16 14:00:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.09.06 14:10:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\AGGÃŒL EMRE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OQ3L7QJP.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
[2011.11.25 14:17:23 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.11.25 14:17:20 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.25 14:17:20 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.11.25 14:17:20 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.12 15:56:24 | 000,002,047 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2011.05.22 20:31:52 | 000,000,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src
[2011.11.25 14:17:20 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.06.21 13:43:51 | 000,002,501 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
[2011.11.25 14:17:20 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.11.25 14:17:20 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = hxxp://dts.search-results.com/sr?src=crb&appid=102&systemid=406&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\AGG\u00DCL EMRE\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\AGG\u00DCL EMRE\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\AGG\u00DCL EMRE\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: James White = C:\Users\AGGÜL EMRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\
CHR - Extension: YouTube = C:\Users\AGGÜL EMRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google-Suche = C:\Users\AGGÜL EMRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Voice Search = C:\Users\AGGÜL EMRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhfkcobomkalfdlmkongnhnhahkmnaad\1.0.10_0\
CHR - Extension: Google Mail = C:\Users\AGGÜL EMRE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
O1 HOSTS File: ([2011.12.10 11:32:00 | 000,000,052 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll (Bandoo Media, inc)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE (Bandoo Media, inc)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [sllaunch] C:\Windows\SysWOW64\sllaunch.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\AGGÜL EMRE\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [Facebook Update] C:\Users\AGGÜL EMRE\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [firefox.exe] C:\Users\AGGÜL EMRE\AppData\Roaming\Mozilla\Firefox\firefox.exe ()
O4 - Startup: C:\Users\AGGÜL EMRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hilfe.exe ()
O4 - Startup: C:\Users\AGGÜL EMRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1D0D9DD-80A3-484D-A450-C85EE46FAA31}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~2\wi3c8a~1\datamngr\datamngr.dll) -c:\progra~2\wi3c8a~1\datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~2\wi3c8a~1\datamngr\iebho.dll) -c:\progra~2\wi3c8a~1\datamngr\iebho.dll (Bandoo Media, inc)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
MsConfig:64bit - StartUpReg: IntelTBRunOnce - hkey= - key= - C:\Windows\SysNative\wscript.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: RtHDVBg - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2011.12.18 13:16:19 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\AGGÜL EMRE\Desktop\OTL.exe
[2011.12.17 16:58:56 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{243D6EF5-5B8B-4269-8C63-71F2FF1C234D}
[2011.12.17 16:58:46 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{636BACCB-15C5-4161-B1C6-723AE6162AA6}
[2011.12.17 16:48:55 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{A81AD00D-81EC-4EFB-9081-63E991874D28}
[2011.12.17 16:40:41 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{EC98EF5E-3E5D-4457-BCBA-45BB65660035}
[2011.12.17 16:40:31 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{30E60EC0-FBC8-4C41-86E8-02AA6A3C0E10}
[2011.12.17 16:38:32 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{CCAD6EE8-2ACF-4EFD-8D46-AA06DFB99CBE}
[2011.12.17 16:38:22 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{83CF6197-8504-45C3-9133-97185AA8B3F1}
[2011.12.17 10:04:59 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{955100C6-8181-483E-B836-E55158041DA3}
[2011.12.16 14:01:49 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Roaming\OpenOffice.org
[2011.12.16 14:01:31 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2011.12.16 14:00:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2011.12.16 13:51:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2011.12.16 13:31:07 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{3BB18572-582E-45FC-9785-7A0047F215F2}
[2011.12.16 13:30:56 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{45349D3C-BB8C-4A83-AE69-EB4864BA2C21}
[2011.12.15 14:50:12 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{E7E9D90A-8746-4C4B-AB2B-D6661E31FF8E}
[2011.12.15 14:50:02 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{DEC62E26-935C-469C-B57E-603F3F6A9D57}
[2011.12.14 20:46:08 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\Documents\FILSHtray
[2011.12.14 20:46:08 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\FILSH_Media_GmbH
[2011.12.14 20:01:00 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{77CBC0EB-2F8B-43B1-AF6A-9B7802949546}
[2011.12.13 13:58:25 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{228BA33D-C1CA-482A-85BE-9DD320D02210}
[2011.12.13 13:58:14 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{DAC2C4DF-31DE-4E8C-8402-34F9EB5F99FC}
[2011.12.12 12:18:49 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{9F65D6BE-299D-42B0-B876-44E9B98B292B}
[2011.12.12 12:18:38 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{160A8140-1145-4756-BCA9-659E8398E7F3}
[2011.12.11 18:44:46 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{F1AC6A53-410B-40A4-B5D1-EE30A78448A7}
[2011.12.11 18:44:36 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{11BF3711-9584-47DA-9264-20D951CB5AB8}
[2011.12.10 17:41:22 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{9EE9C7B0-539F-4A33-BA82-83D76EC64E90}
[2011.12.10 17:41:01 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{D296C4FF-E979-416E-84B9-036920CFC0EB}
[2011.12.10 16:31:01 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{395E7490-F5B6-4A8B-9517-51A75CCE7101}
[2011.12.10 10:21:52 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{945C1DFB-E3CF-42C4-B733-98EB783AC16A}
[2011.12.09 13:16:38 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{2E60A1DC-344D-4F5B-9D74-47213EC51A62}
[2011.12.09 13:16:28 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{FA75BB9B-8880-472F-AFF4-95D85AC5B69A}
[2011.12.08 22:45:15 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{0C6EA207-2335-435B-82E0-FA3828B8FB87}
[2011.12.08 22:45:04 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{A9ADD1D0-B93A-487D-B522-2C9AB8D140CE}
[2011.12.08 16:48:22 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{611DF182-A52B-43E4-9ECF-5FBFF7A9C913}
[2011.12.08 12:48:13 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{682D4266-EA75-45B9-9B43-8EADA9DEBFB9}
[2011.12.07 17:22:09 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{5528CDF3-5FB0-4AF5-862A-2019A4FD8D99}
[2011.12.07 17:21:59 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{C384B41A-1370-45DC-B189-A8634A2F7BE3}
[2011.12.07 09:46:09 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{52528826-5BE0-4EC2-9CAB-9B9A38C17ADE}
[2011.12.06 15:55:20 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{6D825CA1-CED6-4CAF-B6BD-7F216120BE44}
[2011.12.06 15:55:10 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{AAC33619-B048-4F20-8A09-2C3ACE0E9757}
[2011.12.05 17:07:08 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{4D7F9436-1A29-4994-827E-BDD011267F5E}
[2011.12.04 23:12:36 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{7ED0299E-4DFE-42B6-A1C3-1037982175E9}
[2011.12.04 11:12:14 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{9DC55B11-E073-41FB-87DD-33D62C183BF3}
[2011.12.04 11:12:04 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{C0E76492-651E-42A9-B9CC-A542880BA6DC}
[2011.12.03 23:11:37 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{42464621-7962-4E93-9D29-F16D915C8E1A}
[2011.12.03 23:11:27 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{6022BE70-E264-48B7-BC46-D20F738F1F90}
[2011.12.03 10:32:42 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Roaming\.minecraft
[2011.12.03 09:57:17 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{B10EF3DE-D3AF-462C-9AF6-6E7029FA3C43}
[2011.12.03 09:57:06 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{D3816F20-2832-4A55-8B6F-018B83C24D81}
[2011.12.02 19:56:43 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\LogMeIn Hamachi
[2011.12.02 19:40:53 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{F145A271-A9A2-4CAD-A1AB-09C89D4879AA}
[2011.12.02 13:10:17 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{B145B075-E17C-4FD3-BCF7-C841887216FE}
[2011.12.01 16:13:07 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{32E5CE72-D0C3-442E-9FC3-009E7010804B}
[2011.12.01 16:12:37 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{157AE7E5-4C3B-4063-9C23-74A06090ED0C}
[2011.11.30 17:46:39 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{4FC2E981-A335-44CC-9F97-D29BDB19EEB2}
[2011.11.30 17:46:28 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{DFAAD4A6-20EC-4C97-B0B0-487159E4B503}
[2011.11.29 17:32:47 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{4102DCC1-D754-433C-BD7B-5F14F9AC5FDF}
[2011.11.29 17:32:36 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{D5D9F7C1-8C65-4912-994E-310CBDDF4288}
[2011.11.28 18:04:09 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\Desktop\Minedit
[2011.11.28 16:47:44 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{EF7D58F4-47D8-4391-B9AF-00951CB18D59}
[2011.11.28 16:47:33 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{2CD4F17E-F45C-4C63-9469-3752D202F975}
[2011.11.27 18:16:15 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MinecraftAlpha
[2011.11.27 18:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MinecraftAlpha
[2011.11.27 09:56:49 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{7C61124B-028E-45C0-BFD2-535E6193ED1B}
[2011.11.26 09:08:03 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{DF8AA0FA-ADC4-4434-84A2-4AB730A20A17}
[2011.11.26 09:07:53 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{2DE53D4A-14C6-49C8-9FA5-D7A6B2FBBA30}
[2011.11.25 15:14:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.11.25 15:14:27 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.11.25 15:14:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.11.25 15:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.11.25 15:12:51 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.11.25 15:12:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.11.25 13:42:25 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{25D08944-BBB0-42A6-A1E3-186F2B2B4F22}
[2011.11.25 13:42:13 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{39096197-7B96-4766-9265-B7DAF00D9218}
[2011.11.24 09:46:19 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{E92AC8DB-4C3E-4724-81B8-FCAECE98E6A2}
[2011.11.24 09:46:09 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{5E3E7AE9-694A-4213-BC13-324ACD6555FF}
[2011.11.23 20:24:16 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{7BECB7FF-7DC3-4E8F-9129-9D992D4D904D}
[2011.11.23 20:24:05 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{1495073E-E241-46FD-BB51-F80ACE5CE2C1}
[2011.11.23 08:23:39 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{8506D9B7-42C1-463A-8A19-6372633CBA3D}
[2011.11.23 08:23:29 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{0C8F3DA2-E6E4-4B0F-BB15-2EBACFA584C0}
[2011.11.23 08:18:43 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{B2638A14-5EDE-4D6F-B821-79F5B107437A}
[2011.11.22 15:09:33 | 001,003,520 | -H-- | C] (FK2) -- C:\Windows\SysWow64\svchospt.exe
[2011.11.22 15:09:33 | 000,699,392 | ---- | C] (Stinga) -- C:\Windows\SysWow64\BEEGD10.ocx
[2011.11.22 15:09:33 | 000,424,448 | ---- | C] ( Developer Express Inc.) -- C:\Windows\SysWow64\dXTList.dll
[2011.11.22 15:09:33 | 000,327,680 | ---- | C] (DBI Technologies Inc.) -- C:\Windows\SysWow64\ctSchedule.ocx
[2011.11.22 15:09:33 | 000,192,512 | ---- | C] (-) -- C:\Windows\SysWow64\pfadmin.exe
[2011.11.22 15:09:33 | 000,040,960 | -H-- | C] (-) -- C:\Windows\SysWow64\svchosptd.exe
[2011.11.22 15:09:33 | 000,024,576 | ---- | C] (Text & Redaktion) -- C:\Windows\SysWow64\ScreenShotOCX.ocx
[2011.11.22 15:09:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ParentsFriend8
[2011.11.22 10:09:19 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\EgisTec
[2011.11.22 09:59:10 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{4A665ADA-980C-4067-90A5-1C35343CB255}
[2011.11.22 09:58:52 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{ABD99020-1181-41C7-AC91-120D4658FAC8}
[2011.11.21 13:59:29 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{0244B2B0-873F-446C-87CB-520E486AD2C3}
[2011.11.21 13:59:19 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{3803DA84-053D-443C-B443-E495E7B82D09}
[2011.11.20 20:01:22 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{94431A8A-7A77-474B-A325-69E4AA7A2915}
[2011.11.20 12:40:38 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{2F675D2F-02F4-4140-981A-536DF7BAF134}
[2011.11.19 11:01:36 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{731DBD8B-9BF1-4D7C-BC62-6552429AB723}
[2011.11.19 11:01:25 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{DD66D586-F5F7-4173-888E-B37CB0764C5D}
[2011.11.18 23:00:59 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{BCBAA31C-4E55-4265-8986-41EB5DAEF7E0}
[2011.11.18 23:00:49 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{7214A2DF-8F24-4BF1-9C46-3F5509F2465D}
[2011.11.18 22:23:06 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{AB290EE8-952F-435D-97CF-2155AF7BDB3D}
[2011.11.18 20:35:24 | 000,000,000 | ---D | C] -- C:\Users\AGGÜL EMRE\AppData\Local\{6EF83B9E-6715-4C68-B9EF-AAEF1D2FD2CC}
========== Files - Modified Within 30 Days ==========
[2011.12.18 13:26:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.18 13:26:08 | 522,604,543 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.18 13:16:03 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\AGGÜL EMRE\Desktop\OTL.exe
[2011.12.18 13:09:36 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.18 13:05:44 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.18 13:05:44 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.12.18 13:05:44 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.18 13:05:44 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.12.18 13:05:44 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.18 13:02:26 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.18 13:02:26 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.17 23:48:00 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.17 23:42:00 | 000,001,140 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1245790770-661328643-741367989-1000UA.job
[2011.12.17 23:41:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1245790770-661328643-741367989-1003UA.job
[2011.12.17 22:39:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1245790770-661328643-741367989-1000UA.job
[2011.12.17 22:39:00 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1245790770-661328643-741367989-1000Core.job
[2011.12.17 10:41:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1245790770-661328643-741367989-1003Core.job
[2011.12.16 15:21:56 | 000,315,248 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.12.16 15:14:47 | 000,015,852 | ---- | M] () -- C:\Users\AGGÜL EMRE\Desktop\Englisch 1.odt
[2011.12.16 15:04:37 | 000,014,056 | ---- | M] () -- C:\Users\AGGÜL EMRE\Desktop\Englisch 3.odt
[2011.12.16 14:52:58 | 000,017,683 | ---- | M] () -- C:\Users\AGGÜL EMRE\Desktop\Englisch 2.odt
[2011.12.16 14:02:10 | 000,001,239 | ---- | M] () -- C:\Users\AGGÜL EMRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2011.12.16 14:01:31 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[2011.12.15 18:42:00 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1245790770-661328643-741367989-1000Core.job
[2011.12.14 20:53:25 | 004,827,991 | ---- | M] () -- C:\Users\AGGÜL EMRE\Desktop\INTIZAR- BEN O ESKI BEN DEGILIM.unutulmaz.mp3
[2011.12.10 11:32:00 | 000,000,052 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.12.10 11:32:00 | 000,000,051 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.umbrella
[2011.12.07 20:03:59 | 000,270,142 | ---- | M] () -- C:\Users\AGGÜL EMRE\Desktop\Minecraft.exe
[2011.12.02 19:47:26 | 000,000,919 | ---- | M] () -- C:\Users\AGGÜL EMRE\Desktop\Downloads.lnk
[2011.11.22 13:37:31 | 000,009,216 | ---- | M] () -- C:\Users\AGGÜL EMRE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== Files Created - No Company Name ==========
[2011.12.16 15:14:43 | 000,015,852 | ---- | C] () -- C:\Users\AGGÜL EMRE\Desktop\Englisch 1.odt
[2011.12.16 15:04:33 | 000,014,056 | ---- | C] () -- C:\Users\AGGÜL EMRE\Desktop\Englisch 3.odt
[2011.12.16 14:52:54 | 000,017,683 | ---- | C] () -- C:\Users\AGGÜL EMRE\Desktop\Englisch 2.odt
[2011.12.16 14:02:10 | 000,001,239 | ---- | C] () -- C:\Users\AGGÜL EMRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2011.12.16 14:01:31 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[2011.12.14 20:53:15 | 004,827,991 | ---- | C] () -- C:\Users\AGGÜL EMRE\Desktop\INTIZAR- BEN O ESKI BEN DEGILIM.unutulmaz.mp3
[2011.12.03 10:32:43 | 000,270,142 | ---- | C] () -- C:\Users\AGGÜL EMRE\Desktop\Minecraft.exe
[2011.12.02 19:46:50 | 000,000,919 | ---- | C] () -- C:\Users\AGGÜL EMRE\Desktop\Downloads.lnk
[2011.11.22 15:09:33 | 000,544,256 | ---- | C] () -- C:\Windows\SysWow64\janGraphics.dll
[2011.11.22 15:09:33 | 000,491,520 | ---- | C] () -- C:\Windows\SysWow64\CoolXPButton.ocx
[2011.11.22 15:09:33 | 000,417,792 | ---- | C] () -- C:\Windows\SysWow64\CoolXPCombo.ocx
[2011.11.22 15:09:33 | 000,412,555 | ---- | C] () -- C:\Windows\SysWow64\pf8.pdf
[2011.11.22 15:09:33 | 000,372,736 | ---- | C] () -- C:\Windows\SysWow64\CoolXPCheck.ocx
[2011.11.22 15:09:33 | 000,360,448 | ---- | C] () -- C:\Windows\SysWow64\CoolXPLabel.ocx
[2011.11.22 15:09:33 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\CoolXPFrame.ocx
[2011.11.22 15:09:33 | 000,124,416 | ---- | C] () -- C:\Windows\SysWow64\dXCtrls.dll
[2011.11.19 09:33:56 | 000,001,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.10.01 19:39:12 | 000,017,408 | ---- | C] () -- C:\Users\AGGÜL EMRE\AppData\Local\WebpageIcons.db
[2011.07.17 15:41:29 | 000,145,843 | ---- | C] () -- C:\Windows\SysWow64\sllaunch.exe
[2011.07.17 15:39:43 | 000,008,636 | ---- | C] () -- C:\Windows\SysWow64\modifype.exe
[2011.07.11 10:12:38 | 000,111,104 | ---- | C] () -- C:\Windows\SysWow64\Uharc.exe
[2011.06.26 17:02:35 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011.06.21 13:44:54 | 001,524,112 | ---- | C] () -- C:\Windows\SysWow64\bandoolmx.dll
[2011.06.11 11:25:43 | 000,009,216 | ---- | C] () -- C:\Users\AGGÜL EMRE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.21 15:04:36 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.03.22 14:09:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.22 14:05:16 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2010.12.10 20:09:56 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010.12.10 20:06:49 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2010.12.10 19:29:43 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== LOP Check ==========
[2011.12.04 12:52:47 | 000,000,000 | ---D | M] -- C:\Users\AGGÜL EMRE\AppData\Roaming\.minecraft
[2011.06.21 21:01:47 | 000,000,000 | ---D | M] -- C:\Users\AGGÜL EMRE\AppData\Roaming\Bandoo
[2011.07.20 19:42:15 | 000,000,000 | ---D | M] -- C:\Users\AGGÜL EMRE\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.09.13 07:14:51 | 000,000,000 | ---D | M] -- C:\Users\AGGÜL EMRE\AppData\Roaming\Fighters
[2011.11.17 17:26:12 | 000,000,000 | ---D | M] -- C:\Users\AGGÜL EMRE\AppData\Roaming\GetRightToGo
[2011.06.21 20:48:39 | 000,000,000 | ---D | M] -- C:\Users\AGGÜL EMRE\AppData\Roaming\Gutscheinmieze
[2011.06.06 16:54:58 | 000,000,000 | ---D | M] -- C:\Users\AGGÜL EMRE\AppData\Roaming\ICQ
[2011.06.06 17:27:56 | 000,000,000 | ---D | M] -- C:\Users\AGGÜL EMRE\AppData\Roaming\OpenCandy
[2011.12.16 14:01:49 | 000,000,000 | ---D | M] -- C:\Users\AGGÜL EMRE\AppData\Roaming\OpenOffice.org
[2011.09.14 16:29:58 | 000,000,000 | ---D | M] -- C:\Users\AGGÜL EMRE\AppData\Roaming\PhotoScape
[2011.05.07 15:47:50 | 000,000,000 | ---D | M] -- C:\Users\AGGÜL EMRE\AppData\Roaming\PowerCinema
[2011.06.09 15:35:38 | 000,000,000 | ---D | M] -- C:\Users\AGGÜL EMRE\AppData\Roaming\TuneUp Software
[2011.05.11 15:17:43 | 000,000,000 | ---D | M] -- C:\Users\AGGÜL EMRE\AppData\Roaming\Windows Live Writer
[2011.12.17 22:39:00 | 000,000,926 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1245790770-661328643-741367989-1000Core.job
[2011.12.17 22:39:00 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1245790770-661328643-741367989-1000UA.job
[2011.12.02 13:09:04 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011.12.17 16:55:10 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.12.03 10:44:58 | 000,000,000 | ---D | M] -- C:\AeriaGames
[2011.11.05 13:38:06 | 000,000,000 | ---D | M] -- C:\book
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.05.07 02:23:04 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.07.19 12:22:55 | 000,000,000 | ---D | M] -- C:\games
[2010.12.10 20:00:43 | 000,000,000 | ---D | M] -- C:\Intel
[2011.05.07 02:24:45 | 000,000,000 | -H-D | M] -- C:\OEM
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.11.25 15:14:27 | 000,000,000 | ---D | M] -- C:\Program Files
[2011.12.16 14:00:55 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.12.16 13:53:29 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.05.07 02:23:04 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.05.07 02:23:04 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.07.17 15:41:29 | 000,000,000 | ---D | M] -- C:\SnowFiles
[2011.12.18 00:06:16 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.12.17 16:55:06 | 000,000,000 | R--D | M] -- C:\Users
[2011.11.17 17:53:13 | 000,000,000 | ---D | M] -- C:\Warcraft III
[2011.12.18 13:09:15 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010.07.17 20:26:04 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:19:32 | 002,862,592 | ---- | M] (Microsoft Corporation) MD5=6E016DDC7D512E0C306472F91B6D618D -- C:\Windows\explorer.exe
[2010.02.04 11:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.07.17 20:26:04 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.02.04 11:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010.07.17 20:26:04 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.02.04 11:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010.07.17 20:26:04 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.02.04 11:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: IASTOR.SYS >
[2010.09.14 02:18:16 | 000,353,304 | ---- | M] (Intel Corporation) MD5=F4F4CBC7F6C7CB940AA9F0AAF3EF1104 -- C:\OEM\Preload\Autorun\DRV\Intel AHCI\f6flpy-x86\iaStor.sys
[2010.09.14 02:24:26 | 000,437,272 | ---- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\OEM\Preload\Autorun\DRV\Intel AHCI\f6flpy-x64\iaStor.sys
[2010.09.14 03:24:26 | 000,437,272 | ---- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.09.14 03:24:26 | 000,437,272 | ---- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_2b0c50dc63f09dae\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 02:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 02:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 14:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010.07.17 20:26:04 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.07.17 20:26:04 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %USERPROFILE%\*.* >
[2011.12.18 13:39:21 | 002,097,152 | -HS- | M] () -- C:\Users\AGGÜL EMRE\ntuser.dat
[2011.12.18 13:39:21 | 000,262,144 | -HS- | M] () -- C:\Users\AGGÜL EMRE\ntuser.dat.LOG1
[2011.05.07 02:23:11 | 000,000,000 | -HS- | M] () -- C:\Users\AGGÜL EMRE\ntuser.dat.LOG2
[2011.05.06 23:30:18 | 000,065,536 | -HS- | M] () -- C:\Users\AGGÜL EMRE\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2011.05.06 23:30:18 | 000,524,288 | -HS- | M] () -- C:\Users\AGGÜL EMRE\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2011.05.06 23:30:18 | 000,524,288 | -HS- | M] () -- C:\Users\AGGÜL EMRE\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2011.07.04 12:00:37 | 000,065,536 | -HS- | M] () -- C:\Users\AGGÜL EMRE\ntuser.dat{5bcbc3df-a62b-11e0-af86-1c7508e89d9f}.TM.blf
[2011.07.04 12:00:37 | 000,524,288 | -HS- | M] () -- C:\Users\AGGÜL EMRE\ntuser.dat{5bcbc3df-a62b-11e0-af86-1c7508e89d9f}.TMContainer00000000000000000001.regtrans-ms
[2011.07.04 12:00:37 | 000,524,288 | -HS- | M] () -- C:\Users\AGGÜL EMRE\ntuser.dat{5bcbc3df-a62b-11e0-af86-1c7508e89d9f}.TMContainer00000000000000000002.regtrans-ms
[2011.05.07 02:23:11 | 000,000,020 | -HS- | M] () -- C:\Users\AGGÜL EMRE\ntuser.ini
[2011.06.21 18:45:21 | 000,000,680 | RHS- | M] () -- C:\Users\AGGÜL EMRE\ntuser.pol
[2011.12.10 11:30:46 | 000,001,067 | ---- | M] () -- C:\Users\AGGÜL EMRE\umbrella0.log
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
< >
========== Alternate Data Streams ==========
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:CDFF58FE
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:E36F5B57
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E1F04E8D
< End of report >
--- --- --- |
