| Fener999 | 04.12.2011 19:56 |
Hier der Log
OTL Logfile: Code:
OTL logfile created on: 04.12.2011 19:47:42 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Öztürk\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,97 Gb Total Physical Memory | 2,89 Gb Available Physical Memory | 72,87% Memory free
7,93 Gb Paging File | 6,56 Gb Available in Paging File | 82,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 141,49 Gb Total Space | 73,01 Gb Free Space | 51,60% Space Free | Partition Type: NTFS
Drive D: | 141,50 Gb Total Space | 119,81 Gb Free Space | 84,67% Space Free | Partition Type: NTFS
Computer Name: ÖZTÜRK-PC | User Name: Öztürk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.12.04 19:45:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Öztürk\Desktop\OTL.exe
PRC - [2011.10.25 22:39:48 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.10.14 14:49:38 | 000,745,832 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe
PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.08.02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2011.06.29 07:43:26 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.05.24 09:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 15:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.03.17 22:07:16 | 003,373,456 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011.03.17 22:07:00 | 000,019,872 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2010.01.19 10:34:48 | 002,201,192 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
PRC - [2009.12.14 15:17:48 | 000,091,136 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2009.08.23 12:47:34 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2009.06.04 18:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.06.04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2005.06.22 18:23:18 | 000,036,864 | ---- | M] () -- C:\Windows\SysWOW64\LckFldService.exe
========== Modules (No Company Name) ==========
MOD - [2011.12.03 14:27:51 | 000,055,816 | ---- | M] () -- C:\Users\Öztürk\AppData\Local\Temp\e3c74ee6-7482-4280-b9c3-f233b390296e\CliSecureRT.dll
MOD - [2011.10.20 13:00:09 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\7c4eea005578d9990f604fda345fb2b4\System.Management.ni.dll
MOD - [2011.10.20 12:57:54 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\cb8360b08641130fd39a8a04f58c3124\System.Runtime.Remoting.ni.dll
MOD - [2011.10.20 12:57:17 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a3ffdc1316821b5ceb32c9a788334329\System.Xaml.ni.dll
MOD - [2011.10.20 02:19:20 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9211f2faac02f0082b201a95731736c4\PresentationFramework.Aero.ni.dll
MOD - [2011.10.20 02:19:16 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\813a0913bea1269e48613509609e72b4\PresentationFramework.ni.dll
MOD - [2011.10.20 02:15:21 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8244412387a82c0acd3d63622e22cef5\PresentationCore.ni.dll
MOD - [2011.10.20 02:15:01 | 003,857,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\9dacf8a5033dfbcb435be166d2f42cdf\WindowsBase.ni.dll
MOD - [2011.10.20 02:14:37 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\44a7d2597981a82da8b9e3e2298602de\System.Core.ni.dll
MOD - [2011.10.20 02:14:24 | 009,086,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\5286fe2d0167eb835a9f11025f1cb756\System.ni.dll
MOD - [2011.10.20 02:14:13 | 014,407,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a774bd593b8420bae4a8cf1d46af3ba2\mscorlib.ni.dll
MOD - [2011.03.17 22:07:00 | 000,019,872 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.04.27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011.04.27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011.11.18 11:25:59 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011.10.25 22:39:48 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.10.14 14:49:38 | 000,745,832 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.08.10 11:53:46 | 000,102,608 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011.06.29 07:43:26 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.05.24 09:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 12:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2005.06.22 18:23:18 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\LckFldService.exe -- (LckFldService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.10.14 02:30:53 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.07.08 06:20:48 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2011.07.08 06:20:46 | 000,095,416 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2011.06.29 07:43:26 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.06.29 07:43:26 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.06.06 17:52:54 | 000,273,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.06.06 17:52:19 | 001,488,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.06.06 17:52:09 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.04.27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.03 09:38:36 | 000,177,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.01.03 09:38:36 | 000,157,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011.01.03 09:38:36 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2009.09.16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV:64bit: - [2009.08.21 09:52:09 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 17:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.05.28 14:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV - [2011.03.24 23:00:00 | 000,073,552 | ---- | M] (WinAbility® Software Corporation) [Kernel | On_Demand | Stopped] -- C:\Programme\Folder Guard\FGUARD64.sys -- (FGUARD64)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://startpage.com/babylon/deu/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DD B2 AA AE 59 24 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=toolbar2&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011.11.27 14:28:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.09 20:32:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.09.18 10:04:11 | 000,000,000 | ---D | M]
[2011.06.06 15:59:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Öztürk\AppData\Roaming\mozilla\Extensions
[2011.11.24 21:04:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Öztürk\AppData\Roaming\mozilla\Firefox\Profiles\9bgnmbsn.default\extensions
[2011.06.06 17:40:57 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Öztürk\AppData\Roaming\mozilla\Firefox\Profiles\9bgnmbsn.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.10.12 03:48:10 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\Öztürk\AppData\Roaming\mozilla\Firefox\Profiles\9bgnmbsn.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2011.11.08 12:16:25 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\Öztürk\AppData\Roaming\mozilla\Firefox\Profiles\9bgnmbsn.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
[2011.06.23 00:24:59 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Öztürk\AppData\Roaming\mozilla\Firefox\Profiles\9bgnmbsn.default\extensions\battlefieldheroespatcher@ea.com
[2011.10.20 19:28:59 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Öztürk\AppData\Roaming\mozilla\Firefox\Profiles\9bgnmbsn.default\extensions\ffxtlbr@babylon.com
[2011.10.13 23:01:19 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Öztürk\AppData\Roaming\mozilla\Firefox\Profiles\9bgnmbsn.default\extensions\ffxtlbr@Facemoods.com
[2011.06.08 20:44:19 | 000,001,967 | ---- | M] () -- C:\Users\Öztürk\AppData\Roaming\Mozilla\Firefox\Profiles\9bgnmbsn.default\searchplugins\cars-expert.xml
[2011.10.20 19:32:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.08.31 12:33:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\ÖZTüRK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9BGNMBSN.DEFAULT\EXTENSIONS\{BB6BC1BB-F824-4702-90CD-35E2FB24F25D}
File not found (No name found) -- C:\USERS\ÖZTüRK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9BGNMBSN.DEFAULT\EXTENSIONS\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
File not found (No name found) -- C:\USERS\ÖZTüRK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9BGNMBSN.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
File not found (No name found) -- C:\USERS\ÖZTüRK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9BGNMBSN.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
File not found (No name found) -- C:\USERS\ÖZTüRK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9BGNMBSN.DEFAULT\EXTENSIONS\FFXTLBR@BABYLON.COM.XPI
File not found (No name found) -- C:\USERS\ÖZTüRK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9BGNMBSN.DEFAULT\EXTENSIONS\FFXTLBR@FACEMOODS.COM
[2011.11.09 20:32:11 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.08.31 12:32:47 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.09.30 16:02:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.20 19:29:06 | 000,002,227 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011.09.30 16:02:15 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.09.30 16:02:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.13 23:01:20 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2011.09.30 16:02:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.30 16:02:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.30 16:02:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\gears.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Users\ztrk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: SiteAdvisor = C:\Users\Öztürk\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\
O1 HOSTS File: ([2011.12.02 20:00:38 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Öztürk\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Öztürk\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Öztürk\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Öztürk\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O16 - DPF: {1FB5A5AA-3750-421C-BEA3-6E52FC5F7843} hxxp://www.ideal-bilgisayar.com.tr/NetVideoActivex.cab (NetVideoActiveX Control)
O16 - DPF: {7CF64D27-519C-4EA1-A979-ACDDB8764E49} hxxp://www.flexwatch.com/app_link/download/FwMediaCtl.cab (FwMediaCtl Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28BFF280-6E90-4AFD-8479-F1D143B61125}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3CBFFE4B-B190-4B81-BDF0-4FB775E863BB}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C4200CB-EBE2-488C-B4AD-9B10CCBD7C1F}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D51AA745-8542-4374-B1D1-6D315F71C5B5}: DhcpNameServer = 7.254.254.254
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.12.04 19:45:15 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Öztürk\Desktop\OTL.exe
[2011.12.03 19:55:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011.12.02 21:47:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.12.02 19:58:03 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.12.02 19:43:46 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.12.02 19:43:46 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.12.02 19:43:46 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.12.02 19:43:41 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011.12.02 19:42:52 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.12.02 19:40:37 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.12.02 15:48:32 | 000,000,000 | ---D | C] -- C:\Users\Öztürk\AppData\Roaming\Malwarebytes
[2011.12.02 15:48:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.12.02 15:48:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.12.02 15:48:22 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.12.02 15:48:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.12.02 15:43:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011.12.02 15:43:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011.11.29 22:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simfy
[2011.11.29 22:14:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\simfy
[2011.11.29 20:51:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nostale(DE)
[2011.11.26 16:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2011.11.26 16:09:49 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011.11.25 02:39:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2011.11.25 02:39:26 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011.11.25 02:39:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2011.11.25 02:23:59 | 000,000,000 | ---D | C] -- C:\Users\Öztürk\Documents\Simply Super Software
[2011.11.24 23:30:13 | 000,000,000 | ---D | C] -- C:\Users\Öztürk\AppData\Local\Ubisoft Game Launcher
[2011.11.24 23:21:32 | 000,000,000 | ---D | C] -- C:\Users\Öztürk\Documents\Assassin's Creed Revelations
[2011.11.24 23:00:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2011.11.20 20:32:44 | 000,000,000 | ---D | C] -- C:\Users\Öztürk\AppData\Local\storage
[2011.11.20 20:19:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Support
[2011.11.20 02:23:19 | 000,000,000 | ---D | C] -- C:\Users\Öztürk\AppData\Local\Electronic Arts
[2011.11.19 23:14:35 | 000,000,000 | ---D | C] -- C:\Users\Öztürk\AppData\Roaming\WB Games
[2011.11.18 18:37:59 | 000,000,000 | ---D | C] -- C:\Users\Öztürk\AppData\Local\Apps
[2011.11.16 22:22:10 | 000,000,000 | ---D | C] -- C:\Users\Öztürk\AppData\Roaming\TeamViewer
[2011.11.13 18:34:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011.11.13 18:33:45 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2011.11.13 18:33:42 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011.11.13 18:33:42 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011.11.13 18:33:42 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011.11.13 18:33:42 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011.11.13 18:33:24 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011.11.13 18:33:23 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011.11.13 18:33:23 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011.11.13 18:33:23 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011.11.13 18:33:21 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011.11.13 18:33:21 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011.11.13 18:32:56 | 002,132,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2011.11.13 18:32:55 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011.11.13 18:32:24 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011.11.12 21:28:55 | 000,000,000 | ---D | C] -- C:\Users\Öztürk\AppData\Local\Skyrim
[2011.11.12 20:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
[2011.11.12 20:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories
[2011.11.11 16:33:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2011.11.11 16:33:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2011.11.10 22:09:10 | 000,000,000 | ---D | C] -- C:\Users\Öztürk\Documents\Tunngle
[2011.11.10 22:09:10 | 000,000,000 | ---D | C] -- C:\Users\Öztürk\AppData\Roaming\Tunngle
[2011.11.10 22:09:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2011.11.10 22:09:06 | 000,031,232 | ---- | C] (Tunngle.net) -- C:\Windows\SysNative\drivers\tap0901t.sys
[2011.11.10 22:09:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2011.11.10 22:09:05 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2011.11.10 22:09:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle
[2011.11.10 17:31:53 | 000,000,000 | ---D | C] -- C:\Users\Öztürk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of Duty - Modern Warfare 3 Deutsch
[2011.11.10 02:36:14 | 000,000,000 | ---D | C] -- C:\Users\Öztürk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Garena
[2011.11.10 02:36:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garena Classic
[2011.11.10 01:10:26 | 000,000,000 | ---D | C] -- C:\Users\Öztürk\AppData\Local\Akamai
[2011.11.09 18:22:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
[2011.11.07 22:00:42 | 000,000,000 | ---D | C] -- C:\Users\Öztürk\AppData\Local\WB Games
[2011.11.05 17:08:19 | 000,000,000 | ---D | C] -- C:\Users\Öztürk\Documents\My Games
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.12.04 19:46:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.04 19:45:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Öztürk\Desktop\OTL.exe
[2011.12.04 19:05:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.04 17:59:32 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.04 17:59:32 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.04 17:52:04 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.04 17:51:34 | 3193,393,152 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.04 13:04:25 | 000,003,660 | ---- | M] () -- C:\Users\Öztürk\Desktop\Hasanovic.rar
[2011.12.04 11:01:52 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2011.12.02 20:00:38 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.12.02 17:46:58 | 001,619,988 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.02 17:46:58 | 000,699,210 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.12.02 17:46:58 | 000,654,488 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.02 17:46:58 | 000,149,374 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.12.02 17:46:58 | 000,122,320 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.02 15:48:27 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.12.02 15:44:52 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011.12.02 15:43:36 | 001,642,510 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.11.29 22:14:38 | 000,000,032 | ---- | M] () -- C:\Users\Öztürk\.simfy
[2011.11.29 22:14:36 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\simfy.lnk
[2011.11.24 20:15:33 | 000,024,576 | -H-- | M] () -- C:\Users\Öztürk\Documents\photothumb.db
[2011.11.23 20:19:05 | 000,007,168 | -H-- | M] () -- C:\Users\Öztürk\Desktop\photothumb.db
[2011.11.19 02:52:16 | 000,051,270 | ---- | M] () -- C:\Users\Öztürk\AppData\Roaming\room_v3.dat
[2011.11.17 13:47:36 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.11.12 20:53:21 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2011.11.11 12:40:37 | 000,491,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.11.10 22:09:06 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2011.11.10 02:36:14 | 000,001,041 | ---- | M] () -- C:\Users\Öztürk\Desktop\Garena Classic.lnk
[2011.11.06 15:30:22 | 000,048,798 | ---- | M] () -- C:\Users\Öztürk\Desktop\2011-10-22 11.24.08.jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.12.02 19:43:46 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.12.02 19:43:46 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.12.02 19:43:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.12.02 19:43:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.12.02 19:43:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.12.02 15:48:27 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.12.02 15:44:52 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011.12.02 15:43:18 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011.11.29 22:14:38 | 000,000,032 | ---- | C] () -- C:\Users\Öztürk\.simfy
[2011.11.25 02:23:37 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2011.11.25 02:23:37 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll
[2011.11.25 02:23:37 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2011.11.25 02:23:37 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
[2011.11.13 18:33:21 | 000,150,996 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2011.11.12 20:53:21 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2011.11.12 03:09:36 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2011.11.10 22:09:06 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2011.11.10 02:36:14 | 000,001,041 | ---- | C] () -- C:\Users\Öztürk\Desktop\Garena Classic.lnk
[2011.11.09 18:48:32 | 000,051,270 | ---- | C] () -- C:\Users\Öztürk\AppData\Roaming\room_v3.dat
[2011.11.06 15:28:44 | 000,045,060 | ---- | C] () -- C:\Users\Öztürk\Desktop\Links für Abschlussprüfung.rtf
[2011.10.28 18:58:36 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\LckFldService.exe
[2011.10.20 19:51:06 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011.10.19 15:36:23 | 001,642,510 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.05 17:21:45 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.06.23 00:51:48 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.06.23 00:51:45 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.06.06 16:01:41 | 000,000,135 | R--- | C] () -- C:\Windows\SysWow64\lngEng.ini
[2011.06.06 16:01:41 | 000,000,117 | ---- | C] () -- C:\Windows\SysWow64\lngKor.ini
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.08 13:41:06 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.03.08 13:41:04 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.03.08 13:41:04 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.03.08 13:41:04 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.03.08 13:41:04 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.09.16 16:37:40 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\ShowHCRemCfgWnd.dll
[2008.08.11 13:02:24 | 000,421,944 | ---- | C] () -- C:\Windows\SysWow64\playm4.dll
[2008.08.01 13:24:58 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\RemoteCfgRes_CHI.dll
[2008.08.01 13:24:08 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\RemoteCfgRes_TRAD.dll
[2008.08.01 13:23:32 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\RemoteCfgRes_ENG.dll
[2008.07.31 20:00:02 | 000,356,352 | ---- | C] () -- C:\Windows\SysWow64\HCNetSDK.dll
[2007.10.01 15:56:38 | 003,336,704 | ---- | C] () -- C:\Windows\SysWow64\avcodec-51.dll
[2007.10.01 15:56:38 | 000,436,224 | ---- | C] () -- C:\Windows\SysWow64\avformat-51.dll
[2007.10.01 15:56:38 | 000,021,504 | ---- | C] () -- C:\Windows\SysWow64\avutil-49.dll
[2007.04.27 09:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
========== LOP Check ==========
[2011.06.10 12:10:45 | 000,000,000 | ---D | M] -- C:\Users\Öztürk\AppData\Roaming\DAEMON Tools Lite
[2011.10.20 19:29:26 | 000,000,000 | ---D | M] -- C:\Users\Öztürk\AppData\Roaming\DVDVideoSoft
[2011.10.20 19:28:24 | 000,000,000 | ---D | M] -- C:\Users\Öztürk\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.06.30 16:27:57 | 000,000,000 | ---D | M] -- C:\Users\Öztürk\AppData\Roaming\Get from YouTube
[2011.10.20 19:54:35 | 000,000,000 | ---D | M] -- C:\Users\Öztürk\AppData\Roaming\GetRightToGo
[2011.08.31 22:20:03 | 000,000,000 | ---D | M] -- C:\Users\Öztürk\AppData\Roaming\Image-Line
[2011.09.29 01:49:36 | 000,000,000 | ---D | M] -- C:\Users\Öztürk\AppData\Roaming\MAGIX
[2011.11.23 20:25:48 | 000,000,000 | ---D | M] -- C:\Users\Öztürk\AppData\Roaming\PhotoScape
[2011.06.30 16:31:09 | 000,000,000 | ---D | M] -- C:\Users\Öztürk\AppData\Roaming\Power Sound Editor Free
[2011.10.25 22:39:46 | 000,000,000 | ---D | M] -- C:\Users\Öztürk\AppData\Roaming\PunkBuster
[2011.08.01 21:54:03 | 000,000,000 | ---D | M] -- C:\Users\Öztürk\AppData\Roaming\Samsung
[2011.08.30 19:36:54 | 000,000,000 | ---D | M] -- C:\Users\Öztürk\AppData\Roaming\Simfy
[2011.08.31 22:29:20 | 000,000,000 | ---D | M] -- C:\Users\Öztürk\AppData\Roaming\SynthMaker
[2011.11.16 23:24:30 | 000,000,000 | ---D | M] -- C:\Users\Öztürk\AppData\Roaming\TeamViewer
[2011.11.25 02:16:53 | 000,000,000 | ---D | M] -- C:\Users\Öztürk\AppData\Roaming\Tunngle
[2011.11.19 23:14:35 | 000,000,000 | ---D | M] -- C:\Users\Öztürk\AppData\Roaming\WB Games
[2011.12.04 09:27:41 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2011.09.07 15:27:52 | 000,000,720 | ---- | M] ()(C:\Users\Öztürk\AppData\Local\PMB Fik?s) -- C:\Users\Öztürk\AppData\Local\PMB Fik聥s
[2011.09.07 15:27:47 | 000,000,720 | ---- | C] ()(C:\Users\Öztürk\AppData\Local\PMB Fik?s) -- C:\Users\Öztürk\AppData\Local\PMB Fik聥s
========== Alternate Data Streams ==========
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:CB0AACC9
< End of report >
--- --- --- |
