| |
| |||||||
Log-Analyse und Auswertung: Win7 64 bit.Regelmäßige Bluescreens + Abstürze.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
30.04.2011, 16:45
| #1 |
| |  Win7 64 bit.Regelmäßige Bluescreens + Abstürze. Hallo Liebes Trojaner Board. Ich hab da ein Problem und bitte um hilfe - Zum Problem : Ich kriege oft Bluescreens (wink.32sys,page_fault_in_nonpaged_area) und manchmal friert mein PC auch einfach ein d.H ich kann garnix mehr machen tastatur und maus geht nixmehr.Der PC höhrt auf zu arbeiten und blinkt nichtmehr. Ich bin echt am verzweifeln und bitte um Hilfe PC: - OS : Windows 7 Ultimate 64 bit - GRAKA : Geforce GTX 275 - Festplatte : 500 GB - RAM : 4GB DDR3 - Mainboard : Gigabyte GA-ex58-ud3r - Cpu : Intel core i7 920 4 x 2.67 GHZ Logs : - QTL Code:
ATTFilter OTL logfile created on: 30.04.2011 17:09:09 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Onur\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 146,39 Gb Total Space | 63,27 Gb Free Space | 43,22% Space Free | Partition Type: NTFS Drive D: | 319,15 Gb Total Space | 248,47 Gb Free Space | 77,85% Space Free | Partition Type: NTFS Computer Name: ONUR-PC | User Name: Onur | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Onur\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe () PRC - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG10\avgfws.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG10\avgam.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe (DT Soft Ltd) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin) PRC - C:\Program Files (x86)\Logitech\G35\G35.exe (Logitech(c)) ========== Modules (SafeList) ========== MOD - C:\Users\Onur\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (MSMQTriggers) -- C:\Windows\SysNative\mqtgsvc.exe (Microsoft Corporation) SRV:64bit: - (MSMQ) -- C:\Windows\SysNative\mqsvc.exe (Microsoft Corporation) SRV:64bit: - (IISADMIN) -- C:\Windows\SysNative\inetsrv\inetinfo.exe (Microsoft Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Akamai) -- C:/Program Files (x86)/Common Files/Akamai/netsession_win_a35e6b9.dll () SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (avgfws) -- C:\Program Files (x86)\AVG\AVG10\avgfws.exe (AVG Technologies CZ, s.r.o.) SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (GEST Service) -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe () ========== Driver Services (SafeList) ========== DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.) DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\drivers\fwlanusb.sys (AVM GmbH) DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys (AVM Berlin) DRV:64bit: - (LADF_SBVM) -- C:\Windows\SysNative\drivers\ladfSBVMamd64.sys (Logitech) DRV:64bit: - (LADF_DHP2) -- C:\Windows\SysNative\drivers\ladfDHP2amd64.sys (Logitech) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (MQAC) -- C:\Windows\SysNative\drivers\mqac.sys (Microsoft Corporation) DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\drivers\rmcast.sys (Microsoft Corporation) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (SaiK0728) -- C:\Windows\SysNative\drivers\SaiK0728.sys (Saitek) DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=aeb42a78000000000000000000000000&tlver=1.4.19.19&affID=17159 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://start.icq.com/ [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=aeb42a78000000000000000000000000&tlver=1.4.19.19&affID=17159 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FF 0D 0E 73 27 A5 CB 01 [binary data] IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.) IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentBar_DE Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)" FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=aeb42a78000000000000000000000000&tlver=1.4.19.19&affID=17159" FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2 FF - prefs.js..extensions.enabledItems: {c840e246-6b95-475e-9bd7-caa1c7eca9f2}:3.2.5.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.4.0024 FF - prefs.js..extensions.enabledItems: {3b488ab2-a258-463e-8918-abe24dcabcb0}:0.1.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1319 FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:7.2.8 FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3 FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.04.07 09:38:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.04.07 09:38:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2011.04.14 20:23:40 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2011.04.20 14:40:35 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.04.30 06:51:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.04.30 06:51:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Namoroka 3.6\extensions\\Components: C:\Program Files (x86)\Namoroka\components [2011.01.20 19:04:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Namoroka 3.6\extensions\\Plugins: C:\Program Files (x86)\Namoroka\plugins [2011.02.18 23:18:53 | 000,000,000 | ---D | M] [2010.12.28 04:04:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Onur\AppData\Roaming\mozilla\Extensions [2011.04.30 03:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Onur\AppData\Roaming\mozilla\Firefox\Profiles\pi1hwb4f.default\extensions [2011.02.11 13:05:31 | 000,000,000 | ---D | M] ("Manaflask Stream Status") -- C:\Users\Onur\AppData\Roaming\mozilla\Firefox\Profiles\pi1hwb4f.default\extensions\{3b488ab2-a258-463e-8918-abe24dcabcb0} [2011.01.11 15:26:11 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\Onur\AppData\Roaming\mozilla\Firefox\Profiles\pi1hwb4f.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} [2011.01.20 18:55:59 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Onur\AppData\Roaming\mozilla\Firefox\Profiles\pi1hwb4f.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011.01.28 16:56:33 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Onur\AppData\Roaming\mozilla\Firefox\Profiles\pi1hwb4f.default\extensions\DTToolbar@toolbarnet.com [2011.01.11 15:26:11 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Onur\AppData\Roaming\mozilla\Firefox\Profiles\pi1hwb4f.default\extensions\engine@conduit.com [2011.04.21 13:13:13 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Onur\AppData\Roaming\mozilla\Firefox\Profiles\pi1hwb4f.default\extensions\ffxtlbr@babylon.com [2011.01.11 15:26:11 | 000,000,931 | ---- | M] () -- C:\Users\Onur\AppData\Roaming\Mozilla\Firefox\Profiles\pi1hwb4f.default\searchplugins\conduit.xml [2011.01.28 16:56:21 | 000,002,059 | ---- | M] () -- C:\Users\Onur\AppData\Roaming\Mozilla\Firefox\Profiles\pi1hwb4f.default\searchplugins\daemon-search.xml [2011.04.29 02:27:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.04.29 02:27:03 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011.01.02 01:44:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.04.14 20:23:40 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG10\FIREFOX4 [2011.04.07 09:38:26 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO [2011.04.07 09:38:26 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA [2011.04.20 14:40:35 | 000,000,000 | ---D | M] (Roboform Toolbar for Firefox) -- C:\PROGRAM FILES (X86)\SIBER SYSTEMS\AI ROBOFORM\FIREFOX [2011.01.02 01:44:48 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011.04.30 06:51:06 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.04.21 13:13:13 | 000,002,423 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2011.04.30 06:51:06 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.04.30 06:51:06 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.04.30 06:51:06 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.04.30 06:51:06 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O2 - BHO: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.) O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKLM\..\Toolbar: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar_DE Toolbar) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - C:\Program Files (x86)\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\Windows\SysNative\mqrt.dll (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SaiVolume] C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe (Saitek) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [Logitech G35] C:\Program Files (x86)\Logitech\G35\G35.exe (Logitech(c)) O4 - HKLM..\Run: [TaskTray] File not found O4 - Startup: C:\Users\Onur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: RF - Formular ausfüllen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O8:64bit: - Extra context menu item: RF - Formular speichern - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O8:64bit: - Extra context menu item: RF - Menü anpassen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8:64bit: - Extra context menu item: RF - RoboForm-Leiste ein/aus - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O8 - Extra context menu item: RF - Formular ausfüllen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O8 - Extra context menu item: RF - Formular speichern - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O8 - Extra context menu item: RF - Menü anpassen - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html () O8 - Extra context menu item: RF - RoboForm-Leiste ein/aus - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra Button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra 'Tools' menuitem : RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra Button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra 'Tools' menuitem : RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra 'Tools' menuitem : RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{1232f4e4-1117-11e0-a3d0-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{1232f4e4-1117-11e0-a3d0-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Run.exe O33 - MountPoints2\{243374c9-111b-11e0-b3d2-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{243374c9-111b-11e0-b3d2-806e6f6e6963}\Shell\AutoRun\command - "" = E:\CDSETUP.EXE O33 - MountPoints2\{7cde593e-1119-11e0-8c66-001fd0af161a}\Shell - "" = AutoRun O33 - MountPoints2\{7cde593e-1119-11e0-8c66-001fd0af161a}\Shell\AutoRun\command - "" = F:\pushinst.exe O33 - MountPoints2\{c569a7a1-2ace-11e0-a666-001fd0af161a}\Shell - "" = AutoRun O33 - MountPoints2\{c569a7a1-2ace-11e0-a666-001fd0af161a}\Shell\AutoRun\command - "" = E:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - File not found O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.30 16:53:47 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Onur\Desktop\OTL.exe [2011.04.30 16:52:35 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\Malwarebytes [2011.04.30 16:52:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.04.30 16:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.30 16:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.04.30 16:52:26 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.04.30 16:52:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.04.30 08:48:49 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\SKIDROW [2011.04.30 08:24:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve [2011.04.30 03:37:39 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{7F87A8AD-A795-4F7C-B5B3-DE25C1B00FD2} [2011.04.29 15:36:32 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{0FB1852C-A0E8-4FAA-9EED-F821411AE089} [2011.04.29 15:29:15 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{5D83C026-EDF9-4B46-912D-0A3BDA430E6F} [2011.04.29 02:27:53 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\skypePM [2011.04.29 02:27:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras [2011.04.29 02:27:07 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\Skype [2011.04.29 02:26:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.04.29 02:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2011.04.29 02:26:56 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2011.04.29 02:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2011.04.29 02:23:59 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{0A077035-CA77-47B4-A5E9-6F96D4D31E8C} [2011.04.28 20:16:23 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{49D9BF32-A14F-4390-92A9-1A46DFF298BC} [2011.04.28 17:35:47 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{70A1ECEB-F42F-43DE-A5F2-4CB12374A215} [2011.04.28 04:26:09 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{7BD02421-0265-4547-A2EC-DF16033CEE8E} [2011.04.27 17:19:17 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse [2011.04.27 17:17:25 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\Apps [2011.04.27 17:17:24 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\Deployment [2011.04.27 16:24:37 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{428956BD-ED9F-4584-8FDE-008D124503F6} [2011.04.27 02:21:12 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\.minecraft [2011.04.27 02:20:48 | 000,000,000 | ---D | C] -- C:\Users\Onur\Desktop\Minecraft by KAY-C [2011.04.27 01:29:09 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2011.04.27 01:29:09 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2011.04.27 01:29:08 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011.04.27 01:29:08 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011.04.27 01:28:55 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll [2011.04.27 01:28:54 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll [2011.04.27 01:28:54 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2011.04.27 01:28:54 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2011.04.27 01:28:54 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2011.04.27 01:28:53 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe [2011.04.27 01:28:53 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe [2011.04.27 01:28:45 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe [2011.04.27 01:28:45 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe [2011.04.26 23:33:45 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{BA30AE5A-CDD5-4EE4-AC9D-7EAE5C442719} [2011.04.26 22:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PocketSoft [2011.04.26 21:59:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atari [2011.04.26 21:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari [2011.04.26 21:43:21 | 000,000,000 | ---D | C] -- C:\Users\Onur\Documents\RCT3 [2011.04.26 21:43:21 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\Atari [2011.04.26 15:15:34 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{1730B73E-4AB6-435A-BA4C-CA4D1092A779} [2011.04.25 13:36:50 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{B196C74F-2641-4986-838F-95973D3AF6CF} [2011.04.25 05:58:23 | 000,000,000 | ---D | C] -- C:\Users\Onur\Falsh [2011.04.25 05:48:26 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\MyPhoneExplorer [2011.04.25 05:48:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer [2011.04.25 05:48:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPhoneExplorer [2011.04.24 15:29:42 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{F33606CF-6986-4ECF-BD95-35E73267C604} [2011.04.24 15:26:42 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{26897BA7-BA16-4DDB-A324-6B11B486BFF3} [2011.04.24 00:48:46 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{DD4FC382-BC39-4627-8232-63CC060AD576} [2011.04.23 13:20:28 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{F11DA02C-8682-45F8-BEA8-F0D47E20CAA1} [2011.04.23 12:47:47 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{49ACF6EE-F529-42B7-A286-FF0FE3C9D01F} [2011.04.23 04:25:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\alaplaya [2011.04.23 04:11:08 | 711,189,938 | ---- | C] (InstallShield Software Corporation) -- C:\Users\Onur\Desktop\S4League.exe [2011.04.23 04:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai [2011.04.23 02:30:49 | 000,000,000 | ---D | C] -- C:\Users\Onur\Desktop\Pirox [2011.04.23 02:25:30 | 000,000,000 | ---D | C] -- C:\Users\Onur\Desktop\Fishbot [2011.04.22 19:31:11 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{9A2EDD90-0E80-4545-9449-9A22C0CA226C} [2011.04.22 11:49:49 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{D5E5743F-867D-435C-B834-CC9E0D844C80} [2011.04.21 13:13:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yuna Software [2011.04.21 13:11:23 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{9440D5A8-3B6C-46E5-BA95-AB97A855EA48} [2011.04.20 18:20:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2011.04.20 18:19:56 | 002,578,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2011.04.20 18:19:56 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2011.04.20 18:19:56 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2011.04.20 18:19:56 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2011.04.20 18:19:56 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2011.04.20 18:19:55 | 003,048,552 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2011.04.20 18:19:55 | 002,392,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2011.04.20 18:19:55 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2011.04.20 18:19:55 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2011.04.20 18:19:55 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2011.04.20 18:19:54 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2011.04.20 18:19:54 | 001,242,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2011.04.20 18:19:54 | 000,876,120 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll [2011.04.20 18:19:54 | 000,738,392 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll [2011.04.20 18:19:54 | 000,648,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2011.04.20 18:19:54 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2011.04.20 18:19:54 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2011.04.20 18:19:54 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2011.04.20 18:19:54 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2011.04.20 18:19:54 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2011.04.20 18:19:54 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2011.04.20 18:19:54 | 000,084,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll [2011.04.20 18:19:54 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2011.04.20 18:19:54 | 000,064,600 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBppld64.dll [2011.04.20 18:19:54 | 000,060,504 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBPPCn64.dll [2011.04.20 18:19:51 | 002,075,712 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2011.04.20 18:19:51 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2011.04.20 18:19:51 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2011.04.20 18:19:48 | 001,284,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2011.04.20 14:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\RoboForm [2011.04.20 14:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm [2011.04.20 14:40:29 | 000,000,000 | ---D | C] -- C:\Users\Onur\Documents\My RoboForm Data [2011.04.20 14:40:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Siber Systems [2011.04.20 13:11:39 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{24D5DA1A-B9F8-408C-8A93-EE8A5A00ABBC} [2011.04.19 23:11:14 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{AAB2715C-F079-4A4E-AC97-64482D459408} [2011.04.19 15:24:36 | 000,000,000 | -H-D | C] -- C:\$AVG [2011.04.19 14:53:08 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike Source 2010 [2011.04.19 14:38:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Counterstrike source [2011.04.19 13:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Source [2011.04.19 11:10:18 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{A17F7737-55FA-41E0-8FA4-FCD1724E6978} [2011.04.18 11:02:00 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{BD286723-BA3A-44FF-96C1-FC912C18D687} [2011.04.17 11:52:57 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{4B70CB1F-AAB3-4A74-A890-A6D64E520E80} [2011.04.17 10:03:08 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{25EC19D9-46D0-4AC1-B07D-05F223B97DA4} [2011.04.16 16:37:35 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{825B4263-646C-4B90-A9F2-BC3757B18CB4} [2011.04.15 23:51:45 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{05094028-CBCC-4E94-A2D2-03D47F974467} [2011.04.15 13:21:07 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011.04.15 13:21:07 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011.04.15 13:21:06 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011.04.15 13:21:06 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011.04.15 13:21:06 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011.04.15 13:21:05 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2011.04.15 13:21:05 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2011.04.15 13:21:05 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2011.04.15 13:21:04 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2011.04.15 13:20:59 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011.04.15 13:20:59 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011.04.15 13:20:59 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011.04.15 13:20:59 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011.04.15 13:20:53 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011.04.15 13:20:53 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011.04.15 13:20:52 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011.04.15 13:20:52 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011.04.15 13:20:52 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011.04.15 13:20:52 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011.04.15 13:20:52 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011.04.15 13:20:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011.04.15 13:20:52 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011.04.15 13:20:52 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011.04.15 13:20:52 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011.04.15 13:20:52 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011.04.15 13:20:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011.04.15 13:20:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011.04.15 13:20:42 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2011.04.15 13:20:42 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2011.04.15 13:20:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2011.04.15 13:20:41 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2011.04.15 13:20:41 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2011.04.15 13:20:41 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2011.04.15 13:20:41 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2011.04.15 13:20:41 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2011.04.15 13:20:41 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2011.04.15 13:20:41 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2011.04.15 13:20:40 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2011.04.15 11:50:17 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{BA0E2617-4095-43B0-BEBF-58982B3881CB} [2011.04.14 21:06:01 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2011.04.14 15:05:31 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{2759FEFA-8668-42C2-BE66-59846188EB8B} [2011.04.13 18:20:19 | 000,000,000 | ---D | C] -- C:\Users\Onur\Desktop\Extreme Redeemer [2011.04.13 12:48:41 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{86C7A76E-08B4-4B85-8FBA-4161BE476E15} [2011.04.12 15:16:58 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{E9B47FED-C3B6-4DB4-968D-FBD3E7D17BD9} [2011.04.11 18:12:28 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{9D5143D5-B9C5-454C-A285-AACFEB3C7954} [2011.04.11 11:18:03 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{A17E407F-D721-47B2-BED8-634DDC8B9D73} [2011.04.10 11:08:43 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{CF7B946C-A735-422C-BE9D-7B110BF08606} [2011.04.09 14:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd [2011.04.09 13:57:56 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Roaming\Leadertech [2011.04.09 13:57:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [2011.04.09 13:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech [2011.04.09 13:57:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech [2011.04.09 13:54:03 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{8CA888CE-3059-4F4E-9867-4EA8E2BE9695} [2011.04.08 14:30:16 | 000,000,000 | ---D | C] -- C:\Program Files\Saitek [2011.04.08 14:27:50 | 020,487,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2011.04.08 14:27:50 | 015,061,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2011.04.08 14:27:50 | 006,607,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2011.04.08 14:27:50 | 004,941,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2011.04.08 14:27:50 | 003,113,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2011.04.08 14:27:50 | 002,895,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2011.04.08 14:27:50 | 002,482,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2011.04.08 14:27:50 | 002,252,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2011.04.08 14:27:50 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011.04.08 14:27:50 | 000,055,704 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011.04.08 14:27:49 | 018,577,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2011.04.08 14:27:49 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2011.04.08 14:27:49 | 000,008,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd [2011.04.08 14:14:40 | 042,459,336 | ---- | C] (Logitech ) -- C:\Users\Onur\Desktop\g35_101178_x64.exe [2011.04.08 13:38:24 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{6A90891A-5546-4280-8D0C-9F64AE34AD99} [2011.04.07 00:51:59 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{169AB2D2-9921-4BFA-8C88-3C198565E2B9} [2011.04.06 12:53:56 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{8C182313-DAD4-4639-8376-D260FFEEBEC1} [2011.04.05 12:58:54 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{F1FC42F9-735F-49C3-A08B-E5FCEB5FEBEC} [2011.04.04 13:35:28 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{20DA2FC7-0E45-411F-A3BC-9E6724055A83} [2011.04.03 21:49:34 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{E6588E53-15D1-4E23-9AB6-43135F2A292E} [2011.04.03 09:47:47 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{6E1380E0-C21B-4395-A270-A5FB41F5B43F} [2011.04.02 10:55:55 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{4DBB36FC-0F7F-4380-8DFA-74E0336AE6A3} [2011.04.01 12:52:24 | 000,000,000 | ---D | C] -- C:\Users\Onur\AppData\Local\{CD819EB9-8255-4690-ADF8-7077A964EFF4} ========== Files - Modified Within 30 Days ========== [2011.04.30 17:10:14 | 001,802,098 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.04.30 17:10:14 | 000,770,072 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.04.30 17:10:14 | 000,714,620 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.04.30 17:10:14 | 000,174,024 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.04.30 17:10:14 | 000,142,002 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.04.30 17:07:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.04.30 17:04:17 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2011.04.30 17:04:17 | 000,024,072 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys [2011.04.30 17:04:14 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.04.30 17:03:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.30 17:03:51 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys [2011.04.30 16:53:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Onur\Desktop\OTL.exe [2011.04.30 16:48:34 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.30 16:48:34 | 000,017,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.30 16:44:40 | 113,791,285 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2011.04.30 16:37:42 | 000,000,000 | ---- | M] () -- C:\Users\Onur\AppData\Local\{5DD05F1C-C88B-410B-9C9B-286F086D6139} [2011.04.30 16:37:06 | 481,650,767 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011.04.30 09:32:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3293479335-605803016-50362143-1000UA.job [2011.04.30 08:24:54 | 000,000,587 | ---- | M] () -- C:\Users\Public\Desktop\Portal 2.lnk [2011.04.30 01:09:39 | 000,309,079 | ---- | M] () -- C:\Users\Onur\Desktop\Sasuke_Amaterasu___415_by_Ryouto.jpg [2011.04.29 18:32:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3293479335-605803016-50362143-1000Core.job [2011.04.29 15:28:57 | 000,000,000 | ---- | M] () -- C:\Users\Onur\AppData\Local\{7B758891-625C-43C8-AC58-BA7341CECE11} [2011.04.29 05:51:50 | 000,000,000 | ---- | M] () -- C:\Users\Onur\AppData\Local\{80492A6A-F980-4C89-8FAE-F6C8FDB71CB3} [2011.04.29 02:27:59 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2011.04.29 02:26:57 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2011.04.27 17:19:45 | 000,000,000 | ---- | M] () -- C:\Users\Onur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2011.04.27 16:30:55 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk [2011.04.26 22:04:03 | 000,043,520 | ---- | M] () -- C:\Windows\SysWow64\CmdLineExt03.dll [2011.04.25 05:35:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf [2011.04.23 04:22:07 | 711,189,938 | ---- | M] (InstallShield Software Corporation) -- C:\Users\Onur\Desktop\S4League.exe [2011.04.22 18:06:26 | 000,651,666 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm [2011.04.21 18:06:45 | 000,251,691 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm [2011.04.21 13:12:50 | 000,001,152 | ---- | M] () -- C:\Users\Onur\Desktop\Continue Messenger Plus! Installation.lnk [2011.04.19 14:53:08 | 000,002,387 | ---- | M] () -- C:\Users\Onur\Desktop\Counter Strike Source 2010.lnk [2011.04.15 19:44:55 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.04.12 15:18:30 | 000,254,616 | ---- | M] () -- C:\Users\Onur\Documents\ts3_clientui-win64-12815-2011-04-12 15_18_30.670129.dmp [2011.04.12 15:17:29 | 000,259,742 | ---- | M] () -- C:\Users\Onur\Documents\ts3_clientui-win64-12815-2011-04-12 15_17_26.152439.dmp [2011.04.10 21:17:59 | 002,384,684 | ---- | M] () -- C:\Users\Onur\Desktop\ts3_recording_11_04_10_21_17_7.wav [2011.04.09 17:27:32 | 000,054,920 | ---- | M] () -- C:\Users\Onur\Desktop\Krzlichaktualisier.e3d980f1413a8375415bee89ded79ff7.jpg [2011.04.08 14:15:14 | 042,459,336 | ---- | M] (Logitech ) -- C:\Users\Onur\Desktop\g35_101178_x64.exe [2011.04.01 20:59:49 | 000,577,917 | ---- | M] () -- C:\Users\Onur\Desktop\WoWScrnShot_040111_205949.jpg ========== Files Created - No Company Name ========== [2011.04.30 16:37:42 | 000,000,000 | ---- | C] () -- C:\Users\Onur\AppData\Local\{5DD05F1C-C88B-410B-9C9B-286F086D6139} [2011.04.30 16:37:06 | 481,650,767 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011.04.30 08:24:54 | 000,000,587 | ---- | C] () -- C:\Users\Public\Desktop\Portal 2.lnk [2011.04.30 01:09:39 | 000,309,079 | ---- | C] () -- C:\Users\Onur\Desktop\Sasuke_Amaterasu___415_by_Ryouto.jpg [2011.04.29 15:28:57 | 000,000,000 | ---- | C] () -- C:\Users\Onur\AppData\Local\{7B758891-625C-43C8-AC58-BA7341CECE11} [2011.04.29 05:51:50 | 000,000,000 | ---- | C] () -- C:\Users\Onur\AppData\Local\{80492A6A-F980-4C89-8FAE-F6C8FDB71CB3} [2011.04.29 02:27:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.04.29 02:26:57 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2011.04.27 17:19:45 | 000,000,000 | ---- | C] () -- C:\Users\Onur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2011.04.26 22:04:03 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll [2011.04.26 22:03:17 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll [2011.04.25 05:35:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf [2011.04.21 13:12:50 | 000,001,152 | ---- | C] () -- C:\Users\Onur\Desktop\Continue Messenger Plus! Installation.lnk [2011.04.21 01:17:32 | 000,577,917 | ---- | C] () -- C:\Users\Onur\Desktop\WoWScrnShot_040111_205949.jpg [2011.04.19 14:53:08 | 000,002,387 | ---- | C] () -- C:\Users\Onur\Desktop\Counter Strike Source 2010.lnk [2011.04.19 13:22:09 | 733,777,632 | ---- | C] () -- C:\Users\Onur\Desktop\CSS_07-07-2005_DZ.exe [2011.04.12 15:18:30 | 000,254,616 | ---- | C] () -- C:\Users\Onur\Documents\ts3_clientui-win64-12815-2011-04-12 15_18_30.670129.dmp [2011.04.12 15:17:26 | 000,259,742 | ---- | C] () -- C:\Users\Onur\Documents\ts3_clientui-win64-12815-2011-04-12 15_17_26.152439.dmp [2011.04.10 21:17:09 | 002,384,684 | ---- | C] () -- C:\Users\Onur\Desktop\ts3_recording_11_04_10_21_17_7.wav [2011.04.09 17:27:32 | 000,054,920 | ---- | C] () -- C:\Users\Onur\Desktop\Krzlichaktualisier.e3d980f1413a8375415bee89ded79ff7.jpg [2011.04.08 13:45:15 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk [2011.04.06 21:58:21 | 000,544,737 | ---- | C] () -- C:\Users\Onur\Desktop\WoWScrnShot_031011_173620.jpg [2011.01.01 16:27:01 | 001,761,506 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.12.27 02:11:15 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe [2010.12.26 19:51:47 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2010.06.25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2009.03.17 13:09:34 | 000,007,718 | ---- | C] () -- C:\Windows\cadx2.ini [2007.06.21 08:34:08 | 000,203,328 | R--- | C] () -- C:\Windows\GSetup.exe ========== LOP Check ========== [2011.04.27 02:21:46 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\.minecraft [2011.04.26 21:43:21 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\Atari [2010.12.26 21:12:11 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\AVG10 [2011.01.28 16:57:34 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\DAEMON Tools Lite [2011.01.26 18:37:42 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\EurekaLog [2011.04.30 09:39:43 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\ICQ [2011.04.09 13:57:56 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\Leadertech [2011.04.25 05:52:28 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\MyPhoneExplorer [2010.12.26 20:06:58 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\Opera [2011.04.30 06:13:51 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\TS3Client [2011.04.30 09:39:39 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\uTorrent [2010.12.27 03:29:30 | 000,000,000 | ---D | M] -- C:\Users\Onur\AppData\Roaming\VDownloader [2011.04.11 11:16:56 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 30.04.2011 17:09:09 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Onur\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,39 Gb Total Space | 63,27 Gb Free Space | 43,22% Space Free | Partition Type: NTFS
Drive D: | 319,15 Gb Total Space | 248,47 Gb Free Space | 77,85% Space Free | Partition Type: NTFS
Computer Name: ONUR-PC | User Name: Onur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{088E976C-6B19-E3D3-1EAB-6E13B2D34CD7}" = ATI Catalyst Install Manager
"{0C682623-8F66-46A8-B9B3-93FE1E66A001}" = iTunes
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{27607A94-33AC-4AA7-AACE-95AF6ACA3E30}" = Logitech G35
"{34280DB1-8558-4709-AB7E-62A572C03355}" = Saitek Cyborg Keyboard Volume 6.2.1.3
"{742DF898-7ABE-4CF4-8557-5D17C400D49C}" = AVG 2011
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82D8F93E-8A8C-4CCE-B88F-A99E4F3DECA7}" = AVG 2011
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 267.60
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 267.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 267.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2011
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.1208.1
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon® 3
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}" = Driver Whiz
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C71CBF8-B1DB-45EA-842E-E8D8E7E54125}" = S4 League_EU
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.0.733
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{B4C7FA0D-392F-4653-A631-6028E5CE1294}_is1" = Extreme Redeemer Version 4.1
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C768790F-04FB-11E0-9B2C-001AA037B01E}" = Google Earth
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{EA926717-CE5A-4CB4-AB21-9E6E9565A458}" = RCT3 Soaked
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AI RoboForm" = RoboForm 7-2-8 (All Users)
"Akamai" = Akamai NetSession Interface
"AVMWLANCLI" = AVM FRITZ!WLAN
"conduitEngine" = Conduit Engine
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Content Uploader" = DivX Content Uploader
"DivX Setup.divx.com" = DivX-Setup
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"MPE" = MyPhoneExplorer
"Namoroka (3.6)" = Namoroka (3.6)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 11.10.2092" = Opera 11.10
"Postal 2_is1" = Portal 2
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"uTorrent" = µTorrent
"uTorrentBar_DE Toolbar" = uTorrentBar_DE Toolbar
"VLC media player" = VLC media player 1.1.5
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 28.04.2011 23:28:26 | Computer Name = Onur-PC | Source = Application Hang | ID = 1002
Description = Programm Skype.exe, Version 5.3.0.111 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: d90 Startzeit:
01cc061cf5aa6221 Endzeit: 9 Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe
Berichts-ID:
Error - 29.04.2011 19:51:21 | Computer Name = Onur-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4da54080 Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel:
0x4d4d45fc Ausnahmecode: 0xc0000417 Fehleroffset: 0x00042926 ID des fehlerhaften Prozesses:
0x18e0 Startzeit der fehlerhaften Anwendung: 0x01cc06c852bcd7a2 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Counterstrike source\Counter Strike Source 2010\hl2.exe
Pfad
des fehlerhaften Moduls: c:\program files (x86)\counterstrike source\counter strike
source 2010\bin\steamclient.dll Berichtskennung: 94c86fdd-72bb-11e0-901e-cee88e2b631d
Error - 29.04.2011 19:52:57 | Computer Name = Onur-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4da54080 Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel:
0x4d4d45fc Ausnahmecode: 0xc0000417 Fehleroffset: 0x00042926 ID des fehlerhaften Prozesses:
0x1278 Startzeit der fehlerhaften Anwendung: 0x01cc06c88f7abe32 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Counterstrike source\Counter Strike Source 2010\hl2.exe
Pfad
des fehlerhaften Moduls: c:\program files (x86)\counterstrike source\counter strike
source 2010\bin\steamclient.dll Berichtskennung: ce26a408-72bb-11e0-901e-cee88e2b631d
Error - 29.04.2011 19:53:11 | Computer Name = Onur-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4da54080 Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel:
0x4d4d45fc Ausnahmecode: 0xc0000005 Fehleroffset: 0x0003cc43 ID des fehlerhaften Prozesses:
0x1604 Startzeit der fehlerhaften Anwendung: 0x01cc06c8981a34a4 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Counterstrike source\Counter Strike Source 2010\hl2.exe
Pfad
des fehlerhaften Moduls: c:\program files (x86)\counterstrike source\counter strike
source 2010\bin\steamclient.dll Berichtskennung: d66d4ace-72bb-11e0-901e-cee88e2b631d
Error - 29.04.2011 22:37:03 | Computer Name = Onur-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4da54080 Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel:
0x4d4d45fc Ausnahmecode: 0xc0000417 Fehleroffset: 0x00042926 ID des fehlerhaften Prozesses:
0x450 Startzeit der fehlerhaften Anwendung: 0x01cc06df7a9e81d8 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Counterstrike source\Counter Strike Source 2010\hl2.exe
Pfad
des fehlerhaften Moduls: c:\program files (x86)\counterstrike source\counter strike
source 2010\bin\steamclient.dll Berichtskennung: ba9c4100-72d2-11e0-901e-cee88e2b631d
Error - 29.04.2011 22:37:11 | Computer Name = Onur-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4da54080 Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel:
0x4d4d45fc Ausnahmecode: 0xc0000417 Fehleroffset: 0x00042926 ID des fehlerhaften Prozesses:
0x650 Startzeit der fehlerhaften Anwendung: 0x01cc06df814443c3 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Counterstrike source\Counter Strike Source 2010\hl2.exe
Pfad
des fehlerhaften Moduls: c:\program files (x86)\counterstrike source\counter strike
source 2010\bin\steamclient.dll Berichtskennung: bf838382-72d2-11e0-901e-cee88e2b631d
Error - 29.04.2011 23:07:38 | Computer Name = Onur-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel:
0x4da54080 Name des fehlerhaften Moduls: steamclient.dll, Version: 0.0.0.0, Zeitstempel:
0x4d4d45fc Ausnahmecode: 0xc0000417 Fehleroffset: 0x00042926 ID des fehlerhaften Prozesses:
0x1018 Startzeit der fehlerhaften Anwendung: 0x01cc06e3b8da5f0b Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Counterstrike source\Counter Strike Source 2010\hl2.exe
Pfad
des fehlerhaften Moduls: c:\program files (x86)\counterstrike source\counter strike
source 2010\bin\steamclient.dll Berichtskennung: 00758a2f-72d7-11e0-aa04-d60c42692655
Error - 30.04.2011 02:27:13 | Computer Name = Onur-PC | Source = Application Hang | ID = 1002
Description = Programm portal2.exe, Version 0.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 224 Startzeit:
01cc06ff8d36d601 Endzeit: 43 Anwendungspfad: D:\Portal 2\portal2.exe Berichts-ID:
Error - 30.04.2011 11:07:57 | Computer Name = Onur-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.22.3 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1270 Startzeit:
01cc07480d51eecf Endzeit: 2 Anwendungspfad: C:\Users\Onur\Desktop\OTL.exe Berichts-ID:
Error - 30.04.2011 11:08:59 | Computer Name = Onur-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.22.3 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 10ec Startzeit:
01cc07486595fb7b Endzeit: 1 Anwendungspfad: C:\Users\Onur\Desktop\OTL.exe Berichts-ID:
[ System Events ]
Error - 17.04.2011 07:03:29 | Computer Name = Onur-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?17.?04.?2011 um 12:42:24 unerwartet heruntergefahren.
Error - 17.04.2011 07:03:34 | Computer Name = ONUR-PC | Source = BugCheck | ID = 1001
Description =
Error - 17.04.2011 07:07:57 | Computer Name = Onur-PC | Source = Microsoft-Windows-Time-Service | ID = 34
Description = Der Zeitdienst hat festgestellt, dass die Systemzeit um -86388 Sekunden
geändert werden muss. Die Systemzeit kann durch den Zeitdienst um maximal 54000
Sekunden geändert werden. Stellen Sie sicher, dass die Uhrzeit und Zeitzone richtig
sind und dass die Zeitquelle time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->207.46.232.182:123)
ordnungsgemäß ausgeführt wird.
Error - 17.04.2011 11:11:14 | Computer Name = Onur-PC | Source = Microsoft-Windows-Time-Service | ID = 34
Description = Der Zeitdienst hat festgestellt, dass die Systemzeit um -86388 Sekunden
geändert werden muss. Die Systemzeit kann durch den Zeitdienst um maximal 54000
Sekunden geändert werden. Stellen Sie sicher, dass die Uhrzeit und Zeitzone richtig
sind und dass die Zeitquelle time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->207.46.232.182:123)
ordnungsgemäß ausgeführt wird.
Error - 17.04.2011 14:21:57 | Computer Name = Onur-PC | Source = Microsoft-Windows-Time-Service | ID = 34
Description = Der Zeitdienst hat festgestellt, dass die Systemzeit um -86387 Sekunden
geändert werden muss. Die Systemzeit kann durch den Zeitdienst um maximal 54000
Sekunden geändert werden. Stellen Sie sicher, dass die Uhrzeit und Zeitzone richtig
sind und dass die Zeitquelle time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->207.46.232.182:123)
ordnungsgemäß ausgeführt wird.
Error - 18.04.2011 05:02:07 | Computer Name = Onur-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 18.04.2011 05:02:07 | Computer Name = Onur-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 18.04.2011 05:08:18 | Computer Name = Onur-PC | Source = Microsoft-Windows-Time-Service | ID = 34
Description = Der Zeitdienst hat festgestellt, dass die Systemzeit um -86387 Sekunden
geändert werden muss. Die Systemzeit kann durch den Zeitdienst um maximal 54000
Sekunden geändert werden. Stellen Sie sicher, dass die Uhrzeit und Zeitzone richtig
sind und dass die Zeitquelle time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->207.46.232.182:123)
ordnungsgemäß ausgeführt wird.
Error - 18.04.2011 05:34:18 | Computer Name = Onur-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?18.?04.?2011 um 11:32:27 unerwartet heruntergefahren.
Error - 18.04.2011 05:34:23 | Computer Name = ONUR-PC | Source = BugCheck | ID = 1001
Description =
< End of report >
- Malewarebytes (Voller Scan) Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6478
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
30.04.2011 17:42:19
mbam-log-2011-04-30 (17-42-19).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 153077
Laufzeit: 1 Minute(n), 25 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
sry hier ist der volle scan Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: 6478 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 30.04.2011 17:40:06 mbam-log-2011-04-30 (17-40-06).txt Art des Suchlaufs: Vollständiger Suchlauf (A:\|C:\|D:\|E:\|) Durchsuchte Objekte: 358325 Laufzeit: 33 Minute(n), 50 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 1 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\program files (x86)\counterstrike source\counter strike source 2010\bin\steamclient.dll (Trojan.Dropper.PGen) -> Quarantined and deleted successfully heute nochmal paar bluescreens , darunter ein neuer "Memory Management" |
|
01.05.2011, 16:22
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Win7 64 bit.Regelmäßige Bluescreens + Abstürze. Seit wann hast du die Abstürze und Bluescreens? Am System was verändert?
__________________Meinst du man kann hardwaredefekte ausschließen, schonmal das System mit einer Linux-Live-CD wie Knoppix oder Ubuntu getestet bzw auch mal einen Arbeitsspeichertest mit Memtest86 gemacht?
__________________ |
|
09.05.2011, 15:30
| #3 | |
| | Win7 64 bit.Regelmäßige Bluescreens + Abstürze.Zitat:
War die Tage weg. b ich Die hab ich schon lange .. vllt 3 monate , aber die waren nicht so schlimm. Jetz ist es so ,dass ich alle 5-10 Minuten 1 kriege oder n Absturz kriege ist ziemlich mies -.-.Allerdings hab ich auch mal mit Darik's Boot And Nuke meine Festplatte komplett formatiert damit die Bluescreens weggehen.Ohne erfolg. Ein test mit Memtest86 werd ich machen. Mit Ubuntu hab ich es schon getestet.Keine probleme. |
|
09.05.2011, 16:05
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7 64 bit.Regelmäßige Bluescreens + Abstürze. Schon merkwürdig, wenn unter Ubuntu alles normal läuft, ist die Hardware ok und nicht defekt. Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
| Themen zu Win7 64 bit.Regelmäßige Bluescreens + Abstürze. |
| akamai, bho, blinkt, bonjour, c:\windows\system32\rundll32.exe, conduit, continue, counter-strike source, driver genius, error, festplatte, firefox, flash player, geforce gtx, google chrome, install.exe, jdownloader, langs, location, logfile, maus, maximal, memory management, mozilla, object, oldtimer, page_fault, plug-in, problem, programm, realtek, registry, scan, search the web, searchplugins, security, server, shell32.dll, shortcut, skype.exe, software, start menu, studio, syswow64, tastatur, teamspeak, trojan.dropper.pgen, trojaner, visual studio, webcheck, win7 64, windows, windows 7 ultimate |
Linear-Darstellung
